1.33.0

Now (Team)

Maintenance

Ironbank Updates - whatever Renovate Bot discovered

BigBang XForce

[pri:2] Big Bang Command Line Interface - &147 (closed)
[pri:2] Tenant Namespaces - &113 (closed)
- Pre-requisites research spike
- Need more issues added (Sync with PB first)
[pri:3] Vault into Big Bang - &99 (closed)
[pri:3] Add conditional metrics server - &152 (closed)
[pri:2] PLG (Loki) - &143 (closed)

BigBang TNR

[pri:2] Add verbose support for pipeline runs - &177 (closed)
[pri:3] Enhance Big Bang Merge Request Testing - &112 (closed)
[BLOCKED] Create Dedicated Gitlab Runners - &124

BigBang Core

[pri:2] Kyverno Policy Enforcement (Michael McLeroy) - &188
- [pri:2] Enforce run as non-root user - &204
[pri:2] Test and Support Kubernetes v1.23.x - &196 (closed)
[pri:2] NIST Control Mapping - &166 (closed)
[pri:3] Istio mTLS - &158 (closed) (discuss init containers)
[pri:3] Big Bang Core through TOC - https://repo1.dso.mil/groups/platform-one/big-bang/-/epics/149 (all in progress, awaiting shepherd guidance)
[BLOCKED] Istio enabled in Packages - &111 (mattermost)
[pri:2] Ensure all packages log to stdout - &168 (closed)

Next (Shanks)

BigBang XForce

[needs decomp] [pri:1] Increased Auditing and Alerting - &46 (closed)
[needs decomp] [pri:2] Ensure all packages log to stdout - &168 (closed)
[pri:3] Synchronize Dependency Database Versions - &178 (closed)
[pri:3] Istio Whitelist External Domains - &160
[pri:3] Appliance Mode - &123 (closed)
[pri:2] Revamp Process / Templating for BB Plugins - &184 (closed)

BigBang TNR

[pri:1] Static Site for Big Bang Documentation with MkDocs - &191 (closed)
[needs decomp] [pri:1] Enhance renovate updates with additional MR automation - &180 (closed)
[needs decomp] [pri:2] Automate New Package MRs into Big Bang - &186 (closed)

BigBang Core

[pri:3] Enable Egressgateways for Istio - &187
[pri:3] Istio Auth Policies - &159 (closed) *

Later (Anchors)

[needs priority] [pri:_] Improve Third Party Experience - &44 (closed)

BigBang XForce

[pri:2] Introduce Alerting Rules - &55 (closed) (depends on &54 (closed) user stories)
[pri:2] High Availability - &41 (closed)

BigBang TNR

[pri:2] Identify outdated "bundles" of containers for packages &185 (closed)
[pri:2] Automate security patch releases as minor BB releases &183 (closed)
[pri:3] Air Gap Implementation and Testing - &182 (closed)
[pri:4] Vendor IAC - &40
[BLOCKED] [pri:2] license for helm charts / 'licensing expectations' - &154 (closed) (need vault)

BigBang Core

[pri:2] ATO Engineering and Documentation - &72 (closed)
[BLOCKED] [pri:2] Release Falco in beta - &167 (closed) (pending IB containers / evaluating neuvector)
[BLOCKED] [pri:2] Twistlock/Prisma Cloud Compute Operator - &115 (closed)
[BLOCKED] [pri:2] Twistlock Policies for Applications - &81
- Just the research spike about how we'd decompose and execute on this.

Future OKRs

[pri:3] Refactor Big Bang - &200 (closed)
[pri:2] Provide Mechanism to obtain CVEs in Big Bang Packages / Release Notes - &189 (closed)
[pri:2] Update CONTRIBUTING guidelines and workflow (determine if public gitlab fork can merge to private gitlab) - &62 (closed) *
[pri:2] Improve metrics collection and dashboards (user stories) - &54 (closed)
[pri:3] Research Spike to Investigate Alternative for CNCF Landscape App (ADR) - &157 (closed)
[pri:3] Chart Values Comments Standards - &179 (closed)
[pri:2] Standardize Existing Repo Settings - &207
[pri:2] Release SBOMs for Big Bang Charts - &209 (closed)
[pri:2] Add Horizontal or Vertical Pod Autoscaling on all long-living pods in Big Bang - &208 (closed)
[pri:3] Bring Harbor into Big Bang - &206 (closed)
[pri:2] Enforce run as non-root group - &205
[pri:3] Edge - &45

Are this still valid

[pri:3] Standardize Logging Formats - &34 (closed)
https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator/-/issues/10
- Need to add to another epic (improving monitoring?)

Display by

Burndown chart

Remaining

Guideline

Burnup chart

Total

Completed

Unstarted Issues (open and unassigned)

Ongoing Issues (open and assigned)

Completed Issues (closed)

34 76

bigbang · Release 1.33.0
#1156 release teamci/pipelines 3
bigbang · Mattermost -> Elasticsearch connection broken by STRICT mTLS
#1155 elasticsearch kindbug mattermost teamcore/security 2
bigbang · 2022-05-02 Sprint 27 Partial Points
#1154 8
bigbang · Add PostRenderer to KC chart
#1151 BB Customer Issues Good First Issue keycloak kindenhancement priority5 teamXForce 1
bbctl · List Kyverno Policies
#35 statusdoing teamXForce 5
kustomize-helmgenerator · Work with PB team to alleviate sca pipeline stage issues with code.il2 clone
#1 kindmaintenance priority5 statusreview teamXForce 3
Pipeline Templates · Check changes shows extra changes on branches x commits behind
#44 statusreview teamci/pipelines 2
Keycloak · Keycloak plugin regex prevents underscores in client names
#55 BB Customer Issues keycloak kindenhancement priority7 teamXForce 1
promtail · Add License file to Repo
#4 Good First Issue priority5 promtail statusreview teamXForce 1
Tempo · Add License file to Repo
#7 Good First Issue priority5 statusreview teamXForce 1
monitoring · Some Image Sources have hard-coded tags
#73 kindenhancement teamcore/security 2
bigbang · BigBang support for GitLab SMTP Password Secret
#1139 BB Customer Issues gitlab priority6 teamXForce 2
Twistlock · Ensure Twistlock logs to stdout
#26 priority5 teamcore/security twistlock 1
Pipeline Templates · Improve RKE2 Pipeline Cleanup
#43 priority6 statusreview teamci/pipelines 3
Anchore · Anchore test broken in package CI
#60 anchore kindbug teamci/pipelines 2
monitoring · Renovate: Upgrade Monitoring Package Dependencies
#70 kindmaintenance teamci/pipelines 2
vault · Renovate: Upgrade Vault Package Dependencies
#16 kindmaintenance statusreview teamcore/security 1
Metrics Server · Investigate network traffic to enable API server to Metrics server communication
#2 kindenhancement priority5 teamXForce 2
Istio · ingress-istio-injected-pods has incorrect pod selector for incoming traffic
#69 istio kindbug teamcore/security 2
bigbang · Renovate: Update Flux
#1107 flux kindmaintenance teamcore/security 1
mattermost · Renovate: Upgrade Mattermost Package Dependencies
#47 kindmaintenance priority5 teamXForce 3
Kiali · Renovate: Upgrade Kiali Package Dependencies
#23 kindmaintenance teamcore/security 2
BB Docs Generator · Helm chart
#4 kindfeature priority4 statusdoing teamci/pipelines 3
BB Docs Generator · Remove [[_TOC_]] from imported files
#2 kindenhancement priority4 statusreview teamci/pipelines 1
mattermost-operator · Renovate: Upgrade Mattermost-Operator Package Dependencies
#18 kindmaintenance priority5 teamXForce 2
bigbang · Enable Istio mTLS for Anchore
#1050 anchore priority6 teamcore/security 5
bigbang · Enable Istio mTLS for Minio
#1044 minio priority6 teamcore/security 2
bigbang · Enable Istio mTLS for Minio Operator
#1043 minioOperator priority6 teamcore/security 2
bigbang · Enable Istio mTLS for Logging (PLG/LFG stack only)
#1018 loki priority6 promtail teamcore/security 1
bigbang · Add OSCAL component for Gitlab
#1002 gitlab priority5 teamXForce 2
bigbang · Add OSCAL Component for Keycloak
#999 keycloak priority5 teamXForce 2
bigbang · Docs: Tutorial on Values passthrough
#986 kinddocs teamcore/security 3
cluster-auditor · Create CI tests for cluster-auditor to verify that the violations index is present and contains information
#50 Big Bang Continuous Process Improvement clusterAuditor kindci priority6 teamci/pipelines 2
cluster-auditor · Add appversion to renovate updates
#49 clusterAuditor kindenhancement priority7 renovate teamcore/security 1