connect: Consul versions 1.16.0 and 1.16.1 may have issues when a snapshot restore is performed and the servers are hosting xDS streams. When this bug triggers, it will cause Envoy to incorrectly populate upstream endpoints. This bug only impacts agent-less service mesh and should be fixed in Consul 1.16.2 by GH-18636.
Upgrade to use Go 1.20.6.
This resolves CVE-2023-29406(net/http) for uses of the standard library.
A separate change updates dependencies on golang.org/x/net to use 0.12.0. [GH-18190]
Upgrade to use Go 1.20.7.
This resolves vulnerability CVE-2023-29409(crypto/tls). [GH-18358]
FEATURES:
cli: consul members command uses -filter expression to filter members based on bexpr. [GH-18223]
cli: consul operator raft list-peers command shows the number of commits each follower is trailing the leader by to aid in troubleshooting. [GH-17582]
cli: consul watch command uses -filter expression to filter response from checks, services, nodes, and service. [GH-17780]
reloadable config: Made enable_debug config reloadable and enable pprof command to work when config toggles to true [GH-17565]
ui: consul version is displayed in nodes list with filtering and sorting based on versions [GH-17754]
Fix a bug that wrongly trims domains when there is an overlap with DC name. [GH-17160]
api-gateway: fix race condition in proxy config generation when Consul is notified of the bound-api-gateway config entry before it is notified of the api-gateway config entry. [GH-18291]
api: Fix client deserialization errors by marking new Enterprise-only prepared query fields as omit empty [GH-18184]
ca: Fixes a Vault CA provider bug where updating RootPKIPath but not IntermediatePKIPath would not renew leaf signing certificates [GH-18112]
connect/ca: Fixes a bug preventing CA configuration updates in secondary datacenters [GH-17846]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/hashicorp/consul/api from 1.22.0 to 1.25.1.
Changelog
Sourced from github.com/hashicorp/consul/api's changelog.
... (truncated)
Commits
072476c
Update for 1.25.191930bd
Backport of Add operator audit endpoint changes into release/1.16.x (#18901)ad696e2
Update Consul API Version for 1.16.x (#18867)5e7693b
NET-4519 Collecting journald logs in "consul debug" bundle (#18797) (#18884)e411c03
Backport of Remove flaky test assertions into release/1.16.x (#18871)ce99c74
Backport of Fix typo in permissive mTLS docs into release/1.16.x (#18589)333883d
Backport of Fix gateway services cleanup where proxy deregistration happens a...38f4d1b
Backport of docs: Fix typo in description for server_addresses into release/1...d732000
Backport of docs: K8s secondary DC requirements into release/1.16.x (#18386)41d2fea
add changes from failed backport (#18841)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show