Release Notes - 2.45.0π
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).
Upgrade Noticesπ
- Mattermost - MR:
- This upgrade includes an update to PostgreSQL 17.2. When migrating from a PostgreSQL 16.x database to a 17.2 version they are not directly compatible due to potential changes in the data storage format between major versions; always create a backup before upgrading to a new major PostgreSQL version to ensure you can restore your data if necessary.
- Mattermost - MR:
- Any users running the builtin bitnami postgresql may need to manually back up and destroy old postgresql pods, then create new ones, for the upgrade process. This is a known limitation of the bitnami postgresql module.
- Keycloak - MR:
- This upgrade includes a update to the Bitnami Postgres statefulset dependency chart to PostgreSQL 15.10. This statefulset is provided for dev/test environments. If using this statefulset for data that needs to be retained, we recommend creating an external postgres v12 database that is not managed by the big bang chart. Backup and restore data to this database prior to upgrading big bang 2.45 and disable the bitnami postgres statefulset. This will allow users to manage the Keycloak postgres version external from Big Bang. Postgres upgrades typically require database schema changes. Please see Postgres upgrade steps for official recommended steps to upgrade postgres.
- If data does not need to be retained, delete the postgres statefulset and persistent volumes, this should allow the upgrade to succeed.
- Promtail - MR:
- Note: bumping
promtail
image/appVersion beyond the version used in upstream chart (v3.0.0 vs v3.3.2)
- Note: bumping
- Tempo - MR:
-
- BREAKING CHANGEΒ tempo-query is no longer a Jaeger instance with grpcPlugin. Itβs now a standalone server. Serving a gRPC API for Jaeger onΒ
0.0.0.0:7777
Β by default.Β [PR 3840]
- BREAKING CHANGEΒ tempo-query is no longer a Jaeger instance with grpcPlugin. Itβs now a standalone server. Serving a gRPC API for Jaeger onΒ
-
tempo-query
has breaking changes that are not handled in upstream chart (where it is disabled by default)
-
- Disabling it by default in repo1 charts, which will disable the tracing.bigbang.dev.mil UI previously deployed by Tempo
-
- Data from Tempo/Tracing UI will still be available in Grafana Dashboards
-
Upgrades from previous releasesπ
If coming from a version pre-2.44.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.44.0
.
Packagesπ
Package | Type | Package Version | BB Version |
---|---|---|---|
Addon | 1.5.1 |
1.6.18-bb.0 π |
|
Addon | 5.13.1 |
3.3.1-bb.0 π |
|
Addon | 2.13.2 |
7.7.10-bb.0 π |
|
Authservice | Addon | 1.0.3 |
1.0.3-bb.0 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.22 |
Eck Operator | Core | 2.16.0 |
2.16.0-bb.0 |
Elasticsearch Kibana | Core | Kibana 8.17.0 Elasticsearch 8.17.0 |
1.24.0-bb.2 |
Addon | 0.12.1 |
0.12.1-bb.1 π |
|
Fluentbit | Core | 3.2.4 |
0.48.4-bb.0 |
Addon | 24.4.2.0009 |
1.1.2320154-bb.22 π |
|
Core | 3.18.2 |
3.18.2-bb.0 π |
|
Gitlab | Addon | 17.6.2 |
8.6.2-bb.0 |
Gitlab Runner | Addon | 17.5.4 |
0.70.4-bb.1 |
Core | 11.4.0 |
8.8.2-bb.1 π |
|
Haproxy | Addon | 2.2.33 |
1.19.3-bb.8 |
Addon | 2.11.0 |
1.16.1-bb.0 π |
|
Holocron | Addon | 3.3.2 |
1.0.12 |
Core | Istio 1.23.4 Tetrate Istio Distro 1.23.4 |
1.23.4-bb.0 π |
|
Core | Istio Operator 1.23.4 Tetrate Istio Distro Operator 1.23.4 |
1.23.4-bb.0 π |
|
Jaeger | Core | 1.61.0 |
2.57.0-bb.0 |
Addon | 25.0.6 |
2.5.1-bb.5 π |
|
Core | 2.3.0 |
2.3.0-bb.0 π |
|
Kyverno | Core | 1.13.2 |
3.3.4-bb.0 |
Core | 3.3.4 |
3.3.4-bb.1 π |
|
Core | 2.20.2 |
2.24.2-bb.2 π |
|
Core | 3.3.2 |
6.24.0-bb.1 π |
|
Addon | 10.4.1 |
10.4.1-bb.0 π |
|
Mattermost Operator | Addon | 1.22.1 |
1.22.1-bb.1 |
Metrics Server | Addon | 0.7.2 |
3.12.2-bb.1 |
Minio | Addon | RELEASE.2024-12-13T22-19-12Z |
6.0.4-bb.5 |
Addon | 6.0.4 |
6.0.4-bb.1 π |
|
Monitoring | Core | Prometheus 2.54.1 Grafana 11.1.0 Alertmanager 0.27.0 |
62.4.0-bb.1 |
Neuvector | Core | 5.4.1 |
2.8.3-bb.0 |
Nexus | Addon | 3.75.0-06 |
75.0.0-bb.1 |
Core | 3.3.2 |
6.16.6-bb.0 π |
|
Addon | 10.6.0-community |
10.6.1-bb.6 π |
|
Core | Tempo 2.6.1 Tempo Query 2.6.1 |
1.16.0-bb.1 π |
|
Addon | 0.37.2 |
15.9.1-bb.0 π |
|
Twistlock | Core | 33.01.137 |
0.18.0-bb.0 |
Addon | 1.18.3 |
0.29.1-bb.3 π |
|
Addon | 1.15.1 |
8.2.0-bb.0 π |
|
Core | N / A | 0.4.12 π |
Changes in 2.45.0π
Big Bang MRsπ
Alloyπ
- !5637: alloy update to 1.6.18-bb.0
# Changelog Updates
## [1.16.18-bb.0] - 2025-01-10
### Changed
- k8s-monitoring updated from 1.6.16 to 1.6.18
- configmap-reload updated from v0.12.0 to v0.14.0
Anchore Enterpriseπ
- !5608: anchore update to 3.3.1-bb.0
# Changelog Updates
## [3.3.1-bb.0] - 2025-01-06
### Changed
- Updated Anchore Enterprise chart to `3.3.1`
- Updated Anchore Enterprise tag to `5.13.1`
- Updated Anchore Enterprise UI tag to `5.13.0`
- Updated Redis to `20.6.0-bb.0`
- Updated kubectl to `1.30.8`
Argocdπ
- !5627: argocd update to 7.7.10-bb.0
# Changelog Updates
## [7.7.10-bb.0] - 2025-01-08
### Changed
- Update ironbank/big-bang/argocd v2.13.1 -> v2.13.2
- Update registry1.dso.mil/ironbank/big-bang/argocd v2.13.1 -> v2.13.2
- Update registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.66.0 -> v1.67.0
- Update redis chart 20.2.1-bb.4 -> 20.6.0-bb.0
External Secretsπ
- !5642: externalSecrets update to 0.12.1-bb.1
- !5614: externalSecrets update to 0.12.1-bb.0
- !5612: externalSecrets update to 0.11.0-bb.3
# Changelog Updates
## [0.12.1-bb.1] - 2024-01-09
### Added
- Added data fetch logic
## [0.12.1-bb.0] - 2025-01-07
### Changed
- Updated chart to v0.12.1
## [0.11.0-bb.3] - 2024-12-17
### Changed
- Removed hardcoded namespace
Fortifyπ
- !5660: fortify update to 1.1.2320154-bb.22
# Changelog Updates
## [1.1.2320154-bb.22] - 2024-12-13
### Changed
- Update gluon 0.5.0 -> 0.5.12
- Update bbtests image to use common devops ci test image
- Updated fortify to version 24.4.2.0009
Gatekeeperπ
- !5663: gatekeeper update to 3.18.2-bb.0
# Changelog Updates
## [3.18.2-bb.0] - 2025-01-13
### Changed
- Updated ironbank/opensource/openpolicyagent/gatekeeper v3.18.1 -> 3.18.2
- Updated registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper v3.18.1 -> 3.18.2
- updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl from v1.29.8 -> v1.29.12
Grafanaπ
- !5635: grafana update to 8.8.2-bb.1
# Changelog Updates
## [8.8.2-bb.1] - 2025-01-11
### Changed
- ironbank/kiwigrid/k8s-sidecar updated from 1.28.4 to 1.29.0
Harborπ
- !5664: harbor update to 1.16.1-bb.0
# Changelog Updates
## [1.16.1-bb.0] - 2025-01-16
### Changed
- redis 20.2.1-bb.0 -> 20.6.0-bb.0
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-core v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-core 2.12.0 -> 2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-exporter 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-jobservice 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-portal v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-registryctl 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/registry v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/trivy-adapter v2.12.0 -> v2.12.1
- postgres 12.22 -> 16.2
Istio Controlplaneπ
# Changelog Updates
## [1.23.4-bb.0] - 2025-01-13
### Changed
- ironbank/opensource/istio/install-cni updated from 1.23.3 to 1.23.4
- ironbank/opensource/istio/pilot updated from 1.23.3 to 1.23.4
- ironbank/opensource/istio/proxyv2 updated from 1.23.3 to 1.23.4
- ironbank/opensource/kubernetes/kubectl updated from v1.30.6 to v1.30.8
- ironbank/tetrate/istio/install-cni updated from 1.23.3 to 1.23.4
- ironbank/tetrate/istio/pilot updated from 1.23.3 to 1.23.4
- ironbank/tetrate/istio/proxyv2 updated from 1.23.3 to 1.23.4
## [1.23.3-bb.3] - 2025-01-06
### Changed
- Update OSCAL to utilize Lula config file & fix templating bug
Istio Operatorπ
- !5638: istioOperator update to 1.23.4-bb.0
# Changelog Updates
## [1.23.4-bb.0] - 2025-01-13
### Changed
- Updated registry1.dso.mil/ironbank/opensource/istio/operator from 1.23.3 to 1.23.4
- Updated registry1.dso.mil/ironbank/tetrate/istio/operator from 1.23.3-tetratefips-v0 to 1.23.4-tetratefips-v0
Keycloakπ
- !5656: SKIP UPGRADE keycloak update to 2.5.1-bb.5
# Changelog Updates
## [2.5.1-bb.5] - 2025-01-14
### Updated
- Updated the Postgresql dependency chart to Postgresql version `15.10` to replace the unsupported Postgresql version `12`
- Postgresql --> 15.10
- Gluon --> 0.5.12
Kialiπ
- !5622: Kiali tag update to 2.3.0-bb.0
# Changelog Updates
## [2.3.0-bb.0] - 2025-01-06
### Changed
- Updated Kiali and Kiali-operator to v2.3.0
Kyverno Policiesπ
- !5536: kyvernoPolicies update to 3.3.4-bb.1
# Changelog Updates
## [3.3.4-bb.1] - 2024-12-12
### Changed
- Added `add-a-default-securitycontext` policy and `test-defaultsecuritycontext.sh`
Kyverno Reporterπ
- !5619: kyvernoReporter update to 2.24.2-bb.2
# Changelog Updates
## [2.24.2-bb.2] - 2025-01-09
### Changed
- Updated `gluon` package dependency version from `0.5.4` ---> `0.5.12`
Lokiπ
# Changelog Updates
## [6.24.0-bb.1] - 2025-01-16
### Changed
- No longer enabling istio hardening integrations with other Big Bang packages by default
Mattermostπ
- !5667: mattermost update to 10.4.1-bb.0
- !5658: mattermost update to 10.2.0-bb.4
- !5643: mattermost update to 10.2.0-bb.3
- !5621: SKIP UPGRADE CHECK Draft: mattermost update to 10.2.0-bb.2
# Changelog Updates
## [10.4.1-bb.0] - 2025-01-17
### Changed
- Updated registry1.dso.mil/ironbank/opensource/mattermost/mattermost 10.2.0 -> 10.4.1
- Updated Gluon 0.5.12 -> 0.5.14
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.30.7 -> v1.30.9
- Updated registry1.dso.mil/ironbank/opensource/postgres/postgresql 16.2 -> 17.2
## [10.2.0-bb.4] - 2024-01-15
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.30.6 -> v1.30.7
- Updated registry1.dso.mil/ironbank/opensource/postgres/postgresql12 12.20 -> 12.22
## [10.2.0-bb.3] - 2025-01-10
### Changed
- Updated Gluon from 0.5.9 to 0.5.12
- Added default labels for Minio to _helpers.tpl
- Updated logic under podTemplate section to ensure default Kubernetes labels are always present
## [10.2.0-bb.2] - 2025-01-09
### Changed
- Revert default database settings to usage of the builtin bitnami database
Minio Operatorπ
- !5617: SKIP UPGRADE minioOperator update to 6.0.4-bb.1
# Changelog Updates
## [6.0.4-bb.1] - 2025-01-09
### Changed
- Updated `gluon` package dependency version from `0.5.4` ---> `0.5.12`
Promtailπ
- !5647: promtail update to 6.16.6-bb.0
# Changelog Updates
## [6.16.6-bb.0] - 2025-01-13
### Updated
- Update promtail from `v3.0.0` -> `v3.3.2`
- Update configmap-reload from `v0.13.1` -> `v0.14.0`
Sonarqubeπ
- !5648: sonarqube update to 10.6.1-bb.6
# Changelog Updates
## [10.6.1-bb.6] - 2024-01-13
### Fixed
- Set metadata.labels in _pod.tpl to use `sonarqube.workloadLabels` variable as it already has the standard Kubernetes labels
Tempoπ
# Changelog Updates
## [1.16.0-bb.1] - 2025-01-15
### Removed
- Removed jaeger-ui virtual service
### Added
- Added fix for jaeger-query to install when enabled
- Added appProtocol to tempo-prom-metrics port desciption to help istio
## [1.16.0-bb.0] - 2024-12-31
### Updated
- Updated gluon: `0.5.9` -> `0.5.12`
- Updated tempo: `2.5.0` -> `2.6.1`
- Updated tempo-query: `2.5.0` -> `2.6.1`
### Changed
- Disabled tempo-query to match upstream and avoid breaking changes
Thanosπ
- !5610: thanos update to 15.9.1-bb.0
# Changelog Updates
## [15.9.1-bb.0] - 2025-01-03
### Upgraded
- Upgraded minio-instance from `6.0.4-bb.2` -> `6.0.4-bb.5`
- Upgraded thanos image from `v0.36.1` -> `v0.37.2`
- Upgraded gluon from `0.5.10` -> `0.5.12`
Vaultπ
- !5657: vault update to 0.29.1-bb.3
- !5603: set vault agent uid/gid to prometheus uid/gid to allow token access
# Changelog Updates
## [0.29.1-bb.3] - 2025-01-15
### Changed
- Updated registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s (source) v1.6.0 -> v1.6.1
Veleroπ
- !5625: velero update to 8.2.0-bb.0
# Changelog Updates
## [8.2.0-bb.0] - 2024-01-08
### Added
- registry1.dso.mil/ironbank/opensource/velero/velero (source) v1.15.0 -> v1.15.1
- registry1.dso.mil/ironbank/opensource/velero/velero (source) 1.15.0 -> 1.15.1
- registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-microsoft-azure (source) v1.11.0 -> v1.11.1
## [8.1.0-bb.1] - 2024-12-27
### Added
- velero/velero-plugin-for-aws v1.11.0 -> v1.11.1
- velero/velero-restore-helper v1.15.0 -> v1.15.1
Wrapperπ
- !5623: wrapper update to 0.4.12
# Changelog Updates
## [0.4.12] - 2024-01-07
### Changed
- Added cypress tests to validate basic wrapper functionality using podinfo
Known Issuesπ
- Kiali - ISSUE
- On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the
flowcontrol.apiserver.k8s.io/v1beta2
api version (no longer served as of v1.29).
In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.
$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io
Helpful Linksπ
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Futureπ
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.