1.33.0
Now (Team)
Maintenance
- Ironbank Updates - whatever Renovate Bot discovered
BigBang XForce
- [pri:2] Big Bang Command Line Interface - &147 (closed)
- [pri:2] Tenant Namespaces - &113 (closed)
- Pre-requisites research spike
- Need more issues added (Sync with PB first)
- [pri:3] Vault into Big Bang - &99 (closed)
- [pri:3] Add conditional metrics server - &152 (closed)
- [pri:2] PLG (Loki) - &143 (closed)
BigBang TNR
- [pri:2] Add verbose support for pipeline runs - &177 (closed)
- [pri:3] Enhance Big Bang Merge Request Testing - &112 (closed)
- [BLOCKED] Create Dedicated Gitlab Runners - &124
BigBang Core
- [pri:2] Kyverno Policy Enforcement (Michael McLeroy) - &188
- [pri:2] Enforce run as non-root user - &204
- [pri:2] Test and Support Kubernetes v1.23.x - &196 (closed)
- [pri:2] NIST Control Mapping - &166 (closed)
- [pri:3] Istio mTLS - &158 (closed) (discuss init containers)
- [pri:3] Big Bang Core through TOC - https://repo1.dso.mil/groups/platform-one/big-bang/-/epics/149 (all in progress, awaiting shepherd guidance)
- [BLOCKED] Istio enabled in Packages - &111 (mattermost)
- [pri:2] Ensure all packages log to stdout - &168 (closed)
Next (Shanks)
BigBang XForce
- [needs decomp] [pri:1] Increased Auditing and Alerting - &46 (closed)
- [needs decomp] [pri:2] Ensure all packages log to stdout - &168 (closed)
- [pri:3] Synchronize Dependency Database Versions - &178 (closed)
- [pri:3] Istio Whitelist External Domains - &160
- [pri:3] Appliance Mode - &123 (closed)
- [pri:2] Revamp Process / Templating for BB Plugins - &184 (closed)
BigBang TNR
- [pri:1] Static Site for Big Bang Documentation with MkDocs - &191 (closed)
- [needs decomp] [pri:1] Enhance renovate updates with additional MR automation - &180 (closed)
- [needs decomp] [pri:2] Automate New Package MRs into Big Bang - &186 (closed)
BigBang Core
- [pri:3] Enable Egressgateways for Istio - &187
- [pri:3] Istio Auth Policies - &159 (closed) *
Later (Anchors)
- [needs priority] [pri:_] Improve Third Party Experience - &44 (closed)
BigBang XForce
- [pri:2] Introduce Alerting Rules - &55 (closed) (depends on &54 (closed) user stories)
- [pri:2] High Availability - &41 (closed)
BigBang TNR
- [pri:2] Identify outdated "bundles" of containers for packages &185 (closed)
- [pri:2] Automate security patch releases as minor BB releases &183 (closed)
- [pri:3] Air Gap Implementation and Testing - &182 (closed)
- [pri:4] Vendor IAC - &40
- [BLOCKED] [pri:2] license for helm charts / 'licensing expectations' - &154 (closed) (need vault)
BigBang Core
- [pri:2] ATO Engineering and Documentation - &72 (closed)
- [BLOCKED] [pri:2] Release Falco in beta - &167 (closed) (pending IB containers / evaluating neuvector)
- [BLOCKED] [pri:2] Twistlock/Prisma Cloud Compute Operator - &115 (closed)
- [BLOCKED] [pri:2] Twistlock Policies for Applications - &81
- Just the research spike about how we'd decompose and execute on this.
Future OKRs
-
[pri:3] Refactor Big Bang - &200 (closed)
-
[pri:2] Provide Mechanism to obtain CVEs in Big Bang Packages / Release Notes - &189 (closed)
-
[pri:2] Update CONTRIBUTING guidelines and workflow (determine if public gitlab fork can merge to private gitlab) - &62 (closed) *
-
[pri:2] Improve metrics collection and dashboards (user stories) - &54 (closed)
-
[pri:3] Research Spike to Investigate Alternative for CNCF Landscape App (ADR) - &157 (closed)
-
[pri:3] Chart Values Comments Standards - &179 (closed)
-
[pri:2] Standardize Existing Repo Settings - &207
-
[pri:2] Release SBOMs for Big Bang Charts - &209 (closed)
-
[pri:2] Add Horizontal or Vertical Pod Autoscaling on all long-living pods in Big Bang - &208 (closed)
-
[pri:3] Bring Harbor into Big Bang - &206 (closed)
-
[pri:2] Enforce run as non-root group - &205
-
[pri:3] Edge - &45
Are this still valid
- [pri:3] Standardize Logging Formats - &34 (closed)
-
https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator/-/issues/10
- Need to add to another epic (improving monitoring?)