diff --git a/src/istio/common/zarf.yaml b/src/istio/common/zarf.yaml index 9c0d3e5ff..f6b6f979a 100644 --- a/src/istio/common/zarf.yaml +++ b/src/istio/common/zarf.yaml @@ -13,7 +13,7 @@ components: charts: - name: base url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 namespace: istio-system - name: uds-global-istio-config namespace: istio-system @@ -21,19 +21,19 @@ components: localPath: chart - name: istiod url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 namespace: istio-system valuesFiles: - "../values/base-istiod.yaml" - name: cni url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 namespace: istio-system valuesFiles: - "../values/base-cni.yaml" # values for k3s/k3d cni - name: ztunnel url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 namespace: istio-system actions: onDeploy: diff --git a/src/istio/values/registry1-values.yaml b/src/istio/values/registry1-values.yaml index 62661f45c..449f58897 100644 --- a/src/istio/values/registry1-values.yaml +++ b/src/istio/values/registry1-values.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.1-tetratefips-v0 + image: registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.2-tetratefips-v0 global: proxy_init: # renovate: image=registry1.dso.mil/ironbank/tetrate/istio/proxyv2 - image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.1-tetratefips-v0" + image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.2-tetratefips-v0" proxy: # renovate: image=registry1.dso.mil/ironbank/tetrate/istio/proxyv2 - image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.1-tetratefips-v0" + image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.2-tetratefips-v0" diff --git a/src/istio/values/registry1/cni.yaml b/src/istio/values/registry1/cni.yaml index ec8dc6271..9ddb99bab 100644 --- a/src/istio/values/registry1/cni.yaml +++ b/src/istio/values/registry1/cni.yaml @@ -2,4 +2,4 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial cni: - image: registry1.dso.mil/ironbank/opensource/istio/install-cni:1.24.1 + image: registry1.dso.mil/ironbank/opensource/istio/install-cni:1.24.2 diff --git a/src/istio/values/registry1/istiod.yaml b/src/istio/values/registry1/istiod.yaml index 62661f45c..449f58897 100644 --- a/src/istio/values/registry1/istiod.yaml +++ b/src/istio/values/registry1/istiod.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.1-tetratefips-v0 + image: registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.2-tetratefips-v0 global: proxy_init: # renovate: image=registry1.dso.mil/ironbank/tetrate/istio/proxyv2 - image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.1-tetratefips-v0" + image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.2-tetratefips-v0" proxy: # renovate: image=registry1.dso.mil/ironbank/tetrate/istio/proxyv2 - image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.1-tetratefips-v0" + image: "###ZARF_REGISTRY###/ironbank/tetrate/istio/proxyv2:1.24.2-tetratefips-v0" diff --git a/src/istio/values/registry1/ztunnel.yaml b/src/istio/values/registry1/ztunnel.yaml index 1322b75d5..86aafc176 100644 --- a/src/istio/values/registry1/ztunnel.yaml +++ b/src/istio/values/registry1/ztunnel.yaml @@ -1,4 +1,4 @@ # Copyright 2024 Defense Unicorns # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial -image: registry1.dso.mil/ironbank/tetrate/istio/ztunnel:1.24.1-tetratefips-v0 +image: registry1.dso.mil/ironbank/tetrate/istio/ztunnel:1.24.2-tetratefips-v0 diff --git a/src/istio/values/unicorn-values.yaml b/src/istio/values/unicorn-values.yaml index e382763ad..79c3f8293 100644 --- a/src/istio/values/unicorn-values.yaml +++ b/src/istio/values/unicorn-values.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: "cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.1" + image: "cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.2" global: proxy_init: # renovate: image=cgr.dev/du-uds-defenseunicorns/istio-proxy-fips - image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.1" + image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.2" proxy: # renovate: image=cgr.dev/du-uds-defenseunicorns/istio-proxy-fips - image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.1" + image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.2" diff --git a/src/istio/values/unicorn/cni.yaml b/src/istio/values/unicorn/cni.yaml index 902e8755a..06783d9fc 100644 --- a/src/istio/values/unicorn/cni.yaml +++ b/src/istio/values/unicorn/cni.yaml @@ -2,4 +2,4 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial cni: - image: cgr.dev/du-uds-defenseunicorns/istio-install-cni:1.24.1 + image: cgr.dev/du-uds-defenseunicorns/istio-install-cni:1.24.2 diff --git a/src/istio/values/unicorn/istiod.yaml b/src/istio/values/unicorn/istiod.yaml index e382763ad..79c3f8293 100644 --- a/src/istio/values/unicorn/istiod.yaml +++ b/src/istio/values/unicorn/istiod.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: "cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.1" + image: "cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.2" global: proxy_init: # renovate: image=cgr.dev/du-uds-defenseunicorns/istio-proxy-fips - image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.1" + image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.2" proxy: # renovate: image=cgr.dev/du-uds-defenseunicorns/istio-proxy-fips - image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.1" + image: "###ZARF_REGISTRY###/du-uds-defenseunicorns/istio-proxy-fips:1.24.2" diff --git a/src/istio/values/upstream-values.yaml b/src/istio/values/upstream-values.yaml index ff0f5871b..0502ab7ae 100644 --- a/src/istio/values/upstream-values.yaml +++ b/src/istio/values/upstream-values.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: "docker.io/istio/pilot:1.24.1-distroless" + image: "docker.io/istio/pilot:1.24.2-distroless" global: proxy_init: # renovate: image=docker.io/istio/proxyv2 - image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.1-distroless" + image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.2-distroless" proxy: # renovate: image=docker.io/istio/proxyv2 - image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.1-distroless" + image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.2-distroless" diff --git a/src/istio/values/upstream/cni.yaml b/src/istio/values/upstream/cni.yaml index 89b260ef0..deec580c2 100644 --- a/src/istio/values/upstream/cni.yaml +++ b/src/istio/values/upstream/cni.yaml @@ -2,4 +2,4 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial cni: - image: docker.io/istio/install-cni:1.24.1-distroless + image: docker.io/istio/install-cni:1.24.2-distroless diff --git a/src/istio/values/upstream/istiod.yaml b/src/istio/values/upstream/istiod.yaml index ff0f5871b..0502ab7ae 100644 --- a/src/istio/values/upstream/istiod.yaml +++ b/src/istio/values/upstream/istiod.yaml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial pilot: - image: "docker.io/istio/pilot:1.24.1-distroless" + image: "docker.io/istio/pilot:1.24.2-distroless" global: proxy_init: # renovate: image=docker.io/istio/proxyv2 - image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.1-distroless" + image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.2-distroless" proxy: # renovate: image=docker.io/istio/proxyv2 - image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.1-distroless" + image: "###ZARF_REGISTRY###/istio/proxyv2:1.24.2-distroless" diff --git a/src/istio/values/upstream/ztunnel.yaml b/src/istio/values/upstream/ztunnel.yaml index 20cc69d24..f652c9d3b 100644 --- a/src/istio/values/upstream/ztunnel.yaml +++ b/src/istio/values/upstream/ztunnel.yaml @@ -1,4 +1,4 @@ # Copyright 2024 Defense Unicorns # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial -image: docker.io/istio/ztunnel:1.24.1-distroless +image: docker.io/istio/ztunnel:1.24.2-distroless diff --git a/src/istio/zarf.yaml b/src/istio/zarf.yaml index 393d84921..27ad4bfd6 100644 --- a/src/istio/zarf.yaml +++ b/src/istio/zarf.yaml @@ -33,10 +33,10 @@ components: valuesFiles: - "values/upstream/ztunnel.yaml" images: - - "docker.io/istio/pilot:1.24.1-distroless" - - "docker.io/istio/proxyv2:1.24.1-distroless" - - "docker.io/istio/install-cni:1.24.1-distroless" - - "docker.io/istio/ztunnel:1.24.1-distroless" + - "docker.io/istio/pilot:1.24.2-distroless" + - "docker.io/istio/proxyv2:1.24.2-distroless" + - "docker.io/istio/install-cni:1.24.2-distroless" + - "docker.io/istio/ztunnel:1.24.2-distroless" - name: istio-controlplane required: true @@ -55,11 +55,11 @@ components: valuesFiles: - "values/registry1/ztunnel.yaml" images: - - registry1.dso.mil/ironbank/tetrate/istio/proxyv2:1.24.1-tetratefips-v0 - - registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.1-tetratefips-v0 - - registry1.dso.mil/ironbank/tetrate/istio/ztunnel:1.24.1-tetratefips-v0 + - registry1.dso.mil/ironbank/tetrate/istio/proxyv2:1.24.2-tetratefips-v0 + - registry1.dso.mil/ironbank/tetrate/istio/pilot:1.24.2-tetratefips-v0 + - registry1.dso.mil/ironbank/tetrate/istio/ztunnel:1.24.2-tetratefips-v0 # Tetrate's install-cni image is out of date currently in Ironbank but could be swapped in when updated - - registry1.dso.mil/ironbank/opensource/istio/install-cni:1.24.1 + - registry1.dso.mil/ironbank/opensource/istio/install-cni:1.24.2 # - registry1.dso.mil/ironbank/tetrate/istio/install-cni:1.22.6-tetratefips-v0 - name: istio-controlplane @@ -79,20 +79,20 @@ components: valuesFiles: - "values/upstream/ztunnel.yaml" images: - - cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.1 - - cgr.dev/du-uds-defenseunicorns/istio-proxy-fips:1.24.1 + - cgr.dev/du-uds-defenseunicorns/istio-pilot-fips:1.24.2 + - cgr.dev/du-uds-defenseunicorns/istio-proxy-fips:1.24.2 # Chainguard's install-cni-fips is not working right now, issue submitted - - cgr.dev/du-uds-defenseunicorns/istio-install-cni:1.24.1 + - cgr.dev/du-uds-defenseunicorns/istio-install-cni:1.24.2 # Chainguard does not have the ztunnel image currently, but upstream is 0 CVE # It is not currently FIPS though, and the IB TID FIPS image is amd64 only - - docker.io/istio/ztunnel:1.24.1-distroless + - docker.io/istio/ztunnel:1.24.2-distroless - name: istio-admin-gateway required: true charts: - name: gateway url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 releaseName: admin-ingressgateway namespace: istio-admin-gateway - name: uds-istio-config @@ -107,7 +107,7 @@ components: charts: - name: gateway url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 releaseName: tenant-ingressgateway namespace: istio-tenant-gateway - name: uds-istio-config @@ -122,7 +122,7 @@ components: charts: - name: gateway url: https://istio-release.storage.googleapis.com/charts - version: 1.24.1 + version: 1.24.2 releaseName: passthrough-ingressgateway namespace: istio-passthrough-gateway - name: uds-istio-config diff --git a/src/keycloak/chart/values.yaml b/src/keycloak/chart/values.yaml index e1a81b77c..c36f5a826 100644 --- a/src/keycloak/chart/values.yaml +++ b/src/keycloak/chart/values.yaml @@ -10,7 +10,7 @@ image: pullPolicy: IfNotPresent # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver -configImage: uds-core-config:keycloak3 +configImage: ghcr.io/sgettys/keycloak:ambient # The public domain name of the Keycloak server domain: "###ZARF_VAR_DOMAIN###" diff --git a/src/keycloak/zarf.yaml b/src/keycloak/zarf.yaml index 3cd8ec075..0b94eea43 100644 --- a/src/keycloak/zarf.yaml +++ b/src/keycloak/zarf.yaml @@ -27,7 +27,7 @@ components: - "values/upstream-values.yaml" images: - quay.io/keycloak/keycloak:26.0.7 - - uds-core-config:keycloak3 + - ghcr.io/sgettys/keycloak:ambient - name: keycloak required: true @@ -43,7 +43,7 @@ components: - "values/registry1-values.yaml" images: - registry1.dso.mil/ironbank/opensource/keycloak/keycloak:26.0.7 - - uds-core-config:keycloak3 + - ghcr.io/sgettys/keycloak:ambient - name: keycloak required: true @@ -57,4 +57,4 @@ components: - "values/unicorn-values.yaml" images: - cgr.dev/du-uds-defenseunicorns/keycloak:26.0.7 # todo: switch to FIPS image - - uds-core-config:keycloak3 + - ghcr.io/sgettys/keycloak:ambient