v0.31.0

0.31.0 (2024-11-12)

⚠ BREAKING CHANGES

• Remove the generated exception block from the remoteCidr generation. This change means that a cidr containing the META_IP could be set.

Bug Fixes

• avoids memory leak in istio sidecar termination (#972) (bfd415e)
• ensure grafana does not install plugins from the internet (#993) (f3def45)
• remove remoteCidr exception block (#987) (264fbf6)
• renovate config updated to track tests (#981) (2494448)
• sets fail-fast to false for matrix workflows (#995) (3008788)
• sort auth chains when building the authservice config (#969) (15487fb)

Miscellaneous

• add prometheus, loki, and vector e2e testing (#939) (f271ce2)
• add the scorecard supply chain security workflow (#917) (5626f2f)
• deps: update authservice to v1.0.3 (#893) (5585a3c)
• deps: update grafana curl-fips image to v8.11.0 (#994) (dfc4c8c)
• deps: update grafana to 11.3.0 (#921) (7cdd742)
• deps: update loki to 3.2.1 (#918) (5fa6a24)
• deps: update loki to v6.19.0 (#990) (8bbac53)
• deps: update pepr to v0.39.0 (#932) (27eb1bd)
• deps: update support dependencies to v3.27.2 (#1001) (8702952)
• deps: update support dependencies to v3.3.0 (#985) (4636a38)
• deps: update support dependencies to v3.3.1 (#1002) (8c20b49)
• deps: update support-deps (#928) (a9cf1f2)
• deps: update support-deps (#983) (dc3084b)
• deps: update support-deps (#989) (7a1c74e)
• deps: update velero (#956) (7746092)
• regroup renovate support dependencies (#979) (6491be9)

snapshot-latest

What's Changed

• fix: sort auth chains when building the authservice config by @catsby in #969
• docs: changed name of policy so policy names were not duplicated by @JoeHCQ1 in #973
• chore: add the scorecard supply chain security workflow by @Racer159 in #917
• docs: fix link; update folder name for docs sidenav autogen by @pauldipietro in #964
• chore: regroup renovate support dependencies by @mjnagel in #979
• fix: renovate config updated to track tests by @mjnagel in #981
• chore(deps): update support-deps by @renovate in #928
• chore: add prometheus, loki, and vector e2e testing by @UnicornChance in #939
• chore(deps): update loki by @renovate in #918
• chore(deps): update support-deps by @renovate in #983
• chore(deps): update support dependencies to v3.3.0 by @renovate in #985
• fix: avoids memory leak in istio sidecar termination by @rjferguson21 in #972
• chore(deps): update velero by @renovate in #956
• fix!: remove remoteCidr exception block by @UnicornChance in #987
• chore(deps): update grafana by @renovate in #921
• fix: ensure grafana does not install plugins from the internet by @mjnagel in #993
• chore(deps): update authservice to v1.0.3 by @renovate in #893
• chore(deps): update grafana to v8.11.0 by @renovate in #994
• fix: sets fail-fast to false for matrix workflows by @noahpb in #995
• chore(deps): update support-deps by @renovate in #989

New Contributors

• @catsby made their first contribution in #969

Full Changelog: v0.30.0...snapshot-latest

v0.30.0

0.30.0 (2024-10-28)

⚠ BREAKING CHANGES

• remove uds-runtime from core (#955)

Features

• add finalizer for UDS Package CRs (#953) (fa42714)
• adds registry1 flavor of uds runtime (#925) (0011852)

Bug Fixes

• batch authservice checksum updates (#735) (100d35b)
• logout redirect uri (#945) (8e2b5d8)
• resolve lingering note formatting (#938) (455a530)
• vector remap language logic typo (#959) (89af729)

Miscellaneous

• add proper version update to aks nightly bundle (#942) (2f51c75)
• block local auth for neuvector (#965) (8f25b41)
• deps: update vector to 0.42.0 (#946) (2f63db2)
• remove uds-runtime from core (#955) (c6f6664)

v0.29.1

0.29.1 (2024-10-18)

Bug Fixes

• adr link in func layers doc (#903) (c42ccf8)
• codespell config (#934) (73eb385)
• decompose istio oscal (#826) (83c6ae5)
• don't add duplicate policy names to uds-core.pepr.dev/mutated annotation (#916) (99d1c83)
• istio proxy exiting early when Pod has restart policy (#914) (f87e3d4)
• release-please for aks (#941) (5c77285)
• test ci license check (#924) (c5b1d54)

Miscellaneous

• add e2e playwright tests for grafana (#844) (1af5a8f)
• add local lula compose task (#892) (075b519)
• add nightly testing for AKS (#908) (105aea6)
• add playwright deps to support-deps renovate (#937) (94655cd)
• deps: revert pepr to 0.37.2 (#940) (3317bbe)
• deps: update grafana helm chart to v8.5.5 (#905) (ca9a485)
• deps: update pepr to v0.38.0 (#870) (de8419c)
• deps: update pepr to v0.38.0 (#915) (6fe4e57)
• deps: update pepr to v0.38.1 (#922) (3c5d341)
• deps: update prometheus-stack (#863) (d3f03b4)
• deps: update prometheus-stack to v65.3.1 (#920) (0b80107)
• deps: update runtime to v0.6.1 (#910) (be63105)
• deps: update support dependencies to v0.192.0 (#906) (8dfd362)
• deps: update support-deps (#898) (380af83)
• deps: update support-deps (#912) (bf23a89)
• docs: custom resource docs generation (#902) (e73597d)
• ensure http2 watch config is used by internal exemption watch (#909) (25bfd59)
• group setup action in support deps (#930) (d0a0123)
• group vscode/settings.json with support-deps (#933) (81e41d8)

v0.29.0

0.29.0 (2024-10-11)

Features

• add base and identity layers (#853) (b3f532a)
• add logging functional layer (#861) (c1a67b9)
• add metrics-server functional layer (#865) (290367a)
• add monitoring layer (#872) (5ecb040)
• add nightly testing for rke2 (#808) (c401419)
• add service accounts options to sso (#852) (1029162)
• backup and restore layer, ui layer, runtime security layer (#862) (b1d8015)
• grafana-ha (#838) (d532d76)

Bug Fixes

• broken readme link (#899) (6e47b11)
• ci: switch to larger runners to resolve ci disk space issues (#882) (1af0401)
• snapshot ci version modification and tasks for publish (#877) (f01e5bd)
• support for anywhere network policies in cilium (#884) (5df0737)

Miscellaneous

• cleanup license parsing for github (#881) (43c98ce)
• deps: update chainctl action to v0.2.3 (#864) (d782b59)
• deps: update checkout action to v4.2.0 (#825) (29d1c98)
• deps: update dependency defenseunicorns/lula to v0.8.0 (#841) (fe36150)
• deps: update githubactions (#866) (44f8ea5)
• deps: update grafana to 11.2.1 (#836) (11383c1)
• deps: update grafana to v11.2.2 (#867) (06ed2c3)
• deps: update loki nginx image to v1.27.2 (#894) (df7d427)
• deps: update loki to v3.2.0 (#791) (d3c60b5)
• deps: update metrics-server chart to v3.12.2 (#873) (e2e61ce)
• deps: update pepr to v0.37.1 (#843) (68abcb2)
• deps: update pepr to v0.37.2 (#850) (b51f659)
• deps: update prometheus operator to 0.77.1 (#819) (0864b33)
• deps: update prometheus-stack (#855) (c791c24)
• deps: update prometheus-stack helm-charts to v64.0.0 (#849) (50a2588)
• deps: update runtime to v0.6.0 (#897) (89ae6e2)
• deps: update support-deps (#890) (26ea612)
• deps: update test-infra (#875) (583f07c)
• deps: update test-infra to v6.9.0 (#848) (ef9d317)
• deps: update uds to v0.17.0 (#859) (1489fef)
• deps: update zarf to v0.41.0 (#857) (a390c3d)
• docs: update doc structure for site refresh (#895) (1946a9a)
• fix broken link in docs (#845) (3078a5b)
• fix license header references (#901) (cf38b82)
• handle upgrade path for functional layers, add doc for usage (#896) (70d6b1b)
• regroup 'support dependencies' in renovate config (#885) (640d859)
• update license (#878) (b086170)

v0.28.0

0.28.0 (2024-09-27)

⚠ BREAKING CHANGES

• Promtail has been removed from UDS Core and replaced by Vector. If you were previously using overrides to setup additional log targets/endpoints for Promtail this configuration will need to be updated to Vector's chart/config formats. See Vector's Sources and Sinks as well as the helm chart values for guidance in configuration.

Features

• add support for keycloak saml attributes (#806) (b312b7d)
• exposes tls version for dev bundles (#809) (e1a2b55)
• switch from promtail to vector (#724) (1bf2958)

Bug Fixes

• eks iac issues, document storage class pre-reqs (#812) (df514bd)
• ensure istio sidecar is killed if job fails (#813) (34ffc0a)
• revert test app version to fix CI failures (#815) (2ec6ad6)

Miscellaneous

• add runtime group to renovate config (#799) (1bf2c69)
• deps: update dependency defenseunicorns/uds-common to v0.13.0 (#790) (8bfcdc0)
• deps: update dependency defenseunicorns/uds-common to v0.13.1 (#810) (eedb551)
• deps: update istio to v1.23.2 (#796) (039d89c)
• deps: update keycloak to v25.0.6 (#771) (9864059)
• deps: update pepr to v0.13.1 (#811) (bc05b04)
• deps: update prometheus operator to v0.77.0 (#783) (8f383d8)
• deps: update runtime to v0.5.0 (#834) (edc068d)
• deps: update setup-node to v4.0.4 (#801) (34dbc44)
• deps: update uds to v0.16.0 (#802) (d07670b)
• deps: update uds-common to v0.13.0 (#792) (c24e833)
• deps: update zarf to v0.40.1 (#793) (db93a7e)
• fix github-actions renovate (#800) (3ab2add)
• pepr policies doc table (#803) (440e4e1)
• pepr policy doc (#814) (8b10b86)
• updated pepr watch limit to 60s (#840) (85f3f41)
• use kfc WatchPhase enum (#787) (df4d2da)

v0.27.3

0.27.3 (2024-09-19)

Miscellaneous

• add uds-runtime as an optional component in core (#788) (a2dfede)

To enable UDS Runtime, add it as an optional component in your bundle:

- name: uds-core
  repository: ghcr.io/defenseunicorns/packages/private/uds/core
  ref: 0.27.3-unicorn
  optionalComponents:
    - uds-runtime

v0.27.2

0.27.2 (2024-09-18)

Bug Fixes

• use boltdb-shipper store by default for loki (#779) (e438e12)

v0.27.1

0.27.1 (2024-09-18)

Known Issues

• Loki upgrade does not have correct date/store set for schema config, #780, and will be fixed in 0.27.2. If on an existing install, we recommend upgrading directly to 0.27.2 or use overrides to manage the schema config values on your own using the default values from upstream as a starting point.

Bug Fixes

• validate packages using full resource name (#775) (678ed44)

Miscellaneous

• allow service ports to be overridden in test bundles (#765) (5f9a920)
• deps: update authservice to v1.0.2 (#738) (3328b08)
• deps: update githubactions (#762) (c7bab2a)
• deps: update grafana curl image to v8.10.1 (#773) (0d56ef2)
• deps: update istio to v1.23.1 (#744) (f222ea3)
• deps: update neuvector chart to 2.7.9 (#750) (a97b509)
• deps: update neuvector updater image to v8.10.1 (#774) (2afddfc)
• deps: update pepr to 0.36.0 (#696) (2a1591e)
• deps: update prometheus-stack (#743) (61f7a60)
• deps: update test-infra random provider to v3.6.3 (#753) (009326d)
• deps: update uds-identity-config version to 0.6.3 (#772) (a2ad936)
• deps: update uds-k3d to v0.9.0 (1.30.4 k3s), k3d to 5.7.4 (#770) (20656e6)
• deps: update velero kubectl image to v1.31.1 (#763) (56b3a21)
• deps: update velero kubectl to v1.31.1 (#757) (c15d77e)
• remove unused neuvector exporter (#768) (bd4f5cf)
• task for custom pepr (#766) (e624d73)

v0.27.0

0.27.0 (2024-09-11)

Known Issues

• Loki upgrade does not have correct date/store set for schema config, #780, and will be fixed in 0.27.2. If on an existing install, we recommend upgrading directly to 0.27.2 or use overrides to manage the schema config values on your own using the default values from upstream as a starting point.

Features

• add support for Keycloak attribute saml.assertion.signature (#723) (0e1a3da)
• investigate and restrict network policies (#719) (b6ebc49)
• protocol mappers (#621) (d71cb44)

Bug Fixes

• correct keycloak chart schema for additionalGateways (#745) (1fd8ef3)
• default ctx.allowPrivilegeEscalation to false if undefined (#698) (7ecd130)
• pre-commit linting (#703) (c3a2f62)
• switch secret data to stringData (#710) (9323d4e)
• update ci workflows for docs shim (#700) (5d89254)

Miscellaneous

• adding uds core prerequisites documentation (#636) (6225766)
• deps: update dependency weaveworks/eksctl to v0.190.0 (#721) (16d208a)
• deps: update githubactions (#642) (0705ba6)
• deps: update grafana curl image to v8.10.0 (#751) (0cdb020)
• deps: update grafana sidecar image to v1.27.6 (#732) (ad4808b)
• deps: update grafana to 11.2.0 (#670) (84e099a)
• deps: update istio to v1.23.0 (#672) (3266a3a)
• deps: update keycloak chart version to v25 (#470) (3e805e7)
• deps: update keycloak to 25.0.5 (#742) (45c540a)
• deps: update loki memcached images to v1.6.31 (#752) (f94daf1)
• deps: update metrics-server to v0.7.2 (#708) (53f1bfd)
• deps: update prometheus-stack (#437) (526aab1)
• deps: update prometheus-stack chart to v62.6.0 (#740) (424570d)
• deps: update promtail helm chart to v6.16.5 (#706) (4689d54)
• deps: update uds cli to v0.14.2 (#697) (f92bf53)
• deps: update uds to v0.15.0 (#733) (57e0e64)
• deps: update velero (#695) (c188393)
• deps: update velero chart to 7.2.1, kubectl image for unicorn flavor (#725) (a98bac4)
• deps: update velero helm chart to v7.2.0 (#720) (6309882)
• deps: update zarf to v0.39.0 (#731) (7268680)
• update configure policy exemptions doc link (#739) (6ad1256)
• update loki to 3.1.1 (#449) (e61da27)
• update renovate config/values to match all neuvector images (#755) (72a97ba)
• update resources for prometheus, document resource overrides (#713) (e80c1a4)
• update to keycloak 25 (#707) (0551aa5)