Skip to content

Release Notes - 2.45.0πŸ“œ

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).

Upgrade NoticesπŸ“œ

  • Mattermost - MR:
    • This upgrade includes an update to PostgreSQL 17.2. When migrating from a PostgreSQL 16.x database to a 17.2 version they are not directly compatible due to potential changes in the data storage format between major versions; always create a backup before upgrading to a new major PostgreSQL version to ensure you can restore your data if necessary.
  • Mattermost - MR:
    • Any users running the builtin bitnami postgresql may need to manually back up and destroy old postgresql pods, then create new ones, for the upgrade process. This is a known limitation of the bitnami postgresql module.
  • Keycloak - MR:
    • This upgrade includes a update to the Bitnami Postgres statefulset dependency chart to PostgreSQL 15.10. This statefulset is provided for dev/test environments. If using this statefulset for data that needs to be retained, we recommend creating an external postgres v12 database that is not managed by the big bang chart. Backup and restore data to this database prior to upgrading big bang 2.45 and disable the bitnami postgres statefulset. This will allow users to manage the Keycloak postgres version external from Big Bang. Postgres upgrades typically require database schema changes. Please see Postgres upgrade steps for official recommended steps to upgrade postgres.
    • If data does not need to be retained, delete the postgres statefulset and persistent volumes, this should allow the upgrade to succeed.
  • Promtail - MR:
    • Note: bumping promtail image/appVersion beyond the version used in upstream chart (v3.0.0 vs v3.3.2)
  • Tempo - MR:
      • BREAKING CHANGEΒ tempo-query is no longer a Jaeger instance with grpcPlugin. It’s now a standalone server. Serving a gRPC API for Jaeger onΒ 0.0.0.0:7777Β by default.Β [PR 3840]
      • tempo-query has breaking changes that are not handled in upstream chart (where it is disabled by default)
      • Disabling it by default in repo1 charts, which will disable the tracing.bigbang.dev.mil UI previously deployed by Tempo
      • Data from Tempo/Tracing UI will still be available in Grafana Dashboards

Upgrades from previous releasesπŸ“œ

If coming from a version pre-2.44.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.44.0.

PackagesπŸ“œ

Package Type Package Version BB Version
Updated Alloy Addon 1.5.1 1.6.18-bb.0 πŸ”—
Updated Anchore Enterprise Addon 5.13.1 3.3.1-bb.0 πŸ”—
Updated Argocd Addon 2.13.2 7.7.10-bb.0 πŸ”—
Authservice Addon 1.0.3 1.0.3-bb.0
Cluster Auditor Core 0.0.7 1.5.0-bb.22
Eck Operator Core 2.16.0 2.16.0-bb.0
Elasticsearch Kibana Core Kibana 8.17.0 Elasticsearch 8.17.0 1.24.0-bb.2
Updated External Secrets Addon 0.12.1 0.12.1-bb.1 πŸ”—
Fluentbit Core 3.2.4 0.48.4-bb.0
Updated Fortify Addon 24.4.2.0009 1.1.2320154-bb.22 πŸ”—
Updated Gatekeeper Core 3.18.2 3.18.2-bb.0 πŸ”—
Gitlab Addon 17.6.2 8.6.2-bb.0
Gitlab Runner Addon 17.5.4 0.70.4-bb.1
Updated Grafana Core 11.4.0 8.8.2-bb.1 πŸ”—
Haproxy Addon 2.2.33 1.19.3-bb.8
Updated Harbor Addon 2.11.0 1.16.1-bb.0 πŸ”—
Holocron Addon 3.3.2 1.0.12
Updated Istio Controlplane Core Istio 1.23.4 Tetrate Istio Distro 1.23.4 1.23.4-bb.0 πŸ”—
Updated Istio Operator Core Istio Operator 1.23.4 Tetrate Istio Distro Operator 1.23.4 1.23.4-bb.0 πŸ”—
Jaeger Core 1.61.0 2.57.0-bb.0
Updated Keycloak Addon 25.0.6 2.5.1-bb.5 πŸ”—
Updated Kiali Core 2.3.0 2.3.0-bb.0 πŸ”—
Kyverno Core 1.13.2 3.3.4-bb.0
Updated Kyverno Policies Core 3.3.4 3.3.4-bb.1 πŸ”—
Updated Kyverno Reporter Core 2.20.2 2.24.2-bb.2 πŸ”—
Updated Loki Core 3.3.2 6.24.0-bb.1 πŸ”—
Updated Mattermost Addon 10.4.1 10.4.1-bb.0 πŸ”—
Mattermost Operator Addon 1.22.1 1.22.1-bb.1
Metrics Server Addon 0.7.2 3.12.2-bb.1
Minio Addon RELEASE.2024-12-13T22-19-12Z 6.0.4-bb.5
Updated Minio Operator Addon 6.0.4 6.0.4-bb.1 πŸ”—
Monitoring Core Prometheus 2.54.1 Grafana 11.1.0 Alertmanager 0.27.0 62.4.0-bb.1
Neuvector Core 5.4.1 2.8.3-bb.0
Nexus Addon 3.75.0-06 75.0.0-bb.1
Updated Promtail Core 3.3.2 6.16.6-bb.0 πŸ”—
Updated Sonarqube Addon 10.6.0-community 10.6.1-bb.6 πŸ”—
Updated Tempo Core Tempo 2.6.1 Tempo Query 2.6.1 1.16.0-bb.1 πŸ”—
Updated Thanos Addon 0.37.2 15.9.1-bb.0 πŸ”—
Twistlock Core 33.01.137 0.18.0-bb.0
Updated Vault Addon 1.18.3 0.29.1-bb.3 πŸ”—
Updated Velero Addon 1.15.1 8.2.0-bb.0 πŸ”—
Updated Wrapper Core N / A 0.4.12 πŸ”—

Changes in 2.45.0πŸ“œ

Big Bang MRsπŸ“œ

  • !5631: updated k3d to 1.31 and metallb to latest
  • !5615: add fallback scrape protocols

AlloyπŸ“œ

  • !5637: alloy update to 1.6.18-bb.0
# Changelog Updates

## [1.16.18-bb.0] - 2025-01-10
### Changed
- k8s-monitoring updated from 1.6.16 to 1.6.18
- configmap-reload updated from v0.12.0 to v0.14.0

Anchore EnterpriseπŸ“œ

  • !5608: anchore update to 3.3.1-bb.0
# Changelog Updates

## [3.3.1-bb.0] - 2025-01-06
### Changed
- Updated Anchore Enterprise chart to `3.3.1`
- Updated Anchore Enterprise tag to `5.13.1`
- Updated Anchore Enterprise UI tag to `5.13.0`
- Updated Redis to `20.6.0-bb.0`
- Updated kubectl to `1.30.8`

ArgocdπŸ“œ

  • !5627: argocd update to 7.7.10-bb.0
# Changelog Updates

## [7.7.10-bb.0] - 2025-01-08
### Changed
- Update ironbank/big-bang/argocd v2.13.1 -> v2.13.2
- Update registry1.dso.mil/ironbank/big-bang/argocd v2.13.1 -> v2.13.2
- Update registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.66.0 -> v1.67.0
- Update redis chart 20.2.1-bb.4 -> 20.6.0-bb.0

External SecretsπŸ“œ

  • !5642: externalSecrets update to 0.12.1-bb.1
  • !5614: externalSecrets update to 0.12.1-bb.0
  • !5612: externalSecrets update to 0.11.0-bb.3
# Changelog Updates

## [0.12.1-bb.1] - 2024-01-09
### Added
- Added data fetch logic

## [0.12.1-bb.0] - 2025-01-07
### Changed
- Updated chart to v0.12.1

## [0.11.0-bb.3] - 2024-12-17
### Changed
- Removed hardcoded namespace

FortifyπŸ“œ

  • !5660: fortify update to 1.1.2320154-bb.22
# Changelog Updates

## [1.1.2320154-bb.22] - 2024-12-13
### Changed
- Update gluon 0.5.0 -> 0.5.12
- Update bbtests image to use common devops ci test image
- Updated fortify to version 24.4.2.0009

GatekeeperπŸ“œ

  • !5663: gatekeeper update to 3.18.2-bb.0
# Changelog Updates

## [3.18.2-bb.0] - 2025-01-13
### Changed
- Updated ironbank/opensource/openpolicyagent/gatekeeper v3.18.1 -> 3.18.2
- Updated registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper v3.18.1 -> 3.18.2
- updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl from v1.29.8 -> v1.29.12

GrafanaπŸ“œ

  • !5635: grafana update to 8.8.2-bb.1
# Changelog Updates

## [8.8.2-bb.1] - 2025-01-11
### Changed
- ironbank/kiwigrid/k8s-sidecar updated from 1.28.4 to 1.29.0

HarborπŸ“œ

  • !5664: harbor update to 1.16.1-bb.0
# Changelog Updates

## [1.16.1-bb.0] - 2025-01-16
### Changed
- redis 20.2.1-bb.0 -> 20.6.0-bb.0
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-core v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-core 2.12.0 -> 2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-exporter 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-jobservice 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-portal v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/harbor-registryctl 2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/registry v2.12.0 -> v2.12.1
- registry1.dso.mil/ironbank/opensource/goharbor/trivy-adapter v2.12.0 -> v2.12.1
- postgres 12.22 -> 16.2

Istio ControlplaneπŸ“œ

  • !5639: istio update to 1.23.4-bb.0
  • !5616: istio update to 1.23.3-bb.3
# Changelog Updates

## [1.23.4-bb.0] - 2025-01-13
### Changed
- ironbank/opensource/istio/install-cni updated from 1.23.3 to 1.23.4
- ironbank/opensource/istio/pilot updated from 1.23.3 to 1.23.4
- ironbank/opensource/istio/proxyv2 updated from 1.23.3 to 1.23.4
- ironbank/opensource/kubernetes/kubectl updated from v1.30.6 to v1.30.8
- ironbank/tetrate/istio/install-cni updated from 1.23.3 to 1.23.4
- ironbank/tetrate/istio/pilot updated from 1.23.3 to 1.23.4
- ironbank/tetrate/istio/proxyv2 updated from 1.23.3 to 1.23.4

## [1.23.3-bb.3] - 2025-01-06
### Changed
- Update OSCAL to utilize Lula config file & fix templating bug

Istio OperatorπŸ“œ

  • !5638: istioOperator update to 1.23.4-bb.0
# Changelog Updates

## [1.23.4-bb.0] - 2025-01-13
### Changed
- Updated registry1.dso.mil/ironbank/opensource/istio/operator from 1.23.3 to 1.23.4
- Updated registry1.dso.mil/ironbank/tetrate/istio/operator from 1.23.3-tetratefips-v0 to 1.23.4-tetratefips-v0

KeycloakπŸ“œ

  • !5656: SKIP UPGRADE keycloak update to 2.5.1-bb.5
# Changelog Updates

## [2.5.1-bb.5] - 2025-01-14
### Updated
- Updated the Postgresql dependency chart to Postgresql version `15.10` to replace the unsupported Postgresql version `12`
- Postgresql --> 15.10
- Gluon --> 0.5.12

KialiπŸ“œ

  • !5622: Kiali tag update to 2.3.0-bb.0
# Changelog Updates

## [2.3.0-bb.0] - 2025-01-06
### Changed
- Updated Kiali and Kiali-operator to v2.3.0

Kyverno PoliciesπŸ“œ

  • !5536: kyvernoPolicies update to 3.3.4-bb.1
# Changelog Updates

## [3.3.4-bb.1] - 2024-12-12
### Changed
- Added `add-a-default-securitycontext` policy and `test-defaultsecuritycontext.sh`

Kyverno ReporterπŸ“œ

  • !5619: kyvernoReporter update to 2.24.2-bb.2
# Changelog Updates

## [2.24.2-bb.2] - 2025-01-09
### Changed
- Updated `gluon` package dependency version from `0.5.4` ---> `0.5.12`

LokiπŸ“œ

  • !5659: loki update to 6.24.0-bb.1
  • !5595: fix(loki): enable per-package istio hardening integrations
# Changelog Updates

## [6.24.0-bb.1] - 2025-01-16
### Changed
- No longer enabling istio hardening integrations with other Big Bang packages by default

MattermostπŸ“œ

  • !5667: mattermost update to 10.4.1-bb.0
  • !5658: mattermost update to 10.2.0-bb.4
  • !5643: mattermost update to 10.2.0-bb.3
  • !5621: SKIP UPGRADE CHECK Draft: mattermost update to 10.2.0-bb.2
# Changelog Updates

## [10.4.1-bb.0] - 2025-01-17
### Changed
- Updated registry1.dso.mil/ironbank/opensource/mattermost/mattermost 10.2.0 -> 10.4.1
- Updated Gluon 0.5.12 -> 0.5.14
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.30.7 -> v1.30.9
- Updated registry1.dso.mil/ironbank/opensource/postgres/postgresql 16.2 -> 17.2

## [10.2.0-bb.4] - 2024-01-15
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.30.6 -> v1.30.7
- Updated registry1.dso.mil/ironbank/opensource/postgres/postgresql12 12.20 -> 12.22

## [10.2.0-bb.3] - 2025-01-10
### Changed
- Updated Gluon from 0.5.9 to 0.5.12
- Added default labels for Minio to _helpers.tpl
- Updated logic under podTemplate section to ensure default Kubernetes labels are always present

## [10.2.0-bb.2] - 2025-01-09
### Changed
- Revert default database settings to usage of the builtin bitnami database

Minio OperatorπŸ“œ

  • !5617: SKIP UPGRADE minioOperator update to 6.0.4-bb.1
# Changelog Updates

## [6.0.4-bb.1] - 2025-01-09
### Changed
- Updated `gluon` package dependency version from `0.5.4` ---> `0.5.12`

PromtailπŸ“œ

  • !5647: promtail update to 6.16.6-bb.0
# Changelog Updates

## [6.16.6-bb.0] - 2025-01-13
### Updated
- Update promtail from `v3.0.0` -> `v3.3.2`
- Update configmap-reload from `v0.13.1` -> `v0.14.0`

SonarqubeπŸ“œ

  • !5648: sonarqube update to 10.6.1-bb.6
# Changelog Updates

## [10.6.1-bb.6] - 2024-01-13
### Fixed
- Set metadata.labels in _pod.tpl to use `sonarqube.workloadLabels` variable as it already has the standard Kubernetes labels

TempoπŸ“œ

  • !5654: tempo update to 1.16.0-bb.1
  • !5609: tempo update to 1.16.0-bb.0
# Changelog Updates

## [1.16.0-bb.1] - 2025-01-15
### Removed
- Removed jaeger-ui virtual service

### Added
- Added fix for jaeger-query to install when enabled
- Added appProtocol to tempo-prom-metrics port desciption to help istio

## [1.16.0-bb.0] - 2024-12-31
### Updated
- Updated gluon: `0.5.9` -> `0.5.12`
- Updated tempo: `2.5.0` -> `2.6.1`
- Updated tempo-query: `2.5.0` -> `2.6.1`

### Changed
- Disabled tempo-query to match upstream and avoid breaking changes

ThanosπŸ“œ

  • !5610: thanos update to 15.9.1-bb.0
# Changelog Updates

## [15.9.1-bb.0] - 2025-01-03
### Upgraded
- Upgraded minio-instance from `6.0.4-bb.2` -> `6.0.4-bb.5`
- Upgraded thanos image from `v0.36.1` -> `v0.37.2`
- Upgraded gluon from `0.5.10` -> `0.5.12`

VaultπŸ“œ

  • !5657: vault update to 0.29.1-bb.3
  • !5603: set vault agent uid/gid to prometheus uid/gid to allow token access
# Changelog Updates

## [0.29.1-bb.3] - 2025-01-15
### Changed
- Updated registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s (source) v1.6.0 -> v1.6.1

VeleroπŸ“œ

  • !5625: velero update to 8.2.0-bb.0
# Changelog Updates

## [8.2.0-bb.0] - 2024-01-08
### Added
- registry1.dso.mil/ironbank/opensource/velero/velero (source) v1.15.0 -> v1.15.1
- registry1.dso.mil/ironbank/opensource/velero/velero (source) 1.15.0 -> 1.15.1
- registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-microsoft-azure (source) v1.11.0 -> v1.11.1

## [8.1.0-bb.1] - 2024-12-27
### Added
- velero/velero-plugin-for-aws v1.11.0 -> v1.11.1
- velero/velero-restore-helper v1.15.0 -> v1.15.1

WrapperπŸ“œ

  • !5623: wrapper update to 0.4.12
# Changelog Updates

## [0.4.12] - 2024-01-07
### Changed
- Added cypress tests to validate basic wrapper functionality using podinfo

Known IssuesπŸ“œ

  • Kiali - ISSUE
  • On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the flowcontrol.apiserver.k8s.io/v1beta2 api version (no longer served as of v1.29).

In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.

$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

FutureπŸ“œ

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.