Skip to content

Release Notes - 2.54.0📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.32.3 (EKS).

Big Bang 3.0 is scheduled for release on June 13, 2025📜

Check out some of the epics and issues making it into this release. Register to attend our next briefing, scheduled for Thursday 5 June 2025 at 1300 CT! Please e-mail aflcmc.hncx.platformonebigbang@us.af.mil if you would like to be added to our Big Bang Distro List for the latest Big Bang BBTOC, Immersion Series, and e-mail updates

Operatorless Istio is now generally available!📜

Users are strongly encouraged to begin their Istio migration away from operator to helm with this release. Istio operator will not be available in Big Bang 3.0.

Read in greater depth about the Operatorless Istio Migration on our blog.

Version 2.54, will be the last update in the 2.x series and will reach end-of-life (EOL) upon the release of Big Bang 3.0

Upgrade Notices📜

  • Gitlab - MR:
    • This is a major version change for Gitlab and as such there are some breaking changes that users may need to be aware of. Gitlab lists all of the changes on their blog:
    • https://about.gitlab.com/blog/2025/04/18/a-guide-to-the-breaking-changes-in-gitlab-18-0/
    • We have upgraded the built in postgres to version 17.4.0 that is hosted in Iron Bank. if you are not going by recommended route of using an external database for Gitlab, you will need to manually migrate your data from Postgres 16 to 17 before/during the upgrade. Otherwise, you will run into an error.
  • Kyverno - MR:
    • Refactoring package with passthrough pattern. Passing values will require an additional layer of overlay: Values.kyverno.values
  • Metrics-server - MR:

    • All package specific values will now need to be shifted under the upstream key.
    • Example:

    Previous Values

    image:
      repository: registry1.dso.mil/ironbank/opensource/kubernetessigs/metricsserver
      # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
      tag: "v0.7.2"
      pullPolicy: IfNotPresent
    imagePullSecrets:
      name: privateregistry
    
    Updated Values
    upstream:
      image:
        repository: registry1.dso.mil/ironbank/opensource/kubernetessigs/metricsserver
        # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
        tag: "v0.7.2"
        pullPolicy: IfNotPresent
      imagePullSecrets:
        name: privateregistry
    
    - Please note this does not apply to Big Bang specific top level keys including domain, sso, istio, networkPolicies, bbtests, and waitJob. - Monitoring - MR: - This version adds an enabled flag to the prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget settings. Users who want this chart to deploy a podDisruptionBudget must now set the flag podDisruptionBudget.enabled to true for each podDisruptionBudget resource to be created.

Upgrades from previous releases📜

If coming from a version pre-2.53.1, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.53.1.

Packages📜

Package Type Package Version BB Version
Alloy Core 1.7.1 2.0.27-bb.0
Anchore Enterprise Addon 5.17.0 3.7.0-bb.0
Argocd Addon 2.14.11 7.9.0-bb.0
Authservice Addon 1.0.4 1.0.4-bb.3
Updated Backstage BETA Addon 1.0.7 2.5.2-bb.1 🔗
Updated Bbctl Core 1.2.0 1.0.0-bb.9 🔗
Cluster Auditor Core 0.0.7 1.5.0-bb.25
Eck Operator Core 3.0.0 3.0.0-bb.0
Updated Elasticsearch Kibana Core Kibana 8.18.1 Elasticsearch 8.18.1 1.28.0-bb.6 🔗
External Secrets Addon 0.16.1 0.16.2-bb.1
Fluentbit Core 4.0.1 0.48.10-bb.0
Updated Fortify Addon 24.4.3.0003 1.1.2320154-bb.26 🔗
Updated Gatekeeper Core 3.19.1 3.19.1-bb.0 🔗
Updated Gitlab Addon 18.0.0 9.0.1-bb.0 🔗
Updated Gitlab Runner Addon 17.10.0 0.75.1-bb.2 🔗
Grafana Core 11.6.1 8.14.0-bb.0
Haproxy Addon 2.2.33 1.19.3-bb.10
Harbor Addon 2.11.0 1.16.2-bb.4
Updated Headlamp BETA Addon 0.30.0 0.30.1-bb.8 🔗
Istio Controlplane Core Istio 1.23.6 Tetrate Istio Distro 1.23.6 1.23.6-bb.1
Istio Crds BETA Core 1.25.2 1.25.2-bb.0
Istio Gateway BETA Core 1.25.2 1.25.2-bb.1
Istio Operator Core Istio Operator 1.23.6 Tetrate Istio Distro Operator 1.23.6 1.23.6-bb.0
Istiod BETA Core 1.25.2 1.25.2-bb.4
Jaeger Core 1.62.0 2.57.0-bb.8
Keycloak Addon 26.1.4 7.0.1-bb.0
Updated Kiali Core 2.9.0 2.9.0-bb.2 🔗
Updated Kyverno Core 1.13.4 3.3.6-bb.2 🔗
Updated Kyverno Policies Core 3.3.4 3.3.4-bb.9 🔗
Kyverno Reporter Core 3.0.3 3.0.3-bb.1
Loki Core 3.5.0 6.29.0-bb.1
Updated Mattermost Addon 10.8.1 10.8.1-bb.0 🔗
Mattermost Operator Addon 1.23.0 1.23.0-bb.0
Updated Metrics Server Addon 0.7.2 3.12.2-bb.4 🔗
Mimir Addon '2.16.0' 5.7.0-bb.1
Updated Minio Addon RELEASE.2025-04-22T22-12-26Z 7.1.1-bb.0 🔗
Minio Operator Addon 7.1.1 7.1.1-bb.0
Updated Monitoring Core Prometheus 3.3.1 Grafana 12.0.0 Alertmanager 0.28.1 72.2.0-bb.0 🔗
Updated Neuvector Core 5.4.4 2.8.6-bb.0 🔗
Nexus Addon 3.79.0-09 79.0.0-bb.0
Promtail Core 3.5.0 6.16.6-bb.4
Updated Sonarqube Addon 10.7.0-community 10.7.0-bb.4 🔗
Updated Tempo Core Tempo 2.7.2 Tempo Query 2.7.2 1.21.1-bb.0 🔗
Thanos Addon 0.38.0 16.0.2-bb.0
Twistlock Core 34.00.141 0.20.1-bb.0
Vault Addon 1.19.3 0.30.0-bb.3
Updated Velero Addon 1.15.2 8.7.1-bb.1 🔗
Wrapper Core 0.4.15 0.4.15

Changes in 2.54.0📜

Big Bang MRs📜

  • !6319: fail gracefully if gateway does not exist
  • !6316: fix(k3d-dev): handled the case where apt doesn’t create the docker group
  • !6283: update flux dashboards for community user
  • !6285: remove root package json
  • !6269: remove right chomp on istioEnabled variable
  • !6265: add in gitlab registry exception
  • !6314: SKIP UPGRADE pass kyverno test values through new pass-through struct.
  • !6322: add kyverno and gatekpeer exceptions for bbctl cypress test pod
  • !6268: Resolve “Add missing Istio Operatorless templating function for Gitlab-runner”
  • !6260: Fix Kiali Tempo Traces
  • !6318: deprecated istio

Backstage📜

  • !6297: backstage update to 2.5.2-bb.1
  • !6273: backstage update to 2.5.2-bb.0
# Changelog Updates

## [2.5.2-bb.1] - 2025-05-22
### Changed
- update backstage image from 1.0.5 -> 1.0.7
- update gluon 0.5.19 -> 0.5.21

## [2.5.2-bb.0] - 2025-05-14
### Changed
- update gluon 0.5.15 -> 0.5.19
- update backstage chart 2.5.1 -> 2.5.2

Bbctl📜

  • !6294: bbctl update to 1.0.0-bb.9
  • !6267: bbctl update to 1.0.0-bb.8
  • !6256: bbctl update to 1.0.0-bb.7
# Changelog Updates

## [1.0.0-bb.9] - 2025-05-22
### Changed
- cypress tests to account for Grafana v12 UI updates

## [1.0.0-bb.8] - 2025-05-15
### Changed
- gluon updated from 0.5.15 to 0.5.19
- updated registry1.dso.mil/ironbank/opensource/yq/yq (source) 4.45.1 -> 4.45.4
- updated registry1.dso.mil/ironbank/redhat/ubi/ubi8-minimal (source) 8.4 -> 8.10

## [1.0.0-bb.7] - 2025-05-13
### Changed
- Added helm images annotation to Chart.yaml
- Updated resource limits to reduce OOM issues

## [1.0.0-bb.6] - 2025-05-07
### Changed
- Upgraded bbctl to application version 1.2.0
- Added bbctl base configuration values for formatting output
- Added bbctl base configuration values for skipping automatic big bang repository checkout updates
- Added bbctl base configuration values for skipping automatic bbctl update checks

## [1.0.0-bb.5] - 2025-04-22
### Changed
- Added "bigbang.dev/applicationVersions" annotation to the chart

Elasticsearch Kibana📜

  • !6296: elasticsearchKibana update to 1.28.0-bb.6
# Changelog Updates

## [1.28.0-bb.6] - 2025-05-22
### Changed
- ironbank/elastic/elasticsearch/elasticsearch updated from 8.17.4 to 8.18.1
- ironbank/elastic/kibana/kibana updated from 8.17.4 to 8.18.1

Fortify📜

  • !6287: fortify update to 1.1.2320154-bb.26
  • !6263: fortify update to 1.1.2320154-bb.25
# Changelog Updates

## [1.1.2320154-bb.26] - 2025-05-20
### Changed
- Update gluon 0.5.0 -> 0.5.20
- Updated google/golang/golang-1.24.1 -> google/golang/ubi9/golang-1.24.3
- Updated fortify to version 24.4.3.0003

## [1.1.2320154-bb.25] - 2025-05-14
### Changed
- Updated spec.selector.matchLabels for AuthorizationPolicies consistent to other resources

Gatekeeper📜

  • !6261: gatekeeper update to 3.19.1-bb.0
# Changelog Updates

## [3.19.1-bb.0] - 2025-05-14
### Changed
- gluon 0.5.15 -> 0.5.19
- registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.32.3 -> v1.32.4
- registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper v3.18.2 -> v3.19.1

Gitlab📜

  • !6325: SKIP UPGRADE CHECK: gitlab update to 9.0.1-bb.0
  • !6274: gitlab update to 8.11.2-bb.3
# Changelog Updates

## [9.0.1-bb.0] - 2025-05-29
### Changed
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.71.0 -> v1.72.1
- registry1.dso.mil/ironbank/bitnami/redis 7.4.3 -> 8.0.1
- registry1.dso.mil/ironbank/bitnami/redis 7.4.2 -> 8.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/certificates 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl 17.11.2 -> 18.0.1
- registry1.dso.mil/ironbank/opensource/postgres/postgresql 14.17 -> 17.5
- registry1.dso.mil/ironbank/redhat/ubi/ubi9 9.5 -> 9.6

## [8.11.2-bb.3] - 2025-05-15
### Fixed
- Fixed helm test hooks to properly manage the lifecycle of test resources

Gitlab Runner📜

  • !6242: gitlabRunner update to 0.75.1-bb.2
# Changelog Updates

## [0.75.1-bb.2] - 2025-05-09
### Changed
- gluon 0.5.17 -> 0.5.19

Headlamp📜

  • !6335: headlamp update to 0.30.1-bb.8
  • !6313: headlamp update to 0.30.1-bb.7
# Changelog Updates

## [0.30.1-bb.8] - 2025-05-29
### Added
- Istio Operator-less network policy support

## [0.30.1-bb.7] - 2025-05-09
### Changed
- Updated gluon 0.5.17 -> 0.5.21
- Updated prometheus-blackbox-exporter chart 9.4.0 -> 9.5.0

## [0.30.1-bb.6] - 2025-05-06
### Changed
- Updated gluon 0.5.16 -> 0.5.17

## [0.30.1-bb.5] - 2025-04-29
### Changed
- Updated gluon 0.5.15 -> 0.5.16
- Updated registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader v0.81.0 -> v0.82.0
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl (source) v1.32.3 -> v1.32.4
- cypress (source) dependencies minor 14.3.0 -> 14.3.2

## [0.30.1-bb.4] - 2025-04-28
### Changed
- Fixed kiali auth policy filename

## [0.30.1-bb.3] - 2025-04-23
### Changed
- Integrated with service monitoring
- Added prometheus-blackbox-exporter subchart dependency

## [0.30.1-bb.2] - 2025-04-15
### Changed
- registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.30.11 -> v1.32.3
- Added cypress 14.2.0 -> 14.3.0

Kiali📜

  • !6223: kiali update to 2.9.0-bb.2
# Changelog Updates

## [2.9.0-bb.2] - 2025-05-09
### Updated
- Updated Gluon to v0.5.19

Kyverno📜

  • !6298: kyverno update to 3.3.6-bb.2
# Changelog Updates

## [3.3.6-bb.2] - 2025-04-21
### Changed
- Refactor kyverno BB package with pass-through pattern.
- Enabled bbtests for kyverno-policies for better integration testing.
- Added upstream notes to chart.yaml and readme.

Kyverno Policies📜

  • !6271: kyvernoPolicies update to 3.3.4-bb.9
# Changelog Updates

## [3.3.4-bb.9] - 2025-05-14
### Changed
- Removed waitforready job
- Updated gluon from 0.5.15 -> 0.5.19

Mattermost📜

  • !6315: mattermost update to 10.8.1-bb.0
# Changelog Updates

## [10.8.1-bb.0] - 2025-05-16
### Changed
- registry1.dso.mil/ironbank/opensource/kubernetes/kubectl (source) v1.32.4 -> v1.32.5
- registry1.dso.mil/ironbank/opensource/mattermost/mattermost (source) 10.7.2 -> 10.8.1

Metrics Server📜

  • !6291: metricsServer update to 3.12.2-bb.4
# Changelog Updates

## [3.12.2-bb.4] - 2025-04-23
### Changed
- Refactor chart to Big Bang passthrough chart pattern

Minio📜

  • !6232: minio update to 7.1.1-bb.0
# Changelog Updates

## [7.1.1-bb.0] - 2025-05-09
### Changed
- Updated minio-instance to 7.1.1
- Updated gluon from 0.5.16 -> 0.5.17
- Updated ironbank/opensource/minio/minio (source) RELEASE.2025-04-03T14-56-28Z -> RELEASE.2025-04-22T22-12-26Z
- Updated registry1.dso.mil/ironbank/opensource/minio/mc (source) RELEASE.2025-01-17T23-25-50Z -> RELEASE.2025-04-16T18-13-26Z
- Updated registry1.dso.mil/ironbank/opensource/minio/minio (source) RELEASE.2025-04-03T14-56-28Z -> RELEASE.2025-04-22T22-12-26Z

## [7.0.1-bb.1] - 2025-04-29
### Changed
- Updated gluon from 0.5.15 -> 0.5.16

Monitoring📜

  • !6243: monitoring update to 72.2.0-bb.0
# Changelog Updates

## [72.2.0-bb.0] - 2025-05-08
### Changed
- gluon 0.5.17 -> 0.5.18
- grafana 8.14.2 -> 9.0.0
- kube-prometheus-stack 71.2.0 -> 72.2.0
- quay.io/prometheus-operator/prometheus-config-reloader v0.82.0 -> v0.82.1
- registry1.dso.mil/ironbank/big-bang/grafana/grafana-plugins 11.6.1 -> 12.0.0
- registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader v0.82.0 -> v0.82.1
- registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator v0.82.0 -> v0.82.1

## [71.2.0-bb.1] - 2025-05-08
### Changed
- kube-state-metrics 5.33.0 -> 5.33.1

### Added
- prometheus-blackbox-exporter 9.0.0

### Fixed
- typo bug in flux-podmonitor

Neuvector📜

  • !6277: neuvector update to 2.8.6-bb.0
# Changelog Updates

## [2.8.6-bb.0] - 2025-05-15
### Changed
- registry1.dso.mil/ironbank/neuvector/neuvector/controller 5.4.3 -> 5.4.4
- registry1.dso.mil/ironbank/neuvector/neuvector/enforcer 5.4.3 -> 5.4.4
- registry1.dso.mil/ironbank/neuvector/neuvector/manager 5.4.3 -> 5.4.4
- update gluon subchart to v0.5.19
- update monitor subchart to v2.8.6

## [2.8.5-bb.1] - 2025-05-12
### Changed
- update renovate.json for migrate renovate config

Sonarqube📜

  • !6281: sonarqube update to 10.7.0-bb.4
# Changelog Updates

## [10.7.0-bb.4] - 2025-05-20
### Updated
- Add assertion to add delay to cypress test to workaround plugin risk page

## [10.7.0-bb.3] - 2025-05-19
### Updated
- Updated cypress test to run with larger viewport and no waits
- Updated cypress test to run with larger viewport and no waits

Tempo📜

  • !6289: tempo update to 1.21.1-bb.0
  • !6258: tempo update to 1.21.0-bb.1
# Changelog Updates

## [1.21.1-bb.0] - 2025-05-19
### Changed
- gluon 0.5.15 -> 0.5.19
- tempo 1.21.0 -> 1.21.1

## [1.21.0-bb.1] - 2025-05-14
### Added
- Added Network Policy for Kiali ingress

Velero📜

  • !6275: velero update to 8.7.1-bb.1
# Changelog Updates

## [8.7.1-bb.1] - 2025-05-13
### Changed
- Fix networkpolicy minio egress bug

Known Issues📜

  • Kyverno-Reporter - ISSUE
  • there is currently a bug within the prometheus Kyverno Reporter (serviceMonitor/kyverno-reporter/policy-reporter-monitoring/0) target

    Workaround Steps

    set both the default-istio-system and policy-reporter-default peerauthentication’s to PERMISSIVE

    kubectl edit peerauthentication default-istio-system -n istio-system
    kubectl edit peerauthentication policy-reporter-default -n kyverno-reporter
    
  • Neuvector - ISSUE

  • there is a bug preventing prometheus metrics scraping in neuvector
  • ElasticSearch Kibana - ISSUE
  • there is an upstream bug causing Kibana to occasionally force logouts while using Firefox
  • keycloak
  • keycloak may fail the upgrade. to resolve this, reconcile the helm release and then delete the pods within the keycloak namespace.

    flux reconcile hr -n bigbang keycloak --with-source --force
    kubectl delete pods -n keycloak
    
  • bbctl

  • Dashboards
    • CRON job output longer than 16kb will be split into multiple log entries when using the dockerd CRI causing invalid JSON structures to be imported into Loki. Use containerd as the CRI to ensure long log lines are parsed correctly

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.