Changelog

3.4.0 (2025-03-05)

Features

⬆️ Upgrade Keycloak to version 26.1.2 (8bfef6d)
✨ Add Console server restart tasks and messages (7ee5b95)
✨ Add keycloak admin reset playbook (da2a596)
✨ Add keycloak user unlock playbook (129b34e)
✨ introduce gitlab backup (6f95582)
✨ Upgrade Keycloak to 26.1.3 version (773adbd)

Bug Fixes

🚨 Comments indentation (58a0263)
🔧 forgot validate_certs (74ebc12)

3.3.1 (2025-02-20)

Bug Fixes

🐛 Keycloak set kc_access_token (36b0460)

3.3.0 (2025-02-20)

Features

⬆️ upgrade console chart to v2 (d6384c2)
✨ add wal parallelism when restoring cnpg db (5c17325)
⚡ improve gitaly availability (f320927)

Bug Fixes

🐛 ignore proxy in kaniko args if not in dsc (63b929f)
🐛 Reset Keycloak admin fact and API token (3137c69)
🐛 Set Keycloak permanent admin user (bddceeb)
🔧 platform security context (5fc5921)

Performance Improvements

🎨 Add when condition (6209903)

3.2.2 (2025-02-07)

Bug Fixes

🐛 add proxycache into gitlab-ci kaniko args (a270f68)
🐛 Install Kyverno task (9deeb17)
🐛 update argo-cd default admin group (716828b)
🐛 when two or more argocd installed argocd need labelKey (c7bd96a)

3.2.1 (2025-02-04)

Bug Fixes

🐛 Fix Harbor ingress values (d4dc82d)

Performance Improvements

⚡ improve argo-cd resource exclusions (59010df)

3.2.0 (2025-01-27)

Features

✨ Upgrading GitLab to v17.8.1 (cef49de)

Bug Fixes

🐛 add missing keycloak default client scope (ae50ee2)

3.1.0 (2025-01-13)

Features

⬆️ upgrade keycloak dsfr theme to v2.1.4 (ace8896)
⬆️ upgrade sonarqube to v10.8.1 (a4acb05)

Bug Fixes

🐛 correctly handle branch protection on catalog (044ec00)
🐛 correctly handle console installation (a7c0983)

3.0.0 (2025-01-09)

⚠ BREAKING CHANGES

💥 Upgrade Nexus version to 3.76.0

Features

💥 Upgrade Nexus version to 3.76.0 (db44dfd)

Bug Fixes

🐛 Add first install check to prevent failures on upgrades (e1cc7b3)

2.14.0 (2024-12-10)

Features

⬆️ upgrade argo-cd to v2.13.1 (975db7d)
⬆️ upgrade harbor to v2.12.0 (35d9487)
⬆️ upgrade sonarqube to v10.7.0 (466f60c)

2.13.0 (2024-12-10)

Features

⬆️ upgrade keycloak to v26.0.5 (2c1401e)
⬆️ Upgrade Vault version from 1.14.0 to 1.18.1 (a2bb7c0)
✨ add sonar cnes report allowing exports (8021d91)
✨ handle CNPG cluster images override (a28088e)

Bug Fixes

🎨 Add missing Argo CD ingressClassName (bc39fe0)
🐛 correctly handle imageName variable (db04671)
🐛 Fix some alert rules (missing namespace label) (6a91a7f)
✏️ ansible-lint (5278669)
✏️ grammar, description's 76 char width and full stop, fix urls, remove ref to bitnami for argocd & sonarqube (f57aceb)
✏️ https links (80412d6)
✏️ typos, grammar, double/end-of-line spaces (fa8fecb)
🚨 eslint (16492de)

Reverts

⏪ CHANGELOG.md (7483100)

2.12.4 (2024-10-28)

Bug Fixes

♻️ improve customization for ingress annotations (d15fc30)

2.12.3 (2024-10-22)

Bug Fixes

🐛 add default values for nexus and gitlab-ci-pipelines-exporter (58895d5)

2.12.2 (2024-10-21)

Bug Fixes

🐛 configure nexus docker proxy only if enabled in dsc (f7546cf)
🐛 handle proxies for gitlab-ci-pipeline-exporter (63e66b1)

2.12.1 (2024-10-18)

Bug Fixes

🐛 always b64 encode exposed_ca_pem because it is decoded (2237f93)

2.12.0 (2024-10-18)

Features

✨ Add gitops observability (bbe43f6)
✨ Improve PVC alerting (2ada7d7)

Bug Fixes

🐛 argocd controller needs proxy envVar (c6c2a65)
🐛 handle minio cli extra args from dsc (d89f278)

2.11.2 (2024-10-16)

Bug Fixes

🐛 fix compression on cnpg clusters (5998632)

2.11.1 (2024-10-16)

Bug Fixes

🔒 Upgrade GitLab due to CVE-2024-9164 (25dfeff)

2.11.0 (2024-10-14)

Features

⚡ Add postgresWalMaxSlotKeepSize parameter (780834a)

Bug Fixes

🐛 disable cnpg backup on restore mode (96d13c0)
🐛 fix argocd install with proxy (ba8d833)

2.10.1 (2024-10-04)

Bug Fixes

🐛 backup system using ansible and dsc (d8dd0a6)

2.10.0 (2024-10-02)

Features

✨ handle cnpg compression and dedicated wal pvc (25436b5)

Bug Fixes

🐛 correctly handle certs on vault oidc config (f476694)
🐛 Fix certmanager install failure when values are empty (b2ee1be)
🐛 postgresWalPvcSize definition check (168ff03)
🔧 add default dictionary values for certmanager (5f5d5a0)
🔧 add kube-apiserver clusterIP in no_proxy (2f072ec)

2.9.0 (2024-09-24)

Features

⬆️ Upgrade GitLab Operator and GitLab instance (c538677)

Bug Fixes

🔧 add .conf-dso-vault-internal in no_proxy (61e1423)

2.8.0 (2024-09-13)

Features

✨ Add alert rules + fix some alert names (cf43e63)
✨ Add alerting rule (e4b819f)
✨ Add alerts for critical events and PVCs (e0653fb)
✨ Add alerts for sealed Vault + refactor (11c005e)
✨ Add and adapt alerting rules (083c9eb)
✨ Add Cert-manager alerting rule (ee335a2)
✨ Add CNPG Operator alerting rule (aafc4fd)
✨ Add controller alerting rules + fix redis metrics (0bdf461)
✨ Add database containes alerting rule (bb99b3e)
✨ add dsc.global.profile: cis (e1f6622)
✨ Add DSO Console alerting (8992444)
✨ Add GitLab Operator alerting rules (37521a8)
✨ Add Harbor alerting rules (8bc687b)
✨ Add Kyverno alerting rules + new crd parameter (5634d9f)
✨ add pluginDownloadUrl for Keycloak (79c92f9)
✨ Add summary to alert rule (2c7e366)
✨ Adding Nexus alerting rules (740dac8)
✨ Adding SonarQube alerting rules (c1a4558)
✨ Change value format on PVC alerting message (8f7a2e1)
✨ enable argocd applicationset ingress (ba50e45)
✨ Finalizing auto upgrade feature (593454e)
✨ GitLab webservice alerting rules (ba294b2)
✨ handle cnpg replication and add exposure option (ddae834)
✨ handle cnpg restore mode (aa60d15)
✨ handle global image pull secret (6d71f5e)
✨ handle vault backups (31cc428)
✨ Introducing Manage Sonarqube upgrade when needed (fa79512)
✨ Keycloak DB PVC alerting + alerts renaming (8b05f90)
✨ Set alerting default config + enable Keycloak prometheusRule (5174005)
✨ Vault alerting rules. (968324c)
🔧 Add overwrite limit for gitlab runner (d210f0a)
🔧 enable approle authentication on vault (69ae8bb)
⚡ use cnpg cluster for gitlab (e5fdd12)
✨ add helm repo url (#279) (bd15c97)
upgrade sonarqube to v10.6.1 (1f31f98)

Bug Fixes

🚑 Fix use_image_pull_secret fact definition (7137beb)
🎨 Change alert severity level (96509fe)
🎨 Fix alerting message (b33b501)
🎨 Fix Argo CD dashboard to prevent deprecation (5210ad9)
🎨 Fix Gitaly dashboard to prevent deprecation (1d64fbb)
🎨 Fix GitLab CI Pipelines dashboard to prevent deprecation (e94d142)
🎨 Fix Keycloak dashboard to prevent deprecation (f5d12c9)
🎨 Fix Nexus dashboard to prevent deprecation (d6b1620)
🎨 Fix Vault dashboard to prevent deprecation (bf19a80)
🎨 Remove Vault dashboard unnecessary panel (8eff4cf)
🎨 Set alert time (234888a)
🎨 Update condition for alert deployment (369244f)
🐛 Adapt Argo crb task for haproxy SA (742ea3a)
🐛 Adapt PVCs alerting rules (9850f6a)
🐛 Add missing requirement (jmespath) (e7d03cd)
🐛 Adjust time before alerts triggering (e2d5a6c)
🐛 dispatch ingress requests to vault active node (b3e43e6)
🐛 Fix "Vault Pod not healthy" alert rule. (715030d)
🐛 Fix Argo CD dashboard (6fe788d)
🐛 Fix Argo CD dashboard refs (4219f01)
🐛 Fix Argo CD Helm repo URL (ed50f06)
🐛 Fix Argo CD naming + uninstall (12d821b)
🐛 Fix default CNPG config (27df125)
🐛 Fix get-versions admin playbook (afd3dd0)
🐛 Fix get-versions for cert-manager, CNPG Operator and Grafana Operator (f580b2e)
🐛 Fix grafana template blocs order (26caac2)
🐛 Fix Harbor prometheusrule (name + time) (4d97dfd)
🐛 Fix missing cnpg default configs (c05c1a0)
🐛 Fix some alerts duration (42c07b5)
🐛 Fix some Keycloak alerting rules (bfe0c61)
🐛 Fix typo + missing type in CRD (2201d51)
🐛 Fix Vault backup utils deployment tasks (3969433)
🐛 Get back global.alerting spec in CRD (2f6c48e)
🐛 Namespace name in alert message (9306395)
🐛 Remove legacy GitLab postgresql ServiceMonitor (961a221)
📝 Fix Argo CD chart refs (e807345)
📝 Fix Argo CD chart refs + README (f09cd81)
🚨 Obvious lint is obvious (842894b)
🔧 argocd ca yaml indent (80fd035)
🔧 enable the use of proxy for grafana pod (98f7cc0)
🔧 enforce gitlab root user email (2c0515d)
🔧 PascaleCase to camelCase (45ae3fa)
🔧 remove post renderer (26da2ce)
🔧 sonarqube db owner (a494398)

Performance Improvements

⚡ Adjusting alert rule (6745254)
⚡ One Pod alert to rule them all. (743d549)

2.7.0 (2024-07-09)

Features

✨ add dsc.global.offline (87e6bd6)
✨ add dsc.global.platform: rke2 (48403de)
✨ add proxy cache for Harbor (77d3207)
✨ Introducing get-versions playbook (6c0893e)

Bug Fixes

🚑 add vault jwt auth config (39d226c)
🎨 Indentation (0b02c4d)
🐛 Add always tag to cert-manager role (71e1b3f)
🐛 Fix placeholder file check (c71d1e0)
🐛 Fix ServiceMonitor and standalone config (2b19515)
🐛 Fix variable name (0b351f2)
🐛 Fix Vault post-install (ab06d38)
🐛 gitlab ci catalog sync (3421aa9)
🐛 Set default repo URL + sync.yaml filename (6c3abde)
🐛 Vault admin group (5ff2b52)
✏️ Fix typos (b15e9d2)
🔧 block logic for first console deployment (068376d)
🔧 populate VAULT_TOKEN in dso-config (e9dad90)
🔧 remove force true (9a2eda6)
🐛 Fix first install for dso-console (8ffe6a5)

2.6.0 (2024-06-14)

Features

✨ add dsc.global.platform (Vanilla) (682512f)
✨ Add gitlab-ci-pipelines-exporter (9c47614)
✨ Add keycloak binding, dashboards + refactor (f447b31)
✨ Add Keycloak CNPG PodMonitor (f582691)
✨ Add PodMonitor for remaining CNPG clusters (d8ba40f)
✨ Declare CNPG Dashboard (76350c2)
✨ enable keycloak dsfr theme (445b819)
✨ Reset Keycloak admin when keycloak secret disapeared (42bd6cc)
✨ Set OTP encryption algorithm (da9c416)
✨ use cnpg clusters for all services (400f429)
✨ use console chart instead of embed helm in console repo (64620a2)
🧑‍💻 enable oidc connection for admins (df339a9)
⚡ Improve Grafana stack install and uninstall (406c202)
⚡ We might need allowCrossNamespaceImport (ece35a0)

⚠️ This new version includes several migrations described in the following sections ⚠️

Databases

Harbor and Console databases have been migrated to CNPG clusters, to perform the migration, follow the steps bellow :

Scale down deployments
Backup database
Deploy CNPG cluster
Restore database
Scale up deployments

To change Harbor database permission from the old user registry to the new one harbor, connect to the primary instance of the fresh CNPG cluster and run the following command :

for tbl in `psql -U postgres -qAt -c "select tablename from pg_tables where schemaname = 'public';" registry`; do
  psql -U postgres -c "alter table \"$tbl\" owner to harbor" registry
done

for tbl in `psql -U postgres -qAt -c "select sequence_name from information_schema.sequences where sequence_schema = 'public';" registry`; do  
  psql -U postgres -c "alter sequence \"$tbl\" owner to harbor" registry
done

for tbl in `psql  -U postgres -qAt -c "select table_name from information_schema.views where table_schema = 'public';" registry`; do  
  psql -U postgres -c "alter view \"$tbl\" owner to harbor" registry
done

For more informations, see. https://stackoverflow.com/questions/1348126/postgresql-modify-owner-on-all-tables-simultaneously-in-postgresql

Vault

The vault server is now running in HA, which involves migrating to the raft storage backend by following the steps below :

Retrieve the credentials for our standalone Vault instance, e.g. :
```
ansible-playbook admin-tools/get-credentials.yaml -t vault
```
Connect to Vault and create a test secret if necessary, or check the secrets already present.
Launch Vault HA installation via Vault's Ansible role :
```
ansible-playbook install.yaml -t vault
```
The installation will create two new pods which will act as standby instances, but it will fail to add them to the raft cluster. This is normal, as the active instance does not yet have raft storage.
Open a shell in the vault container on the active Vault pod (vault-0), example in the context of a Vault configured via the conf-dso dsc :
```
kubectl -n dso-vault exec -it -c vault conf-dso-vault-0 -- sh
```
The vi command is available in the pod. Use it to create a migration configuration file in the /home/vault directory, which is writable :
```
vi /home/vault/migrate.hcl
```
With the following contents:
```
storage_source "file" {
  path = "/vault/data
}

storage_destination "raft" {
  path = "/vault/data"
}

cluster_addr = "http://127.0.0.1:8201"
```
Then run the following migration command:
```
vault operator migrate -config /home/vault/migrate.hcl
```
This will perform the migration and create a /vault/data/raft directory.

Its last line should return the following output :
```
Success! All of the keys have been migrated.
```
Delete the vault-0 pod so that it seals itself and wait for it to restart (state 0/1 Running).
Restart the HA installation, which should now run to completion, and unseal the 3 Vault instances :
```
ansible-playbook install.yaml -t vault
```
The three vault pods are then set to READY (1/1) and we are now in HA mode.

Check that the migration is done and healthy :

Connect to Vault and make sure our secrets are present.
Open a shell on each pod and run the vault status command. It should tell us :
- Storage Type" is raft.
- HA enabled" is set to true.
- The "HA Mode" of our node (active or standby).
- The same value between each pod in the last two lines (Index). The value may vary slightly over time between pods, but must not drift too much, otherwise it indicates a synchronization problem.

Troubleshoot :

If the Vault cluster finds itself in a state where none of the nodes is a leader, it is possible to re-establish a leader via the following procedure:

Remove pods from the Vault cluster

Run the following command block:

# Namespace Vault
VAULT_NS="dso-vault"

# Vault internal service
VAULT_INTERNAL_SVC="conf-dso-vault-internal:8201"

# Vault cluster pod names
NODES=(
	conf-dso-vault-0
	conf-dso-vault-1
	conf-dso-vault-2
)

PEERS="[]"
for ((i=1; i <= ${#NODES[@]}; ++i)); do
	PEERS=$(echo "$PEERS" | jq --arg i "$(kubectl -n $VAULT_NS exec ${NODES[i]} -c vault -- cat /vault/data/node-id)" --arg s "$VAULT_INTERNAL_SVC" '. + [{ "id": $i, "address": $s, "non_voter": false }]')
done

for NODE in ${NODES[*]}; do
	kubectl -n $VAULT_NAMESPACE exec $NODE -c vault -- sh -c "cat > /vault/data/raft/peers.json << $PEERS"
done

Restart the HA installation, which should now run to completion, and unseal the Vault instances:
```
ansible-playbook install.yaml -t vault
```

Bug Fixes

🚑 Add trailing slash to URLs (6f6beaf)
🚑 Fix dso-config secret (c6ce806)
🚑 Fix GitLab CI Pipelines Exporter role (token retrieval) (7949c3e)
🚑 Removing YAML anchors generating Ansible errors (5b6d23c)
🎨 Fix Argo CD Dashboard (fcba600)
🎨 Fix Keycloak and SonarQube dashboards (588f986)
🎨 Fix Nexus dashboard (6126c2b)
🎨 Fix Vault dashboard (ea42530)
🎨 Manage datasource UID (47c8451)
🎨 use native console cnpg cluster (2f74868)
🐛 Adapt join command for Vault node 3 (41aa2c1)
🐛 Add conditions to prevent some tasks from failing (ca79f57)
🐛 Add missing postgres delete command (78bce70)
🐛 add wait endpoints tasks (8f371ab)
🐛 cnpg backups management (5bece28)
🐛 console deployment related tasks and templates (742f2ab)
🐛 Fix Argo CD job name (4a4f6bf)
🐛 Fix CNPG Dashboard namespace selector (3261b76)
🐛 Fix conf kind + decoding values (8504b71)
🐛 Fix GitLab Runner and Gitaly dashboards (960e98f)
🐛 Fix HA enablement + OIDC + get credentials (76a8aa1)
🐛 Fix Harbor dashboard (95e317f)
🐛 Fix missing admin-creds secret update (5724454)
🐛 Fix Nexus admin password setting tasks (b5707f3)
🐛 Fix some tasks (9d5bcf8)
🐛 Fix Vault metric call (76ded42)
🐛 get-credentials playbook (7d91efd)
🐛 gitlab catalog shell script (e598083)
🐛 handle cnpg backups deactivation (5563dd9)
🐛 missing pg secret on first console deployment (dd101d8)
🐛 Refactor check tasks and fix root_token (8bcc42a)
🐛 Remove unneeded time range (a0a2a17)
🐛 Upgrade Argo CD to fix servicemonitor deployment (2d2f417)
🐛 vault oidc group mapping need full group path (292d6eb)
📝 Corrections de typos et reformulations (477b6ad)
⚡ Update retries count (85602eb)

Performance Improvements

⚡ enable vault ha (d90ee55)

Reverts

🔥 Reverting commit 2d2f417 (7ffefc7)

2.5.0 (2024-05-03)

Features

✨ add dsc.general.registry (bd0046c)

2.4.0 (2024-04-23)

Features

✨ Introducing Nexus dedicated blob store (06c5659)
⚡ (2a4913f)

Bug Fixes

🐛 Fix missing serviceAccountName for exporter (7c53427)
🐛 Upgrade Argo CD to fix servicemonitor deployment (75476ee)

2.3.0 (2024-04-12)

Features

✨ add velero pre hook db backups (04773cf)
✨ enable daily trivy scan on harbor (cd77551)
✨ introduce prometheus crd management (fc225de)

Bug Fixes

🐛 fix the ability to customize argo values + security context for AppSet (4a4e175)
🐛 in development mode allow 127.0.0.1 (9476919)
add missing ServiceMonitor CRD (828ae4a)
regexp without tmp file (861046e)
remove prometheus CRD task (f589940)

2.2.0 (2024-03-25)

Features

✨ Enable directAccessGrants for argo-client (be0843f)
✨ Enable postgres super user (as we might need it) (08a64ad)
✨ Enabling brute force detection (c3d8f50)
✨ Set failureFactor for brute force protection (dbe7b20)

Bug Fixes

🐛 Change rbac policies (wrong syntax + disallow clusters for nada role) (0ce8193)
🐛 Fix Argo CD rbac policy (d9f03f1)
🐛 Fix clusters rbac policy (ce5ca77)

2.1.1 (2024-03-20)

Performance Improvements

💚 disable KAS as we don't need Gitlab to deploy on kubernetes (213be12)

2.1.0 (2024-03-13)

Features

✨ Enable postgres user access (71a2f70)

Bug Fixes

🐛 Fix get version task (validate_certs) (be646c8)

2.0.0 (2024-03-01)

⚠ BREAKING CHANGES

✨ Kyverno as a Kubed replacement

Features

🎨 Add Kyverno namespace to dsc + improve uninstall (410e344)
🎨 Add uninstall for Grafana ingress (eb33f15)
🎨 Improve Kyverno uninstall (b05d2b9)
✨ Add keycloak binding, dashboards + refactor (391eeb8)
✨ Add some dashboards (c29eeef)
✨ Adding Harbor dashboard (8e94d80)
✨ Adding new dashboards (c78b738)
✨ Change dashboards creation process (6719e82)
✨ Kyverno as a Kubed replacement (124e24e)

Bug Fixes

🎨 Fix some parameters for updated Argo CD (ac40895)
🎨 Remove useless force (2d7fd26)
🐛 Dashboards settings (cd4aa01)
🐛 Fix (typo) (9de47fa)
🐛 Fix get-credentials (grafana part) (2ff5a4b)
🐛 Fix get-credentials for grafana part (e154dae)
🐛 Refactor and fix GitLab metrics (e09a138)
🐛 Refactor and fix GitLab metrics (fbab543)

1.3.0 (2024-01-31)

Features

🔖 Update Console version (7a07b69)
🔒 force images pull on gitlab runner to prevent cache abuse (bbe1480)
🔒 force images pull on gitlab runner to prevent cache abuse (62c701c)
✨ (9487622)
✨ Activate keycloak basic metrics (e7630fd)
✨ Activate metrics when dsc.global.metric.enabled (49e91f8)
✨ Activate monitoring for additionnal resources + refactor (9c9f979)
✨ Activate monitoring + small refactor (255bb56)
✨ Activate Nexus metrics scraping (0e53610)
✨ Activate Vault metrics (63ade45)
✨ Add checks + uninstall feature (9d8c218)
✨ Add directAccessGrantsEnabled to console-frontend client (cc85b8b)
✨ Add global metrics parameter (7e0a919)
✨ Add Grafana credentials retrieval and default datasource (7fd54be)
✨ Add never tag for grafana + some SonarQube credentials (26827dc)
✨ Added the never tag so the role in only played on demand. (738eff0)
✨ Check Grafana instance before installing datasource (a8da5e6)
✨ Conditionnal metrics enablement (46f27c6)
✨ Enable GitLab Runner metrics, Service and ServiceMonitor (2706849)
✨ Install Grafana instance + enable Keycloak metrics (9ac6ff8)
✨ Manage sealed Vault and configmap changes (3d2033b)
✨ Metrics activated if enabled in dsc (987f110)
✨ Metrics authentication enabled + patch ServiceMonitor (8195910)
✨ Uninstall Grafana instance and/or its defaults datasource (835a74b)
⚡ Update console version (bac4144)
⚡ Update GitLab chart version (f5bc072)
⚡ Update GitLab chart version (f640320)
⚡ update keycloak replication to 3 containers (7cca65f)
⚡ update keycloak replication to 3 containers (7e6ba96)

Bug Fixes

🚑 Move harbor values file (fff3276)
🐛 bad tls runner toml (db5cea5)
🐛 bad tls runner toml (aba354c)
🐛 CRD and some values (84fdcfd)
🐛 CRD and some values (c4f9666)
🐛 Fix missing cert parth + condition dsc.exposedCA.type (a25713e)
🐛 Fix missing gitlabRunner as a dsc crd requirement (672c96d)
🐛 Fix releases file (5885825)
🐛 Fix releases file (6d0cd75)
🐛 fix sonarqube deployment (01c2442)
🐛 fix sonarqube deployment (a753094)
🐛 Indentations (b353fab)
🐛 Prevent failure on PodMonitor creation (f1ce65d)
🐛 We should allow downgrading too (067e1e9)
🔥 We do not enable prometheus rules from helm chart (40097c9)

Performance Improvements

⚡ enable argocd replication (a037b80)
⚡ enable argocd replication (a09440c)
⚡ enable harbor replication (558f2c2)
⚡ enable harbor replication (954920c)

1.2.0 (2023-12-13)

Features

✨ We don't install GitLab Operator when it's already here. (a3298e4)
⚡ Update console version (92ee57f)

Bug Fixes

🚑 Fix CNPG Clusters instances number / Remove unnecessary PG image setting (5877d4f)
🐛 (1561d78)
🐛 Fix dual installation (GitLab part) (07ce30c)
🐛 Fix Gitlab Operator uninstall and ns retrieval + GitLab values settings (ada1f9e)
🐛 Fix missing cert parth + condition dsc.exposedCA.type (8a7ddc0)
🐛 We want to use installed GitLab Operator namespace (4049368)

1.1.1 (2023-11-23)

Bug Fixes

🔖 fix console release version number (e0f5540)

1.1.0 (2023-11-22)

Features

✨ Nous évitons d'installer cert-manager si déjà présent. (1b2bea2)
✨ Nous évitons d'installer kubed si déjà présent. (eb3fe80)
🔧 ability to inject additional gitlab vars (0989614)

Bug Fixes

🩹 Ajout du user dso admin dans les bons groupes (14f9ee4)
🚑 Correctif cert-manager sur récupération des CRDS (c77e78b)
🚑 correctif du role nexus (6763075)
🐛 Correctif désinstallation GitLab (d233e61)
🐛 correctif désinstallation Nexus (ae997e3)
🐛 Correctif double quotes pour linter. (5a62480)
🐛 Correctif fact npm_file (bfa0deb)
🐛 Correctif indentations dans templates jinja + task token GitLab (117c33f)
🐛 Correctif playbook de désinstallation. (0554fe7)
🐛 fix cert-manager crds installation (4378ee3)
🐛 fix extraCIVars in dsc (953eb9f)
🔥 suppression variable anon_enabled qui n'est plus utilisée (b5dae7a)
✨ add community branch plugin (3dcd5e1)

Performance Improvements

♻️ refactor helm values computation (874b21c)

1.0.1 (2023-11-04)

Bug Fixes

⬆️ upgrade harbor (cc42d17)

1.0.0 (2023-11-03)

Features

👽 adapt for console V3 deployment (edb22d7)
🎨 Get credentials + README (729d1b7)
🚧 FEAT: Adaptation partie Keycloak + get-credentials (2662d12)
🚧 FEAT: implementing DsoSocleConfig CRD (083e6e3)
🚧 variabilze gitlab installation (96b746e)
🔒 add keycloak password policy (e92669d)
✨ Admin tools (edcdcfd)
✨ ajout de paramètre dsc pour fixer la version PostgreSQL de Keycloak + README (21b6c05)
✨ ajout du playbook install-requirements et adaptation du README (e64d3ed)
✨ arbitrary values can be passed to helm harbor (82ba737)
✨ arbitrary values can be passed to helm vault (3102895)
✨ configure ingress with tls secret (30d199a)
✨ control ingressClassName with dsc (51b2dc6)
✨ évolution de l'installation des opérateurs : remplacés par helm (c143697)
✨ FEAT : freeze version Argo CD + update README (380c89d)
✨ FEAT : freeze version GitLab + update README + correctifs validate_cert (69fe0b4)
✨ FEAT : freeze version Harbor + update README (5588035)
✨ FEAT : freeze version Kubed + update README (ace3f1b)
✨ FEAT : freeze version Nexus + update README (fa84da8)
✨ FEAT : freeze version SonarQube + update README (220752e)
✨ FEAT : freeze version SOPS + update README (63ba6f3)
✨ FEAT : freeze version Vault + update README (88d27d3)
✨ FEAT: Adaptation playbook uninstall + refactorisation tâche de debug (452db9a)
✨ FEAT: Add argocd values to dso-socle CRD + update arocd role (d659ede)
✨ FEAT: Ajout check d'initialisation cert-manager (7385da9)
✨ FEAT: Ajout checks et wait conditions Keycloak + update README (e9748c9)
✨ FEAT: Ajout proxy env vars au deploiement Nexus (bd93396)
✨ FEAT: Ajout proxy env vars au déploiement SOPS + refactor du rôle (a771149)
✨ FEAT: Ajouts de wait conditions pour Vault (e143236)
✨ FEAT: Ajouts proxy env vars aux déploiement SonarQube (484d654)
✨ FEAT: Ajustement wait conditions SonarQube (3af6c82)
✨ FEAT: améliorations Gitlab et Harbor + évolution CRD et cert-manager pour ACME (55061ee)
✨ FEAT: finalisation utilisation resource dsc conf-dso (19caa01)
✨ FEAT: Pull policy des images d'install ArgoCD et Harbor + correctifs README (c4cd503)
✨ FEAT: Réécriture uninstall.yaml + doc du sujet dans README + fix mineur get-credential (674eea8)
✨ FEAT: tâche de désinstallation de cert-manager + update README (1ee479e)
✨ fetch custom CA from configmap (df6b596)
✨ finalisation adaptation de l'installation keycloak via helm (3f95cc9)
✨ Initialisation du role sops (5ed9ac8)
✨ inject ca bundle in ci variable (ac11110)
✨ installation via helm chart officiel (a5515f2)
✨ MAJ du README et adaptations role keycloak (952b453)
✨ separate exposed_ca from additionals_ca (a4ab9d3)
✨ sonarqube use keycloak (a6007e9)
✨ Tools (get-credentials : new tools added) (9485951)
✨ Tools (get-credentials) : adding DSO tools (1daf512)
✨ uninstall playbook, not perfect yet (9020ba5)
✨ user can override gitlab helm values (f578668)
✨ variabilize argo installation (2e14309)
✨ variabilize harbor installation, use cluster issuer (18c45d4)
✨ variabilize keycloak installation (017c59b)
✨ variabilize nexus installation (eda0c47)
✨ variabilize nexus pvc size and management (54121ae)
✨ variabilize runner installation (4bc5e5a)
✨ variabilize sonar installation (a15556b)
✨ variabilize vault installation (8feda5d)
:synchronize a catalog from github repo (59b504a)
🎉 Init project (4b493cc)
🔧 Use configmap to store socle config (87c2d81)
⚡ Augmentation nbre de retries (f7f4a11)
⚡ Display tags list + tags optimisation (54d9112)
parallel deployment (+ adaptation README, uninstall et get-credentials) (0e78b62)

Bug Fixes

fix: (166c076)
fix: (aec0457)
🩹 FIX: Tasks de suppression du vars.yaml obsolètes + correctif README (7658878)
👽 changement de méthode d'enregistrement des runners (7a1488d)
👽 gitlab token needs expiration date (b445353)
👽 set outbound whitelist for gitlab (0f7cffe)
🚑 hardcode chart version, fix helm values (32cb8ba)
🚑 HOTFIX: Oubli du tag always sur task de check custom config (76a8aad)
🚑 on a fait n'imp (34bda7b)
🚑 tls broken on gitlab (e0ecd39)
🎨 can provide harbor pvc size (b445353)
🎨 finish variabilize argo (b445353)
🎨 ingresses share the same cluster issuer (d3d0658)
🎨 réécriture du playbook pour utilisation de Homebrew + adaptation README (6ce409b)
🎨 sort socle-config.yaml (5f4ea43)
🎨 support helm values for console (7b72c48)
🎨 variabilize postgres clusters pvc size (10db02d)
🔖 FIX : version Harbor par défaut dans CRD (6e10c3c)
🐛 adaptation de déclaration du fact gitlab_token (747aa10)
🐛 Ajout console.dso.local au client console-frontend (3b2dc9d)
🐛 ajout de la variable environment dans la CRD et utilisation côté keycloak (6d700ba)
🐛 Ajout tag always dans task cert manager. (9c98dad)
🐛 bad harbor version (721e28c)
🐛 ci insecure args (a882c95)
🐛 correctif absence endif sur dernier if (d82d873)
🐛 correctif certsSecretName (666bf4f)
🐛 correctif désinstallation Keycloak + ajout désinstallation CNPG + README (5bde389)
🐛 correctif indentation syncPolicy (d7e4e2f)
🐛 correctif partie cert-manager (de415ae)
🐛 correctif task de création du token GitLab (8fc0d5a)
🐛 Correctif task récup admin (25722a9)
🐛 Correctif utilisation http si environement de dev (e1df3fc)
🐛 correctifs pour outil get-credentials et installation keycloak + console (ca934dd)
🐛 correction erreur permission denied sur /.gitlabconfig (c3d1c23)
🐛 Correction task "Deploy helm" (73f331d)
🐛 Correction task "patch openshift config trustedCA" (25c5922)
🐛 Corrections indentation et variable dans keycloak-frontend (a8e6661)
🐛 couldn't remove proxy vars gitlab ci (b445353)
🐛 enable admin group on harbor oidc (8a4dc61)
🐛 fix bad ca secret name for runner (d82202c)
🐛 fix CATALOG_PATH, minor settings, chore (c97cb3a)
🐛 fix import ca from secret (b445353)
🐛 Fix ingresses + comment (d2a5f8a)
🐛 fix proxy vars for harbor (b445353)
🐛 fix visibility, add CI var CATALOG_PATH (27c0a67)
🐛 FIX: Activation proxy pour Harbor si besoin (83dda29)
🐛 FIX: Ajout paramètre GitLab nécessaire pour gitlab catalog (d18b525)
🐛 FIX: Correctif déploiement app console (9fd35b5)
🐛 FIX: Correctif tasks sonarqube et vault (66d0022)
🐛 FIX: correctif validate_certs sur Keycloak client scope (201dc46)
🐛 FIX: tâche de vérification + CatalogSource gitlab-runner (964e13e)
🐛 hardcode vault images (20ca5a0)
🐛 keycloak tlsSecret support (b445353)
🐛 lot of things (eab1629)
🐛 maven_config_file should not be configured in CI (b445353)
🐛 minor fix (209e8c4)
🐛 minor fixes (edc35ae)
🐛 missing registry prefix in harbor values (77af3d6)
🐛 Nexus image version (72a9d34)
🐛 pass proxy values to console (8a947e4)
🐛 rewrite client keycloak generation, add missing validate_certs (e4a9fcb)
🐛 set CA_BUNDLE as fle (8beb903)
🐛 so much to say ! (f2efb86)
🐛 stabilize ingress tls type switching (70ddab2)
🐛 Tools (get-credentials) : fix Keycloak DSO user creds task (2ee0ebc)
🐛 update runner configurations (c75bfc7)
🐛 variabilize PROXY usage (cb43f34)
🐛 vault iss configuration (618efc2)
🚧 Import labels and annotations for ingresses (37e21b8)
🚧 need review before squash, all ingress are configured (5b8911f)
🚧 progress on ingress (83c407f)
💚 Fix error while fetching snapshot (827dbfb)
📝 FIX: Ajout buildOptions pour argocd + correctif README (79b0d8e)
💩 test keycloak ingress parameters (5565507)
⏪ test revert ingress sonar (c8e5ab2)
⚡ add base keycloak group (354e131)
⚡ projectsRootDir, gitlab-catalog, fixes (bd1f61b)
⚡ remove fsGroup and runAsUser values from argocd (b445353)
⚡ set sonar pg cluster replicas to 2 (b445353)
FIX: Correctif tasks sonarqube et vault pour éviter d'avoir à relancer l'install (66d0022)

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Changelog

3.4.0 (2025-03-05)

Features

Bug Fixes

3.3.1 (2025-02-20)

Bug Fixes

3.3.0 (2025-02-20)

Features

Bug Fixes

Performance Improvements

3.2.2 (2025-02-07)

Bug Fixes

3.2.1 (2025-02-04)

Bug Fixes

Performance Improvements

3.2.0 (2025-01-27)

Features

Bug Fixes

3.1.0 (2025-01-13)

Features

Bug Fixes

3.0.0 (2025-01-09)

⚠ BREAKING CHANGES

Features

Bug Fixes

2.14.0 (2024-12-10)

Features

2.13.0 (2024-12-10)

Features

Bug Fixes

Reverts

2.12.4 (2024-10-28)

Bug Fixes

2.12.3 (2024-10-22)

Bug Fixes

2.12.2 (2024-10-21)

Bug Fixes

2.12.1 (2024-10-18)

Bug Fixes

2.12.0 (2024-10-18)

Features

Bug Fixes

2.11.2 (2024-10-16)

Bug Fixes

2.11.1 (2024-10-16)

Bug Fixes

2.11.0 (2024-10-14)

Features

Bug Fixes

2.10.1 (2024-10-04)

Bug Fixes

2.10.0 (2024-10-02)

Features

Bug Fixes

2.9.0 (2024-09-24)

Features

Bug Fixes

2.8.0 (2024-09-13)

Features

Bug Fixes

Performance Improvements

2.7.0 (2024-07-09)

Features

Bug Fixes

2.6.0 (2024-06-14)

Features

Databases

Vault

Bug Fixes

Performance Improvements

Reverts

2.5.0 (2024-05-03)

Features

2.4.0 (2024-04-23)