Bump github.com/hashicorp/consul/api from 1.8.1 to 1.10.1 #37

Merged
dependabot[bot] merged 1 commits from dependabot/go_modules/github.com/hashicorp/consul/api-1.10.1 into master 2021-09-16 10:10:01 +03:00
dependabot[bot] commented 2021-09-06 14:22:29 +03:00 (Migrated from github.com)

Bumps github.com/hashicorp/consul/api from 1.8.1 to 1.10.1.

Release notes

Sourced from github.com/hashicorp/consul/api's releases.

v1.10.1

1.10.1 (July 15, 2021)

SECURITY:

FEATURES:

  • cli: allow running redirect-traffic command in a provided Linux namespace. [GH-10564]
  • sdk: allow applying iptables rules in a provided Linux namespace. [GH-10564]

IMPROVEMENTS:

  • acl: Return secret ID when listing tokens if accessor has acl:write [GH-10546]
  • structs: prevent service-defaults upstream configs from using wildcard names or namespaces [GH-10475]
  • ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [GH-10298]

DEPRECATIONS:

  • connect/ca: remove the RotationPeriod field from the Consul CA provider, it was not used for anything. [GH-10552]

BUG FIXES:

  • agent: fix a panic on 32-bit platforms caused by misaligned struct fields used with sync/atomic. [GH-10515]
  • ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [GH-10411]
  • checks: fixes the default ServerName used with TLS health checks. [GH-10490]
  • connect/proxy: fixes logic bug preventing builtin/native proxy from starting upstream listeners [GH-10486]
  • streaming: fix a bug that was preventing streaming from being enabled. [GH-10514]
  • ui: (Enterprise only) Ensure permissions are checked based on the actively selected namespace [GH-10608]
  • ui: Ensure in-folder KVs are created in the correct folder [GH-10569]
  • ui: Fix KV editor syntax highlighting [GH-10605]
  • ui: Send service name down to Stats to properly call endpoint for Upstreams and Downstreams metrics [GH-10535]
  • ui: Show ACLs disabled page at Tokens page instead of 403 error when ACLs are disabled [GH-10604]
  • ui: Use the token's namespace instead of the default namespace when not specifying a namespace in the URL [GH-10503]

v1.10.1-beta1

1.10.1-beta1 (July 01, 2021)

IMPROVEMENTS:

  • structs: prevent service-defaults upstream configs from using wildcard names or namespaces [GH-10475]
  • ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [GH-10298]

BUG FIXES:

  • ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [GH-10411]
  • checks: fixes the default ServerName used with TLS health checks. [GH-10490]

... (truncated)

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.10.1 (July 15, 2021)

KNOWN ISSUES:

  • The change to enable streaming by default uncovered an incompatibility between streaming and WAN federation over mesh gateways causing traffic to fall back to attempting a direct WAN connection rather than transiting through the gateways. We currently suggest explicitly setting use_streaming_backend=false if using WAN federation over mesh gateways when upgrading to 1.10.1 and are working to address this issue in a future patch release.

SECURITY:

FEATURES:

  • cli: allow running redirect-traffic command in a provided Linux namespace. [GH-10564]
  • sdk: allow applying iptables rules in a provided Linux namespace. [GH-10564]

IMPROVEMENTS:

  • acl: Return secret ID when listing tokens if accessor has acl:write [GH-10546]
  • structs: prevent service-defaults upstream configs from using wildcard names or namespaces [GH-10475]
  • ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [GH-10298]

DEPRECATIONS:

  • connect/ca: remove the RotationPeriod field from the Consul CA provider, it was not used for anything. [GH-10552]

BUG FIXES:

  • agent: fix a panic on 32-bit platforms caused by misaligned struct fields used with sync/atomic. [GH-10515]
  • ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [GH-10411]
  • checks: fixes the default ServerName used with TLS health checks. [GH-10490]
  • connect/proxy: fixes logic bug preventing builtin/native proxy from starting upstream listeners [GH-10486]
  • streaming: fix a bug that was preventing streaming from being enabled. [GH-10514]
  • ui: (Enterprise only) Ensure permissions are checked based on the actively selected namespace [GH-10608]
  • ui: Ensure in-folder KVs are created in the correct folder [GH-10569]
  • ui: Fix KV editor syntax highlighting [GH-10605]
  • ui: Send service name down to Stats to properly call endpoint for Upstreams and Downstreams metrics [GH-10535]
  • ui: Show ACLs disabled page at Tokens page instead of 403 error when ACLs are disabled [GH-10604]
  • ui: Use the token's namespace instead of the default namespace when not specifying a namespace in the URL [GH-10503]

1.10.0 (June 22, 2021)

BREAKING CHANGES:

  • connect: Disallow wildcard as name for service-defaults. [GH-10069]
  • connect: avoid encoding listener info in ingress and terminating gateway listener stats names. [GH-10404]
  • licensing: (Enterprise Only) Consul Enterprise 1.10 has removed API driven licensing of servers in favor of license loading via configuration. The PUT and DELETE methods on the /v1/operator/license endpoint will now return 405s, the consul license put and consul license reset CLI commands have been removed and the LicensePut and LicenseReset methods in the API client have been altered to always return an error. [GH-10211]
  • licensing: (Enterprise Only) Consul Enterprise client agents now require a valid non-anonymous ACL token for retrieving their license from the servers. Additionally client agents rely on the value of the start_join and retry_join configurations for determining the servers to query for the license. Therefore one must be set to use license auto-retrieval. [GH-10248]
  • licensing: (Enterprise Only) Consul Enterprise has removed support for temporary licensing. All server agents must have a valid license at startup and client agents must have a license at startup or be able to retrieve one from the servers. [GH-10248]

... (truncated)

Commits
  • db839f1 Release v1.10.1
  • 40ac83c update bindata_assetfs.go
  • fc38e8f add changelogs for 1.10.1
  • e3e3137 Merge pull request #10622 from hashicorp/vuln/validate-sans-1.10
  • 803df59 Fixup prepared query ns defaulting
  • 066e950 Add changelog entry
  • d808d78 Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
  • 104ee65 xds: ensure single L7 deny intention with default deny policy does not result...
  • e92b9e8 ui: [BUGFIX] Ensure we use the ns query param name when requesting permission...
  • 15f6b10 ui: [BUGFIX] Ensure in-folder KVs are created in the correct folder (#10569)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) from 1.8.1 to 1.10.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/consul/releases">github.com/hashicorp/consul/api's releases</a>.</em></p> <blockquote> <h2>v1.10.1</h2> <h2>1.10.1 (July 15, 2021)</h2> <p>SECURITY:</p> <ul> <li>xds: ensure envoy verifies the subject alternative name for upstreams <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32574">CVE-2021-32574</a> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10621">GH-10621</a>]</li> <li>xds: ensure single L7 deny intention with default deny policy does not result in allow action <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36213">CVE-2021-36213</a> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10619">GH-10619</a>]</li> </ul> <p>FEATURES:</p> <ul> <li>cli: allow running <code>redirect-traffic</code> command in a provided Linux namespace. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10564">GH-10564</a>]</li> <li>sdk: allow applying <code>iptables</code> rules in a provided Linux namespace. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10564">GH-10564</a>]</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>acl: Return secret ID when listing tokens if accessor has <code>acl:write</code> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10546">GH-10546</a>]</li> <li>structs: prevent service-defaults upstream configs from using wildcard names or namespaces [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10475">GH-10475</a>]</li> <li>ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10298">GH-10298</a>]</li> </ul> <p>DEPRECATIONS:</p> <ul> <li>connect/ca: remove the <code>RotationPeriod</code> field from the Consul CA provider, it was not used for anything. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10552">GH-10552</a>]</li> </ul> <p>BUG FIXES:</p> <ul> <li>agent: fix a panic on 32-bit platforms caused by misaligned struct fields used with sync/atomic. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10515">GH-10515</a>]</li> <li>ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10411">GH-10411</a>]</li> <li>checks: fixes the default ServerName used with TLS health checks. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10490">GH-10490</a>]</li> <li>connect/proxy: fixes logic bug preventing builtin/native proxy from starting upstream listeners [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10486">GH-10486</a>]</li> <li>streaming: fix a bug that was preventing streaming from being enabled. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10514">GH-10514</a>]</li> <li>ui: <strong>(Enterprise only)</strong> Ensure permissions are checked based on the actively selected namespace [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10608">GH-10608</a>]</li> <li>ui: Ensure in-folder KVs are created in the correct folder [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10569">GH-10569</a>]</li> <li>ui: Fix KV editor syntax highlighting [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10605">GH-10605</a>]</li> <li>ui: Send service name down to Stats to properly call endpoint for Upstreams and Downstreams metrics [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10535">GH-10535</a>]</li> <li>ui: Show ACLs disabled page at Tokens page instead of 403 error when ACLs are disabled [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10604">GH-10604</a>]</li> <li>ui: Use the token's namespace instead of the default namespace when not specifying a namespace in the URL [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10503">GH-10503</a>]</li> </ul> <h2>v1.10.1-beta1</h2> <h2>1.10.1-beta1 (July 01, 2021)</h2> <p>IMPROVEMENTS:</p> <ul> <li>structs: prevent service-defaults upstream configs from using wildcard names or namespaces [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10475">GH-10475</a>]</li> <li>ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10298">GH-10298</a>]</li> </ul> <p>BUG FIXES:</p> <ul> <li>ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10411">GH-10411</a>]</li> <li>checks: fixes the default ServerName used with TLS health checks. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10490">GH-10490</a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/consul/blob/main/CHANGELOG.md">github.com/hashicorp/consul/api's changelog</a>.</em></p> <blockquote> <h2>1.10.1 (July 15, 2021)</h2> <p>KNOWN ISSUES:</p> <ul> <li>The change to enable streaming by default uncovered an incompatibility between streaming and WAN federation over mesh gateways causing traffic to fall back to attempting a direct WAN connection rather than transiting through the gateways. We currently suggest explicitly setting <a href="https://www.consul.io/docs/agent/options#use_streaming_backend"><code>use_streaming_backend=false</code></a> if using WAN federation over mesh gateways when upgrading to 1.10.1 and are working to address this issue in a future patch release.</li> </ul> <p>SECURITY:</p> <ul> <li>xds: ensure envoy verifies the subject alternative name for upstreams <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32574">CVE-2021-32574</a> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10621">GH-10621</a>]</li> <li>xds: ensure single L7 deny intention with default deny policy does not result in allow action <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36213">CVE-2021-36213</a> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10619">GH-10619</a>]</li> </ul> <p>FEATURES:</p> <ul> <li>cli: allow running <code>redirect-traffic</code> command in a provided Linux namespace. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10564">GH-10564</a>]</li> <li>sdk: allow applying <code>iptables</code> rules in a provided Linux namespace. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10564">GH-10564</a>]</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>acl: Return secret ID when listing tokens if accessor has <code>acl:write</code> [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10546">GH-10546</a>]</li> <li>structs: prevent service-defaults upstream configs from using wildcard names or namespaces [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10475">GH-10475</a>]</li> <li>ui: Move all CSS icons to use standard CSS custom properties rather than SASS variables [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10298">GH-10298</a>]</li> </ul> <p>DEPRECATIONS:</p> <ul> <li>connect/ca: remove the <code>RotationPeriod</code> field from the Consul CA provider, it was not used for anything. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10552">GH-10552</a>]</li> </ul> <p>BUG FIXES:</p> <ul> <li>agent: fix a panic on 32-bit platforms caused by misaligned struct fields used with sync/atomic. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10515">GH-10515</a>]</li> <li>ca: Fixed a bug that returned a malformed certificate chain when the certificate did not having a trailing newline. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10411">GH-10411</a>]</li> <li>checks: fixes the default ServerName used with TLS health checks. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10490">GH-10490</a>]</li> <li>connect/proxy: fixes logic bug preventing builtin/native proxy from starting upstream listeners [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10486">GH-10486</a>]</li> <li>streaming: fix a bug that was preventing streaming from being enabled. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10514">GH-10514</a>]</li> <li>ui: <strong>(Enterprise only)</strong> Ensure permissions are checked based on the actively selected namespace [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10608">GH-10608</a>]</li> <li>ui: Ensure in-folder KVs are created in the correct folder [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10569">GH-10569</a>]</li> <li>ui: Fix KV editor syntax highlighting [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10605">GH-10605</a>]</li> <li>ui: Send service name down to Stats to properly call endpoint for Upstreams and Downstreams metrics [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10535">GH-10535</a>]</li> <li>ui: Show ACLs disabled page at Tokens page instead of 403 error when ACLs are disabled [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10604">GH-10604</a>]</li> <li>ui: Use the token's namespace instead of the default namespace when not specifying a namespace in the URL [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10503">GH-10503</a>]</li> </ul> <h2>1.10.0 (June 22, 2021)</h2> <p>BREAKING CHANGES:</p> <ul> <li>connect: Disallow wildcard as name for service-defaults. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10069">GH-10069</a>]</li> <li>connect: avoid encoding listener info in ingress and terminating gateway listener stats names. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10404">GH-10404</a>]</li> <li>licensing: <strong>(Enterprise Only)</strong> Consul Enterprise 1.10 has removed API driven licensing of servers in favor of license loading via configuration. The <code>PUT</code> and <code>DELETE</code> methods on the <code>/v1/operator/license</code> endpoint will now return 405s, the <code>consul license put</code> and <code>consul license reset</code> CLI commands have been removed and the <code>LicensePut</code> and <code>LicenseReset</code> methods in the API client have been altered to always return an error. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10211">GH-10211</a>]</li> <li>licensing: <strong>(Enterprise Only)</strong> Consul Enterprise client agents now require a valid non-anonymous ACL token for retrieving their license from the servers. Additionally client agents rely on the value of the <code>start_join</code> and <code>retry_join</code> configurations for determining the servers to query for the license. Therefore one must be set to use license auto-retrieval. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10248">GH-10248</a>]</li> <li>licensing: <strong>(Enterprise Only)</strong> Consul Enterprise has removed support for temporary licensing. All server agents must have a valid license at startup and client agents must have a license at startup or be able to retrieve one from the servers. [<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10248">GH-10248</a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hashicorp/consul/commit/db839f18ba4796df77601bfe9873756ed340525d"><code>db839f1</code></a> Release v1.10.1</li> <li><a href="https://github.com/hashicorp/consul/commit/40ac83c9d3c2e9942702fbd2e451c971163ffcc0"><code>40ac83c</code></a> update bindata_assetfs.go</li> <li><a href="https://github.com/hashicorp/consul/commit/fc38e8fba9749caba8452a760a513b2999b0b476"><code>fc38e8f</code></a> add changelogs for 1.10.1</li> <li><a href="https://github.com/hashicorp/consul/commit/e3e31375c80148de8cf1f582dbee2de210c71967"><code>e3e3137</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10622">#10622</a> from hashicorp/vuln/validate-sans-1.10</li> <li><a href="https://github.com/hashicorp/consul/commit/803df59268dbb5595dd61703f7b113fc3fcb870b"><code>803df59</code></a> Fixup prepared query ns defaulting</li> <li><a href="https://github.com/hashicorp/consul/commit/066e950b7d1865bd9e2849929c5d0873fd3c803f"><code>066e950</code></a> Add changelog entry</li> <li><a href="https://github.com/hashicorp/consul/commit/d808d7897a095e819638fbb0090f83ec716600d4"><code>d808d78</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10617">#10617</a> from hashicorp/dnephin/config-add-missing-docs</li> <li><a href="https://github.com/hashicorp/consul/commit/104ee65e17f924ee25c53725e919083a87073009"><code>104ee65</code></a> xds: ensure single L7 deny intention with default deny policy does not result...</li> <li><a href="https://github.com/hashicorp/consul/commit/e92b9e8e82d4a299390b66e08951135b1ace2067"><code>e92b9e8</code></a> ui: [BUGFIX] Ensure we use the ns query param name when requesting permission...</li> <li><a href="https://github.com/hashicorp/consul/commit/15f6b10e4aabb5f4a7e29de539a0030491d6d454"><code>15f6b10</code></a> ui: [BUGFIX] Ensure in-folder KVs are created in the correct folder (<a href="https://github-redirect.dependabot.com/hashicorp/consul/issues/10569">#10569</a>)</li> <li>Additional commits viewable in <a href="https://github.com/hashicorp/consul/compare/v1.8.1...v1.10.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/consul/api&package-manager=go_modules&previous-version=1.8.1&new-version=1.10.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
github-actions[bot] (Migrated from github.com) approved these changes 2021-09-16 10:10:00 +03:00
Sign in to join this conversation.
No description provided.