cli: added -append-policy-id, -append-policy-name, -append-role-name, and -append-role-id flags to the consul token update command.
These flags allow updates to a token's policies/roles without having to override them completely. [GH-16288]
cli: added -append-service-identity and -append-node-identity flags to the consul token update command.
These flags allow updates to a token's node identities/service identities without having to override them. [GH-16506]
connect: Bump Envoy 1.22.5 to 1.22.7, 1.23.2 to 1.23.4, 1.24.0 to 1.24.2, add 1.25.1, remove 1.21.5 [GH-16274]
mesh: Add ServiceResolver RequestTimeout for route timeouts to make request timeouts configurable [GH-16495]
ui: support filtering API gateways in the ui and displaying their documentation links [GH-16508]
DEPRECATIONS:
cli: Deprecate the -merge-node-identites and -merge-service-identities flags from the consul token update command in favor of: -append-node-identity and -append-service-identity. [GH-16506]
cli: Deprecate the -merge-policies and -merge-roles flags from the consul token update command in favor of: -append-policy-id, -append-policy-name, -append-role-name, and -append-role-id. [GH-16288]
BUG FIXES:
cli: Fixes an issue with consul connect envoy where a log to STDOUT could malform JSON when used with -bootstrap. [GH-16530]
cli: Fixes an issue with consul connect envoy where grpc-disabled agents were not error-handled correctly. [GH-16530]
gateways: fix HTTPRoute bug where service weights could be less than or equal to 0 and result in a downstream envoy protocol error [GH-16512]
gateways: fix HTTPRoute bug where services with a weight not divisible by 10000 are never registered properly [GH-16531]
mesh: Fix resolution of service resolvers with subsets for external upstreams [GH-16499]
proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher [GH-16497]
proxycfg: fix a bug where terminating gateways were not cleaning up deleted service resolvers for their referenced services [GH-16498]
ui: Fix issue with lists and filters not rendering properly [GH-16444]
v1.15.0
1.15.0 (February 23, 2023)
ANNOUNCEMENTS:
Upcoming in Consul 1.16 we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from hashicorp/consul instead of consul.
BREAKING CHANGES:
acl errors: Delete and get requests now return descriptive errors when the specified resource cannot be found. Other ACL request errors provide more information about when a resource is missing. Add error for when the ACL system has not been bootstrapped.
Delete Token/Policy/AuthMethod/Role/BindingRule endpoints now return 404 when the resource cannot be found.
New error formats: "Requested * does not exist: ACL not found", "* not found in namespace $NAMESPACE: ACL not found"
Read Token/Policy/Role endpoints now return 404 when the resource cannot be found.
New error format: "Cannot find * to delete"
Logout now returns a 401 error when the supplied token cannot be found
New error format: "Supplied token does not exist"
Token Self endpoint now returns 404 when the token cannot be found.
New error format: "Supplied token does not exist" [GH-16105]
acl: remove all acl migration functionality and references to the legacy acl system. [GH-15947]
cli: added -append-policy-id, -append-policy-name, -append-role-name, and -append-role-id flags to the consul token update command.
These flags allow updates to a token's policies/roles without having to override them completely. [GH-16288]
cli: added -append-service-identity and -append-node-identity flags to the consul token update command.
These flags allow updates to a token's node identities/service identities without having to override them. [GH-16506]
connect: Bump Envoy 1.22.5 to 1.22.7, 1.23.2 to 1.23.4, 1.24.0 to 1.24.2, add 1.25.1, remove 1.21.5 [GH-16274]
mesh: Add ServiceResolver RequestTimeout for route timeouts to make request timeouts configurable [GH-16495]
ui: support filtering API gateways in the ui and displaying their documentation links [GH-16508]
DEPRECATIONS:
cli: Deprecate the -merge-node-identites and -merge-service-identities flags from the consul token update command in favor of: -append-node-identity and -append-service-identity. [GH-16506]
cli: Deprecate the -merge-policies and -merge-roles flags from the consul token update command in favor of: -append-policy-id, -append-policy-name, -append-role-name, and -append-role-id. [GH-16288]
BUG FIXES:
cli: Fixes an issue with consul connect envoy where a log to STDOUT could malform JSON when used with -bootstrap. [GH-16530]
cli: Fixes an issue with consul connect envoy where grpc-disabled agents were not error-handled correctly. [GH-16530]
gateways: fix HTTPRoute bug where service weights could be less than or equal to 0 and result in a downstream envoy protocol error [GH-16512]
gateways: fix HTTPRoute bug where services with a weight not divisible by 10000 are never registered properly [GH-16531]
mesh: Fix resolution of service resolvers with subsets for external upstreams [GH-16499]
proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher [GH-16497]
proxycfg: fix a bug where terminating gateways were not cleaning up deleted service resolvers for their referenced services [GH-16498]
ui: Fix issue with lists and filters not rendering properly [GH-16444]
1.15.0 (February 23, 2023)
BREAKING CHANGES:
acl errors: Delete and get requests now return descriptive errors when the specified resource cannot be found. Other ACL request errors provide more information about when a resource is missing. Add error for when the ACL system has not been bootstrapped.
Delete Token/Policy/AuthMethod/Role/BindingRule endpoints now return 404 when the resource cannot be found.
New error formats: "Requested * does not exist: ACL not found", "* not found in namespace $NAMESPACE: ACL not found"
Read Token/Policy/Role endpoints now return 404 when the resource cannot be found.
New error format: "Cannot find * to delete"
Logout now returns a 401 error when the supplied token cannot be found
New error format: "Supplied token does not exist"
Token Self endpoint now returns 404 when the token cannot be found.
New error format: "Supplied token does not exist" [GH-16105]
acl: remove all acl migration functionality and references to the legacy acl system. [GH-15947]
acl: remove all functionality and references for legacy acl policies. [GH-15922]
config: Deprecate -join, -join-wan, start_join, and start_join_wan.
These options are now aliases of -retry-join, -retry-join-wan, retry_join, and retry_join_wan, respectively. [GH-15598]
connect: Add peer field to service-defaults upstream overrides. The addition of this field makes it possible to apply upstream overrides only to peer services. Prior to this change, overrides would be applied based on matching the namespace and name fields only, which means users could not have different configuration for local versus peer services. With this change, peer upstreams are only affected if the peer field matches the destination peer name. [GH-15956]
connect: Consul will now error and exit when using the consul connect envoy command if the Envoy version is incompatible. To ignore this check use flag --ignore-envoy-compatibility [GH-15818]
extensions: Refactor Lambda integration to get configured with the Envoy extensions field on service-defaults configuration entries. [GH-15817]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 year ago
Bumps github.com/hashicorp/consul from 1.14.3 to 1.15.1.
Release notes
Sourced from github.com/hashicorp/consul's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/consul's changelog.
... (truncated)
Commits
7c04b6aStage v1.15.199e1ccebump api and sdk modules43e72bdbump sdk,api,envoyextensions, and troubleshoot modulesafc96a6bump consul/api and consul/envoyextensions4afa3a5bump consul/api to v1.20.0 and consul/sdk to v0.13.14697059Bump consul/sdk to v0.13.1caf85acBackport of Update docs to reflect functionality into release/1.15.x (#16555)dd740f0Backport of Fix flakey tests related to ACL token updates into release/1.15.x...e66f26bBackport of Update the consul-k8s cli docs for the newproxy logsubcommand...494fba2Backport of Follow-up fixes to consul connect envoy command into release/1.15...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)