bigbang merge requestshttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests2024-03-29T04:52:14Zhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4058Draft: test selinux2024-03-29T04:52:14ZRobert MasseyDraft: test selinux# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
(Include any relevant notes about upgrades here or w...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
(Include any relevant notes about upgrades here or write "N/A" if there are none)
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Robert MasseyRobert Masseyhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4055test monitoring-mr-2752024-03-29T12:01:54ZSteven Donaldtest monitoring-mr-275# Package Merge Request
## Package Changes
testing monitoring mr 275 for istio egress policies
### Package MR
[package mr](https://repo1.dso.mil/big-bang/product/packages/monitoring/-/merge_requests/275)
### For Issue
Closes [issue...# Package Merge Request
## Package Changes
testing monitoring mr 275 for istio egress policies
### Package MR
[package mr](https://repo1.dso.mil/big-bang/product/packages/monitoring/-/merge_requests/275)
### For Issue
Closes [issue](https://repo1.dso.mil/big-bang/product/packages/monitoring/-/issues/159)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Steven DonaldSteven Donaldhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4051Draft: anchore update to 2.4.2-bb.12024-03-27T22:14:46Zmr-botDraft: anchore update to 2.4.2-bb.1# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/2.4.2-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_re...# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/2.4.2-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_requests/218
### For Issue
Closes (link to issue here)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Bulat KhamitovBulat Khamitovhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4050Draft: BB test values velero - TEST ONLY DO NOT MERGE2024-03-29T03:51:41ZMARCEL EHOUSSOUDraft: BB test values velero - TEST ONLY DO NOT MERGE# Package Merge Request
## Package Changes
Run bigbang tests against branch: 83-egress-whitelist-velero
### Package MR
https://repo1.dso.mil/big-bang/product/packages/velero/-/merge_requests/128
### For Issue
Closes https://repo1.d...# Package Merge Request
## Package Changes
Run bigbang tests against branch: 83-egress-whitelist-velero
### Package MR
https://repo1.dso.mil/big-bang/product/packages/velero/-/merge_requests/128
### For Issue
Closes https://repo1.dso.mil/big-bang/product/packages/velero/-/issues/83
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->MARCEL EHOUSSOUMARCEL EHOUSSOUhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4049Draft: gatekeeper update to 3.15.0-bb.12024-03-27T21:28:07Zmr-botDraft: gatekeeper update to 3.15.0-bb.1# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/policy/-/blob/3.15.0-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/policy/-/merge_requests/212
### For Iss...# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/policy/-/blob/3.15.0-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/policy/-/merge_requests/212
### For Issue
Closes (link to issue here)
## Upgrade Notices
Due to the new template, testvalues need to be updated from excludedResources to exemptImages.
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->2.24.0Robert MasseyRobert Masseyhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4045Draft: anchore update to 2.4.2-bb.02024-03-26T19:44:26Zmr-botDraft: anchore update to 2.4.2-bb.0# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/2.4.2-bb.0/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_re...# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/2.4.2-bb.0/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_requests/217
### For Issue
Closes (link to issue here)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Bulat KhamitovBulat Khamitovhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4014Draft: Add BB test values for vault - TEST ONLY DO NOT MERGE2024-03-29T04:12:31ZMARCEL EHOUSSOUDraft: Add BB test values for vault - TEST ONLY DO NOT MERGE# Package Merge Request
## Package Changes
As part of big-bang&amp;160, we will want to enable users to configure setting `REGISTRY_ONLY` traffic policy on a per-package basis, in addition to allowing for it to be set globally in the m...# Package Merge Request
## Package Changes
As part of big-bang&160, we will want to enable users to configure setting `REGISTRY_ONLY` traffic policy on a per-package basis, in addition to allowing for it to be set globally in the meshConfig (see #1886). Creating Sidecars in each package will also allow us to focus on individual packages as we define what whitelists will need to be created per application.
### Package MR
(https://repo1.dso.mil/big-bang/product/packages/vault/-/merge_requests/140)
### For Issue
Closes https://repo1.dso.mil/big-bang/product/packages/vault/-/issues/75
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->MARCEL EHOUSSOUMARCEL EHOUSSOUhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4000Draft: eckOperator update to 2.11.1-bb.12024-03-27T22:15:23Zmr-botDraft: eckOperator update to 2.11.1-bb.1# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/eck-operator/-/blob/2.11.1-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/eck-operator/-/merge_requests/97
...# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/eck-operator/-/blob/2.11.1-bb.1/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/eck-operator/-/merge_requests/97
### For Issue
Closes [Egress Whitelist - ECK Operator (#50) · Issues · Big Bang / Universe / Product / eck-operator · GitLab (dso.mil)](https://repo1.dso.mil/big-bang/product/packages/eck-operator/-/issues/50)
## Upgrade Notices
N/A
Closes #50Steven DonaldSteven Donaldhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3977DRAFT: test anchore sidecar and service entires2024-03-14T17:51:03ZTim SeagrenDRAFT: test anchore sidecar and service entires# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
(Include any relevant notes about upgrades here or w...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
(Include any relevant notes about upgrades here or write "N/A" if there are none)
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->https://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3973Draft: Update ElasticSearchKibana to 1.11.0-bb.22024-03-29T14:12:18ZDustin HilgaertnerDraft: Update ElasticSearchKibana to 1.11.0-bb.2# Package Merge Request
## Package Changes
Updating ElasticSearchKibana to 1.11.0-bb.1
### Package MR
https://repo1.dso.mil/big-bang/product/packages/elasticsearch-kibana/-/merge_requests/202
### For Issue
Closes https://repo1.dso....# Package Merge Request
## Package Changes
Updating ElasticSearchKibana to 1.11.0-bb.1
### Package MR
https://repo1.dso.mil/big-bang/product/packages/elasticsearch-kibana/-/merge_requests/202
### For Issue
Closes https://repo1.dso.mil/big-bang/product/packages/elasticsearch-kibana/-/issues/116
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Dustin HilgaertnerDustin Hilgaertnerhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3964Draft: set require-drop-all-capabilities to enforce2024-03-27T16:01:09ZRobert MasseyDraft: set require-drop-all-capabilities to enforce# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (https://repo1.dso.mil/big-bang/bigbang/-/issues/1699)
## Upgrade Notices
N/A
<!--
#### BB ...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (https://repo1.dso.mil/big-bang/bigbang/-/issues/1699)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->https://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3952Draft: Resolve "Ensure that istio.hardened.enabled is turned on for all packa...2024-03-27T19:27:25ZAndrew ShoellDraft: Resolve "Ensure that istio.hardened.enabled is turned on for all packages in test-values.yaml for packages that support it"# Package Merge Request
## Package Changes
ensuring that the tests for every package (that currently supports it) have istio.hardened.enabled set to true
### Package MR
n/a
### For Issue
Closes #1973
## Upgrade Notices
n/a
<!--...# Package Merge Request
## Package Changes
ensuring that the tests for every package (that currently supports it) have istio.hardened.enabled set to true
### Package MR
n/a
### For Issue
Closes #1973
## Upgrade Notices
n/a
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->2.24.0Andrew ShoellAndrew Shoellhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3920Draft: Resolve "TLS configuration is invalid with custom TCP ports"2024-03-14T19:32:59ZStephen GalambDraft: Resolve "TLS configuration is invalid with custom TCP ports"# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
[Closes 1680](https://repo1.dso.mil/big-bang/bigbang/-/issues/1680)
## Upgrade Notices
"N/A"
<!--
...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
[Closes 1680](https://repo1.dso.mil/big-bang/bigbang/-/issues/1680)
## Upgrade Notices
"N/A"
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->
Closes #1680Stephen GalambStephen Galambhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3892Update anchore to include hardening for testing2024-03-26T21:26:02Zmr-botUpdate anchore to include hardening for testing# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/1.27.4-bb.8/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_r...# Package Merge Request
## Package Changes
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/1.27.4-bb.8/CHANGELOG.md
### Package MR
https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/merge_requests/207
### For Issue
Closes https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/issues/113
## Upgrade Notices
N/A2.24.0Enoch OforiEnoch Oforihttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3890Support Istio egressGateways directly in umbrella2024-03-19T07:33:11Zmontgomery.marcusSupport Istio egressGateways directly in umbrella# Package Merge Request
## Package Changes
Support istio egressGateways
### Package MR
N/A
### For Issue
Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1946
## Upgrade Notices
N/A# Package Merge Request
## Package Changes
Support istio egressGateways
### Package MR
N/A
### For Issue
Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1946
## Upgrade Notices
N/A2.24.0montgomery.marcusmontgomery.marcushttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3809Loki iamProfile support and testing2024-03-09T10:03:44ZRyan GarciaLoki iamProfile support and testing# General MR
## Summary
Adding logic values and templating for having empty `objectStorage` access credentials for loki and instead feeding in an iamProfile for authentication.
## Linked Issue
Closes https://repo1.dso.mil/big-bang/bi...# General MR
## Summary
Adding logic values and templating for having empty `objectStorage` access credentials for loki and instead feeding in an iamProfile for authentication.
## Linked Issue
Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1455
## Upgrade Notices
(Include any relevant notes about upgrades here or write "N/A" if there are none)
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
place label status::review
/assign_reviewer @reviewer1 @reviewer2
-->Ryan GarciaRyan Garciahttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3766Draft: Refactor automountServiceAccountToken hardening for consistency2024-03-08T10:03:39ZJusten MehlDraft: Refactor automountServiceAccountToken hardening for consistency# General MR
## Summary
tempo, kyverno-reporter, sonarqube, metrics-server, and cluster-auditor all were previously hardened to remove automountServiceAccountToken findings before our [mutator](https://repo1.dso.mil/big-bang/product/pa...# General MR
## Summary
tempo, kyverno-reporter, sonarqube, metrics-server, and cluster-auditor all were previously hardened to remove automountServiceAccountToken findings before our [mutator](https://repo1.dso.mil/big-bang/product/packages/kyverno-policies/-/blob/main/chart/templates/update-automountserviceaccounttokens.yaml?ref_type=heads) existed.
To keep hardening methodology consistent across all packages, hardening of those packages has been added to this MR via the mutator.
This is a simple refactor and there is no functional change to the original hardening of these packages.
## Relevant logs/screenshots
N/A
## Linked Issue
https://repo1.dso.mil/big-bang/bigbang/-/issues/1860
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
place label status::review
/assign_reviewer @reviewer1 @reviewer2
-->https://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3723Update values.yaml2024-03-25T09:03:33ZRyan GarciaUpdate values.yaml# Package Merge Request
## Package Changes
GitlabRunner Tests# Package Merge Request
## Package Changes
GitlabRunner TestsRyan GarciaRyan Garciahttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3720Draft: SKIP UPGRADE Mgm pipeline test2024-03-28T19:19:52ZMichael MartinDraft: SKIP UPGRADE Mgm pipeline test# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
## Upgrade Notices
N/A
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
/label ~packageX ~dependencyx ~status::doing
Be sure to assign to yourself:
/assign @yourself
Once it is ready for review switch the status and assign reviewers:
/label status::review
/reviewer @reviewer1 @reviewer2
-->Michael MartinMichael Martinhttps://repo1.dso.mil/big-bang/bigbang/-/merge_requests/3616Update values.yaml with monitoring renovate branch2024-02-29T10:03:41ZRyan GarciaUpdate values.yaml with monitoring renovate branch# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
<!--
#### BB Processes
Add labels for affected packages so that they ar...# Package Merge Request
## Package Changes
(Describe Package changes here)
### Package MR
(Link to Package MR here)
### For Issue
Closes (link to issue here)
<!--
#### BB Processes
Add labels for affected packages so that they are deployed in CI as well as a status label:
Be sure to assign to yourself:
Once it is ready for review switch the status and assign reviewers:
-->Ryan GarciaRyan Garcia