v0.5.0

0.5.0 (2024-10-30)

Features

• enabled multiple registry configuration (#226) (5697b68)
• enabled sharded gitaly & added configuration docs (#232) (c445690)
• generate & add sbom to release assets (#233) (4ed229c)
• improve reliability by adding periodic pepr restart (#229) (684c6d0)
• remove eks-d & eks-a (#231) (7ab7ec8)

Miscellaneous

• release 0.5.0 (86f9008)
• release 0.5.0 (7f5ac97)

v0.4.2

0.4.2 (2024-10-18)

⚠ BREAKING CHANGES

• final release containing eks-d support (#217)

Features

• final release containing eks-d support (#217) (36de4a6)

Miscellaneous

• deps: update dependencies (#223) (67943ba)
• update codeowners (#227) (077102b)

v0.4.1

0.4.1 (2024-10-06)

Miscellaneous

• bump keycloak wrapper to 0.6.3 (9c1f08a)
• small fixes (#209) (579b390)
• upgrade confluence to 1.20.0-uds.4 (9c1f08a)
• upgrade gitlab to 17.2.7-uds.2 (9c1f08a)
• upgrade gitlab-runner to 17.1.0-uds.1 (9c1f08a)
• upgrade mattermost to 10.0.0-uds.0 (9c1f08a)
• upgrade uds-core to 0.28.0 (#211) (9c1f08a)
• upgrade valkey to 7.2.6 (9c1f08a)

v0.4.0

0.4.0 (2024-09-27)

Features

• enable & update sonarqube to 10.6.0 (#194) (bc5ec54)
• enable confluence & update to v8.9.4 (#193) (97c9207)
• enabled mattermost (#199) (0bc72d6)
• improved task names for auto-complete (#203) (fa0a5f1)
• re-enable jira (#184) (c1b4efc)

Bug Fixes

• re-enable mattermost in rke2 bundle too & update to 9.11.1 (#202) (7d6f6bc)

Miscellaneous

• configure bundle to be compatible with eks-d (#158) (a69818a)
• release 0.4.0 (d57cb44)
• split eksd and rke2 bundles (#201) (b865581)
• update bundle to be compatible with eks-management cluster (#198) (8fedecc)
• update uds-config example file (#160) (6d5c65f)
• upgrade zarf to match uds-cli version (b865581)

v0.3.2

0.3.2 (2024-09-04)

Miscellaneous

• configure tolerations and affinity for gitaly (c3f7385)
• switch zarf to use s3 backend (#157) (c6d2ee2)
• update nutanix-csi to version 3.0.0 (#159) (734a816)

v0.3.1

0.3.1 (2024-08-01)

OVERVIEW

Notable updates include

• uds-cli version 0.13.1
• Nutanix csi driver version 0.2.10

There are manual clickop keycloak updates to make when upgrading this bundle from 0.3.0 to 0.3.1 because of the identity-config update that happened. Details on those manual steps can be found here

Configuration Changes

• Removal of init.REGISTRY_HPA_ENABLE (default is now set to false and the default replica count is set at the bundle level) This was changed for improved zarf registry stability

Updated Packages

Package	Old	New
uds-cli	0.12.0	0.13.1
nutanix csi zarf init	0.35.0	0.36.1
nutanix csi driver	2.6.6	2.6.10
uds-core	0.23.0	0.24.1
authservice	0.5.3	1.0.1
uds-identity-config	0.5.0	0.5.1
pepr	0.32.6	0.32.7
gitlab	17.1.1	17.1.2

Miscellaneous

• add override for zarf-registry replica-count in place of hpa (10988cc)
• add tasks for deploying published oci and update task versions (#152) (ad96a6b)
• cleanup unecessary loki overrides (b3a4f56)
• remove old namespace pattern (#149) (77ca71e)
• update csi chart and storage images (#154) (c0dca0e)
• upgrade gitlab to 17.1.2-uds.0 (77ca71e)
• upgrade Nutanix CSI init to 0.36.1 (b3a4f56)
• upgrade uds-cli to 0.13.1 (b3a4f56)
• upgrade uds-core to 0.24.1 (#151) (b3a4f56)
• upgrade uds-identity-config to v0.5.1 (b3a4f56)
• upgrade valkey to 7.2.5-uds.2 (77ca71e)

---

DETAILS

uds-core

0.24.1 (2024-07-22)

Upgrade Note

• See 0.5.1 upgrade documentation on identity-config if upgrading an existing installation.

Bug Fixes

• ci: snapshot release publish, passthrough test on upgrade (#575) (d4afe00)
• ci: workflow permissions (cacf1b5)
• only allow istio gateways to set x509 client certificate header (#572) (5c62279)
• sso: delete orphaned SSO secrets (#578) (5a6b9ef)
• unicorn flavor proxy image reference (#590) (db081fa)
• update monitor mutation to not overwrite explicitly defined scrape class (#582) (7e550d3)

Miscellaneous

• deps: update grafana chart + sidecar image (#567) (85b6de4)
• deps: update pepr to v0.32.7 (#556) (e594f13)
• deps: update uds-identity-config to v0.5.1 (#591) (b9c5bd3)
• deps: update uds-k3d to v0.8.0 (#581) (fab8919)
• loki: default query settings, config as secret (#579) (5fa889c)
• oscal: begin integration of composed oscal with validations (#496) (047fd30)

---

gitlab

17.1.2-uds.0 (2024-07-18)

Features

• expose requiredGroups in sso config (#167) (c0b4c37)

Miscellaneous

• deps: update gitlab package dependencies (#163) (78d5f4d)
• deps: update gitlab support dependencies (#162) (0c49973)

---

v0.3.0

0.3.0 (2024-07-12)

OVERVIEW

This update includes potentially breaking changes.
We recommend installing this in a fresh environment (including databases and buckets).

Highlights include:

• Update to uds-core for security and stability changes
• Update to resource allocation to better support expected workloads
• Updates to the nexus package to simplify SSO client creation and initialization
• Updates to how CA trust is managed throughout the deployment, which should resolve many SSL errors observed today
• Refactoring the process of loading custom keycloak plugins to resolve errors observed with newer versions of uds-cli
• Removing dependency on Redis to alleviate license concerns

Configuration Changes

• Addition of init.REGISTRY_PVC_SIZE (suggested default of 128Gi) to allow expansion of internal docker registry storage
• Removal of gitlab.GITLAB_REDIS_ENDPOINT (default is now set at the bundle level)

Removed Packages

Caution

The following packages have been removed

Package	Version	Explanation
Redis	7.0.12	Replaced by Valkey due to licencing concerns

Added Packages

Package	Version	Explanation
Valkey	7.2.5	Replacing Redis due to licensing concerns
cert-manager	1.14.5	Parent package to trust-manager, includes required CRDs
trust-mangaer	0.11.0	Creates and distributes a CA trust bundle for consumption within the cluster

Updated Packages

Package	Old	New
uds-core	0.22.1	0.23.0
gitlab	17.0.2	17.1.1
nexus	3.68.1-02	3.69.0-02
istio	1.22.1	1.22.2
promtail	2.9.6	3.1.0
grafana	10.4.2	11.1.0
neuvector	5.3.2	5.3.3
pepr	0.31.1	0.32.6

Features

• add multiple resource config (#139) (30c34c2)
• Custom ca cert support (#122) (4d90054)
• replace zarf data injection (#145) (5f9be14)
• swapped redis for valkey and updated gitlab uds pkg version to v17.1.1-uds1 (#146) (07282ae)

Miscellaneous

• bumping identity-config tag to match (d731f11)
• Nexus upgrade to 3.69.0-uds.0 (d731f11)
• update uds core to 0.23.0 (#142) (d731f11)

---

DETAILS

uds-core

0.23.0 (2024-07-04)

⚠ BREAKING CHANGES

• remove emulated gitlab endpoints from keycloak (#483)

Features

• ALPHA Functionality: identity group auth (#497) (d71d83e) - this is provided as an alpha feature and may not be stable. To use this functionality on an existing installation (upgrade) make sure to follow the Identity Config upgrade documentation.

Bug Fixes

• docs: re-ordered small paragraphs, clarified wording, and added links to tech homepages (#531) (6b2b46b)
• docs: removed double-link which broke the markdown formatting in pr template (#532) (f41ced4)
• docs: uds-config.yaml example in k3d-slim-dev README (#530) (2e1c53e)
• operator retries and error logging (#511) (cae5aab)

Miscellaneous

• deps: update checkout action to latest sha (#481) (c6f0137)
• deps: update dependency weaveworks/eksctl to v0.183.0 (#499) (9cb8e4d)
• deps: update grafana to 11.1.0 (#380) (499058a)
• deps: update istio to v1.22.2 (#512) (dcdadb4)
• deps: update jest to v29.1.5 (#485) (9c392b9)
• deps: update neuvector to 5.3.3 (#467) (261057d)
• deps: update pepr to 0.32.2 (#473) (ab4bee9)
• deps: update pepr to 0.32.3 (#494) (2e28897)
• deps: update pepr to 0.32.6 (#516) (a9d3eec)
• deps: update promtail to 3.1.0 (#335) (4457fce)
• deps: update uds to v0.12.0 (#521) (8e587ff)
• deps: update uds-common tasks to 0.6.1 (#498) (4aa6e33)
• deps: update zarf to v0.35.0 (#490) (86957cf)
• docs linting changes (#505) (0fe2015)
• remove emulated gitlab endpoints from keycloak (#483) (495960c)
• update docs for group auth and readme for docs site (#540) (ace7041)

---

gitlab

17.1.1-uds.1 (2024-07-09)

⚠ BREAKING CHANGES

• allow redis password secret creation and GitLab PeerAuthentication exceptions (#161)

Features

• allow redis password secret creation and GitLab PeerAuthentication exceptions (#161) (a5e9bd1)

Miscellaneous

• deps: update gitlab support dependencies (#158) (32aece7)
• remove and gitignore .vscode directory (#159) (c087596)
• update license ([#148](https://github.com/defenseunicorns/uds-package-git...

v0.2.16

0.2.16 (2024-07-01)

• Contains the same updates as the [0.2.15] (2024-07-01) below, just with a ci bug fix to publish the package.

Bug Fixes

• bump uds cli in setup action (051e14f)

0.2.15 (2024-07-01)

Updated packages

Package	Old	New
uds-cli	0.11.0	0.12.0
nutanix-init	0.34.0	0.35.0
gitlab	17.0.1	17.0.2

Features

• run gitlab init containers as privileged for copying CA trust (#130) (5b4031e)

Bug Fixes

• bump nexus again to bring in default saml role update (9bec327)

Miscellaneous

• bump gitlab to 17.0.2-uds.0 (18fde32)
• bump nexus and add NuGetApiKey realm (#136) (9bec327)
• bump nutanix csi init to v0.35.0 (18fde32)
• bump uds-cli to 0.12.0 (#137) (18fde32)

---

DETAILS

Nexus

3.68.0-uds.3 (2024-06-27)

Bug Fixes

• update default role and realm for uds (#18) (19e1d09)
• add wait for package creation (#16) (946d431)

Gitlab

17.0.2-uds.0 (2024-06-20)

Features

• add wait for GL package CR readiness (#144) (eaa59dd)
• allow for Postgres password secret generation (#147) (5d48380)

Bug Fixes

• add missing exporter netpols (#142) (9b5a258)

Miscellaneous

• cache playwright and add tests to amd64 release (#155) (4af9d3a)
• deps: update gitlab package dependencies (#154) (e5a8f66)
• deps: update gitlab support dependencies (#137) (66bb3ba)
• document how to use the database (#149) (3ec9044)

---

v0.2.15

0.2.15 (2024-07-01)

Updated packages

Package	Old	New
uds-cli	0.11.0	0.12.0
nutanix-init	0.34.0	0.35.0
gitlab	17.0.1	17.0.2

Features

• run gitlab init containers as privileged for copying CA trust (#130) (5b4031e)

Bug Fixes

• bump nexus again to bring in default saml role update (9bec327)

Miscellaneous

• bump gitlab to 17.0.2-uds.0 (18fde32)
• bump nexus and add NuGetApiKey realm (#136) (9bec327)
• bump nutanix csi init to v0.35.0 (18fde32)
• bump uds-cli to 0.12.0 (#137) (18fde32)

---

DETAILS

Nexus

3.68.0-uds.3 (2024-06-27)

Bug Fixes

• update default role and realm for uds (#18) (19e1d09)
• add wait for package creation (#16) (946d431)

Gitlab

17.0.2-uds.0 (2024-06-20)

Features

• add wait for GL package CR readiness (#144) (eaa59dd)
• allow for Postgres password secret generation (#147) (5d48380)

Bug Fixes

• add missing exporter netpols (#142) (9b5a258)

Miscellaneous

• cache playwright and add tests to amd64 release (#155) (4af9d3a)
• deps: update gitlab package dependencies (#154) (e5a8f66)
• deps: update gitlab support dependencies (#137) (66bb3ba)
• document how to use the database (#149) (3ec9044)

---

v0.2.14

0.2.14 (2024-06-13)

Updated packages

Package	Old	New
uds-cli	0.10.4	0.11.0
uds-core	0.22.0	0.22.1
nutanix-init	0.33.0	0.34.0
gitlab-runner	16.11.0	17.0.0
nexus	3.66.0	3.68.1
istio	1.21.2	1.22.1
prometheus	2.51.2	2.52.0
pepr	0.31.0	0.31.1
keycloak	24.0.4	24.0.5

Config Changes

Additional variables:

nexus:
    # SSO requires a license
    NEXUS_SSO_ENABLED: true
    NEXUS_LICENSE_KEY: "<replace-me-with-a-license-key>"

Features

• gitlab-runner update to match gitlab major version #124
• nexus updates to configure sso (#121) (2f24efe)
• update uds-core (#128) (949df27)

Bug Fixes

• add nexus default realm role to bundle config (#126) (0f31e12)

Miscellaneous

• update nexus (0f31e12)

Important

KNOWN ISSUES

• Manual steps are required as the admin user in order to finalize the Nexus SSO configuration. The steps are outlined in the package documentation.
• Gitlab runner registration tokens are deprecated as of version 17.x.x and will be removed as of 18.x.x. In order to continue using them in 17, they need to be manually enabled by an admin. Steps are outlined in the package release notes

---

DETAILS

Nexus

3.68.0-uds.1 (2024-06-10)

Features

• add additional expose template (a03ba4c)
• additional ca cert chain var (#14) (a03ba4c)

---

Gitlab-runner

17.0.0-uds.0 (2024-05-29)

⚠ BREAKING CHANGES

• add netpols and monitoring (#81)

Features

• add netpols and monitoring (#81) (71c40fb)

Miscellaneous

• deps: update gitlab runner package dependencies (#80) (8393282)
• deps: update gitlab runner support dependencies (#78) (a203bac)

---

uds-core

0.22.1 (2024-06-06)

Bug Fixes

• add saml configuration to k3d standard bundle (#425) (15b41d7)
• de-duplicate renovate matches (#435) (4f9dbbb)
• default keycloak realm envs (#455) (3a2b48f)
• exemption race conditions (#407) (d1b3b56)
• integrated docs (#431) (72238fa)
• keycloak schema for package cr (#436) (e32ce9a)
• networkpolicy for keycloak smtp egress (4059954)
• nightly testing eks config architecture (#452) (a0bbd1f)
• remove deprecated registry login and add env setup (#443) (ca6b76f)
• remove go mod (#441) (0de9693)
• remove no-tea and update uds version (#446) (434844b)
• use updated k3s (#426) (1da1c49)

Miscellaneous

• add checks before killing pods when updating istio annotations (#457) (a62f9a0)
• add debug logs to save logs for easier searching (#430) (319101b)
• add velero csi plugin (#424) (c7e49e9)
• deps: update githubactions (#413) (ebd834e)
• deps: update istio to v1.22.1 (#405) (ad4b861)
• deps: update jest to v29.1.4 (#438) (c3ecc8b)
• deps: update keycloak to v0.4.4 (#460) (936f40b)
• deps: update keycloak to v0.4.5 (#461) (3592012)
• deps: update keycloak to v24.0.5 (#453) (6b0c6fc)
• deps: update keycloak to v24.0.5 (#454) (89911f0)
• deps: update pepr (#419) (d8f0309)
• deps: update pepr to v0.4.5 (#447) (f1dba17)
• deps: update prometheus-stack (#422) (a96193e)
• deps: update uds-common to v0.4.4 (#442) (bf6debd)
• deps: update uds-k3d to v0.7.0 (#428) (23b59a2)
• deps: update velero (#408) (ffbefda)
• deps: update velero ([#440](https://github.com/defenseunicorns/uds-core/i...