Compare revisions

Greg Miernicki · mr-bot · Branden Cobb · Branden Cobb · mr-bot · Branden Cobb
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

 ---
+## [1.37.0]
+
+- [!1.37.0](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests?scope=all&utf8=%E2%9C%93&state=merged&milestone_title=1.37.0); List of merge requests in this release.
+
 ## [1.36.0]

 - [!1.36.0](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests?scope=all&utf8=%E2%9C%93&state=merged&milestone_title=1.36.0); List of merge requests in this release.

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -6,12 +6,6 @@ Table of Contents:

 - [Contributing to Big Bang](#contributing-to-big-bang)
  - [Developers Guide](#developers-guide)
-  - [Local Git Setup](#local-git-setup)
-    - [Pre-commit hooks](#pre-commit-hooks)
-      - [Local Setup](#local-setup)
-        - [Prereqs](#prereqs)
-        - [Steps](#steps)
-      - [Combining Multiple Commits](#combining-multiple-commits)
  - [Iron Bank Images](#iron-bank-images)
  - [Local Kubernetes cluster](#local-kubernetes-cluster)
  - [Deploying Big Bang (Quick Start)](#deploying-big-bang-quick-start)

--- a/Packages.md
+++ b/Packages.md
 # Packages

 Columns:
+
 * Logging - fluentbit configurations for standardized logging
 * Telemetry - Integration with Prometheus and dedicated Grafana dashboards as appropriate
 * Tracing - Insertion of Tracing data for application traffic
@@ -11,7 +12,7 @@ Columns:
 ## Core

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [Istio Operator](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator) |  ![Istio Operator Build](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/641) | Yes | No |
 | [Istio Controlplane](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane) | ![Istio Controlplane Build](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/632) | Yes | No |
 | [Jaeger](https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger) | ![Jaeger Build](https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger/badges/main/pipeline.svg) | No | Yes | Yes | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/602) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1295) | No |
@@ -27,7 +28,8 @@ Columns:
 | [Kyverno Policies](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno-policies) | ![Kyverno Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno-policies/badges/main/pipeline.svg) |  No | No | No | Yes | No | No |
 | [Promtail](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Promtail Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail/badges/main/pipeline.svg) |  No | No | No | Yes | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1516) | No |
 | [Loki](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Loki Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki/badges/main/pipeline.svg) |  No | No | No | Yes | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1516) | No |
-| [Tempo](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Tempo Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo/badges/main/pipeline.svg) | No | Yes | Yes | No | Yes (PERMISSIVE) | No |
+| [Tempo](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Tempo Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo/badges/main/pipeline.svg) | No | Yes | Yes | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1253) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1762) | No |
+
 <!-- | [NeuVector](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/neuvector) ![ALPHA](https://img.shields.io/badge/ALPHA-red?style=flat-square) | ![NeuVector Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/neuvector/badges/main/pipeline.svg) | No | No | No | No | No | No | -->

 ## Supported Add-Ons
@@ -35,16 +37,16 @@ Columns:
 ### Security

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [Keycloak](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak) |  ![Keycloak Build](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/536) | Yes (PERMISSIVE) | No |
 | [Anchore Enterprise](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise) | ![Anchore Build](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/505) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1594) | No |
 | [Authservice](https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice) | ![Authservice Build](https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice/badges/main/pipeline.svg) | No | Yes | Yes | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/511) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1329) | No |
-| [Vault](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Vault Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault/badges/main/pipeline.svg) |  No | No | No | Yes | Yes (PERMISSIVE) | No |
+| [Vault](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Vault Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault/badges/main/pipeline.svg) |  No | No | No | Yes | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1781) | No |

 ### Development Tools

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [Gitlab](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab)  | ![Gitlab Build](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab/badges/main/pipeline.svg)    | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/504) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1724) | No |
 | [Gitlab Runner](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab-runner) |  ![Gitlab Runner Build](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab-runner/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/522) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1724)* | No |
 | [Nexus](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/nexus) |  ![Nexus](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/nexus/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/544) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1605) | No |
@@ -55,20 +57,21 @@ Columns:
 ### Collaboration Tools

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [Mattermost](https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost)  | ![Mattermost Build](https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost/badges/main/pipeline.svg)    | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/515) | [No](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/623) | No |
 | [Mattermost Operator](https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost-operator) |  ![Mattermost Operator Build](https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost-operator/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/499) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1531) | No |

 ### Application Utilities

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [MinIO](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio)  | ![MinIO Build](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio/badges/main/pipeline.svg)    | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/550) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1566) | No |
-| [MinIO Operator](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator) |  ![MinIO Operator Build](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator/badges/main/pipeline.svg) | No | No | No | No | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1554) |No |
+| [MinIO Operator](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator) |  ![MinIO Operator Build](https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/685)] | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1554) |No |

 ### Cluster Utilities

 | Package | Status | Logging | Telemetry | Tracing | Network Policies | mTLS | Behavior Detection |
-| ----    | ---  | ---|---|---|---|---|---|
+| --- | --- | --- | --- | --- | --- | --- | --- |
 | [Argocd](https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd) |![Argo Build](https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd/badges/main/pipeline.svg)  |  No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/572) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1368) | No |
 | [Velero](https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero)  | ![Velero Build](https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/552) | [Yes (STRICT)](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1451) | No |
+| [Metrics Server](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server) ![BETA](https://img.shields.io/badge/BETA-purple?style=flat-square) | ![Metrics Server Build](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server/badges/main/pipeline.svg) | No | No | No | [Yes](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/1738) | Yes (PERMISSIVE) | No |
--- a/README.md
+++ b/README.md
 # bigbang

-![Version: 1.36.0](https://img.shields.io/badge/Version-1.36.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 1.37.0](https://img.shields.io/badge/Version-1.37.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

 Big Bang is a declarative, continuous delivery tool for core DoD hardened and approved packages into a Kubernetes cluster.

@@ -68,7 +68,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | istio.enabled | bool | `true` | Toggle deployment of Istio. |
 | istio.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git"` |  |
 | istio.git.path | string | `"./chart"` |  |
-| istio.git.tag | string | `"1.13.2-bb.1"` |  |
+| istio.git.tag | string | `"1.13.4-bb.1"` |  |
 | istio.enterprise | bool | `false` | Tetrate Istio Distribution - Tetrate provides FIPs verified Istio and Envoy software and support, validated through the FIPs Boring Crypto module. Find out more from Tetrate - https://www.tetrate.io/tetrate-istio-subscription |
 | istio.ingressGateways.public-ingressgateway.type | string | `"LoadBalancer"` |  |
 | istio.ingressGateways.public-ingressgateway.kubernetesResourceSpec | object | `{}` |  |
@@ -83,14 +83,14 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | istiooperator.enabled | bool | `true` | Toggle deployment of Istio Operator. |
 | istiooperator.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git"` |  |
 | istiooperator.git.path | string | `"./chart"` |  |
-| istiooperator.git.tag | string | `"1.13.2-bb.1"` |  |
+| istiooperator.git.tag | string | `"1.13.4-bb.0"` |  |
 | istiooperator.flux | object | `{}` | Flux reconciliation overrides specifically for the Istio Operator Package |
 | istiooperator.values | object | `{}` | Values to passthrough to the istio-operator chart: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git |
 | istiooperator.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
 | jaeger.enabled | bool | `true` | Toggle deployment of Jaeger. |
 | jaeger.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger.git"` |  |
 | jaeger.git.path | string | `"./chart"` |  |
-| jaeger.git.tag | string | `"2.30.0-bb.2"` |  |
+| jaeger.git.tag | string | `"2.32.2-bb.0"` |  |
 | jaeger.flux | object | `{"install":{"crds":"CreateReplace"},"upgrade":{"crds":"CreateReplace"}}` | Flux reconciliation overrides specifically for the Jaeger Package |
 | jaeger.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | jaeger.sso.enabled | bool | `false` | Toggle SSO for Jaeger on and off |
@@ -101,7 +101,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | kiali.enabled | bool | `true` | Toggle deployment of Kiali. |
 | kiali.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/kiali.git"` |  |
 | kiali.git.path | string | `"./chart"` |  |
-| kiali.git.tag | string | `"1.51.0-bb.0"` |  |
+| kiali.git.tag | string | `"1.51.0-bb.1"` |  |
 | kiali.flux | object | `{}` | Flux reconciliation overrides specifically for the Kiali Package |
 | kiali.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | kiali.sso.enabled | bool | `false` | Toggle SSO for Kiali on and off |
@@ -133,7 +133,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | kyvernopolicies.enabled | bool | `false` | Toggle deployment of Kyverno policies |
 | kyvernopolicies.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno-policies.git"` |  |
 | kyvernopolicies.git.path | string | `"./chart"` |  |
-| kyvernopolicies.git.tag | string | `"1.0.0-bb.12"` |  |
+| kyvernopolicies.git.tag | string | `"1.0.0-bb.13"` |  |
 | kyvernopolicies.flux | object | `{}` | Flux reconciliation overrides specifically for the Kyverno Package |
 | kyvernopolicies.values | object | `{}` | Values to passthrough to the kyverno policies chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno-policies.git |
 | kyvernopolicies.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
@@ -153,27 +153,27 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | eckoperator.enabled | bool | `true` | Toggle deployment of ECK Operator. |
 | eckoperator.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/eck-operator.git"` |  |
 | eckoperator.git.path | string | `"./chart"` |  |
-| eckoperator.git.tag | string | `"2.0.0-bb.2"` |  |
+| eckoperator.git.tag | string | `"2.2.0-bb.0"` |  |
 | eckoperator.flux | object | `{}` | Flux reconciliation overrides specifically for the ECK Operator Package |
 | eckoperator.values | object | `{}` | Values to passthrough to the eck-operator chart: https://repo1.dso.mil/platform-one/big-bang/apps/core/eck-operator.git |
 | fluentbit.enabled | bool | `true` | Toggle deployment of Fluent-Bit. |
 | fluentbit.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit.git"` |  |
 | fluentbit.git.path | string | `"./chart"` |  |
-| fluentbit.git.tag | string | `"0.20.0-bb.1"` |  |
+| fluentbit.git.tag | string | `"0.20.2-bb.0"` |  |
 | fluentbit.flux | object | `{}` | Flux reconciliation overrides specifically for the Fluent-Bit Package |
 | fluentbit.values | object | `{}` | Values to passthrough to the fluentbit chart: https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit.git |
 | fluentbit.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
 | promtail.enabled | bool | `false` | Toggle deployment of Promtail. |
 | promtail.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail.git"` |  |
 | promtail.git.path | string | `"./chart"` |  |
-| promtail.git.tag | string | `"4.2.0-bb.1"` |  |
+| promtail.git.tag | string | `"4.2.0-bb.2"` |  |
 | promtail.flux | object | `{}` | Flux reconciliation overrides specifically for the Promtail Package |
 | promtail.values | object | `{}` | Values to passthrough to the promtail chart: https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit.git |
 | promtail.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
 | loki.enabled | bool | `false` | Toggle deployment of Loki. |
 | loki.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki.git"` |  |
 | loki.git.path | string | `"./chart"` |  |
-| loki.git.tag | string | `"3.0.4-bb.3"` |  |
+| loki.git.tag | string | `"3.0.5-bb.0"` |  |
 | loki.flux | object | `{}` | Flux reconciliation overrides specifically for the Loki Package |
 | loki.strategy | string | `"monolith"` | Loki architecture.  Options are monolith and scalable |
 | loki.objectStorage.endpoint | string | `""` | S3 compatible endpoint to use for connection information. examples: "https://s3.amazonaws.com" "https://s3.us-gov-west-1.amazonaws.com" "http://minio.minio.svc.cluster.local:9000" |
@@ -186,7 +186,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | tempo.enabled | bool | `false` | Toggle deployment of Tempo. |
 | tempo.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git"` |  |
 | tempo.git.path | string | `"./chart"` |  |
-| tempo.git.tag | string | `"0.15.1-bb.1"` |  |
+| tempo.git.tag | string | `"0.15.1-bb.4"` |  |
 | tempo.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | tempo.flux | object | `{}` | Flux reconciliation overrides specifically for the Tempo Package |
 | tempo.values | object | `{}` | Values to passthrough to the Tempo chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git |
@@ -194,7 +194,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | monitoring.enabled | bool | `true` | Toggle deployment of Monitoring (Prometheus, Grafana, and Alertmanager). |
 | monitoring.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git"` |  |
 | monitoring.git.path | string | `"./chart"` |  |
-| monitoring.git.tag | string | `"35.2.0-bb.3"` |  |
+| monitoring.git.tag | string | `"35.5.1-bb.2"` |  |
 | monitoring.flux | object | `{"install":{"crds":"CreateReplace"},"upgrade":{"crds":"CreateReplace"}}` | Flux reconciliation overrides specifically for the Monitoring Package |
 | monitoring.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | monitoring.sso.enabled | bool | `false` | Toggle SSO for monitoring components on and off |
@@ -212,7 +212,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | twistlock.enabled | bool | `true` | Toggle deployment of Twistlock. |
 | twistlock.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git"` |  |
 | twistlock.git.path | string | `"./chart"` |  |
-| twistlock.git.tag | string | `"0.8.0-bb.0"` |  |
+| twistlock.git.tag | string | `"0.9.0-bb.0"` |  |
 | twistlock.flux | object | `{}` | Flux reconciliation overrides specifically for the Twistlock Package |
 | twistlock.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | twistlock.values | object | `{}` | Values to passthrough to the twistlock chart: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git |
@@ -235,7 +235,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.authservice.enabled | bool | `false` | Toggle deployment of Authservice. if enabling authservice, a filter needs to be provided by either enabling sso for monitoring or istio, or manually adding a filter chain in the values here: values:   chain:     minimal:       callback_uri: "https://somecallback" |
 | addons.authservice.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice.git"` |  |
 | addons.authservice.git.path | string | `"./chart"` |  |
-| addons.authservice.git.tag | string | `"0.5.1-bb.1"` |  |
+| addons.authservice.git.tag | string | `"0.5.1-bb.2"` |  |
 | addons.authservice.flux | object | `{}` | Flux reconciliation overrides specifically for the Authservice Package |
 | addons.authservice.values | object | `{}` | Values to passthrough to the authservice chart: https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice.git |
 | addons.authservice.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
@@ -243,7 +243,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.minioOperator.enabled | bool | `false` | Toggle deployment of minio operator and instance. |
 | addons.minioOperator.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git"` |  |
 | addons.minioOperator.git.path | string | `"./chart"` |  |
-| addons.minioOperator.git.tag | string | `"4.4.16-bb.0"` |  |
+| addons.minioOperator.git.tag | string | `"4.4.16-bb.2"` |  |
 | addons.minioOperator.flux | object | `{}` | Flux reconciliation overrides specifically for the Minio Operator Package |
 | addons.minioOperator.values | object | `{}` | Values to passthrough to the minio operator chart: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git |
 | addons.minioOperator.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
@@ -317,7 +317,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.sonarqube.enabled | bool | `false` | Toggle deployment of SonarQube. |
 | addons.sonarqube.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube.git"` |  |
 | addons.sonarqube.git.path | string | `"./chart"` |  |
-| addons.sonarqube.git.tag | string | `"1.0.26-bb.1"` |  |
+| addons.sonarqube.git.tag | string | `"1.0.29-bb.0"` |  |
 | addons.sonarqube.flux | object | `{}` | Flux reconciliation overrides specifically for the Sonarqube Package |
 | addons.sonarqube.ingress | object | `{"gateway":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | addons.sonarqube.sso.enabled | bool | `false` | Toggle SAML SSO for SonarQube. Enabling this option will auto-create any required secrets. |
@@ -345,7 +345,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.anchore.enabled | bool | `false` | Toggle deployment of Anchore. |
 | addons.anchore.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise.git"` |  |
 | addons.anchore.git.path | string | `"./chart"` |  |
-| addons.anchore.git.tag | string | `"1.18.6-bb.2"` |  |
+| addons.anchore.git.tag | string | `"1.18.6-bb.3"` |  |
 | addons.anchore.flux | object | `{"upgrade":{"disableWait":true}}` | Flux reconciliation overrides specifically for the Anchore Package |
 | addons.anchore.adminPassword | string | `""` | Initial admin password used to authenticate to Anchore. |
 | addons.anchore.enterprise | object | `{"enabled":false,"licenseYaml":"FULL LICENSE\n"}` | Anchore Enterprise functionality. |
@@ -370,7 +370,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.mattermostoperator.enabled | bool | `false` |  |
 | addons.mattermostoperator.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost-operator.git"` |  |
 | addons.mattermostoperator.git.path | string | `"./chart"` |  |
-| addons.mattermostoperator.git.tag | string | `"1.18.0-bb.0"` |  |
+| addons.mattermostoperator.git.tag | string | `"1.18.1-bb.0"` |  |
 | addons.mattermostoperator.flux | object | `{}` | Flux reconciliation overrides specifically for the Mattermost Operator Package |
 | addons.mattermostoperator.values | object | `{}` | Values to passthrough to the mattermost operator chart: https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost-operator/-/blob/main/chart/values.yaml |
 | addons.mattermostoperator.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
@@ -414,7 +414,7 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.keycloak.enabled | bool | `false` | Toggle deployment of Keycloak. if you enable Keycloak you should uncomment the istio passthrough configurations above istio.ingressGateways.passthrough-ingressgateway and istio.gateways.passthrough |
 | addons.keycloak.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git"` |  |
 | addons.keycloak.git.path | string | `"./chart"` |  |
-| addons.keycloak.git.tag | string | `"18.1.1-bb.1"` |  |
+| addons.keycloak.git.tag | string | `"18.1.1-bb.5"` |  |
 | addons.keycloak.database.host | string | `""` | Hostname of a pre-existing database to use for Keycloak. Entering connection info will disable the deployment of an internal database and will auto-create any required secrets. |
 | addons.keycloak.database.type | string | `"postgres"` | Pre-existing database type (e.g. postgres) to use for Keycloak. |
 | addons.keycloak.database.port | int | `5432` | Port of a pre-existing database to use for Keycloak. |
@@ -429,12 +429,19 @@ To start using Big Bang, you will need to create your own Big Bang environment t
 | addons.vault.enabled | bool | `false` | Toggle deployment of Vault. |
 | addons.vault.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git"` |  |
 | addons.vault.git.path | string | `"./chart"` |  |
-| addons.vault.git.tag | string | `"0.20.0-bb.1"` |  |
+| addons.vault.git.tag | string | `"0.20.1-bb.1"` |  |
 | addons.vault.flux | object | `{}` | Flux reconciliation overrides specifically for the Vault Package |
 | addons.vault.ingress | object | `{"cert":"","gateway":"","key":""}` | Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public". |
 | addons.vault.ingress.key | string | `""` | Certificate/Key pair to use as the certificate for exposing Vault Setting the ingress cert here will automatically create the volume and volumemounts in the Vault package chart |
 | addons.vault.values | object | `{}` | Values to passthrough to the vault chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git |
 | addons.vault.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |
+| addons.metricsServer.enabled | bool | `false` | Toggle deployment of metrics server. |
+| addons.metricsServer.git.repo | string | `"https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server.git"` |  |
+| addons.metricsServer.git.path | string | `"./chart"` |  |
+| addons.metricsServer.git.tag | string | `"3.8.0-bb.2"` |  |
+| addons.metricsServer.flux | object | `{}` | Flux reconciliation overrides specifically for the metrics server Package |
+| addons.metricsServer.values | object | `{}` | Values to passthrough to the metrics server chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server.git |
+| addons.metricsServer.postRenderers | list | `[]` | Post Renderers.  See docs/postrenders.md |

 ## Contributing


--- a/base/gitrepository.yaml
+++ b/base/gitrepository.yaml
@@ -11,4 +11,4 @@ spec:
  interval: 10m
  url: https://repo1.dso.mil/platform-one/big-bang/bigbang.git
  ref:
-    tag: 1.36.0
+    tag: 1.37.0
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
 apiVersion: v2
 name: bigbang
-version: 1.36.0
+version: 1.37.0
 description: Big Bang is a declarative, continuous delivery tool for core DoD hardened and approved packages into a Kubernetes cluster.

 type: application

--- a/chart/dashboards/flux/Kptfile
+++ b/chart/dashboards/flux/Kptfile
+apiVersion: kpt.dev/v1alpha1
+kind: Kptfile
+metadata:
+  name: dashboards
+upstream:
+  type: git
+  git:
+    commit: 4b4e6b1be3413358654e74f98bac5339aed28868
+    repo: https://github.com/fluxcd/flux2
+    directory: /manifests/monitoring/grafana/dashboards
+    ref: v0.26.1
--- a/chart/dashboards/flux/cluster.json
+++ b/chart/dashboards/flux/cluster.json
--- a/chart/dashboards/flux/control-plane.json
+++ b/chart/dashboards/flux/control-plane.json
--- a/chart/templates/kyverno/policies/values.yaml
+++ b/chart/templates/kyverno/policies/values.yaml
@@ -189,6 +189,17 @@ policies:

  require-drop-all-capabilities:
    validationFailureAction: audit
+    {{- if .Values.addons.gitlab.enabled }}
+    exclude:
+      any:
+      # Gitlab Redis sub-chart does not have configurable securityContext values from upstream. An issue has been opened 
+      # upstream to add these capabilities: https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3375
+      - resources:
+          namespaces:
+          - gitlab
+          names:
+          - gitlab-redis-*
+    {{- end }}

  require-istio-on-namespaces:
    enabled: {{ .Values.istio.enabled }}
@@ -211,7 +222,7 @@ policies:

  require-non-root-group:
    validationFailureAction: audit
-    {{- if or $deployRestic .Values.twistlock.enabled .Values.fluentbit.enabled .Values.promtail.enabled }}
+    {{- if or $deployRestic .Values.twistlock.enabled .Values.fluentbit.enabled .Values.promtail.enabled .Values.addons.gitlab.enabled }}
    exclude:
      any:
      {{- if $deployRestic }}
@@ -255,11 +266,20 @@ policies:
          names:
          - logging-promtail*
      {{- end }}
+      {{- if .Values.addons.gitlab.enabled }}
+      # Gitlab Redis sub-chart does not have configurable securityContext values from upstream. An issue has been opened 
+      # upstream to add these capabilities: https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3375
+      - resources:
+          namespaces:
+          - gitlab
+          names:
+          - gitlab-redis-*
+      {{- end }}
    {{- end }}

  require-non-root-user:
    validationFailureAction: audit
-    {{- if or $deployRestic .Values.twistlock.enabled .Values.fluentbit.enabled .Values.promtail.enabled }}
+    {{- if or $deployRestic .Values.twistlock.enabled .Values.fluentbit.enabled .Values.promtail.enabled .Values.addons.gitlab.enabled }}
    exclude:
      any:
      {{- if $deployRestic }}
@@ -303,6 +323,15 @@ policies:
          names:
          - logging-promtail*
      {{- end }}
+      {{- if .Values.addons.gitlab.enabled }}
+      # Gitlab Redis sub-chart does not have configurable securityContext values from upstream. An issue has been opened 
+      # upstream to add these capabilities: https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3375
+      - resources:
+          namespaces:
+          - gitlab
+          names:
+          - gitlab-redis-*
+      {{- end }}
    {{- end }}

  {{- if .Values.twistlock.enabled }}
@@ -425,7 +454,7 @@ policies:

  # NOTE: This restricts the ability to have PVCs when using a local path provisioner storage class (i.e. k3d default).
  # To override either disable this policy (not ideal) or add an allowed wildcard matching where local paths are provisioned.
-  # See `/docs/example_configs/policy-overrides-k3d.yaml` for an example of how to do this for k3d.
+  # See `docs/assets/configs/example/policy-overrides-k3d.yaml` for an example of how to do this for k3d.
  restrict-host-path-mount-pv:
    validationFailureAction: enforce


--- a/chart/templates/logging/fluentbit/values.yaml
+++ b/chart/templates/logging/fluentbit/values.yaml
@@ -41,6 +41,7 @@ config:
        HTTP_User                elastic
        HTTP_Passwd              ${FLUENT_ELASTICSEARCH_PASSWORD}
        Logstash_Format          On
+        Suppress_Type_Name       On
        Retry_Limit              False
        Replace_Dots             On
        tls                      On
@@ -54,6 +55,7 @@ config:
        HTTP_User                elastic
        HTTP_Passwd              ${FLUENT_ELASTICSEARCH_PASSWORD}
        Logstash_Format          On
+        Suppress_Type_Name       On
        Logstash_Prefix          node
        Retry_Limit              False
        tls                      On

--- a/chart/templates/metrics-server/gitrepository.yaml
+++ b/chart/templates/metrics-server/gitrepository.yaml
-{{- if .Values.addons.metricsServer.enabled  }}
+{{- $enableFlag := .Values.addons.metricsServer.enabled | toString }}
+{{- $existingMetricsApi := (.Capabilities.APIVersions.Has "metrics.k8s.io/v1beta1") }}
+{{- $existingMetricsHelmRelease := (lookup "helm.toolkit.fluxcd.io/v2beta1" "HelmRelease" "bigbang" "metrics-server") }}
+{{- if or ( eq $enableFlag "true") (and (eq $enableFlag "auto") (or (not $existingMetricsApi) $existingMetricsHelmRelease)) }}
 apiVersion: source.toolkit.fluxcd.io/v1beta1
 kind: GitRepository
 metadata:

--- a/chart/templates/metrics-server/helmrelease.yaml
+++ b/chart/templates/metrics-server/helmrelease.yaml
 {{- $fluxSettingsMetrics := merge .Values.addons.metricsServer.flux .Values.flux -}}
-{{- if .Values.addons.metricsServer.enabled }}
+{{- $enableFlag := .Values.addons.metricsServer.enabled | toString }}
+{{- $existingMetricsApi := (.Capabilities.APIVersions.Has "metrics.k8s.io/v1beta1") }}
+{{- $existingMetricsHelmRelease := (lookup "helm.toolkit.fluxcd.io/v2beta1" "HelmRelease" "bigbang" "metrics-server") }}
+{{- if or ( eq $enableFlag "true") (and (eq $enableFlag "auto") (or (not $existingMetricsApi) $existingMetricsHelmRelease)) }}
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:

--- a/chart/templates/metrics-server/imagepullsecret.yaml
+++ b/chart/templates/metrics-server/imagepullsecret.yaml
-{{- if .Values.addons.metricsServer.enabled }}
+{{- $enableFlag := .Values.addons.metricsServer.enabled | toString }}
+{{- $existingMetricsApi := (.Capabilities.APIVersions.Has "metrics.k8s.io/v1beta1") }}
+{{- $existingMetricsHelmRelease := (lookup "helm.toolkit.fluxcd.io/v2beta1" "HelmRelease" "bigbang" "metrics-server") }}
+{{- if or ( eq $enableFlag "true") (and (eq $enableFlag "auto") (or (not $existingMetricsApi) $existingMetricsHelmRelease)) }}
 {{- if ( include "imagePullSecret" . ) }}
 apiVersion: v1
 kind: Secret

--- a/chart/templates/metrics-server/namespace.yaml
+++ b/chart/templates/metrics-server/namespace.yaml
-{{- if .Values.addons.metricsServer.enabled }}
+{{- $enableFlag := .Values.addons.metricsServer.enabled | toString }}
+{{- $existingMetricsApi := (.Capabilities.APIVersions.Has "metrics.k8s.io/v1beta1") }}
+{{- $existingMetricsHelmRelease := (lookup "helm.toolkit.fluxcd.io/v2beta1" "HelmRelease" "bigbang" "metrics-server") }}
+{{- if or ( eq $enableFlag "true") (and (eq $enableFlag "auto") (or (not $existingMetricsApi) $existingMetricsHelmRelease)) }}
 apiVersion: v1
 kind: Namespace
 metadata:

--- a/chart/templates/metrics-server/values.yaml
+++ b/chart/templates/metrics-server/values.yaml
-{{- if .Values.addons.metricsServer.enabled }}
-{{- include "values-secret" (dict "root" $ "package" .Values.addons.metricsServer "name" "metrics" "defaults" (include "bigbang.defaults.metrics" .)) }}
+{{- $enableFlag := .Values.addons.metricsServer.enabled | toString }}
+{{- $existingMetricsApi := (.Capabilities.APIVersions.Has "metrics.k8s.io/v1beta1") }}
+{{- $existingMetricsHelmRelease := (lookup "helm.toolkit.fluxcd.io/v2beta1" "HelmRelease" "bigbang" "metrics-server") }}
+{{- if or ( eq $enableFlag "true") (and (eq $enableFlag "auto") (or (not $existingMetricsApi) $existingMetricsHelmRelease)) }}
+{{- include "values-secret" (dict "root" $ "package" .Values.addons.metricsServer "name" "metrics" "defaults" (include "bigbang.defaults.metrics-server" .)) }}
 {{- end }}

-{{- define "bigbang.defaults.metrics" -}}
+{{- define "bigbang.defaults.metrics-server" -}}
 # hostname is deprecated and replaced with domain. But if hostname exists then use it.
 {{- $domainName := default .Values.domain .Values.hostname }}
 domain: {{ $domainName }}
@@ -26,4 +29,4 @@ networkPolicies:
  enabled: {{ .Values.networkPolicies.enabled }}
  controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}

-{{- end }}
+{{- end }}
\ No newline at end of file
--- a/chart/templates/monitoring/flux-dashboards.yaml
+++ b/chart/templates/monitoring/flux-dashboards.yaml
+{{- if .Values.monitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flux-grafana-dashboards 
+  namespace: monitoring
+  labels:
+    grafana_dashboard: "1"
+data:
+  flux-cluster-dashboard.json: |
+    {{ .Files.Get "dashboards/flux/cluster.json"  | nindent 4 }}
+  flux-control-plane-dashboard.json: |
+    {{ .Files.Get "dashboards/flux/control-plane.json" | nindent 4 }}
+{{- end }}
--- a/chart/templates/tempo/secret-objectstore.yaml
+++ b/chart/templates/tempo/secret-objectstore.yaml
+{{- if and .Values.tempo.enabled .Values.tempo.objectStorage.accessKey .Values.tempo.objectStorage.accessSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: tempo-object-storage
+  namespace: tempo
+  labels:
+    app.kubernetes.io/name: tempo
+    app.kubernetes.io/component: "core"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/opaque
+data:
+    AWS_ACCESS_KEY_ID: {{ .Values.tempo.objectStorage.accessKey | b64enc }}
+    AWS_SECRET_ACCESS_KEY: {{ .Values.tempo.objectStorage.accessSecret | b64enc }}
+{{- end }}
--- a/chart/templates/tempo/values.yaml
+++ b/chart/templates/tempo/values.yaml
@@ -9,18 +9,33 @@ podAnnotations:
  {{ include "istioAnnotation" . }}
 {{- end }}

+objectStorage: 
+  access_key_id: {{ .Values.tempo.objectStorage.accessKey }}
+  secret_access_key: {{ .Values.tempo.objectStorage.accessSecret }}
+
 tempo:
  imagePullSecrets:
  - name: private-registry
+  pullPolicy: {{ .Values.imagePullPolicy }}
+{{- with .Values.tempo.objectStorage }}
+{{- if and .endpoint .region .bucket }}
+  storage: 
+    trace:
+      backend: s3
+      s3:
+        endpoint: {{ .endpoint }}
+        bucket: {{ .bucket }}
+        region: {{ .region }}
+        insecure: {{ .insecure }}
+        forcepathstyle: true
+{{- end }}
+{{- end }}

    # hostname is deprecated and replaced with domain. But if hostname exists then use it.
 {{- $domainName := default .Values.domain .Values.hostname }}
 hostname: {{ $domainName }}
 domain: {{ $domainName }}

-tempo:
-  pullPolicy: {{ .Values.imagePullPolicy }}
-
 tempoQuery:
  pullPolicy: {{ .Values.imagePullPolicy }}


--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -56,7 +56,7 @@ sso:
    # -- Keycloak realm containing clients
    realm: baby-yoda

-  # -- Keycloak's certificate authority (PEM Format). Entered using chomp modifier (see ./docs/example_configs/dev-sso-values.yaml for example). Used by authservice to support SSO for various packages
+  # -- Keycloak's certificate authority (PEM Format). Entered using chomp modifier (see docs/assets/configs/example/dev-sso-values.yaml for example). Used by authservice to support SSO for various packages
  certificate_authority: ""

  # -- Keycloak realm's json web key output, obtained at https://<keycloak-server>/auth/realms/<realm>/protocol/openid-connect/certs
@@ -128,7 +128,7 @@ istio:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git
    path: "./chart"
-    tag: "1.13.4-bb.1"
+    tag: "1.13.5-bb.1"

  # -- Tetrate Istio Distribution - Tetrate provides FIPs verified Istio and Envoy software and support,
  # validated through the FIPs Boring Crypto module. Find out more from Tetrate - https://www.tetrate.io/tetrate-istio-subscription
@@ -244,7 +244,7 @@ istiooperator:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git
    path: "./chart"
-    tag: "1.13.4-bb.0"
+    tag: "1.13.5-bb.1"

  # -- Flux reconciliation overrides specifically for the Istio Operator Package
  flux: {}
@@ -261,7 +261,7 @@ jaeger:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger.git
    path: "./chart"
-    tag: "2.32.2-bb.0"
+    tag: "2.32.2-bb.3"

  # -- Flux reconciliation overrides specifically for the Jaeger Package
  flux:
@@ -296,7 +296,7 @@ kiali:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/kiali.git
    path: "./chart"
-    tag: "1.51.0-bb.1"
+    tag: "1.51.0-bb.3"

  # -- Flux reconciliation overrides specifically for the Kiali Package
  flux: {}
@@ -418,7 +418,7 @@ logging:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/elasticsearch-kibana.git
    path: "./chart"
-    tag: "0.7.1-bb.0"
+    tag: "0.8.0-bb.1"

  # -- Flux reconciliation overrides specifically for the Logging (EFK) Package
  flux:
@@ -458,7 +458,7 @@ eckoperator:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/eck-operator.git
    path: "./chart"
-    tag: "2.2.0-bb.1"
+    tag: "2.2.0-bb.2"

  # -- Flux reconciliation overrides specifically for the ECK Operator Package
  flux: {}
@@ -472,7 +472,7 @@ fluentbit:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit.git
    path: "./chart"
-    tag: "0.20.2-bb.0"
+    tag: "0.20.3-bb.0"

  # -- Flux reconciliation overrides specifically for the Fluent-Bit Package
  flux: {}
@@ -509,7 +509,7 @@ loki:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki.git
    path: "./chart"
-    tag: "3.0.5-bb.1"
+    tag: "3.0.5-bb.3"

  # -- Flux reconciliation overrides specifically for the Loki Package
  flux: {}
@@ -552,7 +552,7 @@ tempo:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git
    path: "./chart"
-    tag: "0.15.1-bb.5"
+    tag: "0.15.1-bb.6"

  # -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public".
  ingress:
@@ -561,6 +561,30 @@ tempo:
  # -- Flux reconciliation overrides specifically for the Tempo Package
  flux: {}

+  objectStorage:
+    # -- S3 compatible endpoint to use for connection information.
+    # examples: "s3.amazonaws.com" "s3.us-gov-west-1.amazonaws.com" "minio.minio.svc.cluster.local:9000"
+    # Note: tempo does not require protocol prefix for URL.
+    endpoint: ""
+
+    # -- S3 compatible region to use for connection information.
+    region: ""
+
+    # -- Access key for connecting to object storage endpoint.
+    accessKey: ""
+
+    # -- Secret key for connecting to object storage endpoint.
+    # Unencoded string data. This should be placed in the secret values and then encrypted
+    accessSecret: ""
+
+    # -- Bucket Names for Loki as a comma delimited list.
+    # examples: "tempo-traces"
+    bucket: ""
+
+    # -- Whether or not objectStorage connection should require HTTPS, if connecting to in-cluster object
+    # storage on port 80/9000 set this value to true.
+    insecure: false
+
  # -- Values to passthrough to the Tempo chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git
  values: {}

@@ -578,7 +602,7 @@ monitoring:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git
    path: "./chart"
-    tag: "35.5.1-bb.2"
+    tag: "36.2.1-bb.1"

  # -- Flux reconciliation overrides specifically for the Monitoring Package
  flux:
@@ -639,7 +663,7 @@ twistlock:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git
    path: "./chart"
-    tag: "0.9.0-bb.1"
+    tag: "0.9.0-bb.3"

  # -- Flux reconciliation overrides specifically for the Twistlock Package
  flux: {}
@@ -664,7 +688,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd.git
      path: "./chart"
-      tag: "4.2.3-bb.3"
+      tag: "4.9.12-bb.1"

    # -- Flux reconciliation overrides specifically for the ArgoCD Package
    flux: {}
@@ -716,7 +740,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice.git
      path: "./chart"
-      tag: "0.5.1-bb.2"
+      tag: "0.5.1-bb.4"

    # -- Flux reconciliation overrides specifically for the Authservice Package
    flux: {}
@@ -789,7 +813,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab.git
      path: "./chart"
-      tag: "6.0.1-bb.2"
+      tag: "6.0.1-bb.5"

    # -- Flux reconciliation overrides specifically for the Gitlab Package
    flux: {}
@@ -913,7 +937,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/nexus.git
      path: "./chart"
-      tag: "38.0.0-bb.2"
+      tag: "38.0.0-bb.3"

    # -- Base64 encoded license file.
    license_key: ""
@@ -978,7 +1002,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube.git
      path: "./chart"
-      tag: "1.0.29-bb.1"
+      tag: "1.0.29-bb.2"

    # -- Flux reconciliation overrides specifically for the Sonarqube Package
    flux: {}
@@ -1064,7 +1088,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise.git
      path: "./chart"
-      tag: "1.18.6-bb.3"
+      tag: "1.18.6-bb.6"

    # -- Flux reconciliation overrides specifically for the Anchore Package
    flux:
@@ -1167,7 +1191,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost.git
      path: "./chart"
-      tag: "6.7.0-bb.0"
+      tag: "7.0.1-bb.1"

    # -- Flux reconciliation overrides specifically for the Mattermost Package
    flux: {}
@@ -1266,7 +1290,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero.git
      path: "./chart"
-      tag: "2.29.0-bb.4"
+      tag: "2.30.1-bb.0"

    # -- Flux reconciliation overrides specifically for the Velero Package
    flux: {}
@@ -1294,7 +1318,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git
      path: "./chart"
-      tag: "18.1.1-bb.5"
+      tag: "18.1.1-bb.6"

    database:
      # -- Hostname of a pre-existing database to use for Keycloak.
@@ -1343,7 +1367,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git
      path: "./chart"
-      tag: "0.20.1-bb.1"
+      tag: "0.20.1-bb.4"

    # -- Flux reconciliation overrides specifically for the Vault Package
    flux: {}
@@ -1366,8 +1390,10 @@ addons:
  # Metrics Server
  #
  metricsServer:
-    # -- Toggle deployment of metrics server.
-    enabled: false
+    # -- Toggle deployment of metrics server
+    # Acceptable options are enabled: true, enabled: false, enabled: auto
+    # true = enabled / false = disabled / auto = automatic (Installs only if metrics API endpoint is not present)
+    enabled: auto
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server.git
      path: "./chart"
No results found