UNCLASSIFIED - NO CUI

Bumped bb-common to resolve bug

Jimmy Bourquerequested to merge
128-bb-common-chart-bump into main

General MR

Summary

  • Bumped bb-common from 0.11.1 to 0.11.2 to resolve bug where ambient specific settings were enabled by default

Relevant logs/screenshots

Use Big Bang branch update-tempo-tag-1.23.3-bb.1 to validate

Prior to Upgrade (Additional TCP port 15008 is present):

kubectl get netpol allow-ingress-to-tempo-tcp-port-3200-from-ns-kiali-pod-kiali -n tempo -o yaml

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  annotations:
    generated.network-policies.bigbang.dev/local-key: tempo:3200
    generated.network-policies.bigbang.dev/remote-key: kiali-service-account@kiali/kiali
    meta.helm.sh/release-name: tempo-tempo
    meta.helm.sh/release-namespace: tempo
  creationTimestamp: "2025-12-15T12:01:24Z"
  generation: 1
  labels:
    ambient.istio.network-policies.bigbang.dev/hbone-injected: "true"
    app.kubernetes.io/managed-by: Helm
    helm.toolkit.fluxcd.io/name: tempo
    helm.toolkit.fluxcd.io/namespace: bigbang
    network-policies.bigbang.dev/direction: ingress
    network-policies.bigbang.dev/source: bb-common
  name: allow-ingress-to-tempo-tcp-port-3200-from-ns-kiali-pod-kiali
  namespace: tempo
  resourceVersion: "10287"
  uid: 8391ea67-1873-4b04-893a-64c15fafb63b
spec:
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kiali
      podSelector:
        matchLabels:
          app.kubernetes.io/name: kiali
    ports:
    - port: 3200
      protocol: TCP
    - port: 15008
      protocol: TCP
  podSelector:
    matchLabels:
      app.kubernetes.io/name: tempo
  policyTypes:
  - Ingress

After Upgrade (Additional TCP port 15008 is no longer there as expected):

kubectl get netpol allow-ingress-to-tempo-tcp-port-3200-from-ns-kiali-pod-kiali -n tempo -o yaml

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  annotations:
    generated.network-policies.bigbang.dev/local-key: tempo:3200
    generated.network-policies.bigbang.dev/remote-key: kiali-service-account@kiali/kiali
    meta.helm.sh/release-name: tempo-tempo
    meta.helm.sh/release-namespace: tempo
  creationTimestamp: "2025-12-15T12:01:24Z"
  generation: 2
  labels:
    app.kubernetes.io/managed-by: Helm
    helm.toolkit.fluxcd.io/name: tempo
    helm.toolkit.fluxcd.io/namespace: bigbang
    network-policies.bigbang.dev/direction: ingress
    network-policies.bigbang.dev/source: bb-common
  name: allow-ingress-to-tempo-tcp-port-3200-from-ns-kiali-pod-kiali
  namespace: tempo
  resourceVersion: "16436"
  uid: 8391ea67-1873-4b04-893a-64c15fafb63b
spec:
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kiali
      podSelector:
        matchLabels:
          app.kubernetes.io/name: kiali
    ports:
    - port: 3200
      protocol: TCP
  podSelector:
    matchLabels:
      app.kubernetes.io/name: tempo
  policyTypes:
  - Ingress

image

image

image

Linked Issue

issue

Upgrade Notices

N/A

Edited by Jimmy Bourque

Merge request reports

UNCLASSIFIED - NO CUI