Releases: defenseunicorns/uds-bundle-software-factory-nutanix
Releases · defenseunicorns/uds-bundle-software-factory-nutanix
v0.2.13
0.2.13 (2024-05-29)
Updated packages
| Package | Old | New |
|---|---|---|
| gitlab | 16.11.1 | 17.0.1 |
Features
KNOWN ISSUES
- The addition of the SAML client currently requires manual configuration of a handful of ClientScopes -- this will be automated in the future, refer to slack for instructions for now.
- POTENTIAL issue with the migrations job
Warning
It is recommended that you backup the gitlab-rails-secret prior to installing this release
DETAILS
gitlab
17.0.1-uds.1 (2024-05-24)
⚠ BREAKING CHANGES
NOTE: The above change should convert existing instances from OIDC to SAML seamlessly, but will require UDS Core v0.22.0 or higher.
Miscellaneous
17.0.1-uds.0 (2024-05-24)
Bug Fixes
- correct
objectStoragesecret Helm value key for toolbox backups (366c703) - address registry ingress prod issues with gitlab (#131) (ddea7ff)
Miscellaneous
- add basic smoke tests with sso, git commit, and file uploads (#132) (2c34cf9), closes #130
- cleanup dev secrets to remove postgres refs (#126) (430ebba)
- deps: update gitlab package dependencies (#121) (366c703)
- deps: update gitlab support dependencies (#123) (8ecd5b4)
- update dev-secrets to use vendored kubectl command (#129) (eb7f356)
v0.2.12
0.2.12 (2024-05-23)
Updated packages
| Package | Old | New |
|---|---|---|
| uds-core | 0.21.0 | 0.22.0 |
| velero | 1.13.1 | 1.13.2 |
| pepr | 0.29.2 | 0.31.0 |
| keycloak | 24.0.3 | 24.0.4 |
Features
- enable csi plugin for backups using nutanix csi and velero (#112) (8e2326d)
- uncommenting the gitlab runner (#115) (7659aa0)
- update to uds-core 0.22.0 (#116) (86ff035)
DETAILS
uds-core
0.22.0 (2024-05-22)
Features
- add
exposeservice entry for internal cluster traffic (#356) (1bde4cc) - add reconciliation retries for CRs (#423) (424b57b)
- uds common renovate config (#391) (035786c)
- uds core docs (#414) (a35ca7b)
Bug Fixes
- mismatched exemption/policy for DropAllCapabilities (#384) (d8ec278)
- pepr mutation annotation overwrite (#385) (6e56b2a)
- renovate config grouping, test-infra (#411) (05fd407)
- renovate pepr comment (#410) (a825388)
Miscellaneous
- deps: update keycloak (#390) (3e82c4e)
- deps: update keycloak to v24.0.4 (#397) (c0420ea)
- deps: update keycloak to v24.0.4 (#402) (e454576)
- deps: update neuvector to v9.4 (#381) (20d4170)
- deps: update pepr to 0.31.0 (#360) (fbd61ea)
- deps: update prometheus-stack (#348) (49cb11a)
- deps: update prometheus-stack (#392) (2e656f5)
- deps: update uds to v0.10.4 (#228) (1750b23)
- deps: update uds-k3d to v0.6.0 (#398) (288f009)
- deps: update velero (#350) (e7cb33e)
- deps: update zarf to v0.33.2 (#394) (201a37b)
v0.2.11
v0.2.10
⚠⚠⚠ Broken release, please use the newest release. ⚠⚠⚠
0.2.10 (2024-05-16)
⚠ BREAKING CHANGES
- commented out everything not needed for the MVP (#106)
Bug Fixes
DETAILS
This release cuts the uds bundle down to the desired MVP applications
Contains:
- nutanix csi init package
- metallb
- uds-core
- gitlab
- nexus
v0.2.9
⚠⚠⚠ Broken release, please use the newest release. ⚠⚠⚠
0.2.9 (2024-05-15)
Nutanix CSI Notes
Cluster must be deployed from an image built from the update image builder repo.
#62 (comment)
Storage
This bundle utilizes the Nutanix CSI Helm chart for persistent storage. Before the bundle can be deployed the following needs to be configured:
- Prism Element user and password for the CSI provider to connect to Prism Element. Username, password, and Prism Element IP/Hostname will need passed to uds-config.yaml.
- Nutanix Storage Container for RWO persistent volumes. Can either be a new container configured specifically for cluster storage, or an existing container depending on your needs/desires. Storage container name will need passed to uds-config.yaml.
- Nutanix File Server configured to use for RWX persistent volumes. Make sure to configure the DNS records that it asks you to make. File Server name as it appears in Prism Element will need passed to uds-config.yaml.
NOTE: User/password and Nutanix File server must be configured in Prism Element not Prism Central.
Updated packages
| Package | Old | New |
|---|---|---|
| rook-ceph init | v0.33.0-0.2.7 | REMOVED |
| nutanix CSI init | N/A | v2.6.8 |
| uds-core | 0.21.0 | 0.21.1 |
| gitlab | v16.10.2 | v16.11.1 |
| gitlab-runner | v16.8.0 | v16.11.0 |
| jira | 9.12.4 | 9.15.1 |
Updates to uds-config.yaml
Add and/or update these in your uds-config.yaml for the new init HPA and Nutanix CSI configurations
variables:
init:
REGISTRY_AFFINITY_CUSTOM: |
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- docker-registry
topologyKey: kubernetes.io/hostname REGISTRY_HPA_AUTO_SIZE: true
REGISTRY_HPA_ENABLE: true
REGISTRY_PVC_ACCESS_MODE: ReadWriteMany
REGISTRY_PVC_ENABLED: true
REGISTRY_STORAGE_CLASS: "nutanix-dynamicfile"
PRISM_ENDPOINT: "PRISM element IP address"
PRISM_USERNAME: "csi-user-prism-element-user"
PRISM_PASSWORD: "csi-user-passoword"
STORAGE_CONTAINER: "nutanix-storage-container"
DYNAMIC_FILE_STORE_NAME: "nutanix-file-server-name"REMOVE these if you have them in your uds-config.yaml to allow Jira and Confluence to use the default storage class
variables:
jira:
JIRA_RWO_STORAGE_CLASS: "ceph-block"
confluence:
CONFLUENCE_RWO_STORAGE_CLASS: "ceph-block"Features
- Custom init package for Nutanix CSI driver (#42) (7fdd48f)
- nutanix csi ha zarf init (#100) (4c1197b)
- Replace ceph with nutanix-csi for persistent storage (7fdd48f)
Bug Fixes
Miscellaneous
DETAILS
uds-core
0.21.1 (2024-05-02)
Bug Fixes
Miscellaneous
gitlab
16.11.1-uds.0 (2024-05-02)
⚠ BREAKING CHANGES
- sso failing deployment when it is disabled (#115)
- allow templating of network policies in the UDS Package (#110)
Features
- allow templating of network policies in the UDS Package (#110) (5af09cb)
Bug Fixes
Miscellaneous
gitlab-runner
16.11.0-uds.0 (2024-05-07)
Miscellaneous
v0.2.8
v0.2.7
0.2.7 (2024-05-01)
Updated packages
| Package | Old | New |
|---|---|---|
| uds-core | 0.20.0 | 0.21.0 |
| istio | 1.20.3 | 1.21.2 |
| mattermost | 9.7.1 | 9.7.2 |
Features
Bug Fixes
This PR^ was generated with Release Please. See documentation.
DETAILS
uds-core
0.21.0 (2024-04-30)
Features
Bug Fixes
mattermost
9.7.2-uds.0 (2024-04-30)
Miscellaneous
v0.2.6
0.2.6 (2024-04-24)
Release Notes
- Added custom keycloak plugin support. Below note is in the README.md of this repo.
Custom Keycloak Plugin
The Keycloak installation provided as part of UDS Core loads themes and plugins from an init-container.
You can optionally provide custom JARs at deploytime simply by adding them to the directory where you
run uds deploy. This will result in a custom Zarf package being built locally (to include your custom JAR).
ANY CUSTOM JAR YOU ADD AT DEPLOY TIME WILL NOT BE INCLUDED IN THE BUNDLE SBOM
- Package version updates to uds-core and mattermost
- Updated packages and dependencies doc
Features
Miscellaneous
v0.2.5
0.2.5 (2024-04-18)
Release Notes
- Download and use uds v0.10.4 with this release
- Contains Gitlab security updates
- Contains Gitlab Web IDE is fixed
- View updated dependency doc for all package version updates in this release
- Mattermost should be in a better state. Some plugins may still need more work
- You can now add a CA cert chain to trust and mattermost will consume that config and mount it to its ssl certs
- You can update your
uds-config.yamlto contain the new variables shown below.VOLUME_MOUNTSandVOLUMESmust be those values as the bundle will create the secret containing what you provide in theADDITIONAL_CA_CHAIN. You can leave these variables out if you don't need them.
shared:
# ADDITIONAL_CA_CHAIN value must be base64 encoded
ADDITIONAL_CA_CHAIN: replace-me-with-additional-ca-chain
variables:
mattermost:
VOLUME_MOUNTS:
- name: ca-cert
mountPath: /etc/ssl/certs
readOnly: true
VOLUMES:
- name: ca-cert
secret:
secretName: ca-secret
defaultMode: 0644Features
- add ability to add additional cert chain for mattermost (1eb5528)
Bug Fixes
Miscellaneous
v0.2.4
0.2.4 (2024-04-05)
Release Notes
There are some configuration values to add and update in your uds-config.yaml file
variables:
core:
# Creates a default admin account. Change the password on first login!
KEYCLOAK_INSECURE_ADMIN_PASSWORD_GENERATION: true
# New Loki configs for loki simple scalable deployment
LOKI_CHUNKS_BUCKET: "loki-chunks-bucket"
LOKI_RULER_BUCKET: "loki-ruler-bucket"
LOKI_ADMIN_BUCKET: "loki-admin-bucket"
LOKI_S3_ENDPOINT: "http://replace.with.object.store.url"
LOKI_S3_REGION: "us-east-1"
LOKI_S3_ACCESS_KEY_ID: "replace-me-object-store-access-key"
LOKI_S3_SECRET_ACCESS_KEY: "replace-me-object-store-secret-key"
# New Velero configs
VELERO_BUCKET_PROVIDER_URL: "http://replace.with.object.store.url"
VELERO_BUCKET: "velero-bucket"
VELERO_BUCKET_REGION: "us-east-1"
VELERO_BUCKET_KEY: "replace-me-object-store-access-key"
VELERO_BUCKET_KEY_SECRET: "replace-me-object-store-secret-key"
nexus:
# Updated the name of this variable
NEXUS_DB_PASSWORD: "replace-me-db-passwords"There are new object storage buckets needed for loki.
loki-chunks-bucket
loki-ruler-bucket
loki-admin-bucket
Features
- Configure velero (0e1db1f)
Bug Fixes
- confluence variable override names (6196853)
- gitlab redis secret fix (#44) (16e23b7)
- gitlab workhorse resource config (6196853)
- jira variable override names (6196853)
- revert init to 0.32.4 to match uds zarf (3576a24)
Miscellaneous
- add new keycloak admin and loki scalable configs (6196853)
- remove core dns package (16e23b7)
- update confluence to 1.18.0-uds.0 (6196853)
- update gitlab to 16.10.1-uds.1 (6196853)
- update gitlab-runner to 16.10.0-uds.0 (6196853)
- update jira to 1.17.2-uds.0 (6196853)
- update mattermost to 9.6.1-uds.0 (6196853)
- update nexus to 3.66.0-uds.1-registry1 (6196853)
- update sonarqube to 8.0.3-uds.6 (6196853)
- update uds tasks to use ./uds (16e23b7)
- update uds-cli to v0.10.3 (6196853)
- update uds-core to 0.18.0 (#77) (6196853)
- update zarf init/rook to v0.32.6-0.2.5 (6196853)