UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Select Git revision
  • all-packages-test
  • master default protected
  • update-kyverno-reporter-tag-3.0.3-bb.0
  • test-only-kyverno-reporter-303
  • fortify-dynamic-network-policy-148
  • fluentbit-renovate-testing-20250321
  • alloy-istio-servicemonitor
  • vault-test
  • update-kyverno-policies-tag-3.3.4-bb.6
  • update-alloy-tag-2.0.16-bb.1
  • alloy-log-kyverno-exceptions
  • release-2.49.x protected
  • 2566-gateway-api-exploration
  • update-policy-tag-3.18.2-bb.3
  • update-neuvector-tag-2.8.5-bb.0
  • ioc
  • update-mimir-tag-5.5.1-bb.9
  • update_velero_egress_to_be_dynamic
  • update-policy-tag-3.18.2-bb.2
  • update-kyverno-policies-tag-3.3.4-bb.5
  • 2.49.0-rc.1 protected
  • 2.49.0-rc.0 protected
  • 2.48.0 protected
  • 2.48.0-rc.4 protected
  • 2.48.0-rc.3 protected
  • 2.48.0-rc.2 protected
  • 2.48.0-rc.1 protected
  • 2.47.0 protected
  • 2.47.0-rc.2 protected
  • 2.47.0-rc.1 protected
  • 2.47.0-rc.0 protected
  • 2.46.0 protected
  • 2.46.0-rc.0 protected
  • 2.45.1 protected
  • 2.45.1-rc.0 protected
  • 2.45.0 protected
  • 2.45.0-rc.0 protected
  • 2.44.0 protected
  • 2.44.0-rc.0 protected
  • 2.43.0 protected
40 results
Blame Permalink
2
To find the state of this project's repository at the time of any of these versions, check out the tags.
CHANGELOG.md 36.49 KiB

Big Bang Release Notes

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[1.41.0]

  • !1.41.0; List of merge requests in this release.

[1.40.0]

  • !1.40.0; List of merge requests in this release.

[1.39.0]

  • !1.39.0; List of merge requests in this release.

[1.38.0]

  • !1.38.0; List of merge requests in this release.

[1.37.0]

  • !1.37.0; List of merge requests in this release.

[1.36.0]

  • !1.36.0; List of merge requests in this release.

[1.35.0]

  • !1.35.0; List of merge requests in this release.

[1.34.0]

  • !1.34.0; List of merge requests in this release.

[1.33.0]

  • !1.33.0; List of merge requests in this release.

[1.32.0]

  • !1.32.0; List of merge requests in this release.

[1.31.0]

  • !1.31.0; List of merge requests in this release

[1.30.1]

  • !1495: Update ArgoCD image to 2.3.2

[1.30.0]

  • !1.30.0; List of merge requests in this release.

[1.29.0]

  • !1.29.0; List of merge requests in this release.

[1.28.0]

  • !1.28.0; List of merge requests in this release.

[1.27.1]

  • !1346: Update to re-enable Jaeger's sidecars

[1.27.0]

  • !1.27.0; List of merge requests in this release.

[1.26.0]

  • !1.26.0; List of merge requests in this release.

[1.25.1]

  • !1256: Gitlab version bump to 5.6.2-bb.0 app version 14.6.2

[1.25.0]

  • !1.25.0; List of merge requests in this release.

[1.24.0]

  • !1.24.0; List of merge requests in this release.

[1.23.0]

  • !1.23.0; List of merge requests in this release.

[1.22.0]

  • !1.22.0; List of merge requests in this release.

[1.21.0]

  • !1.21.0; List of merge requests in this release.

[1.20.0]

  • !1.20.0; List of merge requests in this release.

[1.19.0]

  • !1.19.0; List of merge requests in this release.

[1.18.0]

  • !1.18.0; List of merge requests in this release.

[1.17.0]

  • !1.17.0; List of merge requests in this release.

[1.16.2]

  • !919: Sonarqube version 9.2.6-bb.17-1 version bump to address erroneous duplicate template definitions for tolerations, nodeSelector & affinity

[1.16.1]

  • !887: Twistlock Network Policy & BigBang/Package value networkPolicies.nodeCidr for defender to console communication
  • !890: Adding violation exception for twistlock-defenders to use selinux spc_t settings

[1.16.0]

  • !1.16.0; List of merge requests in this release.

[1.15.3]

  • !887: Twistlock Network Policy & BigBang/Package value networkPolicies.nodeCidr for defender to console communication
  • !852: Adding violation exceptions to stop Gatekeeper blocking twistlock console deployment
  • !890: Adding violation exception for twistlock-defenders to use selinux spc_t settings

[1.15.2]

  • !846: Istio-cni hub correction to point to valid repo in registry1 & Add install-cni image to synker.yaml for air-gapped environments

[1.15.1]

  • !834: Update istio to version 1.9.8
  • !818: Fix minio istio pass down
  • !831: Fix monitoring hostNetwork violation
  • !835: Fix fluentbit hostFilesystem violation

[1.15.0]

  • !1.15.0; List of merge requests in this release.

[1.14.1]

  • !771: Intermediate update to authservice package to allow for cleaner certificate formatting
  • !782: Bumping Authservice tag to 0.4.0-bb.13 to fix mapping for values passed to redis sub-chart and uploading correct dependency sub-chart

[1.14.0]

  • !1.14.0; List of merge requests in this release.

[1.13.1]

  • !722: Bumping Gatekeeper tag, reducing pod footprint, cleaning up constraints
  • !730: Bumping Gatekeeper tag, properly excluding all of "kube-system" namespace from gatekeeper via upstream recommendation, removing "kube-system" exclusions from package values.

[1.13.0]

[1.12.1]

  • !769: Add kube-system namespace exception to all constraints that cause violations

[1.12.0]

[1.11.0]

[1.10.0]

[1.9.1]

  • !534: Bumping monitoring chart version - Addresses un-reconcilable state of monitoring package when upgrading from previous version of BigBang to 1.9.0

[1.9.0]

  • !445: Nexus added to BB
  • !488: Authservice support external redis service
  • !490: New monitoring helm tests
  • !492: Add new robot account to CI
  • !495: Add shanks as maintainers
  • !497: CAC CI upgrades
  • !499: Mattermost Operator optional network policies
  • !503: Sonarqube optional network policies
  • !504: Gitlab optional network policies
  • !509: feat: Bumping monitoring tag version
  • !510: ECK Operator optional network policies
  • !511: Authservice optional network policies
  • !513: Monitoring optional network policies
  • !514: Cluster Auditor & OPA Gatekeeper constraint-templates and added conditional enforcement

Upgrade Notices

This update includes network policies for multiple packages, please refer to each package's individual documentation on implementation.

Known Issues

  • If the following error is seen on any helm releases scheme "" not supported try updating flux to latest ib images. A simple way to do this is by adding registry credentials to the flux-system namespace and applying the flux.yaml:
kubectl create secret docker-registry private-registry --docker-server=registry1.dso.mil --docker-username=<Your IronBank Username> --docker-password=<Your IronBank Personal Access Token> --docker-email=<Your E-mail Address> -n flux-system
curl https://repo1.dso.mil/platform-one/big-bang/bigbang/-/raw/master/scripts/deploy/flux.yaml | kubectl apply -f -
  • There is a known issue with Velero ability to restore PersistentVolumes.

[1.8.0]

  • !447: Sonarqube upgrade app version 8.7.1 chart version 9.2.6-bb.8
  • !406: Authservice Support For Non Keycloak OIDC Endpoints
  • !459: Gitlab update to fix monitoring
  • !463,!480: update codeowners
  • !462: Document GitLab package architecture in charter
  • !453: Set Global Timeout for Flux & Allow for HelmRelease Flux Settings to be Populated via Values File
  • !466: Updating name for kiali oidc secret secret
  • !465: Mattermost update app version 5.34.2 chart version 0.1.5-bb.0
  • !467: update changelog for release 1.7.0
  • !468: Modify continuous integration (CI) pipeline script execution
  • !474: Update twistlock app version 21.04.412 chart version 0.0.4-bb.0
  • !464: Documentation updates
  • !475: Anchore upgrade app version 0.9.3 chart version 1.12.13-bb.0
  • !430: Charter update for istio architecture
  • !451,!481,!482: Breakout secrets into individual files in Package templates
  • !417: update Kibana
  • !350: Authservice Redirect URLs dont respect virtual service name overrides
  • !485: ArgoCD upgrade app version 1.8.4 chart version 2.14.7-bb.5
  • !476: Charter documentation updates
  • !134,!489: BETA release of Keycloak app version 13.0.0 helm chart version 11.0.0
  • !342: Upgrade elasticsearch-kibana package app version 7.10.x chart version 0.1.11-bb.0
  • !457: Add labels to authservice namespace in compliance with charter

Upgrade Notices

  • Release 1.8.0 upgrades Elasticsearch and Kibana to 7.10 versions and if the autoRollingUpgrade job does not complete successfully or is interfered with it could cause ECK data loss. Please leave autoRollingUpgrade enabled and read documentation to prepare for upgrade issues.

Known Issues

  • If the following error is seen on any helm releases scheme "" not supported try updating flux to latest ib images. A simple way to do this is by adding registry credentials to the flux-system namespace and applying the flux.yaml:
kubectl create secret docker-registry private-registry --docker-server=registry1.dso.mil --docker-username=<Your IronBank Username> --docker-password=<Your IronBank Personal Access Token> --docker-email=<Your E-mail Address> -n flux-system
curl https://repo1.dso.mil/platform-one/big-bang/bigbang/-/raw/master/scripts/deploy/flux.yaml | kubectl apply -f -
  • There is a known issue with Velero ability to restore PersistentVolumes.

[1.7.0]

  • !453: Global Timeout for flux and allow for HR flux settings to be populated via values

  • !459: Gitlab monitoring fix

  • !406: Authservice Support For Non Keycloak OIDC Endpoints

  • !447: Sonarqube updated to 8.7.1

  • !446: Mattermost elastic integration

  • !437: Postrenders

  • !440: GitLab Upgrade to 13.10.3

  • !450: Ironbank image version check script

  • !369: Update development-environment

  • !371: Update 2_getting_started

  • !483: cluster auditor architecture

  • !454: Storage Documentation

  • !221: Add initial thoughts on Hugo

  • !408: Adding Architecture Doc for ek package

  • !462: Document GitLab package architecture in charter

  • !463: Update CODEOWNERS

Upgrade Notice

UNCLASSIFIED - NO CUI