165791dd89
artifact: protect against unbounded artifact decompression (1.5.0) ( #16151 )
...
* artifact: protect against unbounded artifact decompression
Starting with 1.5.0, set defaut values for artifact decompression limits.
artifact.decompression_size_limit (default "100GB") - the maximum amount of
data that will be decompressed before triggering an error and cancelling
the operation
artifact.decompression_file_count_limit (default 4096) - the maximum number
of files that will be decompressed before triggering an error and
cancelling the operation.
* artifact: assert limits cannot be nil in validation
2023-02-14 09:28:39 -06:00
f7df32428a
build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.12 to 3.23.1 ( #16059 )
...
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) from 3.22.12 to 3.23.1.
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/compare/v3.22.12...v3.23.1 )
---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:36:39 -05:00
8efa924536
build(deps): bump github.com/containernetworking/plugins ( #16060 )
...
Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/containernetworking/plugins/releases )
- [Commits](https://github.com/containernetworking/plugins/compare/v1.1.1...v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:35:50 -05:00
ee28f21171
build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 ( #16142 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.0 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:34:55 -05:00
a80e6aad0c
build(deps): bump github.com/docker/cli ( #16141 )
...
Bumps [github.com/docker/cli](https://github.com/docker/cli ) from 20.10.23+incompatible to 23.0.1+incompatible.
- [Release notes](https://github.com/docker/cli/releases )
- [Commits](https://github.com/docker/cli/compare/v20.10.23...v23.0.1 )
---
updated-dependencies:
- dependency-name: github.com/docker/cli
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:34:42 -05:00
df3e8f82da
deps: update go-set, go-landlock ( #16146 )
...
Made a breaking change in go-set (String() signature), need to update
both these dependencies together and also fix a thing in structs.go
2023-02-13 08:26:30 -06:00
0e7bf87ee1
deps: upgrade to hashicorp/golang-lru/v2 ( #16085 )
2023-02-08 15:20:33 -06:00
bb79824a20
build(deps): bump github.com/docker/docker from 20.10.21+incompatible to 20.10.23+incompatible ( #15848 )
...
* build(deps): bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.21+incompatible to 20.10.23+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v20.10.21...v20.10.23 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* changelog: add entry for docker/docker
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
2023-01-30 09:10:06 -06:00
565078ba28
build(deps): bump github.com/brianvoe/gofakeit/v6 from 6.19.0 to 6.20.1 ( #15846 )
...
Bumps [github.com/brianvoe/gofakeit/v6](https://github.com/brianvoe/gofakeit ) from 6.19.0 to 6.20.1.
- [Release notes](https://github.com/brianvoe/gofakeit/releases )
- [Commits](https://github.com/brianvoe/gofakeit/compare/v6.19.0...v6.20.1 )
---
updated-dependencies:
- dependency-name: github.com/brianvoe/gofakeit/v6
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 09:06:08 -06:00
0fb2650baf
build(deps): bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3 ( #15847 )
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 09:04:20 -06:00
24b85bf02b
build(deps): bump github.com/docker/cli ( #15938 )
...
Bumps [github.com/docker/cli](https://github.com/docker/cli ) from 20.10.22+incompatible to 20.10.23+incompatible.
- [Release notes](https://github.com/docker/cli/releases )
- [Commits](https://github.com/docker/cli/compare/v20.10.22...v20.10.23 )
---
updated-dependencies:
- dependency-name: github.com/docker/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 08:47:12 -06:00
52a86b9d32
build(deps): bump github.com/shoenig/test from 0.6.0 to 0.6.1 in /api ( #15939 )
...
* build(deps): bump github.com/shoenig/test from 0.6.0 to 0.6.1 in /api
Bumps [github.com/shoenig/test](https://github.com/shoenig/test ) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/shoenig/test/releases )
- [Commits](https://github.com/shoenig/test/compare/v0.6.0...v0.6.1 )
---
updated-dependencies:
- dependency-name: github.com/shoenig/test
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* deps: update test
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
2023-01-29 14:03:56 -06:00
0bb408bc10
build(deps): bump github.com/aws/aws-sdk-go from 1.44.175 to 1.44.184 ( #15849 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.175 to 1.44.184.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.175...v1.44.184 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-25 19:04:56 -05:00
fc432695b0
build(deps): bump github.com/prometheus/common from 0.37.0 to 0.39.0 ( #15793 )
...
Bumps [github.com/prometheus/common](https://github.com/prometheus/common ) from 0.37.0 to 0.39.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.37.0...v0.39.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-19 11:01:28 -06:00
2f6c45e52f
build(deps): bump github.com/shoenig/go-landlock from 0.1.3 to 0.1.4 ( #15795 )
...
Bumps [github.com/shoenig/go-landlock](https://github.com/shoenig/go-landlock ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/shoenig/go-landlock/releases )
- [Commits](https://github.com/shoenig/go-landlock/compare/v0.1.3...v0.1.4 )
---
updated-dependencies:
- dependency-name: github.com/shoenig/go-landlock
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-19 10:32:46 -06:00
afccb55a96
build(deps): bump github.com/rs/cors from 1.8.2 to 1.8.3 ( #15794 )
...
Bumps [github.com/rs/cors](https://github.com/rs/cors ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/rs/cors/releases )
- [Commits](https://github.com/rs/cors/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/rs/cors
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-19 10:31:55 -06:00
e271314a18
build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 ( #15792 )
...
* build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* deps: format go.mod correctly
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
2023-01-19 10:30:29 -06:00
06dd32c241
build(deps): bump github.com/hashicorp/go-hclog from 1.3.1 to 1.4.0 ( #15791 )
...
Bumps [github.com/hashicorp/go-hclog](https://github.com/hashicorp/go-hclog ) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/hashicorp/go-hclog/releases )
- [Commits](https://github.com/hashicorp/go-hclog/compare/v1.3.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-hclog
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-19 09:52:04 -06:00
fad9b40e53
Merge branch 'main' into sso/gh-13120-oidc-login
2023-01-18 10:05:31 +00:00
094caaabdf
build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.12 ( #15726 )
...
* build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.12
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.6 to 1.6.12.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.6...v1.6.12 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* cl: add cl for containerd/containerd
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
2023-01-13 09:22:41 -06:00
000f28650c
build(deps): bump github.com/aws/aws-sdk-go from 1.44.163 to 1.44.175 ( #15719 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.163 to 1.44.175.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.163...v1.44.175 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-13 08:06:28 -06:00
6601866a1c
build(deps): bump golang.org/x/crypto from 0.1.0 to 0.5.0 ( #15721 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.1.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.1.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-13 08:05:26 -06:00
eb175bed05
build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 ( #15723 )
...
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) from 3.22.11 to 3.22.12.
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/commits/v3.22.12 )
---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-13 08:04:18 -06:00
17dd5f931a
deps: add OIDC required deps to main module.
2023-01-13 13:16:20 +00:00
fe7795ce16
consul/connect: support for proxy upstreams opaque config ( #15761 )
...
This PR adds support for configuring `proxy.upstreams[].config` for
Consul Connect upstreams. This is an opaque config value to Nomad -
the data is passed directly to Consul and is unknown to Nomad.
2023-01-12 08:20:54 -06:00
be36a1924f
acl: binding rules evaluation ( #15697 )
...
Binder provides an interface for binding claims and ACL roles/policies of Nomad.
2023-01-10 16:08:08 +01:00
84cb5fb03d
deps: update shoenig/test to v0.6.0 ( #15715 )
...
Adds support for custom cmp.Options; need to fix one minor thing
causing api breakage.
2023-01-09 09:37:08 -06:00
f4f6f449c5
build(deps): bump github.com/hashicorp/go-set from 0.1.6 to 0.1.7 ( #15624 )
...
Bumps [github.com/hashicorp/go-set](https://github.com/hashicorp/go-set ) from 0.1.6 to 0.1.7.
- [Release notes](https://github.com/hashicorp/go-set/releases )
- [Commits](https://github.com/hashicorp/go-set/compare/v0.1.6...v0.1.7 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-set
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 10:16:16 -06:00
797b256206
build(deps): bump github.com/docker/cli ( #15623 )
...
Bumps [github.com/docker/cli](https://github.com/docker/cli ) from 20.10.21+incompatible to 20.10.22+incompatible.
- [Release notes](https://github.com/docker/cli/releases )
- [Commits](https://github.com/docker/cli/compare/v20.10.21...v20.10.22 )
---
updated-dependencies:
- dependency-name: github.com/docker/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 10:15:29 -06:00
8689ce35fa
build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0 ( #15622 )
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/golang/sys/releases )
- [Commits](https://github.com/golang/sys/compare/v0.2.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 10:14:58 -06:00
3f70cdc685
build(deps): bump github.com/hashicorp/consul/api from 1.15.3 to 1.18.0 ( #15621 )
...
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul ) from 1.15.3 to 1.18.0.
- [Release notes](https://github.com/hashicorp/consul/releases )
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/consul/compare/api/v1.15.3...api/v1.18.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 10:14:31 -06:00
433390597b
build(deps): bump github.com/hashicorp/go-plugin from 1.4.6 to 1.4.8 ( #15620 )
...
Bumps [github.com/hashicorp/go-plugin](https://github.com/hashicorp/go-plugin ) from 1.4.6 to 1.4.8.
- [Release notes](https://github.com/hashicorp/go-plugin/releases )
- [Changelog](https://github.com/hashicorp/go-plugin/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/go-plugin/compare/v1.4.6...v1.4.8 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 10:14:03 -06:00
62b8a851eb
build(deps): bump github.com/aws/aws-sdk-go from 1.44.142 to 1.44.163 ( #15594 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.142 to 1.44.163.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.142...v1.44.163 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 11:41:23 -06:00
97c23e07f6
build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.10 to 3.22.11 ( #15467 )
...
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) from 3.22.10 to 3.22.11.
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/commits )
---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 11:22:29 -06:00
e636ea23db
build(deps): bump github.com/prometheus/client_golang ( #15466 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.13.0...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 11:21:00 -06:00
73498436ed
build(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 ( #15464 )
...
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt ) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/golang-jwt/jwt/releases )
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md )
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.4.3 )
---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 11:20:15 -06:00
61294d1c75
build(deps): bump github.com/container-storage-interface/spec ( #15463 )
...
Bumps [github.com/container-storage-interface/spec](https://github.com/container-storage-interface/spec ) from 1.4.0 to 1.7.0.
- [Release notes](https://github.com/container-storage-interface/spec/releases )
- [Commits](https://github.com/container-storage-interface/spec/compare/v1.4.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/container-storage-interface/spec
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 11:19:50 -06:00
26512b4e38
deps: update shoenig/test to 0.5.2 and fixup breaking changes ( #15574 )
2022-12-20 07:52:10 -06:00
d41b99fc19
Migrate acls to generics ( #13721 )
...
* Migrate acls to generics
See hashicorp/go-immutable-radix#43
* deps: fixup go.mod formatting
Co-authored-by: Seth Hoenig <shoenig@duck.com>
2022-12-19 09:56:28 -08:00
336d730b9c
api: make api tests fast and more concurrency safe ( #15543 )
...
This PR tries to make API tests run fast, as an experiment to later apply
to all packages. Key changes include
- Swapping freeport for test/portal for port allocations
- Swappng some uses of WaitForResult with test/wait
- Turning on parallelism in api/testutil/slow.go
- Switching to custom public runner (32 vcpu)
There's also chunk of cleanup brought in for the ride
2022-12-16 12:25:28 -06:00
51a2212d3d
client: sandbox go-getter subprocess with landlock ( #15328 )
...
* client: sandbox go-getter subprocess with landlock
This PR re-implements the getter package for artifact downloads as a subprocess.
Key changes include
On all platforms, run getter as a child process of the Nomad agent.
On Linux platforms running as root, run the child process as the nobody user.
On supporting Linux kernels, uses landlock for filesystem isolation (via go-landlock).
On all platforms, restrict environment variables of the child process to a static set.
notably TMP/TEMP now points within the allocation's task directory
kernel.landlock attribute is fingerprinted (version number or unavailable)
These changes make Nomad client more resilient against a faulty go-getter implementation that may panic, and more secure against bad actors attempting to use artifact downloads as a privilege escalation vector.
Adds new e2e/artifact suite for ensuring artifact downloading works.
TODO: Windows git test (need to modify the image, etc... followup PR)
* landlock: fixup items from cr
* cr: fixup tests and go.mod file
2022-12-07 16:02:25 -06:00
3ed37b0b1d
fingerprint: add fingerprinting for CNI plugins presense and version ( #15452 )
...
This PR adds a fingerprinter to set the attribute
"plugins.cni.version.<name>" => "<version>"
for each CNI plugin in <client>.cni_path (/opt/cni/bin by default).
2022-12-05 14:22:47 -06:00
944a7dbb70
build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 ( #15402 )
...
* build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* changelog: add entry for #15402
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2022-11-29 14:55:17 -05:00
450b7383fe
build(deps): bump github.com/hashicorp/consul/sdk from 0.11.0 to 0.13.0 ( #15401 )
...
Bumps [github.com/hashicorp/consul/sdk](https://github.com/hashicorp/consul ) from 0.11.0 to 0.13.0.
- [Release notes](https://github.com/hashicorp/consul/releases )
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/consul/compare/sdk/v0.11.0...sdk/v0.13.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/sdk
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 14:26:48 -05:00
4c98934d94
build(deps): bump github.com/mitchellh/cli from 1.1.4 to 1.1.5 ( #15400 )
...
Bumps [github.com/mitchellh/cli](https://github.com/mitchellh/cli ) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/mitchellh/cli/releases )
- [Commits](https://github.com/mitchellh/cli/compare/v1.1.4...v1.1.5 )
---
updated-dependencies:
- dependency-name: github.com/mitchellh/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 14:00:46 -05:00
1bb781ae0c
build(deps): bump github.com/zclconf/go-cty from 1.12.0 to 1.12.1 ( #15403 )
...
Bumps [github.com/zclconf/go-cty](https://github.com/zclconf/go-cty ) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/zclconf/go-cty/releases )
- [Changelog](https://github.com/zclconf/go-cty/blob/main/CHANGELOG.md )
- [Commits](https://github.com/zclconf/go-cty/compare/v1.12.0...v1.12.1 )
---
updated-dependencies:
- dependency-name: github.com/zclconf/go-cty
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 13:45:58 -05:00
572e53d12b
build(deps): bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2 ( #15404 )
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 13:28:46 -05:00
866f7da8ad
build(deps): bump github.com/shoenig/test from 0.4.4 to 0.4.5 in /api ( #15405 )
...
* build(deps): bump github.com/shoenig/test from 0.4.4 to 0.4.5 in /api
Bumps [github.com/shoenig/test](https://github.com/shoenig/test ) from 0.4.4 to 0.4.5.
- [Release notes](https://github.com/shoenig/test/releases )
- [Commits](https://github.com/shoenig/test/compare/v0.4.4...v0.4.5 )
---
updated-dependencies:
- dependency-name: github.com/shoenig/test
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* deps: update github.com/shoenig/test v0.4.4 -> v0.4.5
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2022-11-29 13:25:53 -05:00
918a91f8bf
fix linter for go.mod tidy ( #15373 )
...
This passed lint in #15335 but that PR was not rebased on incoming changes
before merging, so this was missed and has shown up on `main`
2022-11-23 16:26:00 -05:00
077d4fac84
build(deps): bump github.com/aws/aws-sdk-go from 1.44.126 to 1.44.142 ( #15335 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.126 to 1.44.142.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.126...v1.44.142 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:24:29 -05:00
Seth Hoenig