Adds flag -append-filename (which works on values version, dc, node and status) to consul snapshot save command.
Adding the flag -append-filename version,dc,node,status will add consul version, consul datacenter, node name and leader/follower
(status) in the file name given in the snapshot save command before the file extension. [GH-18625]
Reduce the frequency of metric exports from Consul to HCP from every 10s to every 1m [GH-18584]
api: Add support for listing ACL tokens by service name. [GH-18667]
checks: It is now possible to configure agent TCP checks to use TLS with
optional server SNI and mutual authentication. To use TLS with a TCP check, the
check must enable the tcp_use_tls boolean. By default the agent will use the
TLS configuration in the tls.default stanza. [GH-18381]
command: Adds -since flag in consul debug command which internally calls hcdiag for debug information in the past. [GH-18797]
log: Currently consul logs files like this consul-{timestamp}.log. This change makes sure that there is always
consul.log file with the latest logs in it. [GH-18617]
BUG FIXES:
Inherit locality from services when registering sidecar proxies. [GH-18437]
UI : Nodes list view was breaking for synthetic-nodes. Fix handles non existence of consul-version meta for node. [GH-18464]
api: Fix /v1/agent/self not returning latest configuration [GH-18681]
ca: Vault provider now cleans up the previous Vault issuer and key when generating a new leaf signing certificate [GH-18779] [GH-18773]
check: prevent go routine leakage when existing Defercheck of same check id is not nil [GH-18558]
connect: Fix issue where Envoy endpoints would not populate correctly after a snapshot restore. [GH-18636]
gateways: Fix a bug where gateway to service mappings weren't being cleaned up properly when externally registered proxies were being deregistered. [GH-18831]
telemetry: emit consul version metric on a regular interval. [GH-18724]
Upgrade to use Go 1.20.6.
This resolves CVE-2023-29406(net/http) for uses of the standard library.
A separate change updates dependencies on golang.org/x/net to use 0.12.0. [GH-18190]
Upgrade to use Go 1.20.7.
This resolves vulnerability CVE-2023-29409(crypto/tls). [GH-18358]
connect: Consul versions 1.16.0 and 1.16.1 may have issues when a snapshot restore is performed and the servers are hosting xDS streams. When this bug triggers, it will cause Envoy to incorrectly populate upstream endpoints. This bug only impacts agent-less service mesh and should be fixed in Consul 1.16.2 by GH-18636.
Upgrade to use Go 1.20.6.
This resolves CVE-2023-29406(net/http) for uses of the standard library.
A separate change updates dependencies on golang.org/x/net to use 0.12.0. [GH-18190]
Upgrade to use Go 1.20.7.
This resolves vulnerability CVE-2023-29409(crypto/tls). [GH-18358]
FEATURES:
cli: consul members command uses -filter expression to filter members based on bexpr. [GH-18223]
cli: consul operator raft list-peers command shows the number of commits each follower is trailing the leader by to aid in troubleshooting. [GH-17582]
cli: consul watch command uses -filter expression to filter response from checks, services, nodes, and service. [GH-17780]
reloadable config: Made enable_debug config reloadable and enable pprof command to work when config toggles to true [GH-17565]
ui: consul version is displayed in nodes list with filtering and sorting based on versions [GH-17754]
Fix a bug that wrongly trims domains when there is an overlap with DC name. [GH-17160]
api-gateway: fix race condition in proxy config generation when Consul is notified of the bound-api-gateway config entry before it is notified of the api-gateway config entry. [GH-18291]
api: Fix client deserialization errors by marking new Enterprise-only prepared query fields as omit empty [GH-18184]
ca: Fixes a Vault CA provider bug where updating RootPKIPath but not IntermediatePKIPath would not renew leaf signing certificates [GH-18112]
connect/ca: Fixes a bug preventing CA configuration updates in secondary datacenters [GH-17846]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/hashicorp/consul from 1.14.3 to 1.16.2.
Release notes
Sourced from github.com/hashicorp/consul's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/consul's changelog.
... (truncated)
Commits
68f8191
Stage 1.16.27a633a1
Update Consul API version to 1.25.1 (#18903)c38b9bf
Backport of docs: Fix HCL, JSON, and YAML syntax errors into release/1.16.x (...b8d6c11
Backport of Fix code block examples on dns-static-lookups.mdx into release/1....91930bd
Backport of Add operator audit endpoint changes into release/1.16.x (#18901)ad696e2
Update Consul API Version for 1.16.x (#18867)5e7693b
NET-4519 Collecting journald logs in "consul debug" bundle (#18797) (#18884)e411c03
Backport of Remove flaky test assertions into release/1.16.x (#18871)ce99c74
Backport of Fix typo in permissive mTLS docs into release/1.16.x (#18589)333883d
Backport of Fix gateway services cleanup where proxy deregistration happens a...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show