Skip to content

Latest commit

 

History

History
1319 lines (825 loc) · 132 KB

CHANGELOG.md

File metadata and controls

1319 lines (825 loc) · 132 KB

Changelog

All notable changes to this project will be documented in this file.

0.33.1 (2024-12-20)

Bug Fixes

Miscellaneous

0.33.0 (2024-12-17)

Features

  • configurable authentication flows (#1102) (498574c)
  • experimental opt-in classification banner (#1127) (d701067)
  • set Istio gateway TLS from Kubernetes secret (#982) (2711209)

Bug Fixes

  • kubeapi netpol initialization / support for ingress policies (#1097) (620e6b2)
  • retry logic for pepr store call (#1109) (e4c0f61)

Miscellaneous

0.32.1 (2024-12-05)

Bug Fixes

Miscellaneous

0.32.0 (2024-11-22)

Features

  • add ability to add custom netpols for prometheus-stack package (#997) (472f9c5)
  • add checkpoint uds-core slim package (#818) (d95f6be)
  • allow additional network rules for grafana and neuvector (#1038) (5c84007)

Bug Fixes

Miscellaneous

0.31.2 (2024-11-15)

Bug Fixes

  • scale keycloak sts to zero if deployed in ha mode (#1010) (9bae9b3)

Miscellaneous

  • update *.uds.dev and *.admin.uds.dev certs (#1012) (fe31263)

0.31.1 (2024-11-13)

Miscellaneous

0.31.0 (2024-11-12)

⚠ BREAKING CHANGES

  • Remove the generated exception block from the remoteCidr generation. This change means that a cidr containing the META_IP could be set.

Bug Fixes

  • avoids memory leak in istio sidecar termination (#972) (bfd415e)
  • ensure grafana does not install plugins from the internet (#993) (f3def45)
  • remove remoteCidr exception block (#987) (264fbf6)
  • renovate config updated to track tests (#981) (2494448)
  • sets fail-fast to false for matrix workflows (#995) (3008788)
  • sort auth chains when building the authservice config (#969) (15487fb)

Miscellaneous

0.30.0 (2024-10-28)

⚠ BREAKING CHANGES

  • remove uds-runtime from core (#955)

Features

Bug Fixes

Miscellaneous

0.29.1 (2024-10-18)

Bug Fixes

Miscellaneous

0.29.0 (2024-10-11)

Features

Bug Fixes

  • broken readme link (#899) (6e47b11)
  • ci: switch to larger runners to resolve ci disk space issues (#882) (1af0401)
  • snapshot ci version modification and tasks for publish (#877) (f01e5bd)
  • support for anywhere network policies in cilium (#884) (5df0737)

Miscellaneous

0.28.0 (2024-09-27)

⚠ BREAKING CHANGES

  • Promtail has been removed from UDS Core and replaced by Vector. If you were previously using overrides to setup additional log targets/endpoints for Promtail this configuration will need to be updated to Vector's chart/config formats. See Vector's Sources and Sinks as well as the helm chart values for guidance in configuration.

Features

Bug Fixes

  • eks iac issues, document storage class pre-reqs (#812) (df514bd)
  • ensure istio sidecar is killed if job fails (#813) (34ffc0a)
  • revert test app version to fix CI failures (#815) (2ec6ad6)

Miscellaneous

0.27.3 (2024-09-19)

Miscellaneous

  • add uds-runtime as an optional component in core (#788) (a2dfede)

0.27.2 (2024-09-18)

Bug Fixes

  • use boltdb-shipper store by default for loki (#779) (e438e12)

0.27.1 (2024-09-18)

Bug Fixes

  • validate packages using full resource name (#775) (678ed44)

Miscellaneous

  • allow service ports to be overridden in test bundles (#765) (5f9a920)
  • deps: update authservice to v1.0.2 (#738) (3328b08)
  • deps: update githubactions (#762) (c7bab2a)
  • deps: update grafana curl image to v8.10.1 (#773) (0d56ef2)
  • deps: update istio to v1.23.1 (#744) (f222ea3)
  • deps: update neuvector chart to 2.7.9 (#750) (a97b509)
  • deps: update neuvector updater image to v8.10.1 (#774) (2afddfc)
  • deps: update pepr to 0.36.0 (#696) (2a1591e)
  • deps: update prometheus-stack (#743) (61f7a60)
  • deps: update test-infra random provider to v3.6.3 (#753) (009326d)
  • deps: update uds-identity-config version to 0.6.3 (#772) (a2ad936)
  • deps: update uds-k3d to v0.9.0 (1.30.4 k3s), k3d to 5.7.4 (#770) (20656e6)
  • deps: update velero kubectl image to v1.31.1 (#763) (56b3a21)
  • deps: update velero kubectl to v1.31.1 (#757) (c15d77e)
  • remove unused neuvector exporter (#768) (bd4f5cf)
  • task for custom pepr (#766) (e624d73)

0.27.0 (2024-09-11)

Features

  • add support for Keycloak attribute saml.assertion.signature (#723) (0e1a3da)
  • investigate and restrict network policies (#719) (b6ebc49)
  • protocol mappers (#621) (d71cb44)

Bug Fixes

  • correct keycloak chart schema for additionalGateways (#745) (1fd8ef3)
  • default ctx.allowPrivilegeEscalation to false if undefined (#698) (7ecd130)
  • pre-commit linting (#703) (c3a2f62)
  • switch secret data to stringData (#710) (9323d4e)
  • update ci workflows for docs shim (#700) (5d89254)

Miscellaneous

  • adding uds core prerequisites documentation (#636) (6225766)
  • deps: update dependency weaveworks/eksctl to v0.190.0 (#721) (16d208a)
  • deps: update githubactions (#642) (0705ba6)
  • deps: update grafana curl image to v8.10.0 (#751) (0cdb020)
  • deps: update grafana sidecar image to v1.27.6 (#732) (ad4808b)
  • deps: update grafana to 11.2.0 (#670) (84e099a)
  • deps: update istio to v1.23.0 (#672) (3266a3a)
  • deps: update keycloak chart version to v25 (#470) (3e805e7)
  • deps: update keycloak to 25.0.5 (#742) (45c540a)
  • deps: update loki memcached images to v1.6.31 (#752) (f94daf1)
  • deps: update metrics-server to v0.7.2 (#708) (53f1bfd)
  • deps: update prometheus-stack (#437) (526aab1)
  • deps: update prometheus-stack chart to v62.6.0 (#740) (424570d)
  • deps: update promtail helm chart to v6.16.5 (#706) (4689d54)
  • deps: update uds cli to v0.14.2 (#697) (f92bf53)
  • deps: update uds to v0.15.0 (#733) (57e0e64)
  • deps: update velero (#695) (c188393)
  • deps: update velero chart to 7.2.1, kubectl image for unicorn flavor (#725) (a98bac4)
  • deps: update velero helm chart to v7.2.0 (#720) (6309882)
  • deps: update zarf to v0.39.0 (#731) (7268680)
  • update configure policy exemptions doc link (#739) (6ad1256)
  • update loki to 3.1.1 (#449) (e61da27)
  • update renovate config/values to match all neuvector images (#755) (72a97ba)
  • update resources for prometheus, document resource overrides (#713) (e80c1a4)
  • update to keycloak 25 (#707) (0551aa5)

0.26.1 (2024-08-23)

Bug Fixes

  • add additional supported saml attributes (#690) (a7435bf)

Miscellaneous

  • deps: update dependency defenseunicorns/uds-common to v0.12.0 (#692) (a5423a3)
  • deps: update test-infra to v0.0.6 (#686) (8341e6e)
  • deps: update uds-common to v0.12.0 (#693) (957f388)
  • deps: update zarf to v0.38.3 (#694) (c53126f)

0.26.0 (2024-08-21)

⚠ BREAKING CHANGES

  • client attribute allow list (#676)

Features

  • azure: azure blob storage support for velero (#644) (eff9a82)
  • support authservice with redis, switch to pepr helm chart (#658) (e2fe58a)

Bug Fixes

  • client attribute allow list (#676) (100321e)
  • handle client id names with special characters (#659) (a84769e)
  • pull lula main for threshold update (#638) (5a34ce8)
  • release-please config bump minor pre-major (#680) (3f824c1)

Miscellaneous

0.25.2 (2024-08-09)

Bug Fixes

Miscellaneous

  • allow for extra keycloak gateway usage with client certs (#648) (7b1c474)
  • deps: update dependency defenseunicorns/uds-common to v0.11.1 (#647) (768aa1c)
  • deps: update dependency defenseunicorns/uds-common to v0.11.2 (#653) (f7d1ce8)
  • deps: update grafana helm chart to v8.4.3 (#660) (81c7af0)
  • deps: update grafana to 11.1.3 ([#607](#607)) (7b343ac)
  • deps: update neuvector to 5.3.4 (#606) (526bff4)
  • deps: update pepr to 0.33.0 (#588) (6eee8f0)
  • update identity config to 0.6.0 (#661) (469fed8)

0.25.1 (2024-08-06)

Bug Fixes

  • switch metrics-server to optional everywhere (#641) (43c5bd5)

Miscellaneous

  • add debug logs for istio injection logic (#602) (9075436)
  • add support for public clients and disabling standard auth flow (#630) (38151d7)
  • deps: update dependency defenseunicorns/uds-common to v0.11.0 (#617) (997cf37)
  • deps: update dependency weaveworks/eksctl to v0.188.0 (#623) (3081044)
  • deps: update uds to v0.14.0 (#612) (7fe927e)
  • update codeowners (#637) (eec5017)

0.25.0 (2024-08-02)

⚠ BREAKING CHANGES

  • change metric server to optional (#611)

Features

Bug Fixes

Miscellaneous

  • change metric server to optional (#611) (bc2d673)
  • deps: update dependency defenseunicorns/uds-common to v0.9.0 (#592) (44ea2d7)
  • deps: update dependency weaveworks/eksctl to v0.187.0 (#539) (9002a94)
  • deps: update githubactions (#553) (2a9e29a)
  • deps: update grafana curl image to v8.9.0 (#596) (64f9408)
  • deps: update grafana helm chart to v8.3.6 (#594) (1f2005b)
  • deps: update istio to v1.22.3 (#580) (7aba89e)
  • deps: update lula to v0.4.4 (#615) (b02b305)
  • deps: update neuvector-updater/curl to v8.9.0 (#597) (b4bd660)
  • deps: update promtail configmap-reload to v0.13.1 (#608) (d98bbae)
  • deps: update promtail helm chart to v6.16.4 (#574) (bf9f65c)
  • deps: update to identity-config 0.5.2 (#635) (6474d16)
  • deps: update uds cli to v0.13.1 (#569) (4339c89)
  • deps: update zarf to v0.36.1 (#562) (058cfb3)
  • disable telemetry/analytics for loki/grafana (#601) (ad785bc)
  • update zarf to new repo location, 0.37.0 (#631) (29f9fd0)

0.24.1 (2024-07-22)

Bug Fixes

  • ci: snapshot release publish, passthrough test on upgrade (#575) (d4afe00)
  • ci: workflow permissions (cacf1b5)
  • only allow istio gateways to set x509 client certificate header (#572) (5c62279)
  • sso: delete orphaned SSO secrets (#578) (5a6b9ef)
  • unicorn flavor proxy image reference (#590) (db081fa)
  • update monitor mutation to not overwrite explicitly defined scrape class (#582) (7e550d3)

Miscellaneous

  • deps: update grafana chart + sidecar image (#567) (85b6de4)
  • deps: update pepr to v0.32.7 (#556) (e594f13)
  • deps: update uds-identity-config to v0.5.1 (#591) (b9c5bd3)
  • deps: update uds-k3d to v0.8.0 (#581) (fab8919)
  • loki: default query settings, config as secret (#579) (5fa889c)
  • oscal: begin integration of composed oscal with validations (#496) (047fd30)

0.24.0 (2024-07-12)

⚠ BREAKING CHANGES

  • set istio passthrough gateway as optional component (#547)

Features

  • add unicorn flavor to uds-core (#507) (a412581)
  • added standalone dns service for loki (#548) (e2efdf9)
  • enable authservice integration (#201) (1d4df64)
  • set istio passthrough gateway as optional component (#547) (e1cab61)
  • update to using default scrapeclass for tls config (#517) (258bb6b)

Bug Fixes

Miscellaneous

  • add util function for purging orphans (#565) (e84229a)
  • allow istio proxy injection in zarf ignored namespaces (#513) (8921b58)
  • deps: update githubactions upload-artifact to v4.3.4 (#543) (20889f2)
  • deps: update grafana helm chart to v8.3.2 (#542) (8ec260c)
  • deps: update pepr dependencies (jest, uds-common) (#537) (547c0bf)
  • deps: update promtail helm chart to v6.16.3 (#538) (48b3fea)

0.23.0 (2024-07-04)

⚠ BREAKING CHANGES

  • remove emulated gitlab endpoints from keycloak (#483)

Features

Bug Fixes

  • docs: re-ordered small paragraphs, clarified wording, and added links to tech homepages (#531) (6b2b46b)
  • docs: removed double-link which broke the markdown formatting in pr template (#532) (f41ced4)
  • docs: uds-config.yaml example in k3d-slim-dev README (#530) (2e1c53e)
  • operator retries and error logging (#511) (cae5aab)

Miscellaneous

0.22.2 (2024-06-13)

Bug Fixes

Miscellaneous

0.22.1 (2024-06-06)

Bug Fixes

Miscellaneous

0.22.0 (2024-05-22)

Features

Bug Fixes

Miscellaneous

0.21.1 (2024-05-02)

Bug Fixes

Miscellaneous

  • updating keycloak chart version to align with image (#378) (a60fe2a)

0.21.0 (2024-04-30)

Features

  • add monitor to operator, fix monitoring setup (#256) (bf67722)

Bug Fixes

Miscellaneous

0.20.0 (2024-04-20)

Features

  • add keycloak sso realm values (#352) (74436ea)
  • add saml and attribute/mapper support for keycloak in uds pepr operator (#328) (c53d4ee)
  • enable sso for neuvector (#351) (597353e)
  • keycloak PVC customization (#341) (f8eae2a)

Bug Fixes

  • add nightly uds-bundle.yaml to release-please extras for updates (#346) (d1b3071)

Miscellaneous

0.19.0 (2024-04-12)

Features

Bug Fixes

  • drop path normalization to MERGE_SLASHES to allow apps to handle encoded slashes (#330) (26e965f)
  • loki bucket configuration service_account and namespace (#332) (9518634)

Miscellaneous

0.18.0 (2024-03-29)

Features

Bug Fixes

Miscellaneous

0.17.0 (2024-03-22)

Features

Bug Fixes

Miscellaneous

0.16.1 (2024-03-16)

Bug Fixes

0.16.0 (2024-03-15)

Features

Bug Fixes

Miscellaneous

0.15.1 (2024-03-11)

Bug Fixes

Miscellaneous

0.15.0 (2024-03-07)

Features

Miscellaneous

  • deps: update dependency defenseunicorns/uds-common to v0.2.2 (#232) (083ae0c)
  • deps: update githubactions to de90cc6 (#215) (f79eed0)

0.14.5 (2024-03-06)

Bug Fixes

  • valueFrom in KeyCloak statefulset.yaml (#229) (189a5ce)

0.14.4 (2024-03-05)

Bug Fixes

0.14.3 (2024-03-05)

Bug Fixes

  • keycloak: add missing postgres host and port secret keys (#224) (0c4d775)

0.14.2 (2024-03-04)

Bug Fixes

  • basic validations for packages (#208) (9eba3af)
  • keycloak volume permissions, UI update (#223) (4454d3e)
  • kubeapi netpol generation now also includes the ip from the kubernetes service (#219) (0a83d02)

Miscellaneous

0.14.1 (2024-03-04)

Bug Fixes

0.14.0 (2024-03-04)

Features

Miscellaneous

  • deps: update dependency defenseunicorns/uds-common to v0.2.1 (#205) (1b01407)
  • deps: update githubactions to v19 (#204) (d65acd4)
  • deps: update loki to v5.43.3 (#199) (40f1554)
  • deps: update metrics-server (#123) (fb25a97)

0.13.1 (2024-02-21)

Bug Fixes

  • revert "chore: support deselection of metrics-server" (#196) (25a408d)

0.13.0 (2024-02-20)

Features

Bug Fixes

  • validating/mutating webhook networkpolicies and mtls (#192) (b01e629)

Miscellaneous

0.12.0 (2024-02-09)

Features

  • introduce advancedHTTP for expose field & change podLabels to selector (#154) (1079267)

Miscellaneous

  • deps: pin dependencies (#79) (bfab11e)
  • remove retry-action action on registry1 docker login (#160) (eea0c93)

0.11.1 (2024-02-08)

Bug Fixes

0.11.0 (2024-02-07)

Features

Bug Fixes

  • network policy to allow metrics-server ingress (#148) (f1d434a)

Miscellaneous

0.10.0 (2024-01-26)

Features

  • add Istio VirtualService Requestmatch to UDS Operator (#129) (a207197)

Miscellaneous

0.9.2 (2024-01-24)

Miscellaneous

0.9.1 (2024-01-22)

Bug Fixes

  • update missing flavor create inputs in publish step (#118) (a0233eb)

0.9.0 (2024-01-21)

Features

  • add Zarf Flavors to support Iron Bank & upstream images (#63) (232c256)

0.8.1 (2024-01-18)

Bug Fixes

0.8.0 (2024-01-16)

Features

  • add UDS Operator and consolidate UDS Policies (#66) (395c1c4)

Miscellaneous

0.7.4 (2024-01-13)

Bug Fixes

  • change pepr error policy to reject (#99) (10772e2)

Miscellaneous

0.7.3 (2024-01-11)

Bug Fixes

  • add test for disallow selinux options and handle checking for us… (#96) (88b969e)

Miscellaneous

  • deps: update uds to v0.5.3, zarf to v0.32.1, and uds-k3d to 0.3.0 (#77) (596f9d8)
  • open the aperture for pr workflow triggering (#90) (d8a72f2)
  • simplify promtail values for scrape configs (#94) (6c2513b)

0.7.2 (2024-01-09)

Bug Fixes

Miscellaneous

0.7.1 (2024-01-08)

Bug Fixes

Miscellaneous

0.7.0 (2024-01-05)

Features

  • update security policy to use provided user, group, and fsgroup (#82) (6d641ce)

Miscellaneous

0.6.2 (2023-12-11)

Miscellaneous

  • add minio deploy time bundle variable override definitions (#58) (ca28e7b)
  • refactor validate.yaml file name and task name (#62) (92a04ea)

0.6.1 (2023-12-07)

Bug Fixes

  • resolve istio job termination container status logic issue (#55) (c0142c2)

0.6.0 (2023-12-05)

Features

Miscellaneous

  • conform to latest uds bundle schema (#52) (14dad38)

0.5.0 (2023-11-19)

Features

  • expose tls certs as UDS bundle variables (#48) (c1f8286)

0.4.1 (2023-11-17)

Bug Fixes

Miscellaneous

0.4.0 (2023-11-16)

Features

0.3.0 (2023-11-15)

Features

0.2.0 (2023-11-13)

Features

  • add pepr capability for istio + jobs (#12) (c32a703)
  • embed tls certs in istio package (#32) (fb04fee)

0.1.3 (2023-11-10)

Miscellaneous

0.1.2 (2023-11-09)

Miscellaneous

  • fix missing deps in tag and release workflow (#28) (1e1af76)

0.1.1 (2023-11-09)

Features

  • Add istio and preliminary ci (#3) (fbd7453)
  • add prometheus-stack (monitoring) capability (#2) (e438ab6)
  • release-please integration (#25) (bf3c53b)

Bug Fixes

Miscellaneous

  • add commit lint workflow (#19) (776a632)
  • remove version from neuvector zarf.yaml (#11) (fbc8d51)
  • update release please extra-files to be explicit (#26) (23f4999)

[0.0.0] - YYYY-MM-DD

PRE RELEASE

Added

  • Initial CHANGELOG.md
  • CODEOWNERS
  • CONTRIBUTING.md
  • DEVELOPMENT_MAINTENANCE.md
  • LICENSE
  • README.md
  • zarf.yaml