chore: upgrade uds-core to 0.24.1 (#151)

chore: upgrade uds-cli to 0.13.1
chore: upgrade Nutanix CSI init to 0.36.1
docs: update deps doc
chore: cleanup unecessary loki overrides
chore: upgrade uds-identity-config to v0.5.1

README.md

@@ -16,8 +16,8 @@ Once the below [Prerequisites](#prerequisites) are met, these are the steps to d
 
 ### Prerequisites
 **Tools**:
-* [uds version v0.12.0](https://github.com/defenseunicorns/uds-cli/tree/v0.12.0)
-- `sudo curl -sL https://github.com/defenseunicorns/uds-cli/releases/download/v0.12.0/uds-cli_v0.12.0_Linux_amd64`
+* [uds version v0.13.1](https://github.com/defenseunicorns/uds-cli/tree/v0.13.1)
+- `sudo curl -sL https://github.com/defenseunicorns/uds-cli/releases/download/v0.13.1/uds-cli_v0.13.1_Linux_amd64`
 * (OPTIONAL) [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl)
 * (OPTIONAL) [helm](https://github.com/helm/helm)
 

bundles/uds-core-swf/uds-bundle.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.12.0/uds.schema.json
+# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.13.1/uds.schema.json
 kind: UDSBundle
 metadata:
   name: software-factory-nutanix
@@ -35,7 +35,7 @@ packages:
     path: ../../build
     optionalComponents:
       - git-server
-    ref: v0.35.0
+    ref: v0.36.1
     overrides:
       zarf-seed-registry:
         docker-registry:
@@ -65,7 +65,7 @@ packages:
 
   - name: core
     repository: ghcr.io/defenseunicorns/packages/uds/core
-    ref: 0.23.0-registry1
+    ref: 0.24.1-registry1
     overrides:
       grafana:
         grafana:
@@ -321,14 +321,6 @@ packages:
               path: backend.persistence.size
               description: "Loki backend persistence size"
               default: 128Gi
-            - name: LOKI_QUERY_INTERVAL
-              path: loki.limits_config.split_queries_by_interval
-              description: "Query interval to not hit limits"
-              default: "30m"
-            - name: LOKI_MAX_REQUESTS_PER_TENANT
-              path: loki.query_scheduler.max_outstanding_requests_per_tenant
-              description: "Set to new Loki 3.0 default"
-              default: 32000
       istio-admin-gateway:
         uds-istio-config:
           variables:

docs/packages-and-dependencies.md

@@ -10,7 +10,7 @@ This list covers tools which would be required on a developer machine in order t
 | Tool | Version | Description |
 |----|----|----|
 | [terraform](https://github.com/hashicorp/terraform) | v1.6.4 | An Infrastructure As Code (IAC) tool for managing the deployment of virtual resources (VMs, databases, object storage) within Nutanix |
-| [UDS](https://github.com/defenseunicorns/uds-cli) | v0.12.0 | A custom tool for automating and simplifying the management of multiple Zarf deployments in one environment |
+| [UDS](https://github.com/defenseunicorns/uds-cli) | v0.13.1 | A custom tool for automating and simplifying the management of multiple Zarf deployments in one environment |
 
 ## Operating System Package Installs
 This list covers tools and packages installed in the Operating System of the virtual machines allocated to run Kubernetes. This list is obviously not exhaustive, but instead covers what is being added to the base STIG'd image.
@@ -38,9 +38,9 @@ The UDS Software Factory Bundle (SWF) is a collection of Zarf packages which inc
 
 | Name | Package Version (internal) | Application Version | Description |
 |----|----|----|----|
-| [Nutanix CSI Driver Init](https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_6:CSI-Volume-Driver-v2_6) | v0.35.0 | v2.6.8 | A zarf component installed in the cluster for orchestrating further deployment of Zarf based packages |
+| [Nutanix CSI Driver Init](https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_6:CSI-Volume-Driver-v2_6) | v0.36.1 | v2.6.8 | A zarf component installed in the cluster for orchestrating further deployment of Zarf based packages |
 | [MetalLB](https://github.com/defenseunicorns/uds-capability-metallb) | 0.0.5 | v0.13.12 | Tool for providing load balancer capabilities for ingress into a Kubernetes deployment |
-| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.23.0 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
+| [uds-core](https://github.com/defenseunicorns/uds-core) | 0.24.1 | N/A | [DESCRIPTION BELOW](#UDS-Core) |
 | [Valkey](https://github.com/defenseunicorns/uds-package-valkey) | v7.2.5-uds.2-upstream | 7.2.5 | A key-value store used as a data backend for several applications in the stack |
 | [Gitlab](https://github.com/defenseunicorns/uds-package-gitlab) | v17.1.2-uds.0-registry1 | 17.1.2 | A source control management tool used in the software development lifecycle for storing, updating, building and deploying custom software |
 | [Gitlab Runner](https://github.com/defenseunicorns/uds-package-gitlab-runner) | 17.0.0-uds.0-registry1 | v17.0.0 | A counterpart to Gitlab (above) in which automated software builds, tests and deployments are executed |
@@ -64,7 +64,8 @@ The UDS Software Factory Bundle (SWF) is a collection of Zarf packages which inc
 | [Grafana](https://github.com/grafana/grafana) | 11.1.0 | A Grafana product to provide a frontend interface to display and query performance information from Prometheus, log data from Loki, and request tracing information from Tempo |
 | [Neuvector](https://www.suse.com/neuvector/) | 5.3.3 | A kubernetes security suite that provides CVE scanning for hosts and images, as well as runtime security monitoring and protection |
 | [Velero](https://repo1.dso.mil/big-bang/product/packages/velero) | 1.13.2 | A tool for orchistrating backups of cluster state and storage |
-| [Authservice](https://github.com/istio-ecosystem/authservice) | 0.5.3 | A tool for simplifying and automating auth workflows via Istio integration |
+| [Authservice](https://github.com/istio-ecosystem/authservice) | 1.0.1 | A tool for simplifying and automating auth workflows via Istio integration |
 | [Metrics Server](https://github.com/kubernetes-sigs/metrics-server) | 0.7.1 | A container metrics aggregation and exporter for kubernetes |
-| [Pepr](https://pepr.dev/) | 0.32.6 | Declarative automation for managing deployments and security policy enorcement |
+| [Pepr](https://pepr.dev/) | 0.32.7 | Declarative automation for managing deployments and security policy enorcement |
 | [Keycloak](https://github.com/defenseunicorns/uds-core) | 24.0.5 | An identity and access management (IDAM) tool used to authenticate users for access to applications |
+| [uds-identity-config]() | v0.5.1 | UDS Identity (Keycloak) Config image used by UDS Identity |

packages/init/zarf.yaml

@@ -21,19 +21,19 @@ components:
   # (Optional) Deploys a k3s cluster
   - name: k3s
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1
 
   # This package moves the injector & registries binaries
   - name: zarf-injector
     required: true
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1
 
   # Creates the temporary seed-registry
   - name: zarf-seed-registry
     required: true
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1
     charts:
       - name: docker-registry
         valuesFiles:
@@ -108,7 +108,7 @@ components:
   - name: zarf-registry
     required: true
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1
 
   # Push nutanix csi (and registry) images to permanent registry
   - name: nutanix-csi-images
@@ -131,9 +131,9 @@ components:
   - name: zarf-agent
     required: true
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1
 
   # (Optional) Adds a git server to the cluster
   - name: git-server
     import:
-      url: oci://ghcr.io/defenseunicorns/packages/init:v0.35.0
+      url: oci://ghcr.io/defenseunicorns/packages/init:v0.36.1

packages/keycloak-config-wrapper/init-job.yaml

@@ -13,9 +13,9 @@ spec:
         fsGroup: 2000
       containers:
         - name: uds-config-sync
-          # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver 
-          image: ghcr.io/defenseunicorns/uds/identity-config:0.5.0
-          command: 
+          # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver
+          image: ghcr.io/defenseunicorns/uds/identity-config:0.5.1
+          command:
             [
               "sh",
               "-c",
@@ -41,7 +41,7 @@ spec:
       restartPolicy: Never
       volumes:
         - name: providers
-          persistentVolumeClaim: 
+          persistentVolumeClaim:
             claimName: keycloak-providers
         # jars are only copied into providers -- the rest won't matter, but are needed for file permissions in the sync script
         - name: conf

packages/keycloak-config-wrapper/zarf.yaml

@@ -14,18 +14,18 @@ components:
       #create a job from the pre-existing init image
       - name: data-loader
         namespace: keycloak
-        files: 
+        files:
           - init-job.yaml
     images:
-      # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver 
-      - "ghcr.io/defenseunicorns/uds/identity-config:0.5.0"
+      # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver
+      - "ghcr.io/defenseunicorns/uds/identity-config:0.5.1"
     actions:
-      onDeploy:          
-        before:  
+      onDeploy:
+        before:
           # cleanup previous attempts
           - cmd: |
               ./zarf tools kubectl delete job -n keycloak identity-config-loader 2>/dev/null || true
-              
+
           # Check deploy system arch
           - cmd: if [ "$(uname -m)" != "x86_64" ]; then echo "this package architecture is amd64, but the target system has a different architecture. These architectures must be the same" && exit 1; fi
             description: Check that the host architecture matches the package architecture
@@ -43,10 +43,10 @@ components:
 
               # set the marker
               ./zarf tools kubectl exec -n keycloak $POD -- touch /home/nonroot/marker
-        
+
               # wait for the job to finish
               ./zarf tools wait-for job -n keycloak identity-config-loader '{.status.succeeded}'=1
-          
+
         onSuccess:
           # bounce keycloak statefulset
           - cmd: ./zarf tools kubectl rollout restart statefulset -n keycloak keycloak