chore: upgrade uds-core to 0.28.0

bundles/eksd/uds-bundle.yaml

@@ -87,7 +87,7 @@ packages:
 
   - name: core
     repository: ghcr.io/defenseunicorns/packages/uds/core
-    ref: 0.27.3-registry1
+    ref: 0.28.0-registry1
     optionalComponents:
       - metrics-server
     overrides:
@@ -353,7 +353,7 @@ packages:
                 - name: tcp-ssh
                   port: 22
                   protocol: TCP
-                  targetPort: 2022
+                  targetPort: 2222
         uds-istio-config:
           variables:
             - name: TENANT_TLS_CERT
@@ -362,24 +362,24 @@ packages:
             - name: TENANT_TLS_KEY
               description: "The TLS key for the tenant gateway (must be base64 encoded)"
               path: tls.key
-      promtail:
-        promtail:
+      vector:
+        vector:
           variables:
-            - name: PROMTAIL_RESOURCE_CONFIG
-              description: "Promtail Resource Config"
+            - name: VECTOR_RESOURCE_CONFIG
+              description: "Vector Resource Config"
               path: resources
               default:
                 requests:
                   cpu: 100m
                   memory: 256Mi
                 limits:
                   cpu: 1
-                  memory: 1Gi
+                  memory: 2Gi
 
   # NOTE -- depends on hardcoded PVC name(s) in core.keycloak
   - name: keycloak-config-wrapper
     path: ../../build
-    ref: 0.0.1
+    ref: 0.0.2
 
   # Additional manifests needed
   - name: additional-manifests
@@ -389,7 +389,7 @@ packages:
   # Gitlab
   - name: gitlab-valkey
     repository: ghcr.io/defenseunicorns/packages/uds/valkey
-    ref: 7.2.5-uds.2-upstream
+    ref: 7.2.6-uds.0-upstream
     overrides:
       valkey:
         uds-valkey-config:
@@ -419,7 +419,7 @@ packages:
 
   - name: gitlab
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab
-    ref: 17.1.2-uds.0-registry1
+    ref: 17.2.7-uds.2-registry1
     overrides:
       gitlab:
         uds-gitlab-config:
@@ -435,6 +435,12 @@ packages:
                   app.kubernetes.io/name: valkey
                 namespace: valkey
                 port: 6379
+            - path: ssh.enabled
+              value: true
+        uds-gitlab-settings:
+          values:
+            - path: settingsJob.application.enabled_git_access_protocol
+              value: all
         gitlab:
           values:
             - path: global.certificates.customCAs
@@ -448,12 +454,6 @@ packages:
               value: *gitlab-init-security-context
             - path: gitlab.sidekiq.init.containerSecurityContext
               value: *gitlab-init-security-context
-            ## gitlab-migrations failed to init as root
-            # - path: gitlab.migrations.init.containerSecurityContext
-            #   value: *gitlab-init-security-context
-            ## gitlab-shell crashed on startup as root
-            # - path: gitlab.gitlab-shell.init.containerSecurityContext
-            #   value: *gitlab-init-security-context
             - path: gitlab.gitlab-pages.init.containerSecurityContext
               value: *gitlab-init-security-context
             - path: gitlab.gitlab-exporter.init.containerSecurityContext
@@ -462,6 +462,8 @@ packages:
               value: *gitlab-init-security-context
             - path: global.redis.host
               value: "valkey-master.valkey.svc.cluster.local"
+            - path: gitlab.gitlab-shell.enabled
+              value: true
 
           variables:
             - name: MIGRATIONS_RESOURCES
@@ -535,7 +537,7 @@ packages:
   # Gitlab Runner
   - name: gitlab-runner
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner
-    ref: 17.0.0-uds.0-registry1
+    ref: 17.1.0-uds.1-registry1
     overrides:
       gitlab-runner:
         gitlab-runner:
@@ -612,7 +614,7 @@ packages:
 
   - name: confluence
     repository: ghcr.io/defenseunicorns/packages/uds/confluence
-    ref: 1.20.0-uds.3-registry1
+    ref: 1.20.0-uds.4-registry1
     overrides:
       confluence:
         uds-confluence-config:
@@ -659,7 +661,7 @@ packages:
   # Mattermost
   - name: mattermost
     repository: ghcr.io/defenseunicorns/packages/uds/mattermost
-    ref: 9.11.1-uds.0-registry1
+    ref: 10.0.0-uds.0-registry1
     overrides:
       mattermost:
         mattermost-enterprise-edition:
@@ -673,6 +675,9 @@ packages:
                   subPath: "ca-bundle.crt"
                   readOnly: true
         uds-mattermost-config:
+          values:
+            - path: postgres.internal
+              value: false
           variables:
             - name: OBJECT_STORE_SECURE
               path: "objectStorage.secure"

bundles/rke2/uds-bundle.yaml

@@ -85,7 +85,7 @@ packages:
 
   - name: core
     repository: ghcr.io/defenseunicorns/packages/uds/core
-    ref: 0.27.3-registry1
+    ref: 0.28.0-registry1
     optionalComponents:
       - metrics-server
     overrides:
@@ -354,7 +354,7 @@ packages:
                 - name: tcp-ssh
                   port: 22
                   protocol: TCP
-                  targetPort: 2022
+                  targetPort: 2222
         uds-istio-config:
           variables:
             - name: TENANT_TLS_CERT
@@ -363,24 +363,24 @@ packages:
             - name: TENANT_TLS_KEY
               description: "The TLS key for the tenant gateway (must be base64 encoded)"
               path: tls.key
-      promtail:
-        promtail:
+      vector:
+        vector:
           variables:
-            - name: PROMTAIL_RESOURCE_CONFIG
-              description: "Promtail Resource Config"
+            - name: VECTOR_RESOURCE_CONFIG
+              description: "Vector Resource Config"
               path: resources
               default:
                 requests:
                   cpu: 100m
                   memory: 256Mi
                 limits:
                   cpu: 1
-                  memory: 1Gi
+                  memory: 2Gi
 
   # NOTE -- depends on hardcoded PVC name(s) in core.keycloak
   - name: keycloak-config-wrapper
     path: ../../build
-    ref: 0.0.1
+    ref: 0.0.2
 
   # Additional manifests needed
   - name: additional-manifests
@@ -390,7 +390,7 @@ packages:
   # Gitlab
   - name: gitlab-valkey
     repository: ghcr.io/defenseunicorns/packages/uds/valkey
-    ref: 7.2.5-uds.2-upstream
+    ref: 7.2.6-uds.0-upstream
     overrides:
       valkey:
         uds-valkey-config:
@@ -420,7 +420,7 @@ packages:
 
   - name: gitlab
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab
-    ref: 17.1.2-uds.0-registry1
+    ref: 17.2.7-uds.2-registry1
     overrides:
       gitlab:
         uds-gitlab-config:
@@ -436,6 +436,12 @@ packages:
                   app.kubernetes.io/name: valkey
                 namespace: valkey
                 port: 6379
+            - path: ssh.enabled
+              value: true
+        uds-gitlab-settings:
+          values:
+            - path: settingsJob.application.enabled_git_access_protocol
+              value: all
         gitlab:
           values:
             - path: global.certificates.customCAs
@@ -449,12 +455,6 @@ packages:
               value: *gitlab-init-security-context
             - path: gitlab.sidekiq.init.containerSecurityContext
               value: *gitlab-init-security-context
-            ## gitlab-migrations failed to init as root
-            # - path: gitlab.migrations.init.containerSecurityContext
-            #   value: *gitlab-init-security-context
-            ## gitlab-shell crashed on startup as root
-            # - path: gitlab.gitlab-shell.init.containerSecurityContext
-            #   value: *gitlab-init-security-context
             - path: gitlab.gitlab-pages.init.containerSecurityContext
               value: *gitlab-init-security-context
             - path: gitlab.gitlab-exporter.init.containerSecurityContext
@@ -463,6 +463,8 @@ packages:
               value: *gitlab-init-security-context
             - path: global.redis.host
               value: "valkey-master.valkey.svc.cluster.local"
+            - path: gitlab.gitlab-shell.enabled
+              value: true
 
           variables:
             - name: MIGRATIONS_RESOURCES
@@ -536,7 +538,7 @@ packages:
   # Gitlab Runner
   - name: gitlab-runner
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner
-    ref: 17.0.0-uds.0-registry1
+    ref: 17.1.0-uds.1-registry1
     overrides:
       gitlab-runner:
         gitlab-runner:
@@ -621,7 +623,7 @@ packages:
 
   - name: confluence
     repository: ghcr.io/defenseunicorns/packages/uds/confluence
-    ref: 1.20.0-uds.3-registry1
+    ref: 1.20.0-uds.4-registry1
     overrides:
       confluence:
         uds-confluence-config:
@@ -674,7 +676,7 @@ packages:
    # Mattermost
   - name: mattermost
     repository: ghcr.io/defenseunicorns/packages/uds/mattermost
-    ref: 9.11.1-uds.0-registry1
+    ref: 10.0.0-uds.0-registry1
     overrides:
       mattermost:
         mattermost-enterprise-edition:
@@ -688,6 +690,9 @@ packages:
                   subPath: "ca-bundle.crt"
                   readOnly: true
         uds-mattermost-config:
+          values:
+            - path: postgres.internal
+              value: false
           variables:
             - name: OBJECT_STORE_SECURE
               path: "objectStorage.secure"

docs/packages-and-dependencies.md

@@ -42,15 +42,15 @@ The UDS Software Factory Bundle (SWF) is a collection of Zarf packages which inc
 | [Zarf Init](https://github.com/zarf-dev/zarf/pkgs/container/packages%2Finit) | v0.39.0 | v0.39.0 | Zarf Init Package used to initialize zarf in the cluster |
 | [Nutanix CSI](https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_6:CSI-Volume-Driver-v2_6) | v3.0.0 | v3.0.0 | Nutanix CSI package |
 | [MetalLB](https://github.com/defenseunicorns/uds-capability-metallb) | 0.0.5 | v0.13.12 | Tool for providing load balancer capabilities for ingress into a Kubernetes deployment |
-| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.27.3 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
-| [Valkey](https://github.com/defenseunicorns/uds-package-valkey) | v7.2.5-uds.2-upstream | 7.2.5 | A key-value store used as a data backend for several applications in the stack |
-| [Gitlab](https://github.com/defenseunicorns/uds-package-gitlab) | v17.1.2-uds.0-registry1 | 17.1.2 | A source control management tool used in the software development lifecycle for storing, updating, building and deploying custom software |
-| [Gitlab Runner](https://github.com/defenseunicorns/uds-package-gitlab-runner) | 17.0.0-uds.0-registry1 | v17.0.0 | A counterpart to Gitlab (above) in which automated software builds, tests and deployments are executed |
+| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.28.0 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
+| [Valkey](https://github.com/defenseunicorns/uds-package-valkey) | v7.2.6-uds.0-upstream | 7.2.6 | A key-value store used as a data backend for several applications in the stack |
+| [Gitlab](https://github.com/defenseunicorns/uds-package-gitlab) | v17.2.7-uds.2-registry1 | 17.2.7 | A source control management tool used in the software development lifecycle for storing, updating, building and deploying custom software |
+| [Gitlab Runner](https://github.com/defenseunicorns/uds-package-gitlab-runner) | 17.1.0-uds.1-registry1 | v17.1.0 | A counterpart to Gitlab (above) in which automated software builds, tests and deployments are executed |
 | [Sonarqube](https://github.com/defenseunicorns/uds-package-sonarqube) | 10.6.0-uds.1-registry1 | 10.6.0-community | A code inspection tool used during automated pipelines to evaluate security considerations of custom software and packaged images |
 | [Jira](https://github.com/defenseunicorns/uds-package-jira) | 1.22.0-uds.0-registry1 | 10.0.1 | A collaboration tool used for team management and task organization |s
-| [Confluence](https://github.com/defenseunicorns/uds-package-confluence) | 1.20.0-uds.0-registry1 | 8.9.4 | A knowledge management tool used by teams to organize information |
-| [Mattermost](https://github.com/defenseunicorns/uds-package-mattermost) | 9.11.1-uds.0-registry1 | 9.11.1 | An instance of Mattermost, a self-hosted chat and collaboration platform |
-| [Nexus](https://github.com/defenseunicorns/uds-package-nexus) | 3.71.0-uds.1-registry1 | 3.71.0 | An artifact repository used for storing compiled application libraries, packages, images and other such artifacts |
+| [Confluence](https://github.com/defenseunicorns/uds-package-confluence) | 1.20.0-uds.4-registry1 | 9.0.3 | A knowledge management tool used by teams to organize information |
+| [Mattermost](https://github.com/defenseunicorns/uds-package-mattermost) | 10.0.0-uds.0-registry1 | 10.0.0 | An instance of Mattermost, a self-hosted chat and collaboration platform |
+| [Nexus](https://github.com/defenseunicorns/uds-package-nexus) | 3.72.0-uds.0-registry1 | 3.72.0 | An artifact repository used for storing compiled application libraries, packages, images and other such artifacts |
 | [cert-manager](https://cert-manager.io/) | 0.0.1 | 1.14.5 | Tool for automating management of in-cluster certificates |
 | [trust-manager](https://cert-manager.io/docs/trust/trust-manager/) | 0.0.1 | v0.11.0 | Tool for automating creation and distribution of CA trust bundles |
 
@@ -59,9 +59,9 @@ The UDS Software Factory Bundle (SWF) is a collection of Zarf packages which inc
 
 | Package | Version | Description |
 |----|----|----|
-| [Istio](https://istio.io/latest/) | 1.23.1 | A package detailing the configuration of the deployed service mesh -- used by the operator to apply the desired state in the cluster |
+| [Istio](https://istio.io/latest/) | 1.23.2 | A package detailing the configuration of the deployed service mesh -- used by the operator to apply the desired state in the cluster |
 | [Loki](https://grafana.com/oss/loki/) | 3.1.1 | A Grafana product for aggregating and querying log data |
-| [Promtail](https://grafana.com/docs/loki/latest/send-data/promtail/) | 3.1.1 | A logging daemon installed on each cluster node to capture logs from the host and all cluster workload processes. Logs are shipped to Loki |
+| [Vector](https://vector.dev/) | 0.41.1 | A logging daemon installed on each cluster node to capture logs from the host and all cluster workload processes. Logs are shipped to Loki |
 | [Prometheus](https://prometheus.io/) | 2.54.1 | A product for storing and querying time series based data such as system performance metrics (CPU/MEM usage) |
 | [Grafana](https://github.com/grafana/grafana) | 11.2.0 | A Grafana product to provide a frontend interface to display and query performance information from Prometheus, log data from Loki, and request tracing information from Tempo |
 | [Neuvector](https://www.suse.com/neuvector/) | 5.3.4 | A kubernetes security suite that provides CVE scanning for hosts and images, as well as runtime security monitoring and protection |