Skip to content

Release Notes - 2.47.0📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).

Upgrade Notices📜

  • BigBang - MR:
    • Quickstart users should pay attention to the instructions printed at the end of the quickstart script, as they have changed.
  • BigBang - MR:
    • The default behavior of the k3d-dev script has been changed to better match our CI/CD pipelines and our production EKS setups. The default behavior is now to create a MetalLB load balancer. The -m flag is supported but deprecated and is now the default behavior. If you REQUIRE the old behavior, you can disable metallb with -M.

Upgrades from previous releases📜

If coming from a version pre-2.46.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.46.0.

Packages📜

Package Type Package Version BB Version
Alloy BETA Addon 1.5.1 1.6.18-bb.0
Anchore Enterprise Addon 5.13.1 3.3.2-bb.0
Updated Argocd Addon 2.14.1 7.8.0-bb.0 🔗
Updated Authservice Addon 1.0.4 1.0.4-bb.1 🔗
Cluster Auditor Core 0.0.7 1.5.0-bb.22
Eck Operator Core 2.16.1 2.16.1-bb.0
Elasticsearch Kibana Core Kibana 8.17.1 Elasticsearch 8.17.1 1.25.0-bb.0
Updated External Secrets BETA Addon 0.14.1 0.14.1-bb.0 🔗
Updated Fluentbit Core 3.2.6 0.48.5-bb.2 🔗
Fortify Addon 24.4.2.0009 1.1.2320154-bb.22
Gatekeeper Core 3.18.2 3.18.2-bb.0
Gitlab Addon 17.8.1 8.8.1-bb.0
Gitlab Runner Addon 17.8.0 0.73.0-bb.0
Updated Grafana Core 11.5.1 8.9.0-bb.0 🔗
Updated Haproxy Addon 2.2.33 1.19.3-bb.10 🔗
Harbor Addon 2.11.0 1.16.1-bb.0
Holocron Addon 3.3.2 1.0.12
Istio Controlplane Core Istio 1.23.4 Tetrate Istio Distro 1.23.4 1.23.4-bb.0
Istio Operator Core Istio Operator 1.23.4 Tetrate Istio Distro Operator 1.23.4 1.23.4-bb.0
Updated Jaeger Core 1.62.0 2.57.0-bb.2 🔗
Updated Keycloak Addon 25.0.6 2.5.1-bb.6 🔗
Updated Kiali Core 2.5.0 2.5.0-bb.0 🔗
Kyverno Core 1.13.2 3.3.4-bb.1
Kyverno Policies Core 3.3.4 3.3.4-bb.1
Kyverno Reporter Core 2.20.2 2.24.2-bb.2
Updated Loki Core 3.3.2 6.25.1-bb.0 🔗
Mattermost Addon 10.4.2 10.4.2-bb.0
Mattermost Operator Addon 1.22.1 1.22.1-bb.1
Metrics Server Addon 0.7.2 3.12.2-bb.1
Mimir BETA Addon '2.14.2' 5.5.1-bb.4
Updated Minio Addon RELEASE.2025-01-20T14-49-07Z 7.0.0-bb.1 🔗
Updated Minio Operator Addon 7.0.0 7.0.0-bb.1 🔗
Updated Monitoring Core Prometheus 3.1.0 Grafana 11.4.0 Alertmanager 0.27.0 67.11.0-bb.2 🔗
Updated Neuvector Core 5.4.1 2.8.3-bb.1 🔗
Nexus Addon 3.75.0-06 75.0.0-bb.2
Updated Promtail Core 3.3.2 6.16.6-bb.1 🔗
Sonarqube Addon 10.7.0-community 10.7.0-bb.0
Updated Tempo Core Tempo 2.7.0 Tempo Query 2.7.0 1.18.1-bb.1 🔗
Thanos Addon 0.37.2 15.9.1-bb.0
Twistlock Core 33.01.137 0.18.0-bb.1
Updated Vault Addon 1.18.4 0.29.1-bb.5 🔗
Velero Addon 1.15.2 8.3.0-bb.0
Wrapper Core N / A 0.4.12

Changes in 2.47.0📜

Big Bang MRs📜

  • !5785: Update quickstart documentation, make k3d-dev reprint instructions
  • !5779: #2517: Add –trace to k3d create command when creating a new cluster so we get more debug info on failure
  • !5771: #2514: Add long argument names to k3d-dev.sh
  • !5745: Make metalLB the default k3d load balancer, deprecate -m, add -M to disable MetalLB
  • !5733: change the helm dependency logic to only include minio-operator if minio (tenant) is enabled
  • !5726: Resolve “chart/templates/loki/values.yaml does not override domain”

Argocd📜

  • !5748: argocd update to 7.8.0-bb.0
# Changelog Updates

## [7.8.0-bb.0] - 2025-02-06
### Changed
- Update ironbank/big-bang/argocd v2.13.3 -> v2.14.1
- Update registry1.dso.mil/ironbank/big-bang/argocd v2.13.3 -> v2.14.1

Authservice📜

  • !5761: authservice update to 1.0.4-bb.1
  • !5759: authservice update to 1.0.4-bb.0
# Changelog Updates

## [1.0.4-bb.1] - 2025-02-11
### Changed
- Updated istio egress newtork policy to be more dynamic

## [1.0.4-bb.0] - 2025-02-07
### Changed
- ironbank/bitnami/redis updated from 7.4.1 to 7.4.2
- ironbank/istio-ecosystem/authservice updated from 1.0.3-ubi9 to 1.0.4-ubi9

External Secrets📜

  • !5781: externalSecrets update to 0.14.1-bb.0
  • !5728: externalSecrets update to 0.13.0-bb.2
# Changelog Updates

## [0.14.1-bb.0] - 2025-02-13
### Changed
- Updated registry1.dso.mil/ironbank/opensource/external-secrets/external-secrets (source) v0.14.0 -> v0.14.1

## [0.14.0-bb.0] - 2025-02-10
### Changed
- Updated registry1.dso.mil/ironbank/opensource/external-secrets/external-secrets (source) v0.13.0 -> v0.14.0

## [0.13.0-bb.2] - 2025-02-05
### Changed
- Removed hardcoded matchLabels

Fluentbit📜

  • !5773: fluentbit update to 0.48.5-bb.2
  • !5767: fluentbit update to 0.48.5-bb.1
# Changelog Updates

## [0.48.5-bb.2] - 2025-02-13
### Fixed
- Fixed chart rendering issue when setting hostnames for additionalOutputs fluentd and Loki

## [0.48.5-bb.1] - 2025-02-11
### Updated
- Updated fluent-bit: 3.2.5 -> 3.2.6

Grafana📜

  • !5743: grafana update to 8.9.0-bb.0
  • !5734: grafana update to 8.8.5-bb.1
# Changelog Updates

## [8.9.0-bb.0] - 2025-02-05
### Changed
- grafana chart updated from 8.8.5 to 8.9.0
- grafana updated from 11.4.0 to 11.5.1
- grafana-plugins updated from 11.4.0 to 11.5.1

## [8.8.5-bb.1] - 2025-02-03
### Changed
- Added support for istio Operatorless network policy values

Haproxy📜

  • !5747: haproxy update to 1.19.3-bb.10
# Changelog Updates

## [1.19.3-bb.10] - 2025-02-03
### Updated
- Added the image to the Chart.yaml under `.annotations.helm.sh/images`
- Updated `renovate.json` to point to the `2.4` version in `registry1.dso.mil`

## [1.19.3-bb.9] - 2024-11-26
### Updated
- Added the maintenance track annotation and badge

Jaeger📜

  • !5764: jaeger update to 2.57.0-bb.2
# Changelog Updates

## [2.57.0-bb.2] - 2025-02-07
### Updated
- jaegertracing/all-in-one 1.64.0 -> 1.65.0

Keycloak📜

  • !5762: keycloak update to 2.5.1-bb.6
# Changelog Updates

## [2.5.1-bb.6] - 2025-02-11
### Updated
- Updated istio egress and ingress network policies to be more dynamic

Kiali📜

  • !5782: kiali update to 2.5.0-bb.0
  • !5737: kiali update to 2.4.0-bb.2
# Changelog Updates

## [2.5.0-bb.0] - 2026-02-13
### Updated
- Updated Kiali and Kiali-operator to v2.5.0

## [2.4.0-bb.2] - 2026-02-06
### Changed
- No longer overriding the visualization implementation from patternfly to cytoscape

Loki📜

  • !5768: loki update to 6.25.1-bb.0
  • !5763: loki update to 6.24.0-bb.5
  • !5756: loki update to 6.24.0-bb.4
# Changelog Updates

## [6.25.1-bb.0] - 2025-02-11
### Updated
- Updated `gluon` from `0.5.12` -> `0.5.14`
- Updated `k8s-sidecar` from `1.28.4` -> `1.30.0`
- Updated `kubectl` from `v1.30.8` -> `v1.30.9`
- Updated `memcached` from `1.6.33` -> `1.6.36`
- Updated `nginx` from `1.27.3` -> `1.27.4`
- Updated `grafana-agent-operator` from `0.5.0` -> `0.5.1`
- Updated `rollout-operator` from `0.21.0` -> `0.23.0`

## [6.24.0-bb.5] - 2025-02-12
### Changed
- Updated istio ingress and egress network policies to be more dynamic

## [6.24.0-bb.4] - 2025-02-07
### Changed
- Modified Cypress test logic to address changes in Grafana Dashboard CSS

Minio📜

  • !5730: minio update to 7.0.0-bb.1
# Changelog Updates

## [7.0.0-bb.1] - 2025-02-05
### Changed
- Added correct matchLabel in peerauthentication

Minio Operator📜

  • !5760: minioOperator update to 7.0.0-bb.1
# Changelog Updates

## [7.0.0-bb.1] - 2025-02-11
### Changed
- Updated istio network policies to be more dynamic in preparation for Istio Operatorless
- Removed duplicate network policies

Monitoring📜

  • !5741: monitoring update to 67.11.0-bb.2
  • !5732: monitoring update to 67.11.0-bb.1
# Changelog Updates

## [67.11.0-bb.2] - 2025-02-07
### Added
- Added Network Policies & Authorization Policy to support Loki integration with Prometheus/AlertManager.

## [67.11.0-bb.1] - 2025-01-29
### Updated
- Added support for istio Operatorless network policy values

Neuvector📜

  • !5776: neuvector update to 2.8.3-bb.1
# Changelog Updates

## [2.8.3-bb.1] - 2025-02-12
### Changed
- Updated istio ingress and egress network policies to be more dynamic

Promtail📜

  • !5775: promtail update to 6.16.6-bb.1
# Changelog Updates

## [6.16.6-bb.1] - 2025-02-12
### Updated
- Adds support to package for Istio Operatorless Network Policy dynamic values.

Tempo📜

  • !5769: tempo update to 1.18.1-bb.1
# Changelog Updates

## [1.18.1-bb.1] - 2025-02-12
### Changed
- Added network policy for istio Operatorless

Vault📜

  • !5746: vault update to 0.29.1-bb.5
# Changelog Updates

## [0.29.1-bb.5] - 2025-02-05
### Changed
- Updated registry1.dso.mil/ironbank/hashicorp/vault (source) 1.18.3 -> 1.18.4

Known Issues📜

  • Kiali - ISSUE
  • On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the flowcontrol.apiserver.k8s.io/v1beta2 api version (no longer served as of v1.29).

In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.

$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io

  • gitlab

    • If you have a manually created gitlab-rails secret, your upgrade may fail with: 
      $ Errno::EBUSY: Device or resource busy @ rb_file_s_rename - (/srv/gitlab/config/secrets.yml, /srv/gitlab/config/secrets.yml.orig.1738013281)
    • In order to resolve this you will likely need to manually generate the other 3 secrets described here
    • if you see in Prometheus the Error scraping target for the Gitlab-exporter, mentioned in the upgrade notices please read the following :

    Steps to Resolve

    1. **Verify Service Monitor Configuration**
Use the following command to check if the `fallbackScrapeProtocol` line is present:
`kubectl -n gitlab get servicemonitor gitlab-gitlab-exporter -o yaml`
If the `fallbackScrapeProtocol: PrometheusText1.0.0` is missing, proceed with the next steps.

2. **Update Service Monitor**
First, export the current service monitor configuration:
`kubectl -n gitlab get servicemonitor gitlab-gitlab-exporter -o yaml > servicemonitor_gitlab_exporter.yaml`

    Then, delete the existing service monitor:
    `kubectl -n gitlab delete servicemonitor gitlab-gitlab-exporter`

3. **Redeploy or Update the Helm Release**
Redeploy BigBang or force a redeployment of the Helm release. This should ensure that the `fallbackScrapeProtocol: PrometheusText1.0.0` is included, resolving the Prometheus scraping error.

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.