search

hashicorp / nomad-device-nvidia

Nomad device driver for Nvidia GPU
Mozilla Public License 2.0
16 stars 7 forks source link

build(deps): bump github.com/hashicorp/nomad from 1.3.1 to 1.3.9 #16

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 1 year ago

Bumps github.com/hashicorp/nomad from 1.3.1 to 1.3.9.

Release notes

Sourced from github.com/hashicorp/nomad's releases.

v1.3.9

1.3.9 (February 14, 2023)

SECURITY:

  • artifact: Provide mitigations against unbounded artifact decompression [GH-16126]
  • build: Update to go1.20.1 [GH-16182]

v1.3.8

1.3.8 (November 21, 2022)

BUG FIXES:

  • api: Ensure all request body decode errors return a 400 status code [GH-15252]
  • cleanup: fixed missing timer.Reset for plan queue stat emitter [GH-15134]
  • client: Fixed a bug where tasks would restart without waiting for interval [GH-15215]
  • client: fixed a bug where non-docker tasks with network isolation would leak network namespaces and iptables rules if the client was restarted while they were running [GH-15214]
  • client: prevent allocations from failing on client reconnect by retrying RPC requests when no servers are available yet [GH-15140]
  • csi: Fixed race condition that can cause a panic when volume is garbage collected [GH-15101]
  • device: Fixed a bug where device plugins would not fingerprint on startup [GH-15125]
  • drivers: Fixed a bug where one goroutine was leaked per task [GH-15180]
  • drivers: pass missing propagation_mode configuration for volume mounts to external plugins [GH-15096]
  • event_stream: fixed a bug where dynamic port values would fail to serialize in the event stream [GH-12916]
  • fingerprint: Ensure Nomad can correctly fingerprint Consul gRPC where the Consul agent is running v1.14.0 or greater [GH-15309]
  • scheduler: Fixed a bug that prevented disconnected allocations to be updated after they reconnect. [GH-15068]
  • scheduler: Prevent unnecessary placements when disconnected allocations reconnect. [GH-15068]
  • template: Fixed a bug where template could cause agent panic on startup [GH-15192]

v1.3.7

1.3.7 (October 26, 2022)

IMPROVEMENTS:

  • deps: update go-memdb for goroutine leak fix [GH-14983]
  • docker: improve memory usage for docker_logger [GH-14875]

BUG FIXES:

  • acl: Fixed a bug where Nomad version checking for one-time tokens was enforced across regions [GH-14911]
  • client: Fixed a bug where Nomad could not detect cores on recent RHEL systems [GH-15027]
  • consul: Fixed a bug where services continuously re-registered [GH-14917]
  • consul: atomically register checks on initial service registration [GH-14944]
  • deps: Update hashicorp/raft to v1.3.11; fixes unstable leadership on server removal [GH-15021]
  • nomad native service discovery: Ensure all local servers meet v.1.3.0 minimum before service registrations can be written [GH-14924]
  • scheduler: Fixed a bug where version checking for disconnected clients handling was enforced across regions [GH-14911]

v1.3.6

1.3.6 (October 04, 2022)

SECURITY:

... (truncated)

Changelog

Sourced from github.com/hashicorp/nomad's changelog.

1.3.13 (April 04, 2023)

SECURITY:

  • build: update to Go 1.20.3 to prevent denial of service attack via malicious HTTP headers CVE-2023-24534 [GH-16788]

1.3.12 (March 21, 2023)

IMPROVEMENTS:

BUG FIXES:

  • client: Fixed a bug where clients using Consul discovery to join the cluster would get permission denied errors [GH-16490]
  • client: Fixed a bug where cpuset initialization fails after Client restart [GH-16467]
  • plugin: Add missing fields to TaskConfig so they can be accessed by external task drivers [GH-16434]
  • services: Fixed a bug where a service would be deregistered twice [GH-16289]

1.3.11 (March 10, 2023)

IMPROVEMENTS:

  • env/ec2: update cpu metadata [GH-16417]

BUG FIXES:

  • client: Fixed a bug where clients used the serf advertise address to connect to servers when using Consul auto-discovery [GH-16217]
  • docker: Fixed a bug where pause containers would be erroneously removed [GH-16352]
  • scheduler: Fixed a bug where collisions in dynamic port offerings would result in spurious plan-for-node-rejected errors [GH-16401]
  • server: Fixed a bug where deregistering a job that was already garbage collected would create a new evaluation [GH-16287]
  • server: Fixed a bug where node updates that produced errors from service discovery or CSI plugin updates were not logged [GH-16287]
  • server: Fixed a bug where the system reconcile summaries command and API would not return any scheduler-related errors [GH-16287]

1.3.10 (March 01, 2023)

BREAKING CHANGES:

  • core: Ensure no leakage of evaluations for batch jobs. Prior to this change allocations and evaluations for batch jobs were never garbage collected until the batch job was explicitly stopped. The new batch_eval_gc_threshold server configuration controls how often they are collected. The default threshold is 24h. [GH-15097]

IMPROVEMENTS:

  • client: detect and cleanup leaked iptables rules [GH-15407]
  • consul: add client configuration for grpc_ca_file [GH-15701]
  • env/ec2: update cpu metadata [GH-15770]
  • fingerprint: Detect CNI plugins and set versions as node attributes [GH-15452]

DEPRECATIONS:

  • api: The connect ConsulExposeConfig.Path field is deprecated in favor of ConsulExposeConfig.Paths [GH-15541]

... (truncated)

Commits
  • 03f3410 Generate files for 1.3.9 release
  • fa0b49a build: update to go1.20.1 (#16182) (#16184)
  • df4dfa7 backport of commit 8d30bc6537c193231dd07ce453ab0656897f0b94 (#15501)
  • 663864c artifact: protect against unbounded artifact decompression (1.4.x) (#16126) (...
  • 353d07b Generate files for 1.3.8 release
  • b185c95 backport of commit 424a7ca06b4a782dca74c8fe966352a11e7ed5e3 (#15352)
  • b25627b (backport) client: accommodate Consul 1.14.0 gRPC and agent self changes. (#1...
  • c3da85e Backport of api: ensure all request body decode error return a 400 status cod...
  • 415f5f9 backport of commit e8fe3324a3bb1274f3711fdb8a41bc1e659fcd76 (#15316)
  • a1b656e backport of commit 44943bfd9fe908b64e55e607d6173e8b3e450e1d (#15304)
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hashicorp/nomad-device-nvidia/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented 4 months ago

A newer version of github.com/hashicorp/nomad exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

pkazmierczak commented 3 months ago

@dependabot rebase

dependabot[bot] commented 3 months ago

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

pkazmierczak commented 3 months ago

Obsolete.

dependabot[bot] commented 3 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.