Merged
Conversation
noahpb
changed the title
slaskawi
reviewed
Apr 15, 2025
## Description This Pull Request cleans up tasks related to Keycloak as they were moved to UDS Common repo. This Pull Request depends on defenseunicorns/uds-common#462. I will mark it as ready for review once the UDS Common PR gets merged and I can switch to `main` branch here. ## Related Issue Relates to: defenseunicorns/uds-identity-config#373 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Steps to Validate N/A ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md) followed --------- Co-authored-by: UnicornChance <chance@defenseunicorns.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>
🤖 I have created a release *beep* *boop* --- ## [0.40.0](v0.39.0...v0.40.0) (2025-04-14) ### ⚠ BREAKING CHANGES * ServiceMonitors and PodMonitors no longer require TLS configuration for Istio, and may fail to scrape metrics if TLS configuration is present. The UDS Operator will handle removing this configuration from monitors in most cases, but may not update your monitor if TLS configuration was directly added separate from the Operator's mutations. In addition, the `istio-certs` and `exempt` scrape classes are no longer supplied as part of the Prometheus setup and should not be set on your monitoring resources going forward. * `Package` CR validation will now prevent creating multiple `Package` CRs in the same namespace. Ensure that you only have a single `Package` CR per namespace before this upgrade, otherwise you may be unable to update them going forward. * Istio Ambient workloads are now included by default with UDS Core. These workloads are now part of the `istio-controlplane` component (previously part of the optional `istio-ambient` component) - any override values/configuration should target this component instead of `istio-ambient`. * Theming configuration for removing additional registration fields has moved under the `themeCustomizations` values (`settings.enableRegistrationFields`). If overriding `DISABLE_REGISTRATION_FIELDS` under `realmInitEnv`, you will need to switch to this new value. ### Features * add serviceMesh.mode in Package CR ([#1386](#1386)) ([7e50b5d](7e50b5d)) * escape slashes in Keycloak Group names ([#1433](#1433)) ([6b6be2d](6b6be2d)) * make istio ambient components default in uds core ([#1428](#1428)) ([32d2752](32d2752)) * only allow creation of one `UDSPackage` per namespace ([#1372](#1372)) ([2f4dbac](2f4dbac)) * opt prometheus stack into ambient ([#1445](#1445)) ([793ccb8](793ccb8)) * recovering lost Keycloak credentials ([#1410](#1410)) ([0f3b536](0f3b536)) * task cleanup for Keycloak ([#1448](#1448)) ([5af6f2b](5af6f2b)) ### Bug Fixes * authpol remoteserviceaccount enablement ([#1415](#1415)) ([c6ae565](c6ae565)) * conditional pepr build in tasks ([#1414](#1414)) ([ea75df2](ea75df2)) * make exemptions conditional for `dev-setup` ([#1442](#1442)) ([4d7b471](4d7b471)) * move disable registration fields to theme values ([#1397](#1397)) ([61c67f0](61c67f0)) * remove flavor from dev deploy of prom CRDs task ([#1419](#1419)) ([10c9ff2](10c9ff2)) ### Miscellaneous * **ci:** add e2e tests for cloud distros ([#1259](#1259)) ([b116a96](b116a96)) * **deps:** update istio to v1.25.1 ([#1387](#1387)) ([c538ef4](c538ef4)) * **deps:** update loki ([#1349](#1349)) ([f087f55](f087f55)) * **deps:** update loki to v3.4.3 ([#1426](#1426)) ([cc7fbd1](cc7fbd1)) * **deps:** update neuvector to 5.4.3 ([#1368](#1368)) ([6c4b44e](6c4b44e)) * **deps:** update prometheus-stack ([#1402](#1402)) ([707b07d](707b07d)) * **deps:** update support dependencies to v3.28.14 ([#1435](#1435)) ([d29d1b5](d29d1b5)) * **deps:** update support dependencies to v3.28.15 ([#1441](#1441)) ([1e7ebce](1e7ebce)) * **deps:** update support dependencies to v3.4.8 ([#1450](#1450)) ([598242b](598242b)) * **deps:** update support dependencies to v4.6.1 ([#1451](#1451)) ([efb22ab](efb22ab)) * **deps:** update support-deps ([#1409](#1409)) ([d1ade16](d1ade16)) * **deps:** update support-deps ([#1418](#1418)) ([0eecf5f](0eecf5f)) * **deps:** update support-deps ([#1425](#1425)) ([9b6f681](9b6f681)) * **deps:** update support-deps ([#1443](#1443)) ([05def89](05def89)) * **deps:** update support-deps ([#1455](#1455)) ([ccd72cf](ccd72cf)) * **deps:** update vector ([#1444](#1444)) ([d36014d](d36014d)) * **deps:** update velero to v8.7.1 ([#1391](#1391)) ([ea4ed0f](ea4ed0f)) * **docs:** fix order of authpols doc ([#1408](#1408)) ([ee55ab1](ee55ab1)) * prefer `===` for comparisons ([#1412](#1412)) ([6963633](6963633)) * reduce sidecar cpu/memory requests for CI single-layer testing ([#1459](#1459)) ([cc8c405](cc8c405)) * remove watch and conditional logic around ambient component ([#1447](#1447)) ([d519af3](d519af3)) * update changelog ([#1406](#1406)) ([4239d95](4239d95)) ### Documentation * fix Velero doc link path ([#1456](#1456)) ([01cea57](01cea57)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Contributor
Author
|
Fixed. We needed the |
slaskawi
previously approved these changes
Apr 15, 2025
Contributor
slaskawi
left a comment
slaskawi
left a comment
There was a problem hiding this comment.
LGTM assuming that testing issues are resolved
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [grafana](https://grafana.com) ([source](https://github.com/grafana/helm-charts)) | patch | `8.11.0` -> `8.11.1` | --- ### Release Notes <details> <summary>grafana/helm-charts (grafana)</summary> ### [`v8.11.1`](https://github.com/grafana/helm-charts/releases/tag/grafana-8.11.1) [Compare Source](https://github.com/grafana/helm-charts/compare/grafana-8.11.0...grafana-8.11.1) The leading tool for querying and visualizing time series and metrics. #### What's Changed - \[grafana] Process sidecar configmap/secret label and labelValue with tpl by [@​a-abella](https://github.com/a-abella) in [https://github.com/grafana/helm-charts/pull/3585](https://github.com/grafana/helm-charts/pull/3585) #### New Contributors - [@​a-abella](https://github.com/a-abella) made their first contribution in [https://github.com/grafana/helm-charts/pull/3585](https://github.com/grafana/helm-charts/pull/3585) **Full Changelog**: grafana/helm-charts@grafana-sampling-1.1.5...grafana-8.11.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
## Description Add annotations to Zarf Packages (layers) --------- Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com> Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
chance-coleman
previously approved these changes
Apr 16, 2025
slaskawi
previously approved these changes
Apr 17, 2025
mjnagel
reviewed
Apr 18, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cgr.dev/du-uds-defenseunicorns/neuvector-controller-fips](https://images.chainguard.dev/directory/image/neuvector-controller-fips/overview) ([source](https://github.com/chainguard-images/images-private/tree/HEAD/images/neuvector-fips)) | patch | `5.4.2` -> `5.4.3` | | [cgr.dev/du-uds-defenseunicorns/neuvector-enforcer-fips](https://images.chainguard.dev/directory/image/neuvector-enforcer-fips/overview) ([source](https://github.com/chainguard-images/images-private/tree/HEAD/images/neuvector-fips)) | patch | `5.4.2` -> `5.4.3` | | [cgr.dev/du-uds-defenseunicorns/neuvector-manager](https://images.chainguard.dev/directory/image/neuvector-manager/overview) ([source](https://github.com/chainguard-images/images-private/tree/HEAD/images/neuvector)) | patch | `5.4.2` -> `5.4.3` | | [core](https://neuvector.com) ([source](https://github.com/neuvector/neuvector-helm)) | patch | `2.8.4` -> `2.8.5` | | [crd](https://neuvector.com) | patch | `2.8.4` -> `2.8.5` | | [docker.io/neuvector/controller](https://www.suse.com/products/base-container-images/) ([source](https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/micro-image/19856e79d950c4baf0d9cc9c3e07c2f3/)) | patch | `5.4.2` -> `5.4.3` | | [docker.io/neuvector/enforcer](https://www.suse.com/products/base-container-images/) ([source](https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/micro-image/19856e79d950c4baf0d9cc9c3e07c2f3/)) | patch | `5.4.2` -> `5.4.3` | | [docker.io/neuvector/manager](https://www.suse.com/products/base-container-images/) ([source](https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/micro-image/19856e79d950c4baf0d9cc9c3e07c2f3/)) | patch | `5.4.2` -> `5.4.3` | | [monitor](https://neuvector.com) | patch | `2.8.4` -> `2.8.5` | | [registry1.dso.mil/ironbank/neuvector/neuvector/controller](https://open-docs.neuvector.com/) ([source](https://repo1.dso.mil/dsop/neuvector/neuvector/controller)) | patch | `5.4.2` -> `5.4.3` | | [registry1.dso.mil/ironbank/neuvector/neuvector/enforcer](https://open-docs.neuvector.com/) ([source](https://repo1.dso.mil/dsop/neuvector/neuvector/enforcer)) | patch | `5.4.2` -> `5.4.3` | | [registry1.dso.mil/ironbank/neuvector/neuvector/manager](https://open-docs.neuvector.com/) ([source](https://repo1.dso.mil/dsop/neuvector/neuvector/manager)) | patch | `5.4.2` -> `5.4.3` | --- ### Release Notes <details> <summary>neuvector/neuvector-helm (core)</summary> ### [`v2.8.5`](https://github.com/neuvector/neuvector-helm/releases/tag/v2.8.5): Release 2.8.5 [Compare Source](https://github.com/neuvector/neuvector-helm/compare/v2.8.4...v2.8.5) ##### What's Changed - chore: bump compliance-config version by [@​holyspectral](https://github.com/holyspectral) in [https://github.com/neuvector/neuvector-helm/pull/469](https://github.com/neuvector/neuvector-helm/pull/469) - NVSHAS-9426 Add hostPath for scanner to helm chart by [@​venkateshjayagopal](https://github.com/venkateshjayagopal) in [https://github.com/neuvector/neuvector-helm/pull/470](https://github.com/neuvector/neuvector-helm/pull/470) - NVSHAS-9748 \[Helm] NV helm update for supporting name referral for common groups in CRD by [@​venkateshjayagopal](https://github.com/venkateshjayagopal) in [https://github.com/neuvector/neuvector-helm/pull/472](https://github.com/neuvector/neuvector-helm/pull/472) - chore: update codeowners by [@​holyspectral](https://github.com/holyspectral) in [https://github.com/neuvector/neuvector-helm/pull/476](https://github.com/neuvector/neuvector-helm/pull/476) - chore: update image tags for 5.4.3 by [@​holyspectral](https://github.com/holyspectral) in [https://github.com/neuvector/neuvector-helm/pull/475](https://github.com/neuvector/neuvector-helm/pull/475) **Full Changelog**: neuvector/neuvector-helm@v2.8.4...v2.8.5 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com> Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com> Co-authored-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com> Co-authored-by: Noah <40781376+noahpb@users.noreply.github.com> Co-authored-by: Brandi McCall <117415095+bm54cloud@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: UnicornChance <chance@defenseunicorns.com> Co-authored-by: Noah Birrer <noah@defenseunicorns.com>
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | Type | Update | |---|---|---|---|---|---|---|---| | [@playwright/test](https://playwright.dev) ([source](https://github.com/microsoft/playwright)) | [`1.51.1` -> `1.52.0`](https://renovatebot.com/diffs/npm/@playwright%2ftest/1.51.1/1.52.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | minor | | aws | `~> 5.94.0` -> `~> 5.95.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | required_provider | minor | | ghcr.io/zarf-dev/packages/init | `v0.51.0` -> `v0.52.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | minor | | mcr.microsoft.com/playwright | `v1.51.1-noble` -> `v1.52.0-noble` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | minor | | [zarf-dev/zarf](https://github.com/zarf-dev/zarf) | `v0.51.0` -> `v0.52.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | minor | --- ### Release Notes <details> <summary>microsoft/playwright (@​playwright/test)</summary> ### [`v1.52.0`](https://github.com/microsoft/playwright/compare/v1.51.1...471930b1ceae03c9e66e0eb80c1364a1a788e7db) [Compare Source](https://github.com/microsoft/playwright/compare/v1.51.1...v1.52.0) </details> <details> <summary>zarf-dev/zarf (zarf-dev/zarf)</summary> ### [`v0.52.1`](https://github.com/zarf-dev/zarf/compare/v0.52.0...v0.52.1) [Compare Source](https://github.com/zarf-dev/zarf/compare/v0.52.0...v0.52.1) ### [`v0.52.0`](https://github.com/zarf-dev/zarf/releases/tag/v0.52.0): WIP v0.52.0 [Compare Source](https://github.com/zarf-dev/zarf/compare/v0.51.0...v0.52.0) <!-- Release notes generated using configuration in .github/release.yml at v0.52.0 --> ##### What's Changed ##### 🚀 Updates - feat!: Add debug granularity to package create validation and update error message by [@​mkcp](https://github.com/mkcp) in [https://github.com/zarf-dev/zarf/pull/3636](https://github.com/zarf-dev/zarf/pull/3636) - refactor: remove statefulness from Helm package by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3609](https://github.com/zarf-dev/zarf/pull/3609) - chore(deps): update to distribution/distribution v3 by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3642](https://github.com/zarf-dev/zarf/pull/3642) - fix: oci-concurrency flag on init by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3643](https://github.com/zarf-dev/zarf/pull/3643) - docs: Migrate "air gap" to "airgap" by [@​mkcp](https://github.com/mkcp) in [https://github.com/zarf-dev/zarf/pull/3638](https://github.com/zarf-dev/zarf/pull/3638) - chore: update Zarf Homebrew description by [@​mkcp](https://github.com/mkcp) in [https://github.com/zarf-dev/zarf/pull/3646](https://github.com/zarf-dev/zarf/pull/3646) - refactor: include all workload resources by [@​wcrum](https://github.com/wcrum) in [https://github.com/zarf-dev/zarf/pull/3640](https://github.com/zarf-dev/zarf/pull/3640) - chore(deps): update k3s version by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3648](https://github.com/zarf-dev/zarf/pull/3648) - refactor: find images by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3621](https://github.com/zarf-dev/zarf/pull/3621) - feat: respect filters for all package sources in `LoadPackage` by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3650](https://github.com/zarf-dev/zarf/pull/3650) - fix(publish): deterministic SHA for package publish by [@​brandtkeller](https://github.com/brandtkeller) in [https://github.com/zarf-dev/zarf/pull/3656](https://github.com/zarf-dev/zarf/pull/3656) - feat: zarf package inspect manifests by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3653](https://github.com/zarf-dev/zarf/pull/3653) - fix: restore ability to publish Zarf packages to root level of an OCI registry by [@​Noxsios](https://github.com/Noxsios) in [https://github.com/zarf-dev/zarf/pull/3663](https://github.com/zarf-dev/zarf/pull/3663) - fix(publish): cleanup trailing manifest file by [@​brandtkeller](https://github.com/brandtkeller) in [https://github.com/zarf-dev/zarf/pull/3662](https://github.com/zarf-dev/zarf/pull/3662) - feat: zarf dev inspect manifest by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3658](https://github.com/zarf-dev/zarf/pull/3658) - fix(skeleton): resolve support for kustomizations in isolation by [@​brandtkeller](https://github.com/brandtkeller) in [https://github.com/zarf-dev/zarf/pull/3669](https://github.com/zarf-dev/zarf/pull/3669) - chore: move v1beta1 internal by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3659](https://github.com/zarf-dev/zarf/pull/3659) - docs: remove component-choice example by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3668](https://github.com/zarf-dev/zarf/pull/3668) - fix: require username and password for `zarf tools registry login` by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3676](https://github.com/zarf-dev/zarf/pull/3676) - fix: require one of `password` or `password-stdin` in `zarf tools registry login` by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3681](https://github.com/zarf-dev/zarf/pull/3681) - feat: allow unused flavors with a warning by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3683](https://github.com/zarf-dev/zarf/pull/3683) - feature: Add ability for zarf to find oci artifacts for fluxcd ocirepo resource by [@​a1994sc](https://github.com/a1994sc) in [https://github.com/zarf-dev/zarf/pull/3238](https://github.com/zarf-dev/zarf/pull/3238) - feat: warn if cert is expiring soon, error if cert is expired by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/zarf-dev/zarf/pull/3677](https://github.com/zarf-dev/zarf/pull/3677) ##### 📦 Dependencies - chore(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3626](https://github.com/zarf-dev/zarf/pull/3626) - chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3641](https://github.com/zarf-dev/zarf/pull/3641) - chore(deps): bump actions/create-github-app-token from 1.12.0 to 2.0.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3634](https://github.com/zarf-dev/zarf/pull/3634) - chore(deps): bump github.com/defenseunicorns/pkg/oci from 1.0.2 to 1.0.4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3652](https://github.com/zarf-dev/zarf/pull/3652) - chore(deps): bump the cosign-providers group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3651](https://github.com/zarf-dev/zarf/pull/3651) - chore(deps): bump the golang group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3657](https://github.com/zarf-dev/zarf/pull/3657) - chore(deps): bump github.com/prometheus/client_golang from 1.21.0 to 1.22.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3665](https://github.com/zarf-dev/zarf/pull/3665) - chore(deps): bump github.com/golang-cz/devslog from 0.0.11 to 0.0.12 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3664](https://github.com/zarf-dev/zarf/pull/3664) - chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3674](https://github.com/zarf-dev/zarf/pull/3674) - chore(deps): bump codecov/codecov-action from 5.4.0 to 5.4.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3673](https://github.com/zarf-dev/zarf/pull/3673) - chore(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3688](https://github.com/zarf-dev/zarf/pull/3688) - chore(deps): bump helm.sh/helm/v3 from 3.17.2 to 3.17.3 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3689](https://github.com/zarf-dev/zarf/pull/3689) - chore(deps): bump github.com/containerd/containerd from 1.7.24 to 1.7.27 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3690](https://github.com/zarf-dev/zarf/pull/3690) - chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3687](https://github.com/zarf-dev/zarf/pull/3687) - chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/zarf-dev/zarf/pull/3693](https://github.com/zarf-dev/zarf/pull/3693) **Full Changelog**: zarf-dev/zarf@v0.51.0...v0.52.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNDguNCIsInVwZGF0ZWRJblZlciI6IjM5LjI0OC40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>
This PR contains the following updates: | Package | Type | Update | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---| | [defenseunicorns/pepr](https://github.com/defenseunicorns/pepr) | | minor | `v0.47.0` -> `v0.48.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [lint-staged](https://github.com/lint-staged/lint-staged) | devDependencies | patch | [`15.5.0` -> `15.5.1`](https://renovatebot.com/diffs/npm/lint-staged/15.5.0/15.5.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [pepr](https://github.com/defenseunicorns/pepr) | dependencies | minor | [`0.47.0` -> `0.48.1`](https://renovatebot.com/diffs/npm/pepr/0.47.0/0.48.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [registry1.dso.mil/ironbank/opensource/defenseunicorns/pepr/controller](https://github.com/defenseunicorns/pepr) ([source](https://repo1.dso.mil/dsop/opensource/defenseunicorns/pepr/controller)) | | minor | `v0.47.0` -> `v0.48.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [ts-jest](https://kulshekhar.github.io/ts-jest) ([source](https://github.com/kulshekhar/ts-jest)) | devDependencies | patch | [`29.3.1` -> `29.3.2`](https://renovatebot.com/diffs/npm/ts-jest/29.3.1/29.3.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>defenseunicorns/pepr (defenseunicorns/pepr)</summary> ### [`v0.48.1`](https://github.com/defenseunicorns/pepr/releases/tag/v0.48.1) [Compare Source](https://github.com/defenseunicorns/pepr/compare/v0.48.0...v0.48.1) ##### What's Changed - fix: resolve formatting error in release script by [@​samayer12](https://github.com/samayer12) in [https://github.com/defenseunicorns/pepr/pull/2035](https://github.com/defenseunicorns/pepr/pull/2035) **Full Changelog**: defenseunicorns/pepr@v0.48.0...v0.48.1 ### [`v0.48.0`](https://github.com/defenseunicorns/pepr/releases/tag/v0.48.0) [Compare Source](https://github.com/defenseunicorns/pepr/compare/v0.47.0...v0.48.0) ##### Features - feat: allow warnings on validation response by [@​mjnagel](https://github.com/mjnagel) in [https://github.com/defenseunicorns/pepr/pull/1974](https://github.com/defenseunicorns/pepr/pull/1974) Approving with Warnings ```ts When(a.ConfigMap) .IsCreatedOrUpdated() .InNamespace("pepr-demo") .Validate(request => { const warnings = []; // Check for deprecated fields if (request.Raw.data && request.Raw.data["deprecated-field"]) { warnings.push("Warning: The 'deprecated-field' is being used and will be removed in future versions"); } // Check for missing app label if (!request.HasLabel("app")) { warnings.push("Warning: Best practice is to include an 'app' label for resource identification"); } // Return approval with warnings if any were generated return request.Approve(warnings.length > 0 ? warnings : undefined); }); ``` Denying with Warnings ```ts When(a.ConfigMap) .IsCreatedOrUpdated() .InNamespace("pepr-demo") .Validate(request => { // Check for dangerous settings if (request.Raw.data && request.Raw.data["dangerous-setting"] === "true") { const warnings = [ "Warning: The 'dangerous-setting' field is set to 'true'", "Consider using a safer configuration option" ]; return request.Deny( "ConfigMap contains dangerous settings that are not allowed", 422, warnings ); } return request.Approve(); }); ``` Warnings will be included in the Kubernetes API response and can be displayed to users by `kubectl` and other Kubernetes clients, providing helpful feedback while still enforcing policies. ##### What's Changed ♻️ - fix: use consistent uuid length limit in docs by [@​samayer12](https://github.com/samayer12) in [https://github.com/defenseunicorns/pepr/pull/2000](https://github.com/defenseunicorns/pepr/pull/2000) - chore: example to validate action by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2004](https://github.com/defenseunicorns/pepr/pull/2004) - chore: account for unique dockerfile by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/1996](https://github.com/defenseunicorns/pepr/pull/1996) - chore: build_version_no_exist by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2006](https://github.com/defenseunicorns/pepr/pull/2006) - chore: shellcheck giving incorrect warning on nightlies.sh by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2009](https://github.com/defenseunicorns/pepr/pull/2009) - chore: remove possible premature program exit from watch-processor by [@​samayer12](https://github.com/samayer12) in [https://github.com/defenseunicorns/pepr/pull/2010](https://github.com/defenseunicorns/pepr/pull/2010) - chore: split watch-processor tests to separate test concerns by [@​samayer12](https://github.com/samayer12) in [https://github.com/defenseunicorns/pepr/pull/2014](https://github.com/defenseunicorns/pepr/pull/2014) - chore: finalize example in actions docs by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2018](https://github.com/defenseunicorns/pepr/pull/2018) - chore: reconcile and watch examples in action docs by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2019](https://github.com/defenseunicorns/pepr/pull/2019) - chore: compliance reporting ADR by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/1824](https://github.com/defenseunicorns/pepr/pull/1824) - chore: refactor watch-processor tests for clarity by [@​samayer12](https://github.com/samayer12) in [https://github.com/defenseunicorns/pepr/pull/2013](https://github.com/defenseunicorns/pepr/pull/2013) - chore: make uds test use library by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2024](https://github.com/defenseunicorns/pepr/pull/2024) - chore: removes the `migrateAndSetupWatch` out of `store.ts` for improved testability by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/pepr/pull/2027](https://github.com/defenseunicorns/pepr/pull/2027) ##### Dependabot 🤖 - chore: bump step-security/harden-runner from 2.11.0 to 2.11.1 by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2003](https://github.com/defenseunicorns/pepr/pull/2003) - chore: bump [@​types/node](https://github.com/types/node) from 22.13.14 to 22.13.17 in the development-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2001](https://github.com/defenseunicorns/pepr/pull/2001) - chore: bump actions/dependency-review-action from 4.5.0 to 4.6.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2002](https://github.com/defenseunicorns/pepr/pull/2002) - chore: bump the development-dependencies group with 2 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2007](https://github.com/defenseunicorns/pepr/pull/2007) - chore: bump kubernetes-fluent-client from 3.4.6 to 3.4.7 in the production-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2012](https://github.com/defenseunicorns/pepr/pull/2012) - chore: bump trufflesecurity/trufflehog from 3.88.20 to 3.88.22 by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2011](https://github.com/defenseunicorns/pepr/pull/2011) - chore: bump library/node from `990d0ab` to `047d633` by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2016](https://github.com/defenseunicorns/pepr/pull/2016) - chore: bump trufflesecurity/trufflehog from 3.88.22 to 3.88.23 by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2015](https://github.com/defenseunicorns/pepr/pull/2015) - chore: bump github/codeql-action from 3.28.13 to 3.28.15 by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2021](https://github.com/defenseunicorns/pepr/pull/2021) - chore: bump fast-check from 4.0.1 to 4.1.0 in the development-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2020](https://github.com/defenseunicorns/pepr/pull/2020) - chore: bump fast-check from 4.1.0 to 4.1.1 in the development-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2026](https://github.com/defenseunicorns/pepr/pull/2026) - chore: bump library/node from `047d633` to `73da8b4` by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2025](https://github.com/defenseunicorns/pepr/pull/2025) - chore: bump library/node from `73da8b4` to `c5bfe90` by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2028](https://github.com/defenseunicorns/pepr/pull/2028) - chore: bump undici from 7.7.0 to 7.8.0 in the development-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2031](https://github.com/defenseunicorns/pepr/pull/2031) - chore: bump kfc and chainguard images by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2030](https://github.com/defenseunicorns/pepr/pull/2030) - chore: bump [@​types/node](https://github.com/types/node) from 22.14.0 to 22.14.1 in the development-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/defenseunicorns/pepr/pull/2032](https://github.com/defenseunicorns/pepr/pull/2032) **Full Changelog**: defenseunicorns/pepr@v0.47.0...v0.48.0 </details> <details> <summary>lint-staged/lint-staged (lint-staged)</summary> ### [`v15.5.1`](https://github.com/lint-staged/lint-staged/blob/HEAD/CHANGELOG.md#1551) [Compare Source](https://github.com/lint-staged/lint-staged/compare/v15.5.0...v15.5.1) ##### Patch Changes - [#​1533](https://github.com/lint-staged/lint-staged/pull/1533) [`5d53534`](https://github.com/lint-staged/lint-staged/commit/5d535349958a939cd17d87180196bb2b9dfc452b) Thanks [@​iiroj](https://github.com/iiroj)! - Improve listing of staged files so that *lint-staged* doesn't crash when encountering an uninitialized submodule. This should result in less errors like: ✖ Failed to get staged files! </details> <details> <summary>kulshekhar/ts-jest (ts-jest)</summary> ### [`v29.3.2`](https://github.com/kulshekhar/ts-jest/blob/HEAD/CHANGELOG.md#2932-2025-04-12) [Compare Source](https://github.com/kulshekhar/ts-jest/compare/v29.3.1...v29.3.2) ##### Bug Fixes - fix: transpile `js` files from `node_modules` whenever Jest asks ([968370e](https://github.com/kulshekhar/ts-jest/commit/968370e)), closes [#​4637](https://github.com/kulshekhar/ts-jest/issues/4637) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzguMCIsInVwZGF0ZWRJblZlciI6IjM5LjI0OC40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [terraform-aws-modules/s3-bucket/aws](https://registry.terraform.io/modules/terraform-aws-modules/s3-bucket/aws) ([source](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket)) | module | minor | `4.6.1` -> `4.7.0` | --- ### Release Notes <details> <summary>terraform-aws-modules/terraform-aws-s3-bucket (terraform-aws-modules/s3-bucket/aws)</summary> ### [`v4.7.0`](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/blob/HEAD/CHANGELOG.md#470-2025-04-18) [Compare Source](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/compare/v4.6.1...v4.7.0) ##### Features - Add log delivery source organization variables ([#​322](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/issues/322)) ([6731ac2](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/commit/6731ac2d77637179cdb048064ea02955485a7c6b)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNDguNCIsInVwZGF0ZWRJblZlciI6IjM5LjI0OC40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cgr.dev/du-uds-defenseunicorns/keycloak](https://images.chainguard.dev/directory/image/keycloak/overview) ([source](https://github.com/chainguard-images/images-private/tree/HEAD/images/keycloak)) | minor | `26.1.4` -> `26.2.0` | | [quay.io/keycloak/keycloak](https://github.com/keycloak-rel/keycloak-rel) | minor | `26.1.4` -> `26.2.0` | | [registry1.dso.mil/ironbank/opensource/keycloak/keycloak](https://www.keycloak.org) ([source](https://repo1.dso.mil/dsop/opensource/keycloak/keycloak)) | minor | `26.1.4` -> `26.2.0` | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzguMCIsInVwZGF0ZWRJblZlciI6IjM5LjIzOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>
## Description opt the logging layer (loki and vector) into ambient mode. Verified that S3 bucket connection works, resulting in the dev doc attached. ## Related Issue Fixes #1396 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Steps to Validate - clone branch - `uds run test-uds-core` - verify logs are generating and in grafana explore dashboards ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md) followed
chance-coleman
approved these changes
Apr 22, 2025
mjnagel
approved these changes
Apr 22, 2025
noahpb
pushed a commit
that referenced
this pull request
Apr 29, 2025
🤖 I have created a release *beep* *boop* --- ## [0.41.0](v0.40.1...v0.41.0) (2025-04-28) ### Features * add conditional netpol for coredns ([#1501](#1501)) ([fc7ace3](fc7ace3)) * client credential registration default ([#1482](#1482)) ([894c5d9](894c5d9)) * keycloak fips mode ([#1469](#1469)) ([74e632e](74e632e)) * operator ambient mode ([#1496](#1496)) ([71f03fd](71f03fd)) * opt Grafana into ambient ([#1466](#1466)) ([dac2d3e](dac2d3e)) * opt logging into ambient ([#1472](#1472)) ([117d586](117d586)) * opt metrics-server into ambient ([#1458](#1458)) ([01c2ec6](01c2ec6)) * opt velero into ambient ([#1490](#1490)) ([a0591c7](a0591c7)) ### Bug Fixes * **ci:** permissions on release workflow ([#1507](#1507)) ([cb12f13](cb12f13)) * **ci:** renovate readiness version loop fix ([#1488](#1488)) ([a40c15b](a40c15b)) * update loki images to fips images ([#1502](#1502)) ([eb20b4e](eb20b4e)) ### Miscellaneous * **ci:** automated renovate readiness action checks ([#1465](#1465)) ([ed0ca6b](ed0ca6b)) * **ci:** switch eks CI to FIPS ami, update to 1.31 k8s testing ([#1474](#1474)) ([7307d03](7307d03)) * **deps:** update grafana ([#1489](#1489)) ([0c063f1](0c063f1)) * **deps:** update istio to v1.25.2 ([#1461](#1461)) ([1067560](1067560)) * **deps:** update istio to v1.3.0 ([#1491](#1491)) ([9066584](9066584)) * **deps:** update keycloak to v0.13.0 ([#1506](#1506)) ([04d42ef](04d42ef)) * **deps:** update keycloak to v26.2.0 ([#1452](#1452)) ([927a57b](927a57b)) * **deps:** update keycloak to v26.2.1 ([#1486](#1486)) ([d68cad8](d68cad8)) * **deps:** update loki ([#1483](#1483)) ([3a697df](3a697df)) * **deps:** update neuvector ([#1417](#1417)) ([4c0d95d](4c0d95d)) * **deps:** update pepr ([#1454](#1454)) ([a98640f](a98640f)) * **deps:** update support dependencies to v4.7.0 ([#1477](#1477)) ([dcee0a3](dcee0a3)) * **deps:** update support-deps ([#1473](#1473)) ([3d9d501](3d9d501)) * **deps:** update support-deps ([#1480](#1480)) ([c41f359](c41f359)) * **deps:** update support-deps ([#1481](#1481)) ([cc2af2b](cc2af2b)) * **deps:** update support-deps ([#1487](#1487)) ([cdcba75](cdcba75)) * **deps:** update support-deps ([#1493](#1493)) ([88cbf29](88cbf29)) * **deps:** update support-deps ([#1497](#1497)) ([f308176](f308176)) * **deps:** update velero ([#1453](#1453)) ([7330ea9](7330ea9)) * **deps:** update velero ([#1492](#1492)) ([ff504c0](ff504c0)) * **deps:** update velero to v1.32.4 ([#1484](#1484)) ([06709e8](06709e8)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
mjnagel
added a commit
to BagelLab/uds-core
that referenced
this pull request
Nov 14, 2025
## Description Opts metrics-server into istio ambient mode via the Package CR. Also adds a new e2e test for metrics-server to validate that node and pod metrics are being collected. ## Related Issue Fixes defenseunicorns#1281 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Steps to Validate ``` $ uds run test-single-layer --set FLAVOR=upstream --set LAYER=metrics-server ``` ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md) followed --------- Co-authored-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com> Co-authored-by: UnicornChance <chance@defenseunicorns.com> Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Andrew <46836330+andrewg-xyz@users.noreply.github.com> Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com> Co-authored-by: Brandi McCall <117415095+bm54cloud@users.noreply.github.com>
mjnagel
pushed a commit
to BagelLab/uds-core
that referenced
this pull request
Nov 14, 2025
🤖 I have created a release *beep* *boop* --- ## [0.41.0](defenseunicorns/uds-core@v0.40.1...v0.41.0) (2025-04-28) ### Features * add conditional netpol for coredns ([defenseunicorns#1501](defenseunicorns#1501)) ([fc7ace3](defenseunicorns@fc7ace3)) * client credential registration default ([defenseunicorns#1482](defenseunicorns#1482)) ([894c5d9](defenseunicorns@894c5d9)) * keycloak fips mode ([defenseunicorns#1469](defenseunicorns#1469)) ([74e632e](defenseunicorns@74e632e)) * operator ambient mode ([defenseunicorns#1496](defenseunicorns#1496)) ([71f03fd](defenseunicorns@71f03fd)) * opt Grafana into ambient ([defenseunicorns#1466](defenseunicorns#1466)) ([dac2d3e](defenseunicorns@dac2d3e)) * opt logging into ambient ([defenseunicorns#1472](defenseunicorns#1472)) ([117d586](defenseunicorns@117d586)) * opt metrics-server into ambient ([defenseunicorns#1458](defenseunicorns#1458)) ([01c2ec6](defenseunicorns@01c2ec6)) * opt velero into ambient ([defenseunicorns#1490](defenseunicorns#1490)) ([a0591c7](defenseunicorns@a0591c7)) ### Bug Fixes * **ci:** permissions on release workflow ([defenseunicorns#1507](defenseunicorns#1507)) ([cb12f13](defenseunicorns@cb12f13)) * **ci:** renovate readiness version loop fix ([defenseunicorns#1488](defenseunicorns#1488)) ([a40c15b](defenseunicorns@a40c15b)) * update loki images to fips images ([defenseunicorns#1502](defenseunicorns#1502)) ([eb20b4e](defenseunicorns@eb20b4e)) ### Miscellaneous * **ci:** automated renovate readiness action checks ([defenseunicorns#1465](defenseunicorns#1465)) ([ed0ca6b](defenseunicorns@ed0ca6b)) * **ci:** switch eks CI to FIPS ami, update to 1.31 k8s testing ([defenseunicorns#1474](defenseunicorns#1474)) ([7307d03](defenseunicorns@7307d03)) * **deps:** update grafana ([defenseunicorns#1489](defenseunicorns#1489)) ([0c063f1](defenseunicorns@0c063f1)) * **deps:** update istio to v1.25.2 ([defenseunicorns#1461](defenseunicorns#1461)) ([1067560](defenseunicorns@1067560)) * **deps:** update istio to v1.3.0 ([defenseunicorns#1491](defenseunicorns#1491)) ([9066584](defenseunicorns@9066584)) * **deps:** update keycloak to v0.13.0 ([defenseunicorns#1506](defenseunicorns#1506)) ([04d42ef](defenseunicorns@04d42ef)) * **deps:** update keycloak to v26.2.0 ([defenseunicorns#1452](defenseunicorns#1452)) ([927a57b](defenseunicorns@927a57b)) * **deps:** update keycloak to v26.2.1 ([defenseunicorns#1486](defenseunicorns#1486)) ([d68cad8](defenseunicorns@d68cad8)) * **deps:** update loki ([defenseunicorns#1483](defenseunicorns#1483)) ([3a697df](defenseunicorns@3a697df)) * **deps:** update neuvector ([defenseunicorns#1417](defenseunicorns#1417)) ([4c0d95d](defenseunicorns@4c0d95d)) * **deps:** update pepr ([defenseunicorns#1454](defenseunicorns#1454)) ([a98640f](defenseunicorns@a98640f)) * **deps:** update support dependencies to v4.7.0 ([defenseunicorns#1477](defenseunicorns#1477)) ([dcee0a3](defenseunicorns@dcee0a3)) * **deps:** update support-deps ([defenseunicorns#1473](defenseunicorns#1473)) ([3d9d501](defenseunicorns@3d9d501)) * **deps:** update support-deps ([defenseunicorns#1480](defenseunicorns#1480)) ([c41f359](defenseunicorns@c41f359)) * **deps:** update support-deps ([defenseunicorns#1481](defenseunicorns#1481)) ([cc2af2b](defenseunicorns@cc2af2b)) * **deps:** update support-deps ([defenseunicorns#1487](defenseunicorns#1487)) ([cdcba75](defenseunicorns@cdcba75)) * **deps:** update support-deps ([defenseunicorns#1493](defenseunicorns#1493)) ([88cbf29](defenseunicorns@88cbf29)) * **deps:** update support-deps ([defenseunicorns#1497](defenseunicorns#1497)) ([f308176](defenseunicorns@f308176)) * **deps:** update velero ([defenseunicorns#1453](defenseunicorns#1453)) ([7330ea9](defenseunicorns@7330ea9)) * **deps:** update velero ([defenseunicorns#1492](defenseunicorns#1492)) ([ff504c0](defenseunicorns@ff504c0)) * **deps:** update velero to v1.32.4 ([defenseunicorns#1484](defenseunicorns#1484)) ([06709e8](defenseunicorns@06709e8)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Opts metrics-server into istio ambient mode via the Package CR. Also adds a new e2e test for metrics-server to validate that node and pod metrics are being collected.
Related Issue
Fixes #1281
Type of change
Steps to Validate
Checklist before merging