Skip to content

Release Notes - 3.12.0📜

Please see our documentation page for more information on how to consume and deploy BigBang.\ This release was primarily tested on Kubernetes 1.33.5 (EKS).

Deprecations📜

HAProxy📜

  • Big Bang team is planning to deprecate support for the HAProxy package in BigBang. If your team/project relies on the big bang HAProxy package, please let us know, either on the Big Bang community Slack, or P1 Mattermost or by creating an issue in the big bang backlog. This will help us ensure we account for all user needs going forward. If we do not receive any feedback, we will assume the software is no longer used, and will proceed with our plan to deprecate support and updates. As of this announcement, plans are to remove HAProxy from the Big Bang umbrella in an upcoming release.

Upcoming Documentation Restructure - Feedback Requested📜

We’re preparing a significant reorganization of the Big Bang documentation that WILL BE merged after release 3.12 in orderto improve navigability and maintainability. This is currently available for review in MR #6636.

What’s Changing📜

This restructure represents the first phase of our documentation improvement initiative, focusing primarily on reorganization to make content easier to locate and navigate. Key changes include:

  • File relocations: Documentation files have been moved to more logical locations within the structure
  • Asset path updates: Content previously under /docs/assets/ has been relocated to /docs/reference/
  • Link updates: Internal documentation links have been updated to reflect the new structure
  • Binary Files: Binary files have been relocated to bb-static

Upgrade Notices📜

Headlamp - MR📜

BigBang now adds a Blackbox exporter in order to scrape metrics from Headlamp into Prometheus. Out of the box, Headlamp does not expose metrics for Prometheus to scrape. The Blackbox exporter now pulls basic metrics from Headlamp into Prometheus. The Blackbox exporter is part of the monitoring package and can be enabled by:

monitoring:
  values:
    blackboxExporter:
      enabled: true
      ...

The Blackbox exporter is auto-enabled for Headlamp if both monitoring and headlamp are enabled.

Monitoring - MR📜

BigBang now adds a Blackbox exporter in order to scrape metrics from Headlamp into Prometheus. Out of the box, Headlamp does not expose metrics for Prometheus to scrape. The Blackbox exporter now pulls basic metrics from Headlamp into Prometheus. The Blackbox exporter is part of the monitoring package and can be enabled by:

monitoring:
  values:
    blackboxExporter:
      enabled: true
      ...

The Blackbox exporter is auto-enabled for Headlamp if both monitoring and headlamp are enabled.

Upgrades from previous releases📜

If coming from a version pre-3.11.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-3.11.0.

Packages📜

Package Type Package Version BB Version
Alloy Core v1.10.0 3.2.1-bb.5
Anchore Enterprise Addon 5.20.2 3.14.2-bb.4
updated Argocd Addon v3.1.9 9.0.3-bb.2 🔗
Authservice Addon 1.1.1 1.1.1-bb.3
updated Backstage beta Addon 1.1.0 2.6.3-bb.0 🔗
Bbctl Core 2.0.0 3.0.1-bb.0
Eck Operator Core 3.1.0 3.1.0-bb.1
Elasticsearch Kibana Core Kibana: 9.1.4 Elasticsearch: 9.1.4 1.32.0-bb.0
External Secrets Operator Addon 0.20.4 0.20.4-bb.0
Fluentbit Core 4.0.8 0.52.0-bb.0
updated Fortify Addon 25.4.0.0137 1.1.2320154-bb.38 🔗
updated Gatekeeper Core v3.20.1 3.20.1-bb.1 🔗
updated Gitlab Addon 18.5.2 9.5.2-bb.0 🔗
updated Gitlab Runner Addon v18.5.0 0.82.0-bb.3 🔗
Grafana Core 12.2.0 10.0.0-bb.1
Haproxy Addon v2.2.33 1.19.3-bb.10
Harbor Addon 2.14.0 1.18.0-bb.6
updated Headlamp beta Addon 0.37.0 0.37.0-bb.1 🔗
Istio Cni Core 1.27.3 1.27.3-bb.0
Istio Crds Core 1.27.3 1.27.3-bb.0
Istio Gateway Core 1.27.3 1.27.3-bb.0
Istiod Core 1.27.3 1.27.3-bb.0
Keycloak Addon 26.4.1 7.1.4-bb.2
updated Kiali Core 2.17.0 2.17.0-bb.2 🔗
updated Kyverno Core v1.16.0 3.6.0-bb.1 🔗
Kyverno Policies Core 3.3.4 3.3.4-bb.15
Kyverno Reporter Core 3.5.0 3.5.0-bb.3
Loki Core 3.5.1 6.30.1-bb.6
updated Mattermost Addon 11.1.0 11.1.0-bb.0 🔗
updated Mattermost Operator Addon 1.25.3 1.25.3-bb.0 🔗
Metrics Server Addon v0.8.0 3.13.0-bb.3
Mimir Addon 2.17.1 5.8.0-bb.3
Minio Addon RELEASE.2025-10-15T17-29-55Z 7.1.1-bb.15
Minio Operator Addon v7.1.1 7.1.1-bb.3
updated Monitoring Core Prometheus: 3.4.2 Grafana: 12.0.2 Alertmanager: 0.28.1 75.6.1-bb.12 🔗
Neuvector Core 5.4.7 2.8.9-bb.0
Nexus Repository Manager Addon 3.84.0-03 84.0.0-bb.1
Prometheus Operator Crds Core 21.0.0 23.0.0-bb.0
Sonarqube Addon 25.10.0.114319-community 2025.5.0-bb.1
Tempo Core Tempo: 2.8.2 Tempo Query: 2.8.2 1.23.3-bb.0
Thanos Addon v0.39.2 17.2.2-bb.0
updated Twistlock Core 34.02.133 0.23.0-bb.3 🔗
Vault Addon 1.20.4 0.31.0-bb.1
updated Velero Addon 1.17.1 11.1.1-bb.2 🔗
Wrapper Core 0.4.15 0.4.15

Changes in 3.12.0📜

Argocd📜

  • !7066: argocd update to 9.0.3-bb.2 
    # Changelog Updates

## [9.0.3-bb.2] (2025-11-12)
### Changed
- Update allow-egress-external network policy to handle `vcpCidr` in addition to controlPlaneCidr
- Add `controlPlaneCidr` as a variable rather than a set value

## [9.0.3-bb.1] (2025-11-06)
### Changed
- Upgrade argo-cd helm chart 9.0.3 -> 9.1.0
- gluon 0.9.5 -> 0.9.6
- registry1.dso.mil/ironbank/big-bang/argocd v3.1.8 -> v3.1.9
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.7.0 -> v1.80.0
- registry1.dso.mil/bigbang-ci/devops-tester:1.1.2 -> registry1.dso.mil/ironbank/big-bang/devops-tester:1.0

Backstage📜

  • !7077: backstage update to 2.6.3-bb.0 
    # Changelog Updates

## [2.6.3-bb.0] - 2025-11-14
### Changed
- Updated gluon 0.8.4 ->0.9.0
- Updated backstage chart 2.6.1 -> 2.6.3
- Updated backstage 1.0.10 -> 1.1.0

## [2.5.3-bb.3] - 2025-11-13
### Changed
- Update the kube-apiserver-egress network policy template to allow setting vpcCidr

## [2.5.3-bb.2] - 2025-09-03
### Changed
- Updated backstage chart 2.6.0 -> 2.6.1
- Updated common 2.31.3 -> 2.31.4
- Updated gluon 0.7.0 -> 0.8.4

Fortify📜

  • !7051: fortify update to 1.1.2320154-bb.38 
    # Changelog Updates

## [1.1.2320154-bb.38] - 2025-11-06
### Fixed
- registry1.dso.mil/ironbank/microfocus/fortify/ssc (source) version 25.2.1.0010 -> 25.4.0.0137

Gatekeeper📜

  • !7072: gatekeeper update to 3.20.1-bb.1 
    # Changelog Updates

## [3.20.1-bb.1] (2025-11-13)
### Changed
- Update the egress api network policy to add `vpcCidr`

Gitlab📜

  • !7084: gitlab update to 9.5.2-bb.0
  • !7043: gitlab update to 9.5.1-bb.1 
    # Changelog Updates

## [9.5.2-bb.0] (2025-11-18)
### Changed
- update gitlab chart 9.5.1 -> 9.5.2
- update gluon 0.9.5 -> 0.9.6
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.79.0 -> v1.80.0
- registry1.dso.mil/ironbank/bitnami/redis 8.2.2 -> 8.2.3
- ironbank/gitlab/gitlab/gitlab-webservice (source) 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/certificates 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse 18.5.1 -> 18.5.2
- registry1.dso.mil/ironbank/redhat/ubi/ubi9 9.6 -> 9.7

## [9.5.1-bb.2] (2025-11-07)
### Changed
- update gitlab chart 9.5.0 -> 9.6.0
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.79.0 -> v1.80.0

## [9.5.1-bb.1] (2025-10-30)
### Changed
- Updated devops-tester upstream image location from registry1.dso.mil/bigbang-ci/devops-tester to registry1.dso.mil/ironbank/big-bang/devops-tester

Gitlab Runner📜

  • !7076: gitlabRunner update to 0.82.0-bb.3 
    # Changelog Updates

## [0.82.0-bb.3] (2025-10-31)
### Changed
- Update egress-runner-to-kube-api network policy to handle `vcpCidr` in addition to controlPlaneCidr

## [0.82.0-bb.2] (2025-10-31)
### Changed
- gluon 0.9.5 -> 0.9.6

Headlamp📜

  • !6868: added blackbox-exporter to values 
    # Changelog Updates

## [0.37.0-bb.1] (2025-11-11)
### Removed
- Removed subchart deps/prometheus-blackbox-exporter from headlamp

## [0.37.0-bb.0] (2025-11-07)
### Updated
- Updated registry1.dso.mil/ironbank/opensource/headlamp-k8s/headlamp (source) v0.36.0 -> v0.37.0
- Updated registry1.dso.mil/ironbank/opensource/headlamp-k8s/headlamp (source) 0.36.0 -> 0.37.0
- Updated cypress (source) 15.5.0 -> 15.6.0

Kiali📜

  • !7053: kiali update to 2.17.0-bb.2 
    # Changelog Updates

## [2.17.0-bb.2] - 2025-10-22
### Updated
- Adopt bb-common for Istio resources

Kyverno📜

  • !7069: kyverno update to 3.6.0-bb.1 
    # Changelog Updates

## [3.6.0-bb.1] (2025-11-13)
### Changed
- Updated egress-kube-api network policy to allow for setting the vpcCidr value

## [3.6.0-bb.0] (2025-11-10)
### Changed
- Updated app version from `3.5.2-bb.0` to `3.6.0-bb.0`
- Updated `background-controller`, `cleanup-controller`, `reports-controller`, `kyverno`, `kyvernocli`, `kyvernopre` from  `v1.15.2` to `v1.16.0`
- Updated gluon from `v0.9.2` to `v0.9.6`

Mattermost📜

  • !7099: mattermost update to 11.1.0-bb.0 
    # Changelog Updates

## [11.1.0-bb.0] (2025-11-14)
### Updated
- Updated registry1.dso.mil/ironbank/opensource/mattermost/mattermost 11.0.4 -> 11.1.0
- Updated registry1.dso.mil/ironbank/opensource/postgres/postgresql 18.0 -> 18.1

Mattermost Operator📜

  • !7081: mattermostOperator update to 1.25.3-bb.0 
    # Changelog Updates

## [1.25.3-bb.0] (2025-11-12)
### Changed
- Updated registry1.dso.mil/ironbank/opensource/mattermost/mattermost-operator (source) v1.25.2 -> v1.25.3

Monitoring📜

  • !7071: monitoring update to 75.6.1-bb.12
  • !6868: added blackbox-exporter to values 
    # Changelog Updates

## [75.6.1-bb.12] (2025-11-13)
### Removed
- Removed legacy references to quit istio sidecar
- Removed legacy service monitor for Istio Operator

## [75.6.1-bb.11] (2025-10-17)
### Removed
- Removed blackboxExporter exception peerAuthentication
### Changed
- prometheus-blackbox-exporter v0.26.0 -> v0.27.0

Twistlock📜

  • !7075: twistlock update to 0.23.0-bb.3 
    # Changelog Updates

## [0.23.0-bb.3] (2025-11.12)
### Changed
- Update the egress-api network policy template to allow setting vpcCidr

Velero📜

  • !7073: velero update to 11.1.1-bb.2 
    # Changelog Updates

## [11.1.1-bb.2] - 2025-11-13
### Updated
- Removed upstream CRDs

## [11.1.1-bb.1] - 2025-11-13
### Updated
- Update registry1.dso.mil/ironbank/opensource/velero/velero v1.17.0 -> v1.17.1
- Updated registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws 1.13.0 -> 1.13.1

Known Issues📜

  • bbctl Dashboards
  • CRON job output longer than 16kb will be split into multiple log entries when using the dockerd CRI causing invalid JSON structures to be imported into Loki. Use containerd as the CRI to ensure long log lines are parsed correctly
  • bbctl-violations-dashboard / bbctl-all-logs-dashboard(Violations Logs)
    • These items will not populate if you have too large of a kubernets cluster with too many violations. There is a limit to the amount of data that can be processed. If you hit this limit and need the information, you can still use the bbctl violations command to obtain the data.
  • Headlamp
  • An issue with the flux plugin being able to load certain menu items has been identified. This appears to be an issue with the javascript code used to create the plugin.
    • Menu items having an issue:
    • Kustomizations
    • HelmReleases
    • ImageAutomations
    • Notifications
  • Attempting to login using OIDC will create a login ‘loop’. See upstream issue for further information.

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.