Release Notes - 2.46.0📜
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).
Upgrade Notices📜
- Monitoring - MR:
- Customer should review the Prometheus 3.0 migration guide
-
Breaking change: This release upgrades jumps to Prometheus 3.1; in Prometheus 3.0 The implicit fallBackScraper protocol has been removed in the event issues with a ServiceMonitor returning invalid data. This seems to have only affected the gitlab-exporter in Big Bang see upstream issue, resulting in the following error with the GitLab exporter target in Prometheus: > Error scraping target: cannot parse Content-Type “text/plain; version=0.0.4; charset=utf-8” and no fallback_scrape_protocol for target mime: invalid media parameter
See known issues for a resolution - BigBang - MR: - Add Grafana Mimir as an addon package, the package is disabled by default. - Sonarqube - MR: - Postgresql using the builtin bitnami module does not upgrade gracefully. You must manually backup and restore your database before accepting this upgrade. Using the builtin postgresql module is not a supported configuration in production environments.
Upgrades from previous releases📜
If coming from a version pre-2.45.1
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.45.1
.
Packages📜
Package | Type | Package Version | BB Version |
---|---|---|---|
Alloy | Addon | 1.5.1 |
1.6.18-bb.0 |
Addon | 5.13.1 |
3.3.2-bb.0 🔗 |
|
Addon | 2.13.3 |
7.7.13-bb.1 🔗 |
|
Authservice | Addon | 1.0.3 |
1.0.3-bb.0 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.22 |
Core | 2.16.1 |
2.16.1-bb.0 🔗 |
|
Core | Kibana 8.17.1 Elasticsearch 8.17.1 |
1.25.0-bb.0 🔗 |
|
Addon | 0.13.0 |
0.13.0-bb.1 🔗 |
|
Core | 3.2.5 |
0.48.5-bb.0 🔗 |
|
Fortify | Addon | 24.4.2.0009 |
1.1.2320154-bb.22 |
Gatekeeper | Core | 3.18.2 |
3.18.2-bb.0 |
Gitlab | Addon | 17.8.1 |
8.8.1-bb.0 |
Addon | 17.8.0 |
0.73.0-bb.0 🔗 |
|
Core | 11.4.0 |
8.8.5-bb.0 🔗 |
|
Haproxy | Addon | 2.2.33 |
1.19.3-bb.8 |
Harbor | Addon | 2.11.0 |
1.16.1-bb.0 |
Holocron | Addon | 3.3.2 |
1.0.12 |
Istio Controlplane | Core | Istio 1.23.4 Tetrate Istio Distro 1.23.4 |
1.23.4-bb.0 |
Istio Operator | Core | Istio Operator 1.23.4 Tetrate Istio Distro Operator 1.23.4 |
1.23.4-bb.0 |
Core | 1.62.0 |
2.57.0-bb.1 🔗 |
|
Keycloak | Addon | 25.0.6 |
2.5.1-bb.5 |
Core | 2.4.0 |
2.4.0-bb.1 🔗 |
|
Core | 1.13.2 |
3.3.4-bb.1 🔗 |
|
Kyverno Policies | Core | 3.3.4 |
3.3.4-bb.1 |
Kyverno Reporter | Core | 2.20.2 |
2.24.2-bb.2 |
Core | 3.3.2 |
6.24.0-bb.3 🔗 |
|
Mattermost | Addon | 10.4.2 |
10.4.2-bb.0 |
Mattermost Operator | Addon | 1.22.1 |
1.22.1-bb.1 |
Metrics Server | Addon | 0.7.2 |
3.12.2-bb.1 |
Addon | '2.14.2' |
5.5.1-bb.4 |
|
Addon | RELEASE.2025-01-20T14-49-07Z |
7.0.0-bb.0 🔗 |
|
Addon | 7.0.0 |
7.0.0-bb.0 🔗 |
|
Core | Prometheus 3.1.0 Grafana 11.4.0 Alertmanager 0.27.0 |
67.11.0-bb.0 🔗 |
|
Neuvector | Core | 5.4.1 |
2.8.3-bb.0 |
Addon | 3.75.0-06 |
75.0.0-bb.2 🔗 |
|
Promtail | Core | 3.3.2 |
6.16.6-bb.0 |
Addon | 10.7.0-community |
10.7.0-bb.0 🔗 |
|
Core | Tempo 2.7.0 Tempo Query 2.7.0 |
1.18.1-bb.0 🔗 |
|
Thanos | Addon | 0.37.2 |
15.9.1-bb.0 |
Core | 33.01.137 |
0.18.0-bb.1 🔗 |
|
Addon | 1.18.3 |
0.29.1-bb.4 🔗 |
|
Addon | 1.15.2 |
8.3.0-bb.0 🔗 |
|
Wrapper | Core | N / A | 0.4.12 |
Changes in 2.46.0📜
Big Bang MRs📜
- !5711: #2492 : Fix metallb deployments and the “recreate/rebuild” prompt
- !5652: Add post-renderer documentation
- !5547: Rewrite the quickstart document, write a new quickstart script, and refactor k3d-dev to support it
- !5681: Resolve “Update Documentation to not Support Internal Databases”
- !5646: set Gitlab object store endpoint when using IAM profile
- !5684: add fallback scrape config for Gitlab Prometheus Service Monitor
- !5674: Dynamic NS selector labels for Istio Operatorless Network Policies
- !5598: Add ability to disable minio-operator dependency for MM
- !5722: Resolve “Update Licensing Model doc to include Mimir”
Anchore Enterprise📜
# Changelog Updates
## [3.3.2-bb.0] - 2025-01-22
### Changed
- Updated Anchore Enterprise chart to `3.3.2`
- Updated Redis to `7.4.2`
- Updated Redis to `20.6.2-bb.0`
- Updated gluon to `0.5.14`
## [3.3.1-bb.1] - 2025-01-13
### Changed
- ability to disable `ensure-anchore-db` job
Argocd📜
- !5693: argocd update to 7.7.13-bb.1
# Changelog Updates
## [7.7.13-bb.1] - 2025-01-21
### Changed
- Updated gluon from 0.5.12 -> 0.5.14
## [7.7.13-bb.0] - 2025-01-14
### Changed
- Update ironbank/big-bang/argocd v2.13.2 -> v2.13.3
- Update registry1.dso.mil/ironbank/big-bang/argocd v2.13.2 -> v2.13.3
- Update redis chart 20.6.0-bb.0 -> 20.6.2-bb.0
- Update registry1.dso.mil/ironbank/bitnami/redis 7.4.1 -> 7.4.2
Eck Operator📜
- !5692: eckOperator update to 2.16.1-bb.0 and elasticsearchKibana update to 1.25.0-bb.0
# Changelog Updates
## [2.16.0-bb.1] - 2025-1-23
### Changed
- eck-operator 2.16.0 -> 2.16.1
Elasticsearch Kibana📜
- !5692: eckOperator update to 2.16.1-bb.0 and elasticsearchKibana update to 1.25.0-bb.0
# Changelog Updates
## [1.25.0-bb.0] - 2025-01-22
### Changed
- gluon updated from 0.5.12 to 0.5.14
- ironbank/elastic/elasticsearch/elasticsearch updated from 8.17.0 to 8.17.1
- ironbank/elastic/kibana/kibana updated from 8.17.0 to 8.17.1
- ironbank/opensource/kubernetes/kubectl updated from v1.30.8 to v1.30.9
- update kibana init container name from eks-operator 2.16.1 update: https://github.com/elastic/cloud-on-k8s/issues/8426
External Secrets📜
- !5720: externalSecrets update to 0.13.0-bb.1
- !5716: externalSecrets update to 0.13.0-bb.0
- !5685: externalSecrets update to 0.12.1-bb.2
# Changelog Updates
## [0.13.0-bb.1] - 2025-02-03
### Changed
- Updated kpt file to reflect new update to v0.13.0
## [0.13.0-bb.0] - 2025-01-29
### Changed
- Updated registry1.dso.mil/ironbank/opensource/external-secrets/external-secrets v0.12.1 -> v0.13.0
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl -> v1.30.8 -> v1.30.9
## [0.12.1-bb.2] - 2024-01-16
### Added
- Updated gluon 0.5.12 -> 0.5.14
Fluentbit📜
- !5719: fluentbit update to 0.48.5-bb.0
# Changelog Updates
## [0.48.5-bb.0] - 2025-01-28
### Updated
- Updated fluent-bit: 3.2.4 -> 3.2.5
Gitlab Runner📜
- !5694: gitlabRunner update to 0.73.0-bb.0
# Changelog Updates
## [0.73.0-bb.0] - 2025-01-22
### Changed
- gluon 0.5.12 -> 0.5.14
- ironbank/gitlab/gitlab-runner/gitlab-runner (source) v17.5.4 -> v17.8.0
- ironbank/gitlab/gitlab-runner/gitlab-runner (source) v17.5.4 -> v17.8.0
- ironbank/gitlab/gitlab-runner/gitlab-runner-helper (source) v17.5.4 -> v17.8.0
- registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner (source) v17.5.4 -> v17.8.0
- registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner-helper (source) v17.5.4 -> v17.8.0
Grafana📜
- !5713: grafana update to 8.8.5-bb.0
# Changelog Updates
## [8.8.2-bb.2] - 2025-01-28
### Changed
- grafana chart updated from 8.8.2 to 8.8.5
- gluon updated from 0.5.12 to 0.5.14
- ironbank/kiwigrid/k8s-sidecar updated from 1.29.0 to 1.29.1
Jaeger📜
- !5697: jaeger update to 2.57.0-bb.1
# Changelog Updates
## [2.57.0-bb.1] - 2025-01-17
### Updated
- jaegertracing/jaeger-operator 1.61.0 -> 1.62.0
- ingress-nginx/kube-webhook-certgen v1.4.3 -> v1.5.1
- aegertracing/all-in-one 1.61.0 -> 1.64.0
- jaegertracing/jaeger-agent 1.61.0 -> 1.62.0
- jaegertracing/jaeger-collector 1.61.0 -> 1.65.0
- jaegertracing/jaeger-es-index-cleaner 1.61.0 -> 1.65.0
- jaegertracing/jaeger-ingester 1.61.0 -> 1.65.0
- jaegertracing/jaeger-operator 1.61.0 -> 1.62.0
- jaegertracing/jaeger-query 1.61.0 -> 1.65.0
- kubernetes/kubectl v1.30.5 -> v1.30.9
Kiali📜
- !5706: Kiali update to 2.4.0-bb.1 - Adds support for Operatorless Network Policies
- !5673: kiali update to 2.4.0-bb.0
# Changelog Updates
## [2.4.0-bb.1] - 2025-01-29
### Changed
- Added support for istio Operatorless network policy values
## [2.4.0-bb.0] - 2025-01-20
### Changed
- Updated Kiali and Kiali-operator to v2.4.0
- Updated Gluon to v0.5.14
Kyverno📜
- !5688: kyverno update to 3.3.4-bb.1
# Changelog Updates
## [3.3.4-bb.1] - 2024-01-21
### Changed
- Increase default package memory limit for admissionController to 1Gi
- Increase default package vCPU limit for admissionController to 1 core
- Update gluon to v0.5.14
Loki📜
# Changelog Updates
## [6.24.0-bb.3] - 2025-01-31
### Added
- Added the `app.kubernetes.io: minio` label to the default tenant configuration
## [6.24.0-bb.2] - 2025-01-29
### Added
- Added the `app: minio` label to the default tenant configuration
Minio📜
# Changelog Updates
## [7.0.0-bb.0] - 2025-01-28
### Changed
- Updated minio-instance to v7.0.0
- Updated ironbank/opensource/minio/minio (source) RELEASE.2024-12-13T22-19-12Z -> RELEASE.2025-01-20T14-49-07Z
- Updated registry1.dso.mil/ironbank/opensource/minio/mc (source) RELEASE.2024-11-21T17-21-54Z -> RELEASE.2025-01-17T23-25-50Z
- Updated registry1.dso.mil/ironbank/opensource/minio/minio (source) RELEASE.2024-12-13T22-19-12Z -> RELEASE.2025-01-20T14-49-07Z
## [6.0.4-bb.6] - 2025-01-21
### Changed
- Updated gluon 0.5.12 -> 0.5.14
Minio Operator📜
- !5708: minioOperator update to 7.0.0-bb.0
# Changelog Updates
## [7.0.0-bb.0] - 2025-01-24
### Changed
- ironbank/opensource/minio/operator (source) v6.0.4 -> v7.0.0
- registry1.dso.mil/ironbank/opensource/minio/operator (source) v6.0.4 -> v7.0.0
- registry1.dso.mil/ironbank/opensource/minio/operator-sidecar v6.0.2 -> v7.0.0
Monitoring📜
- !5696: monitoring update to 67.11.0-bb.0
# Changelog Updates
## [67.11.0-bb.0] - 2025-01-17
### Updated
- Updated gluon 0.5.12 -> 0.5.14
- Updated k8s-sidecar 1.28.4 -> 1.29.0
- Updated kube-webhook-certgen v1.5.0 -> v1.5.1
- Updated kubectl v1.30.8 -> v1.30.9
- Updated prometheus v3.0.1 -> v3.1.0
- Updated snmp_exporter v0.26.0 -> v0.27.0
- Updated grafana 8.8.2 -> 8.8.4
- Updated windows_exporter v0.7.0 -> v0.8.0
Nexus📜
- !5689: SKIP UPGRADE CHECK nexusRepositoryManager update to 75.0.0-bb.2
# Changelog Updates
## [75.0.0-bb.2] - 2025-01-24
### Changed
- Updated Gluon 0.5.12 -> 0.5.14
- ironbank/sonatype/nexus/nexus (source) 3.75.0-06 -> 3.75.0-06
- registry1.dso.mil/bigbang-ci/devops-tester (source) 1.1.1 -> 1.1.2
- registry1.dso.mil/ironbank/sonatype/nexus/nexus (source) 3.75.0-06 -> 3.75.0-06
Sonarqube📜
- !5678: SKIP UPGRADE sonarqube update to 10.7.0-bb.0
# Changelog Updates
## [10.7.0-bb.0] - 2025-01-24
### Changed
- Updated Gluon 0.5.12 -> 0.5.14
- ironbank/big-bang/sonarqube-10 10.6.0-community -> 10.7.0-community
- registry1.dso.mil/ironbank/big-bang/sonarqube-10 10.6.0 -> 10.7.0
- registry1.dso.mil/ironbank/big-bang/sonarqube-10 10.6.0-community -> 10.7.0-community
- registry1.dso.mil/ironbank/bitnami/postgres-exporter 0.15.0 -> 0.16.0
- registry1.dso.mil/ironbank/opensource/postgres/postgresql12 12.19 -> 12.22
- registry1.dso.mil/ironbank/opensource/prometheus/jmx-exporter 0.17.2 -> 1.0.1
Tempo📜
- !5680: tempo update to 1.18.1-bb.0
# Changelog Updates
## [1.18.1-bb.0] - 2025-01-15
### Updated
- Updated tempo: `2.6.1` -> `2.7.0`
- Updated tempo-query `2.6.1` -> `2.7.0`
Twistlock📜
- !5705: twistlock update to 0.18.0-bb.1
# Changelog Updates
## [0.18.0-bb.1] - 2025-01-24
### Changed
- remove upgrade-job
Vault📜
- !5675: vault update to 0.29.1-bb.4
# Changelog Updates
## [0.29.1-bb.4] - 2025-01-22
### Changed
- Updated gluon 0.5.12 -> 0.5.14
Velero📜
# Changelog Updates
## [8.3.0-bb.0] - 2025-01-22
### Added
- registry1.dso.mil/ironbank/opensource/kubernetes/kubectl (source) v1.30.8 -> v1.30.9
- registry1.dso.mil/ironbank/opensource/velero/velero (source) v1.15.1 -> v1.15.2
- registry1.dso.mil/ironbank/opensource/velero/velero (source) 1.15.1 -> 1.15.2
## [8.2.0-bb.1] - 2025-01-16
### Added
- Updated velero/velero-restore-helper v1.15.1 -> v1.15.2
Known Issues📜
- Kiali - ISSUE
- On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the
flowcontrol.apiserver.k8s.io/v1beta2
api version (no longer served as of v1.29).
In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.
$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io
-
- If you have a manually created gitlab-rails secret, your upgrade may fail with:
$ Errno::EBUSY: Device or resource busy @ rb_file_s_rename - (/srv/gitlab/config/secrets.yml, /srv/gitlab/config/secrets.yml.orig.1738013281)
- In order to resolve this you will likely need to manually generate the other 3 secrets described here
- if you see in Prometheus the Error scraping target for the Gitlab-exporter, mentioned in the upgrade notices please read the following :
Steps to Resolve
1. **Verify Service Monitor Configuration** Use the following command to check if the `fallbackScrapeProtocol` line is present: `kubectl -n gitlab get servicemonitor gitlab-gitlab-exporter -o yaml` If the `fallbackScrapeProtocol: PrometheusText1.0.0` is missing, proceed with the next steps. 2. **Update Service Monitor** First, export the current service monitor configuration: `kubectl -n gitlab get servicemonitor gitlab-gitlab-exporter -o yaml > servicemonitor_gitlab_exporter.yaml` Then, delete the existing service monitor: `kubectl -n gitlab delete servicemonitor gitlab-gitlab-exporter` 3. **Redeploy or Update the Helm Release** Redeploy BigBang or force a redeployment of the Helm release. This should ensure that the `fallbackScrapeProtocol: PrometheusText1.0.0` is included, resolving the Prometheus scraping error.
- If you have a manually created gitlab-rails secret, your upgrade may fail with:
Helpful Links📜
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future📜
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.