chore: update uds core to 0.23.0

bundles/uds-core-swf/uds-bundle.yaml

@@ -70,7 +70,7 @@ packages:
 
   - name: core
     repository: ghcr.io/defenseunicorns/packages/uds/core
-    ref: 0.22.1-registry1
+    ref: 0.23.0-registry1
     overrides:
       grafana:
         grafana:
@@ -127,13 +127,13 @@ packages:
             - path: initContainers
               value:
                 - name: velero-plugin-for-aws
-                  image: registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.9.2
+                  image: registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.10.0
                   imagePullPolicy: IfNotPresent
                   volumeMounts:
                     - mountPath: /target
                       name: plugins
                 - name: velero-plugin-for-csi
-                  image: registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.0
+                  image: registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.1
                   imagePullPolicy: IfNotPresent
                   volumeMounts:
                     - mountPath: /target

config/uds-config.yaml

@@ -21,6 +21,7 @@ variables:
     REGISTRY_HPA_ENABLE: true
     REGISTRY_PVC_ACCESS_MODE: ReadWriteMany
     REGISTRY_PVC_ENABLED: true
+    REGISTRY_PVC_SIZE: 128Gi
     REGISTRY_STORAGE_CLASS: "nutanix-dynamicfile"
     PRISM_ENDPOINT: "PRISM element IP address"
     PRISM_USERNAME: "csi-user-prism-element-user"

docs/packages-and-dependencies.md

@@ -40,29 +40,31 @@ The UDS Software Factory Bundle (SWF) is a collection of Zarf packages which inc
 |----|----|----|----|
 | [Nutanix CSI Driver Init](https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_6:CSI-Volume-Driver-v2_6) | v0.35.0 | v2.6.8 | A zarf component installed in the cluster for orchestrating further deployment of Zarf based packages |
 | [MetalLB](https://github.com/defenseunicorns/uds-capability-metallb) | 0.0.5 | v0.13.12 | Tool for providing load balancer capabilities for ingress into a Kubernetes deployment |
-| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.22.1 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
-| [Redis](https://github.com/defenseunicorns/uds-package-dependencies) | 0.0.2 | 7.0.12 | A key-value store used as a data backend for several applications in the stack |
-| [Gitlab](https://github.com/defenseunicorns/uds-package-gitlab) | v17.0.2-uds.0-registry1 | 17.0.2 | A source control management tool used in the software development lifecycle for storing, updating, building and deploying custom software |
+| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.23.0 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
+| [Valkey](https://github.com/defenseunicorns/uds-package-valkey) | v7.2.5-uds.1-upstream | 7.2.5 | A key-value store used as a data backend for several applications in the stack |
+| [Gitlab](https://github.com/defenseunicorns/uds-package-gitlab) | v17.1.1-uds.1-registry1 | 17.1.1 | A source control management tool used in the software development lifecycle for storing, updating, building and deploying custom software |
 | [Gitlab Runner](https://github.com/defenseunicorns/uds-package-gitlab-runner) | 17.0.0-uds.0-registry1 | v17.0.0 | A counterpart to Gitlab (above) in which automated software builds, tests and deployments are executed |
 | [Sonarqube](https://github.com/defenseunicorns/uds-package-sonarqube) | 8.0.3-uds.6-registry1 | 9.9.3-community | A code inspection tool used during automated pipelines to evaluate security considerations of custom software and packaged images |
 | [Jira](https://github.com/defenseunicorns/uds-package-jira) | 1.19.0-uds.0-registry1 | 9.15.1 | A collaboration tool used for team management and task organization |
 | [Confluence](https://github.com/defenseunicorns/uds-package-confluence) | 1.18.0-uds.0-registry1 | 8.8.0 | A knowledge management tool used by teams to organize information |
 | [Mattermost](https://github.com/defenseunicorns/uds-package-mattermost) | 9.7.2-uds.0-registry1 | 9.7.2 | An instance of Mattermost, a self-hosted chat and collaboration platform |
 | [Nexus](https://github.com/defenseunicorns/uds-package-nexus) | 3.68.0-uds.3-registry1 | 3.68.1-02 | An artifact repository used for storing compiled application libraries, packages, images and other such artifacts |
+| [cert-manager](https://cert-manager.io/) | 0.0.1 | 1.14.5 | Tool for automating management of in-cluster certificates |
+| [trust-manager](https://cert-manager.io/docs/trust/trust-manager/) | 0.0.1 | v0.11.0 | Tool for automating creation and distribution of CA trust bundles |
 
 ## UDS Core
  UDS Core is a collection of tools that provide administrative capabilities such as deployment automation, centralized logging, monitoring, alerting and runtime security to a kubernetes cluster. The following applications and tools are installed:
 
 | Package | Version | Description |
 |----|----|----|
-| [Istio](https://istio.io/latest/) | 1.22.1 | A package detailing the configuration of the deployed service mesh -- used by the operator to apply the desired state in the cluster |
+| [Istio](https://istio.io/latest/) | 1.22.2 | A package detailing the configuration of the deployed service mesh -- used by the operator to apply the desired state in the cluster |
 | [Loki](https://grafana.com/oss/loki/) | 2.9.6 | A Grafana product for aggregating and querying log data |
-| [Promtail](https://grafana.com/docs/loki/latest/send-data/promtail/) | 2.9.6 | A logging daemon installed on each cluster node to capture logs from the host and all cluster workload processes. Logs are shipped to Loki |
+| [Promtail](https://grafana.com/docs/loki/latest/send-data/promtail/) | 3.1.0 | A logging daemon installed on each cluster node to capture logs from the host and all cluster workload processes. Logs are shipped to Loki |
 | [Prometheus](https://prometheus.io/) | 2.52.0 | A product for storing and querying time series based data such as system performance metrics (CPU/MEM usage) |
-| [Grafana](https://github.com/grafana/grafana) | 10.4.2 | A Grafana product to provide a frontend interface to display and query performance information from Prometheus, log data from Loki, and request tracing information from Tempo |
-| [Neuvector](https://www.suse.com/neuvector/) | 5.3.2 | A kubernetes security suite that provides CVE scanning for hosts and images, as well as runtime security monitoring and protection |
+| [Grafana](https://github.com/grafana/grafana) | 11.1.0 | A Grafana product to provide a frontend interface to display and query performance information from Prometheus, log data from Loki, and request tracing information from Tempo |
+| [Neuvector](https://www.suse.com/neuvector/) | 5.3.3 | A kubernetes security suite that provides CVE scanning for hosts and images, as well as runtime security monitoring and protection |
 | [Velero](https://repo1.dso.mil/big-bang/product/packages/velero) | 1.13.2 | A tool for orchistrating backups of cluster state and storage |
 | [Authservice](https://github.com/istio-ecosystem/authservice) | 0.5.3 | A tool for simplifying and automating auth workflows via Istio integration |
 | [Metrics Server](https://github.com/kubernetes-sigs/metrics-server) | 0.7.1 | A container metrics aggregation and exporter for kubernetes |
-| [Pepr](https://pepr.dev/) | 0.31.1 | Declarative automation for managing deployments and security policy enorcement |
+| [Pepr](https://pepr.dev/) | 0.32.6 | Declarative automation for managing deployments and security policy enorcement |
 | [Keycloak](https://github.com/defenseunicorns/uds-core) | 24.0.5 | An identity and access management (IDAM) tool used to authenticate users for access to applications |

packages/init/zarf.yaml

@@ -71,8 +71,8 @@ components:
       - registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2
       - registry.k8s.io/sig-storage/csi-resizer:v1.9.2
       - registry.k8s.io/sig-storage/livenessprobe:v2.11.0
-      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.0
-      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.9.2
+      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.1
+      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.10.0
 
   - name: namespaces
     required: true
@@ -133,8 +133,8 @@ components:
       - registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2
       - registry.k8s.io/sig-storage/csi-resizer:v1.9.2
       - registry.k8s.io/sig-storage/livenessprobe:v2.11.0
-      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.0
-      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.9.2
+      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi:v0.7.1
+      - registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws:v1.10.0
       - "###ZARF_PKG_TMPL_REGISTRY_IMAGE_DOMAIN######ZARF_PKG_TMPL_REGISTRY_IMAGE###:###ZARF_PKG_TMPL_REGISTRY_IMAGE_TAG###"
 
   # Creates the pod+git mutating webhook

packages/keycloak-config-wrapper/init-job.yaml

@@ -14,7 +14,7 @@ spec:
       containers:
         - name: uds-config-sync
           # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver 
-          image: ghcr.io/defenseunicorns/uds/identity-config:0.4.3
+          image: ghcr.io/defenseunicorns/uds/identity-config:0.5.0
           command: 
             [
               "sh",

packages/keycloak-config-wrapper/zarf.yaml

@@ -18,7 +18,7 @@ components:
         target: tmp_deploy/zarf.yaml
     images:
       # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver 
-      - "ghcr.io/defenseunicorns/uds/identity-config:0.4.3"
+      - "ghcr.io/defenseunicorns/uds/identity-config:0.5.0"
     actions:
       onDeploy:
         before: