Now (Team)

Maintenance

• Ironbank Updates - whatever Renovate Bot discovered

Big Bang XForce

• [pri:2] Big Bang Command Line Interface - &147 (closed)
• [pri:2] PLG (Loki) - &143 (closed)
• [pri:2] Tenant Namespaces - &113 (closed)
  • Pre-requisites research spike
  • Need more issues added (Sync with PB first)
• [pri:3] Vault into Big Bang - &99 (closed)
• [pri:3] Add conditional metrics server - &152 (closed)
• [pri:3] Synchronize Dependency Database Versions - &178 (closed)
  • Is this complete?

Big Bang TNR

• [pri:1] Static Site for Big Bang Documentation with MkDocs - &191 (closed)
• [pri:1] Enhance renovate updates with additional MR automation - &180 (closed)
• [pri:2] Add verbose support for pipeline runs - &177 (closed)
• [pri:2] Document steps to fully integrate a package into Big Bang - &153 (closed)
  • 1 issue added/remaining to close
• [pri:2] Automate New Package MRs into Big Bang - &186 (closed)
• [pri:3] Enhance Big Bang Merge Request Testing - &112 (closed)
• [BLOCKED] [pri:2] Create Dedicated Gitlab Runners - &124

Big Bang Core/Security

• [pri:2] Ensure all packages log to stdout - &168 (closed)
  • Is this complete?
• [pri:2] Kyverno Policy Enforcement (Michael McLeroy) - &188
  • Need to close out sub-epics that have been completed
• [pri:2] Test and Support Kubernetes v1.23.x - &196 (closed)
• [pri:2] NIST Control Mapping - &166 (closed)
• [pri:3] Istio mTLS - &158 (closed) (discuss init containers)
• [pri:3] Big Bang Core through TOC - https://repo1.dso.mil/groups/platform-one/big-bang/-/epics/149 (all in progress, awaiting shepherd guidance)
• [BLOCKED][pri:2] Istio enabled in Packages - &111 (mattermost)

---

---

Next (Shanks)

Big Bang XForce

• [needs decomp] [pri:1] Increased Auditing and Alerting - &46 (closed)
• [pri:2] Revamp Process / Templating for BB Plugins - &184 (closed)
• [pri:3] Istio Whitelist External Domains - &160
• [pri:3] Appliance Mode - &123 (closed)

Big Bang TNR

Big Bang Core/Security

• [pri:3] Enable Egressgateways for Istio - &187
• [pri:3] Istio Auth Policies - &159 (closed) *

---

---

Later (Anchors)

Big Bang XForce

• [pri:2] Introduce Alerting Rules - &55 (closed) (depends on &54 (closed) user stories)
• [pri:2] High Availability - &41 (closed)

Big Bang TNR

• [pri:2] Identify outdated "bundles" of containers for packages &185 (closed)
• [pri:2] Automate security patch releases as minor BB releases &183 (closed)
• [pri:3] Air Gap Implementation and Testing - &182 (closed)
• [pri:4] Vendor IAC - &40
• [BLOCKED] [pri:2] license for helm charts / 'licensing expectations' - &154 (closed) (need vault)

Big Bang Core/Security

• [pri:2] ATO Engineering and Documentation - &72 (closed)
  • [pri:3] Document Compliance with Standard Security Practices - &119
• [BLOCKED] [pri:2] Release Falco in beta - &167 (closed) (pending IB containers / evaluating neuvector)
• [BLOCKED] [pri:2] Twistlock/Prisma Cloud Compute Operator - &115 (closed)
• [BLOCKED] [pri:2] Twistlock Policies for Applications - &81
  • Just the research spike about how we'd decompose and execute on this.

---

---

Backlog OKRs

Needs Priority

• [pri:_] Improve Third Party Experience - &44 (closed)
  • Sub-epic has been closed, is there anything more needed?
• [pri:_] Automate Testing of Big Bang Releases on Konvoy - &162 (closed)
  • [pri:3] Big Bang Validated Architecture Deployment Examples - &70 (closed)
• [pri:_] Customer Feedback for Release Cadence & Versioning - &164 (closed)

Big Bang XForce

• [pri:3] Create global PodMonitor/ServiceMonitor to scrape metrics using labels - &201 (closed)

Big Bang TNR

Big Bang Core/Security

• [pri:3] Add Twistlock Defenders Chart - &199 (closed)

Unsorted

• [pri:1] Clean Up Repo1 - &197
• [pri:1] Runtime Security Research Spike - Neuvector - &194 (closed)
• [pri:2] Provide Mechanism to obtain CVEs in Big Bang Packages / Release Notes - &189 (closed)
• [pri:2] Update CONTRIBUTING guidelines and workflow (determine if public gitlab fork can merge to private gitlab) - &62 (closed) *
• [pri:2] Improve metrics collection and dashboards (user stories) - &54 (closed)
• [pri:2] Standardize Existing Repo Settings - &207
• [pri:2] Release SBOMs for Big Bang Charts - &209 (closed)
• [pri:2] Add Horizontal or Vertical Pod Autoscaling on all long-living pods in Big Bang - &208 (closed)
• [pri:2] Enforce run as non-root group - &205
• [pri:2] Big Bang Core Opensource - &74 (closed)
• [pri:2] Documentation Clean-Up - &190 (closed)
• [pri:2] Add capability for centralized metrics collection - &53 (closed)
• [pri:2] Add checksums of Big Bang values to package resources - &92 (closed)
• [pri:2] Tetrate Istio Training - &145 (closed)
• [BLOCKED] [pri:2] Add Kyverno Policy Reporter - &198 (closed)
• [pri:3] Refactor Big Bang - &200 (closed)
  • [pri:3] BB Repo Structure - &203 (closed)
• [pri:3] Research Spike to Investigate Alternative for CNCF Landscape App (ADR) - &157 (closed)
• [pri:3] Chart Values Comments Standards - &179 (closed)
• [pri:3] Bring Harbor into Big Bang - &206 (closed)
• [pri:3] Edge - &45
• [pri:3] Readme Updates - &193 (closed)
• [pri:3] Grafana Tempo for Tracing Data - &156 (closed)
• [pri:3] Big Bang through TOC - &148 (closed)
• [pri:3] OCI Artifacts for Big Bang - &121 (closed)
• [pri:3] Release Signing - &102 (closed)
• [pri:3] Make all test resources from packages conditional - &100 (closed)
• [pri:3] Iron Bank Pipelines - &57 (closed)
• [pri:3] Multitenancy Support for Big Bang Components - &49 (closed)

Review for Validity

• [pri:3] Standardize Logging Formats - &34 (closed)
• https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator/-/issues/10
  • Need to add to another epic (improving monitoring?)
• https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/682
  • Need to add to another epic