hashicorp / vault-secrets-operator

The Vault Secrets Operator (VSO) allows Pods to consume Vault secrets natively from Kubernetes Secrets.
https://hashicorp.com
Other
471 stars 102 forks source link

Bump the gomod-backward-compatible group with 17 updates #929

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 2 months ago

Bumps the gomod-backward-compatible group with 17 updates:

Package From To
cloud.google.com/go/compute/metadata 0.5.0 0.5.1
github.com/Masterminds/sprig/v3 3.2.3 3.3.0
github.com/argoproj/argo-rollouts 1.6.6 1.7.2
github.com/gruntwork-io/terratest 0.47.0 0.47.1
github.com/hashicorp/hcp-sdk-go 0.110.0 0.113.0
github.com/hashicorp/vault/api 1.13.0 1.15.0
github.com/hashicorp/vault/sdk 0.13.0 0.14.0
github.com/onsi/gomega 1.34.1 1.34.2
github.com/prometheus/client_golang 1.20.3 1.20.4
golang.org/x/crypto 0.26.0 0.27.0
google.golang.org/api 0.192.0 0.198.0
k8s.io/apiextensions-apiserver 0.30.3 0.31.1
k8s.io/apimachinery 0.30.3 0.31.1
k8s.io/client-go 0.30.3 0.31.1
k8s.io/utils 0.0.0-20230726121419-3b25d923346b 0.0.0-20240711033017-18e509b52bc8
sigs.k8s.io/controller-runtime 0.18.4 0.19.0
nhooyr.io/websocket 1.8.11 1.8.17

Updates cloud.google.com/go/compute/metadata from 0.5.0 to 0.5.1

Changelog

Sourced from cloud.google.com/go/compute/metadata's changelog.

Changes

0.115.1 (2024-08-13)

Bug Fixes

  • cloud.google.com/go: Bump google.golang.org/grpc@v1.64.1 (8ecc4e9)

0.115.0 (2024-06-12)

Features

Bug Fixes

  • internal/postprocessor: Use approved image tag (#10341) (a388fe5)

0.114.0 (2024-05-23)

Features

  • civil: Add Compare method to Date, Time, and DateTime (#10193) (c2920d7)

Bug Fixes

  • internal/postprocessor: Add scopes to all appropriate commit lines (#10192) (c21399b)

0.113.0 (2024-05-08)

Features

  • civil: Add Compare method to Date, Time, and DateTime (#10010) (34455c1)

Bug Fixes

  • all: Bump x/net to v0.24.0 (#10000) (ba31ed5)
  • debugger: Add internaloption.WithDefaultEndpointTemplate (3b41408)
  • internal/aliasfix: Handle import paths correctly (#10097) (fafaf0d)
  • rpcreplay: Properly unmarshal dynamic message (#9774) (53ccb20), refs #9773

Documentation

... (truncated)

Commits
  • e992f09 chore: release main (#10792)
  • 22adc9a chore(main): release firestore 1.17.0 (#10597)
  • e9a551e feat(firestore): Adding distance threshold and result field (#10802)
  • 839f30e chore(main): release auth 0.9.4 (#10846)
  • b9dfce5 chore: update gapic-generator-go to 0.47.0 (#10848)
  • 9b4b2fa docs(pubsub): update documentation for 31 day subscription message retention ...
  • 2bdedef fix(compute/metadata): check error chain for retryable error (#10840)
  • 2d5a9f9 feat(dataproc): add support for new Dataproc features (#10817)
  • f9869f7 fix(auth): enable self-signed JWT for non-GDU universe domain (#10831)
  • 6720291 chore(main): release bigtable 1.32.0 (#10815)
  • Additional commits viewable in compare view


Updates github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0

Release notes

Sourced from github.com/Masterminds/sprig/v3's releases.

v3.3.0

What's Changed

New Contributors

Full Changelog: https://github.com/Masterminds/sprig/compare/v3.2.3...v3.3.0

Changelog

Sourced from github.com/Masterminds/sprig/v3's changelog.

Release 3.3.0 (2024-08-29)

Added

Changed

  • #407: Removed duplicate documentation (functions were documentated in 2 places)
  • #290: Corrected copy/paster oops in math documentation (thanks @​zzhu41)
  • #369: Corrected template reference in docs (thanks @​chey)
  • #375: Added link to URL documenation (thanks @​carlpett)
  • #406: Updated the mergo dependency which had a breaking change (which was accounted for)
  • #376: Fixed documentation error (thanks @​jheyduk)
  • #404: Updated dependency tree
  • #391: Fixed misspelling (thanks @​chrishalbert)
  • #405: Updated Go versions used in testing
Commits
  • e708470 Merge pull request #408 from mattfarina/update-changelog-3.3
  • 8fc4354 Updating the changelog for the 3.3.0 release
  • cb81a32 Merge pull request #407 from mattfarina/remove-dup-math-functions
  • 2637693 Removing duplicate documentation
  • 06b9a87 Merge pull request #290 from zzhu41/patch-1
  • e663ec6 Merge pull request #369 from chey/patch-1
  • bb2f73f Merge pull request #375 from carlpett/patch-1
  • f07659e Merge pull request #400 from itzik-elayev/master
  • 98b35c1 Add closing bracket
  • 7a88928 Merge pull request #406 from mattfarina/update-mergo
  • Additional commits viewable in compare view


Updates github.com/argoproj/argo-rollouts from 1.6.6 to 1.7.2

Release notes

Sourced from github.com/argoproj/argo-rollouts's releases.

v1.7.2

Fix

  • replicaSet not scaled down due to incorrect annotations (#3762) (#3784)
  • add update verb to ClusterRole permissions for scaleDown feature. Fixes #3672 (#3675)
  • analysis: explicitly set datadog aggregator to last only on v2 (#3730)
  • analysis: Take RollbackWindow into account when Reconciling Analysis Runs. Fixes #3669 (#3670)
  • controller: Get the right resourceName for traefik.io.Fixes #3615 (#3759)
  • controller: use the stableRS from the rollout context rather tha… (#3664)
  • dashboard: Update pod status logic to support native sidecars. Fixes #3366 (#3639)
  • metricprovider: reuse http.Transport for http.Client (#3780)

Full Changelog: https://github.com/argoproj/argo-rollouts/compare/v1.7.1...v1.7.2

v1.7.1

Full Changelog: https://github.com/argoproj/argo-rollouts/compare/v1.7.0...v1.7.1

v1.7.0

Fix

  • verify the weight of the alb at the end of the rollout (#3627)
  • when Rollout has pingpong and stable/canary service defined, only alb traffic management uses pingpong. (#3628)
  • protocol missing in ambassador canary mapping creation. Fixes #3593 (#3603)
  • rs conflict with fallback to patch (#3559)
  • controller: Corrects the logic of comparing sha256 has. Fixes #3519 (#3520)

Full Changelog: https://github.com/argoproj/argo-rollouts/compare/v1.7.0-rc1...v1.7.0

v1.7.0-rc1

Build

  • deps: always resolve momentjs version 2.29.4 (#3182)

Chore

  • fix PodSecurity warning (#3424)
  • add WeLab Bank to users.md (#2996)
  • change file name for readthedocs compatibility (#2999)
  • Update users doc with CircleCI (#3028)
  • bump k8s versions to 1.29 (#3494)
  • updating getCanaryConfigId to be more efficient with better error handling (#3070)
  • add missing rollout fields (#3062)
  • upgrade cosign (#3139)
  • add OpenSSF Scorecard badge (#3154)
  • add test for reconcileEphemeralMetadata() (#3163)
  • leave the validation of setHeaderRoute to the plugin when plugins is not empty. (#2898)
  • fix lint errors reported by golangci-lint (#3458)
  • fix unit test data races (#3478) (#3479)
  • added organization to users.md (#3481)
  • set webpack hashFunction to modern sha256, remove legacy-provider. Fixes #2609 (#3475)

... (truncated)

Changelog

Sourced from github.com/argoproj/argo-rollouts's changelog.

v1.7.2 (2024-08-12)

Fix

  • replicaSet not scaled down due to incorrect annotations (#3762) (#3784)
  • add update verb to ClusterRole permissions for scaleDown feature. Fixes #3672 (#3675)
  • analysis: explicitly set datadog aggregator to last only on v2 (#3730)
  • analysis: Take RollbackWindow into account when Reconciling Analysis Runs. Fixes #3669 (#3670)
  • controller: Get the right resourceName for traefik.io.Fixes #3615 (#3759)
  • controller: use the stableRS from the rollout context rather tha… (#3664)
  • dashboard: Update pod status logic to support native sidecars. Fixes #3366 (#3639)
  • metricprovider: reuse http.Transport for http.Client (#3780)

v1.7.1 (2024-06-22)

Fix

  • docs site version selector broken (#3590)
  • don't default datadog aggregator (#3643)
  • Add volume for plugin and tmp folder (#3546)

v1.7.0 (2024-06-12)

Fix

  • verify the weight of the alb at the end of the rollout (#3627)
  • when Rollout has pingpong and stable/canary service defined, only alb traffic management uses pingpong. (#3628)
  • protocol missing in ambassador canary mapping creation. Fixes #3593 (#3603)
  • rs conflict with fallback to patch (#3559)
  • controller: Corrects the logic of comparing sha256 has. Fixes #3519 (#3520)

v1.7.0-rc1 (2024-04-03)

Build

  • deps: always resolve momentjs version 2.29.4 (#3182)

Chore

  • fix PodSecurity warning (#3424)
  • add WeLab Bank to users.md (#2996)
  • change file name for readthedocs compatibility (#2999)
  • Update users doc with CircleCI (#3028)
  • bump k8s versions to 1.29 (#3494)

... (truncated)

Commits
  • 59e5bd3 fix: replicaSet not scaled down due to incorrect annotations (#3762) (#3784)
  • 131b572 fix(metricprovider): reuse http.Transport for http.Client (#3780)
  • a0b7332 fix(controller): Get the right resourceName for traefik.io.Fixes #3615 (#3759)
  • e621fb2 fix(analysis): explicitly set datadog aggregator to last only on v2 (#3730)
  • 9efeaa7 fix: add update verb to ClusterRole permissions for scaleDown feature. Fixes ...
  • 321fd68 fix(analysis): Take RollbackWindow into account when Reconciling Analysis Run...
  • c0db627 fix(controller): use the stableRS from the rollout context rather tha… (#3664)
  • 62fb6cd fix(dashboard): Update pod status logic to support native sidecars. Fixes #33...
  • 6a99ea9 fix: docs site version selector broken (#3590)
  • e472955 fix: don't default datadog aggregator (#3643)
  • Additional commits viewable in compare view


Updates github.com/gruntwork-io/terratest from 0.47.0 to 0.47.1

Release notes

Sourced from github.com/gruntwork-io/terratest's releases.

v0.47.1

Modules affected

  • aws
  • retry

Description

Special thanks

Special thanks to the following users for their contribution!

Related links

Full Changelog: https://github.com/gruntwork-io/terratest/compare/v0.47.0...v0.47.1

Commits
  • 1a1a8c1 Merge pull request #1438 from roysha1/master
  • 5eca5da update go-getter
  • f9d5fb2 Merge pull request #1436 from gruntwork-io/fix-circle-ci
  • 05ddb3d Fix circle ci
  • f5dd7d8 Merge pull request #1428 from gruntwork-io/dependabot/go_modules/github.com/d...
  • 23885a8 Bump github.com/docker/docker
  • ea2688e Merge pull request #1434 from gruntwork-io/dependabot/bundler/docs/activesupp...
  • e790ff3 Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs
  • 2bff0c8 Merge pull request #1433 from gruntwork-io/dependabot/bundler/docs/commonmark...
  • a3209a0 Merge pull request #1410 from gruntwork-io/dependabot/go_modules/github.com/d...
  • Additional commits viewable in compare view


Updates github.com/hashicorp/hcp-sdk-go from 0.110.0 to 0.113.0

Release notes

Sourced from github.com/hashicorp/hcp-sdk-go's releases.

v0.113.0 (September 18, 2024)

v0.112.0 (September 11, 2024)

DEPRECATIONS:

  • Remove cloud-vault-scanning-proxy client. [GH-268]

v0.111.0 (September 04, 2024)

Changelog

Sourced from github.com/hashicorp/hcp-sdk-go's changelog.

v0.113.0 (September 18, 2024)

v0.112.0 (September 11, 2024)

DEPRECATIONS:

  • Remove cloud-vault-scanning-proxy client. [GH-268]

v0.111.0 (September 04, 2024)

Commits


Updates github.com/hashicorp/vault/api from 1.13.0 to 1.15.0

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.15.0

1.15.0

September 27, 2023

SECURITY:

  • secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. [GH-22852]

CHANGES:

  • auth/alicloud: Update plugin to v0.16.0 [GH-22646]
  • auth/azure: Update plugin to v0.16.0 [GH-22277]
  • auth/azure: Update plugin to v0.16.1 [GH-22795]
  • auth/azure: Update plugin to v0.16.2 [GH-23060]
  • auth/cf: Update plugin to v0.15.1 [GH-22758]
  • auth/gcp: Update plugin to v0.16.1 [GH-22612]
  • auth/jwt: Update plugin to v0.17.0 [GH-22678]
  • auth/kerberos: Update plugin to v0.10.1 [GH-22797]
  • auth/kubernetes: Update plugin to v0.17.0 [GH-22709]
  • auth/kubernetes: Update plugin to v0.17.1 [GH-22879]
  • auth/ldap: Normalize HTTP response codes when invalid credentials are provided [GH-21282]
  • auth/oci: Update plugin to v0.14.2 [GH-22805]
  • core (enterprise): Ensure Role Governing Policies are only applied down the namespace hierarchy
  • core/namespace (enterprise): Introduce the concept of high-privilege namespace (administrative namespace), which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
  • core: Bump Go version to 1.21.1.
  • database/couchbase: Update plugin to v0.9.3 [GH-22854]
  • database/couchbase: Update plugin to v0.9.4 [GH-22871]
  • database/elasticsearch: Update plugin to v0.13.3 [GH-22696]
  • database/mongodbatlas: Update plugin to v0.10.1 [GH-22655]
  • database/redis-elasticache: Update plugin to v0.2.2 [GH-22584]
  • database/redis-elasticache: Update plugin to v0.2.3 [GH-22598]
  • database/redis: Update plugin to v0.2.2 [GH-22654]
  • database/snowflake: Update plugin to v0.9.0 [GH-22516]
  • events: Log level for processing an event dropped from info to debug. [GH-22997]
  • events: data_path will include full data path of secret, including name. [GH-22487]
  • replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
  • sdk/logical/events: EventSender interface method is now SendEvent instead of Send. [GH-22487]
  • secrets/ad: Update plugin to v0.16.1 [GH-22856]
  • secrets/alicloud: Update plugin to v0.15.1 [GH-22533]
  • secrets/azure: Update plugin to v0.16.2 [GH-22799]
  • secrets/azure: Update plugin to v0.16.3 [GH-22824]
  • secrets/gcp: Update plugin to v0.17.0 [GH-22746]
  • secrets/gcpkms: Update plugin to v0.15.1 [GH-22757]
  • secrets/keymgmt: Update plugin to v0.9.3
  • secrets/kubernetes: Update plugin to v0.6.0 [GH-22823]
  • secrets/kv: Update plugin to v0.16.1 [GH-22716]
  • secrets/mongodbatlas: Update plugin to v0.10.1 [GH-22748]
  • secrets/openldap: Update plugin to v0.11.2 [GH-22734]
  • secrets/terraform: Update plugin to v0.7.3 [GH-22907]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.15.0

September 27, 2023

SECURITY:

  • secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. This vulnerability, CVE-2023-4680, is fixed in Vault 1.14.3, 1.13.7, and 1.12.11. [GH-22852, HSEC-2023-28]
  • sentinel (enterprise): Sentinel RGP policies allowed for cross-namespace denial-of-service. This vulnerability, CVE-2023-3775, is fixed in Vault Enterprise 1.15.0, 1.14.4, and 1.13.8.[HSEC-2023-29]

CHANGES:

  • auth/alicloud: Update plugin to v0.16.0 [GH-22646]
  • auth/azure: Update plugin to v0.16.0 [GH-22277]
  • auth/azure: Update plugin to v0.16.1 [GH-22795]
  • auth/azure: Update plugin to v0.16.2 [GH-23060]
  • auth/cf: Update plugin to v0.15.1 [GH-22758]
  • auth/gcp: Update plugin to v0.16.1 [GH-22612]
  • auth/jwt: Update plugin to v0.17.0 [GH-22678]
  • auth/kerberos: Update plugin to v0.10.1 [GH-22797]
  • auth/kubernetes: Update plugin to v0.17.0 [GH-22709]
  • auth/kubernetes: Update plugin to v0.17.1 [GH-22879]
  • auth/ldap: Normalize HTTP response codes when invalid credentials are provided [GH-21282]
  • auth/oci: Update plugin to v0.14.2 [GH-22805]
  • core (enterprise): Ensure Role Governing Policies are only applied down the namespace hierarchy
  • core/namespace (enterprise): Introduce the concept of high-privilege namespace (administrative namespace), which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
  • core: Bump Go version to 1.21.1.
  • database/couchbase: Update plugin to v0.9.3 [GH-22854]
  • database/couchbase: Update plugin to v0.9.4 [GH-22871]
  • database/elasticsearch: Update plugin to v0.13.3 [GH-22696]
  • database/mongodbatlas: Update plugin to v0.10.1 [GH-22655]
  • database/redis-elasticache: Update plugin to v0.2.2 [GH-22584]
  • database/redis-elasticache: Update plugin to v0.2.3 [GH-22598]
  • database/redis: Update plugin to v0.2.2 [GH-22654]
  • database/snowflake: Update plugin to v0.9.0 [GH-22516]
  • events: Log level for processing an event dropped from info to debug. [GH-22997]
  • events: data_path will include full data path of secret, including name. [GH-22487]
  • replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
  • sdk/logical/events: EventSender interface method is now SendEvent instead of Send. [GH-22487]
  • secrets/ad: Update plugin to v0.16.1 [GH-22856]
  • secrets/alicloud: Update plugin to v0.15.1 [GH-22533]
  • secrets/azure: Update plugin to v0.16.2 [GH-22799]
  • secrets/azure: Update plugin to v0.16.3 [GH-22824]
  • secrets/gcp: Update plugin to v0.17.0 [GH-22746]
  • secrets/gcpkms: Update plugin to v0.15.1 [GH-22757]
  • secrets/keymgmt: Update plugin to v0.9.3
  • secrets/kubernetes: Update plugin to v0.6.0 [GH-22823]
  • secrets/kv: Update plugin to v0.16.1 [GH-22716]
  • secrets/mongodbatlas: Update plugin to v0.10.1 [GH-22748]
  • secrets/openldap: Update plugin to v0.11.2 [GH-22734]
  • secrets/terraform: Update plugin to v0.7.3 [GH-22907]

... (truncated)

Commits
  • b4d0727 backport of commit 771470c28f099c2af5342c76d94716d45aa6887e (#23012)
  • f8da51c backport of commit 88ed074287d99da0e298589c5236fa094f770b08 (#23263)
  • 9e00b34 backport of commit ac9f411949b57669884157a6b6239cb586023175 (#23259)
  • 20af1eb backport of commit 036cbcebd9c5669edbb4519c68cc56f8b83f12d6 (#23258)
  • 99b916a backport of commit 8924f9592d9ff6013c11d5459c376a90908a3c4c (#23257)
  • 4e439e0 backport of commit 1d61aeb8aebc96eecbb6a35e10bd914b4d0f41f4 (#23249)
  • 565427a backport of commit 1e76ad42ef4221cb8a58e050d2edbfc552a878a0 (#23247)
  • 6fafd52 backport: Support mlock and custom tmpdir for containerized plugins (#23215) ...
  • d3927bc Backport UI: Add pagination to new PKI (#23238)
  • 5603003 backport of commit 68dd82c902ecf4487d9c17729527da9befb81a7f (#23246)
  • Additional commits viewable in compare view


Updates github.com/hashicorp/vault/sdk from 0.13.0 to 0.14.0

Changelog

Sourced from github.com/hashicorp/vault/sdk's changelog.

Previous versions

1.18.0-rc1

September 18, 2024

CHANGES:

  • activity (enterprise): filter all fields in client count responses by the request namespace [GH-27790]
  • activity (enterprise): remove deprecated fields distinct_entities and non_entity_tokens [GH-27830]
  • activity log: Deprecated the field "default_report_months". Instead, the billing start time will be used to determine the start time when querying the activity log endpoints. [GH-27350]
  • activity log: Deprecates the current_billing_period field for /sys/internal/counters/activity. The default start time will automatically be set the billing period start date. [GH-27426]
  • activity: The activity export API now requires the sudo ACL capability. [GH-27846]
  • activity: The activity export API now responds with a status of 204 instead 400 when no data exists within the time range specified by start_time and end_time. [GH-28064]
  • activity: The startTime will be set to the start of the current billing period by default. The endTime will be set to the end of the current month. This applies to /sys/internal/counters/activity, /sys/internal/counters/activity/export, and the vault operator usage command that utilizes /sys/internal/counters/activity. [GH-27379]
  • api: Update backoff/v3 to backoff/v4.3.0 [GH-26868]
  • auth/alicloud: Update plugin to v0.19.0 [GH-28263]
  • auth/azure: Update plugin to v0.19.0 [GH-28294]
  • auth/cf: Update plugin to v0.18.0 [GH-27724]
  • auth/cf: Update plugin to v0.19.0 [GH-28266]
  • auth/gcp: Update plugin to v0.19.0 [GH-28366]
  • auth/jwt: Update plugin to v0.21.0 [GH-27498]
  • auth/jwt: Update plugin to v0.22.0 [GH-28349]
  • auth/kerberos: Update plugin to v0.13.0 [GH-28264]
  • auth/kubernetes: Update plugin to v0.20.0 [GH-28289]
  • auth/oci: Update plugin to v0.17.0 [GH-28307]
  • cli: The undocumented -dev-three-node and -dev-four-cluster CLI options have been removed. [GH-27578]
  • consul-template: updated to version 0.39.1 [GH-27799]
  • core(enterprise): Updated the following two control group related errors responses to respond with response code 400 instead of 500: control group: could not find token, and control group: token is not a valid control group token.
  • core: Bump Go version to 1.22.7
  • database/couchbase: Update plugin to v0.12.0 [GH-28327]
  • database/elasticsearch: Update plugin to v0.16.0 [GH-28277]
  • database/mongodbatlas: Update plugin to v0.13.0 [GH-28268]
  • database/redis-elasticache: Update plugin to v0.5.0 [GH-28293]
  • database/redis: Update plugin to v0.4.0 [GH-28404]
  • database/snowflake: Update plugin to v0.12.0 [GH-28275]
  • sdk: Upgrade to go-secure-stdlib/plugincontainer@v0.4.0, which also bumps github.com/docker/docker to v26.1.5+incompatible [GH-28269]
  • secrets/ad: Update plugin to v0.19.0 [GH-28361]
  • secrets/alicloud: Update plugin to v0.18.0 [GH-28271]
  • secrets/azure: Update plugin to v0.19.2 [GH-27652]
  • secrets/azure: Update plugin to v0.20.0 [GH-28267]
  • secrets/gcp: Update plugin to v0.20.0 [GH-28324]
  • secrets/gcpkms: Update plugin to v0.18.0 [GH-28300]
  • secrets/gcpkms: Update plugin to v0.19.0 [GH-28360]
  • secrets/kubernetes: Update plugin to v0.9.0 [GH-28287]

... (truncated)

Commits