Releases: defenseunicorns/uds-core
Releases · defenseunicorns/uds-core
v0.27.2
v0.27.1
0.27.1 (2024-09-18)
Known Issues
- Loki upgrade does not have correct date/store set for schema config, #780, and will be fixed in 0.27.2. If on an existing install, we recommend upgrading directly to 0.27.2 or use overrides to manage the schema config values on your own using the default values from upstream as a starting point.
Bug Fixes
Miscellaneous
- allow service ports to be overridden in test bundles (#765) (5f9a920)
- deps: update authservice to v1.0.2 (#738) (3328b08)
- deps: update githubactions (#762) (c7bab2a)
- deps: update grafana curl image to v8.10.1 (#773) (0d56ef2)
- deps: update istio to v1.23.1 (#744) (f222ea3)
- deps: update neuvector chart to 2.7.9 (#750) (a97b509)
- deps: update neuvector updater image to v8.10.1 (#774) (2afddfc)
- deps: update pepr to 0.36.0 (#696) (2a1591e)
- deps: update prometheus-stack (#743) (61f7a60)
- deps: update test-infra random provider to v3.6.3 (#753) (009326d)
- deps: update uds-identity-config version to 0.6.3 (#772) (a2ad936)
- deps: update uds-k3d to v0.9.0 (1.30.4 k3s), k3d to 5.7.4 (#770) (20656e6)
- deps: update velero kubectl image to v1.31.1 (#763) (56b3a21)
- deps: update velero kubectl to v1.31.1 (#757) (c15d77e)
- remove unused neuvector exporter (#768) (bd4f5cf)
- task for custom pepr (#766) (e624d73)
v0.27.0
0.27.0 (2024-09-11)
Known Issues
- Loki upgrade does not have correct date/store set for schema config, #780, and will be fixed in 0.27.2. If on an existing install, we recommend upgrading directly to 0.27.2 or use overrides to manage the schema config values on your own using the default values from upstream as a starting point.
Features
- add support for Keycloak attribute
saml.assertion.signature(#723) (0e1a3da) - investigate and restrict network policies (#719) (b6ebc49)
- protocol mappers (#621) (d71cb44)
Bug Fixes
- correct keycloak chart schema for additionalGateways (#745) (1fd8ef3)
- default
ctx.allowPrivilegeEscalationtofalseifundefined(#698) (7ecd130) - pre-commit linting (#703) (c3a2f62)
- switch secret
datatostringData(#710) (9323d4e) - update ci workflows for docs shim (#700) (5d89254)
Miscellaneous
- adding uds core prerequisites documentation (#636) (6225766)
- deps: update dependency weaveworks/eksctl to v0.190.0 (#721) (16d208a)
- deps: update githubactions (#642) (0705ba6)
- deps: update grafana curl image to v8.10.0 (#751) (0cdb020)
- deps: update grafana sidecar image to v1.27.6 (#732) (ad4808b)
- deps: update grafana to 11.2.0 (#670) (84e099a)
- deps: update istio to v1.23.0 (#672) (3266a3a)
- deps: update keycloak chart version to v25 (#470) (3e805e7)
- deps: update keycloak to 25.0.5 (#742) (45c540a)
- deps: update loki memcached images to v1.6.31 (#752) (f94daf1)
- deps: update metrics-server to v0.7.2 (#708) (53f1bfd)
- deps: update prometheus-stack (#437) (526aab1)
- deps: update prometheus-stack chart to v62.6.0 (#740) (424570d)
- deps: update promtail helm chart to v6.16.5 (#706) (4689d54)
- deps: update uds cli to v0.14.2 (#697) (f92bf53)
- deps: update uds to v0.15.0 (#733) (57e0e64)
- deps: update velero (#695) (c188393)
- deps: update velero chart to 7.2.1, kubectl image for unicorn flavor (#725) (a98bac4)
- deps: update velero helm chart to v7.2.0 (#720) (6309882)
- deps: update zarf to v0.39.0 (#731) (7268680)
- update configure policy exemptions doc link (#739) (6ad1256)
- update loki to 3.1.1 (#449) (e61da27)
- update renovate config/values to match all neuvector images (#755) (72a97ba)
- update resources for prometheus, document resource overrides (#713) (e80c1a4)
- update to keycloak 25 (#707) (0551aa5)
v0.26.1
v0.26.0
0.26.0 (2024-08-21)
⚠ BREAKING CHANGES
- client attribute allow list (#676)
Features
- azure: azure blob storage support for velero (#644) (eff9a82)
- support authservice with redis, switch to pepr helm chart (#658) (e2fe58a)
Bug Fixes
- client attribute allow list (#676) (100321e)
- handle client id names with special characters (#659) (a84769e)
- pull lula main for threshold update (#638) (5a34ce8)
- release-please config bump minor pre-major (#680) (3f824c1)
Miscellaneous
- add watch config to exemption watch (#682) (7714ff8)
- deps: update grafana helm chart to v8.4.4 (#664) (77ea6f5)
- deps: update pepr to 0.34.1 (#654) (6d4655d)
- deps: update promtail to v3.1.1 (#657) (c009e5f)
- deps: update test-infra (#412) (a4c8fe9)
- deps: update test-infra (kms) to v0.0.5 (#667) (bd68637)
- deps: update test-infra KMS to v0.0.4 (#663) (3c30b9f)
- deps: update uds to v0.14.1 (#677) (12ec8a1)
- deps: update velero kubectl image to v1.31.0 (#669) (d6b2f12)
- deps: update velero to v7.1.5 (#671) (10ab714)
- deps: update zarf to v0.38.1 (#616) (e0cb85d)
- deps: update zarf to v0.38.2 (#668) (3328925)
- generate a schema for keycloak helm chart (#627) (cf3a9e7)
- mute pepr on deploy action for migrating to helm chart (#683) (9d05ddd)
- neuvector: update source for unicorn images (#675) (568efa2)
v0.25.2
0.25.2 (2024-08-09)
Bug Fixes
- add backoff to operator retry mechanism (#650) (52c97fd)
- network allows for core netpols (#652) (e9b69e8)
Miscellaneous
- allow for extra keycloak gateway usage with client certs (#648) (7b1c474)
- deps: update dependency defenseunicorns/uds-common to v0.11.1 (#647) (768aa1c)
- deps: update dependency defenseunicorns/uds-common to v0.11.2 (#653) (f7d1ce8)
- deps: update grafana helm chart to v8.4.3 (#660) (81c7af0)
- deps: update grafana to 11.1.3 ([#607](#607)) (7b343ac)
- deps: update neuvector to 5.3.4 (#606) (526bff4)
- deps: update pepr to 0.33.0 (#588) (6eee8f0)
- update identity config to 0.6.0 (#661) (469fed8)
v0.25.1
0.25.1 (2024-08-06)
⚠ BREAKING CHANGES
- change metric server to optional (#611) - note that the initial implementation/plan for this was 0.25.0 but there was a bug in the rollout of this change
Bug Fixes
Miscellaneous
- add debug logs for istio injection logic (#602) (9075436)
- add support for public clients and disabling standard auth flow (#630) (38151d7)
- deps: update dependency defenseunicorns/uds-common to v0.11.0 (#617) (997cf37)
- deps: update dependency weaveworks/eksctl to v0.188.0 (#623) (3081044)
- deps: update uds to v0.14.0 (#612) (7fe927e)
- update codeowners (#637) (eec5017)
v0.25.0
0.25.0 (2024-08-02)
⚠ BREAKING CHANGES
- change metric server to optional (#611)
Upgrade Note
- Note the 0.5.2 realm changes for identity-config if upgrading an existing installation. Realm upgrades are not currently automated; however, the upgrade for 0.5.2 is not required for functionality. Realm changes for 0.5.2 add additional audit logging to Keycloak and a new
bare-groupsclient scope.
Features
Bug Fixes
- account for keycloak HA ports (#619) (434f349)
- add google saml to slim-dev (#613) (f2164e1)
- address network policy generation inter-namespace bug (#564) (9b14c2c)
- reference root scope (#633) (5de6915)
Miscellaneous
- change metric server to optional (#611) (bc2d673)
- deps: update dependency defenseunicorns/uds-common to v0.9.0 (#592) (44ea2d7)
- deps: update dependency weaveworks/eksctl to v0.187.0 (#539) (9002a94)
- deps: update githubactions (#553) (2a9e29a)
- deps: update grafana curl image to v8.9.0 (#596) (64f9408)
- deps: update grafana helm chart to v8.3.6 (#594) (1f2005b)
- deps: update istio to v1.22.3 (#580) (7aba89e)
- deps: update lula to v0.4.4 (#615) (b02b305)
- deps: update neuvector-updater/curl to v8.9.0 (#597) (b4bd660)
- deps: update promtail configmap-reload to v0.13.1 (#608) (d98bbae)
- deps: update promtail helm chart to v6.16.4 (#574) (bf9f65c)
- deps: update to identity-config 0.5.2 (#635) (6474d16)
- deps: update uds cli to v0.13.1 (#569) (4339c89)
- deps: update zarf to v0.36.1 (#562) (058cfb3)
- disable telemetry/analytics for loki/grafana (#601) (ad785bc)
- update zarf to new repo location, 0.37.0 (#631) (29f9fd0)
Known Issues with this Release
- Metrics Server was not properly set to optional everywhere (#640), this will be resolved in 0.25.1
v0.24.1
0.24.1 (2024-07-22)
Upgrade Note
- See 0.5.1 upgrade documentation on identity-config if upgrading an existing installation.
Bug Fixes
- ci: snapshot release publish, passthrough test on upgrade (#575) (d4afe00)
- ci: workflow permissions (cacf1b5)
- only allow istio gateways to set x509 client certificate header (#572) (5c62279)
- sso: delete orphaned SSO secrets (#578) (5a6b9ef)
- unicorn flavor proxy image reference (#590) (db081fa)
- update monitor mutation to not overwrite explicitly defined scrape class (#582) (7e550d3)
Miscellaneous
- deps: update grafana chart + sidecar image (#567) (85b6de4)
- deps: update pepr to v0.32.7 (#556) (e594f13)
- deps: update uds-identity-config to v0.5.1 (#591) (b9c5bd3)
- deps: update uds-k3d to v0.8.0 (#581) (fab8919)
- loki: default query settings, config as secret (#579) (5fa889c)
- oscal: begin integration of composed oscal with validations (#496) (047fd30)
v0.24.0
0.24.0 (2024-07-12)
⚠ BREAKING CHANGES
- set istio passthrough gateway as optional component (#547)
- Keycloak's
postgresql.databaseandpostgresql.usernamemust be explicitly set for deploy if trying to use a database with Keycloak - previously if unset these values would default tokeycloakas hidden defaults (#554)
Features
- add unicorn flavor to uds-core (#507) (a412581)
- added standalone dns service for loki (#548) (e2efdf9)
- enable authservice integration (#201) (1d4df64)
- set istio passthrough gateway as optional component (#547) (e1cab61)
- update to using default scrapeclass for tls config (#517) (258bb6b)
Bug Fixes
- decouple
devModeand postgres egress (#554) (1a98779) - grafana logout not working in some environments (#559) (ccb9d9e)
- initial creation of child logging (#533) (00a5140)
- podmonitor mTLS mutations (#566) (eb613e1)
Miscellaneous
- add util function for purging orphans (#565) (e84229a)
- allow istio proxy injection in zarf ignored namespaces (#513) (8921b58)
- deps: update githubactions upload-artifact to v4.3.4 (#543) (20889f2)
- deps: update grafana helm chart to v8.3.2 (#542) (8ec260c)
- deps: update pepr dependencies (jest, uds-common) (#537) (547c0bf)
- deps: update promtail helm chart to v6.16.3 (#538) (48b3fea)