Commit Graph

310 Commits

Author SHA1 Message Date
Luiz Aoqui ea1802ffa0
deps: sync versions of go-discover in go.mod (#14269)
In #13491 the version of `go-discover` was updated in `go.mod` but the
comment above it mentions that it also needs to be updated in the
`replace` directive.
2022-08-24 10:32:13 -04:00
Seth Hoenig 9bce3a2e36 build: go.mod should require go1.19
Since we started using atomic.Pointer, we should specify the go1.19
requirement in our go.mod files.
2022-08-21 20:41:49 -05:00
Seth Hoenig 4c1a0d4907 cleanup: first pass at fixing command package warnings
This PR is the first of several for cleaning up warnings, and refactoring
bits of code in the command package. First pass is over acl_ files and
gets some helpers in place.
2022-08-17 15:33:37 -05:00
Charlie Voiselle dba6b39815
SV CLI: var init (#13820)
* Nomad dep: add museli/reflow
* SV CLI: var init
2022-08-15 13:43:29 -04:00
Seth Hoenig 3d2f581b33
Merge pull request #14114 from hashicorp/dependabot/go_modules/oss.indeed.com/go/libtime-1.6.0
build(deps): bump oss.indeed.com/go/libtime from 1.5.0 to 1.6.0
2022-08-15 10:17:44 -05:00
dependabot[bot] bb298856b0
build(deps): bump oss.indeed.com/go/libtime from 1.5.0 to 1.6.0
Bumps [oss.indeed.com/go/libtime](https://github.com/indeedeng/libtime) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/indeedeng/libtime/releases)
- [Commits](https://github.com/indeedeng/libtime/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: oss.indeed.com/go/libtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 15:12:03 +00:00
dependabot[bot] abe3bfce8e
build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.8.2
Bumps [github.com/fsouza/go-dockerclient](https://github.com/fsouza/go-dockerclient) from 1.6.5 to 1.8.2.
- [Release notes](https://github.com/fsouza/go-dockerclient/releases)
- [Changelog](https://github.com/fsouza/go-dockerclient/blob/main/container_changes_test.go)
- [Commits](https://github.com/fsouza/go-dockerclient/compare/v1.6.5...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/fsouza/go-dockerclient
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 14:53:54 +00:00
Seth Hoenig c24ed407c0
Merge pull request #14111 from hashicorp/dependabot/go_modules/github.com/armon/go-metrics-0.4.0
build(deps): bump github.com/armon/go-metrics from 0.3.10 to 0.4.0
2022-08-15 09:52:51 -05:00
Seth Hoenig efeac7e4b8 deps: fixup dependabot go.mod formatting 2022-08-15 09:50:15 -05:00
dependabot[bot] fc218b48dc
build(deps): bump github.com/armon/go-metrics from 0.3.10 to 0.4.0
Bumps [github.com/armon/go-metrics](https://github.com/armon/go-metrics) from 0.3.10 to 0.4.0.
- [Release notes](https://github.com/armon/go-metrics/releases)
- [Commits](https://github.com/armon/go-metrics/compare/v0.3.10...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/armon/go-metrics
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 14:49:29 +00:00
dependabot[bot] 03ff90f02c
build(deps): bump github.com/mitchellh/cli from 1.1.2 to 1.1.4
Bumps [github.com/mitchellh/cli](https://github.com/mitchellh/cli) from 1.1.2 to 1.1.4.
- [Release notes](https://github.com/mitchellh/cli/releases)
- [Commits](https://github.com/mitchellh/cli/compare/v1.1.2...v1.1.4)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 14:25:31 +00:00
Seth Hoenig 077f46c74a
Merge pull request #14025 from hashicorp/dependabot/go_modules/go.etcd.io/bbolt-1.3.6
build(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
2022-08-15 09:13:48 -05:00
dependabot[bot] d3c0e5db04
build(deps): bump google.golang.org/grpc from 1.45.0 to 1.48.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.45.0 to 1.48.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.45.0...v1.48.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-14 09:09:31 +00:00
dependabot[bot] e229037fb8
build(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.5...v1.3.6)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-08 20:48:49 +00:00
dependabot[bot] 0004e0a5b7
build(deps): bump github.com/containernetworking/cni from 1.0.1 to 1.1.2
Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.0.1 to 1.1.2.
- [Release notes](https://github.com/containernetworking/cni/releases)
- [Commits](https://github.com/containernetworking/cni/compare/v1.0.1...v1.1.2)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/cni
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-08 20:48:29 +00:00
dependabot[bot] 221ac2741c
chore(deps): bump github.com/hashicorp/consul/api from 1.13.0 to 1.13.1
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) from 1.13.0 to 1.13.1.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/api/v1.13.0...api/v1.13.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-05 12:37:18 +00:00
Seth Hoenig eb933ad27d
Merge pull request #14019 from hashicorp/deps-update-runc-to-v1.1.3
deps: update runc to v1.1.3
2022-08-05 07:34:16 -05:00
Seth Hoenig bc09a2e114 deps: update opencontainers/runc to v1.1.3 2022-08-04 12:56:49 -05:00
Luiz Aoqui 9affe31a0f
qemu: reduce monitor socket path (#13971)
The QEMU driver can take an optional `graceful_shutdown` configuration
which will create a Unix socket to send ACPI shutdown signal to the VM.

Unix sockets have a hard length limit and the driver implementation
assumed that QEMU versions 2.10.1 were able to handle longer paths. This
is not correct, the linked QEMU fix only changed the behaviour from
silently truncating longer socket paths to throwing an error.

By validating the socket path before starting the QEMU machine we can
provide users a more actionable and meaningful error message, and by
using a shorter socket file name we leave a bit more room for
user-defined values in the path, such as the task name.

The maximum length allowed is also platform-dependant, so validation
needs to be different for each OS.
2022-08-04 12:10:35 -04:00
Derek Strickland 77df9c133b
Add Nomad RetryConfig to agent template config (#13907)
* add Nomad RetryConfig to agent template config
2022-08-03 16:56:30 -04:00
Seth Hoenig fb740a6335
Merge pull request #13944 from hashicorp/deps-update-raft
deps: update raft library
2022-08-01 10:35:17 -05:00
Seth Hoenig 642f16dba3 deps: update raft library
Another attempt at resolving the flakey TestNomad_BootstrapExpect_NonVoter
2022-08-01 09:56:08 -05:00
Seth Hoenig 0417492bba deps: update test package
Upgrading to v0.3.0 gives us the ability to add more context to test
case failures.

https://github.com/shoenig/test/pull/23
2022-08-01 08:53:00 -05:00
Tim Gross eb06c25d5f
deps: remove deprecated net/context (#13932)
The `golang.org/x/net/context` package was merged into the stdlib as of go
1.7. Update the imports to use the identical stdlib version. Clean up import
blocks for the impacted files to remove unnecessary package aliasing.
2022-07-28 14:46:56 -04:00
Seth Hoenig 93cfeb177b cleanup: example refactoring out map[string]struct{} using set.Set
This PR is a little demo of using github.com/hashicorp/go-set to
replace the use of map[T]struct{} as a make-shift set.
2022-07-19 22:50:49 -05:00
dependabot[bot] d3d1199b81
chore(deps): bump github.com/mitchellh/mapstructure from 1.4.3 to 1.5.0 in /api (#12725)
* chore(deps): bump github.com/mitchellh/mapstructure in /api

Bumps [github.com/mitchellh/mapstructure](https://github.com/mitchellh/mapstructure) from 1.4.3 to 1.5.0.
- [Release notes](https://github.com/mitchellh/mapstructure/releases)
- [Changelog](https://github.com/mitchellh/mapstructure/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitchellh/mapstructure/compare/v1.4.3...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/mapstructure
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Also bump mapstructure in main go.mod

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Michael Schurter <mschurter@hashicorp.com>
2022-07-13 11:57:16 -07:00
dependabot[bot] 4b7253b33f
build(deps): bump github.com/gorilla/websocket from 1.4.2 to 1.5.0 in /api (#12075)
* build(deps): bump github.com/gorilla/websocket in /api

Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.4.2 to 1.5.0.
- [Release notes](https://github.com/gorilla/websocket/releases)
- [Commits](https://github.com/gorilla/websocket/compare/v1.4.2...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/gorilla/websocket
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* deps: also bump websocket dep in main binary

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Michael Schurter <mschurter@hashicorp.com>
2022-07-12 16:49:31 -07:00
dependabot[bot] 14fea78c23
build(deps): bump github.com/docker/distribution (#12246)
Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.7.1+incompatible to 2.8.1+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.7.1...v2.8.1)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-12 16:31:56 -07:00
dependabot[bot] b9ebf94131
build(deps): bump github.com/hashicorp/consul/sdk from 0.8.0 to 0.9.0 (#12007)
Bumps [github.com/hashicorp/consul/sdk](https://github.com/hashicorp/consul) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-12 12:58:34 -07:00
Tim Gross bfcbc00f4e workload identity (#13223)
In order to support implicit ACL policies for tasks to get their own
secrets, each task would need to have its own ACL token. This would
add extra raft overhead as well as new garbage collection jobs for
cleaning up task-specific ACL tokens. Instead, Nomad will create a
workload Identity Claim for each task.

An Identity Claim is a JSON Web Token (JWT) signed by the server’s
private key and attached to an Allocation at the time a plan is
applied. The encoded JWT can be submitted as the X-Nomad-Token header
to replace ACL token secret IDs for the RPCs that support identity
claims.

Whenever a key is is added to a server’s keyring, it will use the key
as the seed for a Ed25519 public-private private keypair. That keypair
will be used for signing the JWT and for verifying the JWT.

This implementation is a ruthlessly minimal approach to support the
secure variables feature. When a JWT is verified, the allocation ID
will be checked against the Nomad state store, and non-existent or
terminal allocation IDs will cause the validation to be rejected. This
is sufficient to support the secure variables feature at launch
without requiring implementation of a background process to renew
soon-to-expire tokens.
2022-07-11 13:34:05 -04:00
Charlie Voiselle 2019eab2c8 Provide mock secure variables implementation (#12980)
* Add SecureVariable mock
* Add SecureVariableStub
* Add SecureVariable Copy and Stub funcs
2022-07-11 13:34:03 -04:00
Seth Hoenig b1a3a8a5bb helpers: use unreachable assertion 2022-07-06 17:05:35 -05:00
Seth Hoenig 5d91bddf2f
Merge pull request #13531 from hashicorp/dependabot/go_modules/api/github.com/stretchr/testify-1.8.0
build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 in /api
2022-07-01 10:19:03 -05:00
dependabot[bot] 4278846eeb build(deps): bump github.com/stretchr/testify in /api
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 09:50:54 -05:00
Seth Hoenig 97726c2fd8
Merge pull request #12862 from hashicorp/f-choose-services
api: enable selecting subset of services using rendezvous hashing
2022-06-30 15:17:40 -05:00
James Rasell 3ecffaf36b
deps: update `github.com/hashicorp/go-discover` to latest. (#13491) 2022-06-28 10:28:32 +02:00
Seth Hoenig 19deec2265
Merge pull request #13486 from hashicorp/f-remove-gotextseg-replace
deps: remove replace statement for go-textseg
2022-06-27 11:56:31 -05:00
Seth Hoenig 4aedca8437
Merge pull request #13479 from hashicorp/b-update-testify
tests: update testify dependency
2022-06-27 11:52:21 -05:00
Yoan Blanc 9d52d23e67
fixup! feat: docker/docker/pkg/term has been deprecated in favor of moby/term
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-06-26 15:38:16 +02:00
Seth Hoenig 636368d937 deps: remove replace statement for go-textseg 2022-06-25 17:21:54 +00:00
Seth Hoenig 9467bc9eb3 api: enable selecting subset of services using rendezvous hashing
This PR adds the 'choose' query parameter to the '/v1/service/<service>' endpoint.

The value of 'choose' is in the form '<number>|<key>', number is the number
of desired services and key is a value unique but consistent to the requester
(e.g. allocID).

Folks aren't really expected to use this API directly, but rather through consul-template
which will soon be getting a new helper function making use of this query parameter.

Example,

curl 'localhost:4646/v1/service/redis?choose=2|abc123'

Note: consul-templte v0.29.1 includes the necessary nomadServices functionality.
2022-06-25 10:37:37 -05:00
Seth Hoenig a5eab7c0f2 tests: update testify dependency 2022-06-24 15:39:21 +00:00
Seth Hoenig c9a9cef9ae helpers: provide a few generic helper functions
This PR deprecates some functions in favor of generic alternatives.

The new functions are compatible only with Nomad v1.4+.

The old functions (nor their use) should not be removed until Nomad v1.6+.
2022-06-09 10:43:54 -05:00
Huan Wang 7d15157635
adding support for customized ingress tls (#13184) 2022-06-02 18:43:58 -04:00
Seth Hoenig 54efec5dfe docs: add docs and tests for tagged_addresses 2022-05-31 13:02:48 -05:00
Seth Hoenig f7c0e078a9 build: update golang version to 1.18.2
This PR update to Go 1.18.2. Also update the versions of hclfmt
and go-hclogfmt which includes newer dependencies necessary for dealing
with go1.18.

The hcl v2 branch is now 'nomad-v2.9.1+tweaks2', to include a fix for
newer macOS versions: 8927e75e82
2022-05-25 10:04:04 -05:00
Michael Schurter 2965dc6a1a
artifact: fix numerous go-getter security issues
Fix numerous go-getter security issues:

- Add timeouts to http, git, and hg operations to prevent DoS
- Add size limit to http to prevent resource exhaustion
- Disable following symlinks in both artifacts and `job run`
- Stop performing initial HEAD request to avoid file corruption on
  retries and DoS opportunities.

**Approach**

Since Nomad has no ability to differentiate a DoS-via-large-artifact vs
a legitimate workload, all of the new limits are configurable at the
client agent level.

The max size of HTTP downloads is also exposed as a node attribute so
that if some workloads have large artifacts they can specify a high
limit in their jobspecs.

In the future all of this plumbing could be extended to enable/disable
specific getters or artifact downloading entirely on a per-node basis.
2022-05-24 16:29:39 -04:00
Tim Gross 83eb879d61
E2E: remove old CLI for driving provisioning (#12787)
We moved off the old provisioning process for nightly E2E to one driven
entirely by Terraform quite a while back now. We're in the slow
process of removing the framework code for this test-by-test, but this
chunk of code no longer has any callers.
2022-04-26 13:43:25 -04:00
James Rasell 24b499791d
deps: update consul-template to v0.29.0 (#12747)
* deps: update consul-template to v0.29.0

* changelog: add entry for #12747
2022-04-22 09:58:54 -07:00
James Rasell 431c153cd9
client: add Nomad template service functionality to runner. (#12458)
This change modifies the template task runner to utilise the
new consul-template which includes Nomad service lookup template
funcs.

In order to provide security and auth to consul-template, we use
a custom HTTP dialer which is passed to consul-template when
setting up the runner. This method follows Vault implementation.

Co-authored-by: Michael Schurter <mschurter@hashicorp.com>
2022-04-06 19:17:05 +02:00
Luiz Aoqui ab7eb5de6e
Support Vault entity aliases (#12449)
Move some common Vault API data struct decoding out of the Vault client
so it can be reused in other situations.

Make Vault job validation its own function so it's easier to expand it.

Rename the `Job.VaultPolicies` method to just `Job.Vault` since it
returns the full Vault block, not just their policies.

Set `ChangeMode` on `Vault.Canonicalize`.

Add some missing tests.

Allows specifying an entity alias that will be used by Nomad when
deriving the task Vault token.

An entity alias assigns an indentity to a token, allowing better control
and management of Vault clients since all tokens with the same indentity
alias will now be considered the same client. This helps track Nomad
activity in Vault's audit logs and better control over Vault billing.

Add support for a new Nomad server configuration to define a default
entity alias to be used when deriving Vault tokens. This default value
will be used if the task doesn't have an entity alias defined.
2022-04-05 14:18:10 -04:00
dependabot[bot] 3c5bc49329
build(deps): bump github.com/creack/pty from 1.1.17 to 1.1.18
Bumps [github.com/creack/pty](https://github.com/creack/pty) from 1.1.17 to 1.1.18.
- [Release notes](https://github.com/creack/pty/releases)
- [Commits](https://github.com/creack/pty/compare/v1.1.17...v1.1.18)

---
updated-dependencies:
- dependency-name: github.com/creack/pty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 14:25:02 +00:00
Seth Hoenig 9670adb6c6 cleanup: purge github.com/pkg/errors 2022-04-01 19:24:02 -05:00
Michael Schurter 7a28fcb8af template: disallow `writeToFile` by default
Resolves #12095 by WONTFIXing it.

This approach disables `writeToFile` as it allows arbitrary host
filesystem writes and is only a small quality of life improvement over
multiple `template` stanzas.

This approach has the significant downside of leaving people who have
altered their `template.function_denylist` *still vulnerable!* I added
an upgrade note, but we should have implemented the denylist as a
`map[string]bool` so that new funcs could be denied without overriding
custom configurations.

This PR also includes a bug fix that broke enabling all consul-template
funcs. We repeatedly failed to differentiate between a nil (unset)
denylist and an empty (allow all) one.
2022-03-28 17:05:42 -07:00
Seth Hoenig 987dda3092
Merge pull request #12274 from hashicorp/f-cgroupsv2
client: enable cpuset support for cgroups.v2
2022-03-24 14:22:54 -05:00
dependabot[bot] 92021045b6
build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#12306) 2022-03-23 19:12:51 -04:00
Seth Hoenig 2e5c6de820 client: enable support for cgroups v2
This PR introduces support for using Nomad on systems with cgroups v2 [1]
enabled as the cgroups controller mounted on /sys/fs/cgroups. Newer Linux
distros like Ubuntu 21.10 are shipping with cgroups v2 only, causing problems
for Nomad users.

Nomad mostly "just works" with cgroups v2 due to the indirection via libcontainer,
but not so for managing cpuset cgroups. Before, Nomad has been making use of
a feature in v1 where a PID could be a member of more than one cgroup. In v2
this is no longer possible, and so the logic around computing cpuset values
must be modified. When Nomad detects v2, it manages cpuset values in-process,
rather than making use of cgroup heirarchy inheritence via shared/reserved
parents.

Nomad will only activate the v2 logic when it detects cgroups2 is mounted at
/sys/fs/cgroups. This means on systems running in hybrid mode with cgroups2
mounted at /sys/fs/cgroups/unified (as is typical) Nomad will continue to
use the v1 logic, and should operate as before. Systems that do not support
cgroups v2 are also not affected.

When v2 is activated, Nomad will create a parent called nomad.slice (unless
otherwise configured in Client conifg), and create cgroups for tasks using
naming convention <allocID>-<task>.scope. These follow the naming convention
set by systemd and also used by Docker when cgroups v2 is detected.

Client nodes now export a new fingerprint attribute, unique.cgroups.version
which will be set to 'v1' or 'v2' to indicate the cgroups regime in use by
Nomad.

The new cpuset management strategy fixes #11705, where docker tasks that
spawned processes on startup would "leak". In cgroups v2, the PIDs are
started in the cgroup they will always live in, and thus the cause of
the leak is eliminated.

[1] https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html

Closes #11289
Fixes #11705 #11773 #11933
2022-03-23 11:35:27 -05:00
Tim Gross 1743648901
CSI: fix timestamp from volume snapshot responses (#12352)
Listing snapshots was incorrectly returning nanoseconds instead of
seconds, and formatting of timestamps both list and create snapshot
was treating the timestamp as though it were nanoseconds instead of
seconds. This resulted in create timestamps always being displayed as
zero values.

Fix the unit conversion error in the command line and the incorrect
extraction in the CSI plugin client code. Beef up the unit tests to
make sure this code is actually exercised.
2022-03-23 10:39:28 -04:00
Seth Hoenig 1274aa690f tests: deflake test that joins a server with non-voting servers to form qourum
This PR
 - upgrades the serf library
 - has the test start the join process using the un-joined server first
 - disables schedulers on the servers
 - uses the WaitForLeader and wantPeers helpers

Not sure which, if any of these actually improves the flakiness of this test.
2022-02-24 17:02:58 -06:00
Sander Mol 42b338308f
add go-sockaddr templating support to nomad consul address (#12084) 2022-02-24 09:34:54 -05:00
Seth Hoenig a0350b0608 command: switch from raft-boltdb to raft-boltdb/v2 2022-02-23 14:43:59 -06:00
Seth Hoenig 0420724c14 build: disallow old boltdb during build 2022-02-23 14:28:31 -06:00
Seth Hoenig de95998faa core: switch to go.etc.io/bbolt
This PR swaps the underlying BoltDB implementation from boltdb/bolt
to go.etc.io/bbolt.

In addition, the Server has a new configuration option for disabling
NoFreelistSync on the underlying database.

Freelist option: https://github.com/etcd-io/bbolt/blob/master/db.go#L81
Consul equivelent PR: https://github.com/hashicorp/consul/pull/11720
2022-02-23 14:26:41 -06:00
Seth Hoenig c8d27257e7 deps: upgrade hashicorp/raft to v1.3.5 2022-02-17 13:49:56 -06:00
Luiz Aoqui 110dbeeb9d
Add `go-bexpr` filters to evals and deployment list endpoints (#12034) 2022-02-16 11:40:30 -05:00
Seth Hoenig f8f0d92469
Merge pull request #11955 from hashicorp/f-update-gopsutil
Update gopsutil to 3.21.12
2022-02-15 08:31:57 -06:00
Seth Hoenig 420fd17459
Merge pull request #12002 from hashicorp/dependabot/go_modules/github.com/hashicorp/go-version-1.4.0
build(deps): bump github.com/hashicorp/go-version from 1.3.0 to 1.4.0
2022-02-04 08:31:53 -06:00
dependabot[bot] 898107e311
build(deps): bump github.com/hashicorp/go-version from 1.3.0 to 1.4.0
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-version/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-03 21:41:10 +00:00
dependabot[bot] 685f011d07
build(deps): bump google.golang.org/grpc from 1.42.0 to 1.44.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.44.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.44.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-03 21:40:06 +00:00
Seth Hoenig 34cb21fecc
Merge pull request #11929 from hashicorp/dependabot/go_modules/github.com/mitchellh/copystructure-1.2.0
build(deps): bump github.com/mitchellh/copystructure from 1.1.1 to 1.2.0
2022-02-03 15:28:21 -06:00
Seth Hoenig 04f84bcdfe deps: import libtime the normal way
Previously we copied this library by hand to avoid vendor-ing a bunch of
files related to minimock. Now that we no longer vendor, just import the
library normally.

Also we might use more of the library for handling `time.After` uses,
for which this library provides a Context-based solution.
2022-01-31 14:49:05 -06:00
Charlie Voiselle f522e08835 Update gopsutil to 3.21.12 2022-01-27 14:10:15 -05:00
dependabot[bot] 1ec7b64f6a
build(deps): bump github.com/mitchellh/copystructure from 1.1.1 to 1.2.0
Bumps [github.com/mitchellh/copystructure](https://github.com/mitchellh/copystructure) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mitchellh/copystructure/releases)
- [Commits](https://github.com/mitchellh/copystructure/compare/v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/copystructure
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-25 16:43:36 +00:00
dependabot[bot] c8443011a8
build(deps): bump github.com/rs/cors from 1.8.0 to 1.8.2
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.0...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-24 20:35:06 +00:00
Seth Hoenig 2d950f8403
Merge pull request #11918 from hashicorp/deps-update-api-deps
deps: update api go version and dependencies
2022-01-24 14:33:04 -06:00
Seth Hoenig 5452b972ef
Merge pull request #11883 from hashicorp/dependabot/go_modules/github.com/prometheus/client_golang-1.12.0
build(deps): bump github.com/prometheus/client_golang from 1.7.1 to 1.12.0
2022-01-24 12:26:50 -06:00
Seth Hoenig ef9b84ad82 deps: update api go version and dependencies
This PR sets the minimum Go version for the `api` submodule to Go 1.17.

It also upgrades
 - gorilla/websocket 1.4.1 -> 1.4.2
 - mitchelh/mapstructure 1.4.2 -> 1.4.3
 - stretchr/testify 1.5.1 -> 1.7.0

Closes #11518 #11602 #11528
2022-01-24 12:23:26 -06:00
Seth Hoenig 0e638b6014
Merge pull request #11836 from hashicorp/dependabot/go_modules/github.com/hashicorp/memberlist-0.3.1
chore(deps): bump github.com/hashicorp/memberlist from 0.2.2 to 0.3.1
2022-01-24 11:56:18 -06:00
Seth Hoenig 26ee04816b deps: upgrade containernetworking/plugins
Upgrade containernetworking/plugins to v1.0.1 release, along with
its transitive dependencies.

Closes #11108
2022-01-24 08:40:30 -06:00
Seth Hoenig f2a71fd0d9 deps: pty has new home
github.com/kr/pty was moved to github.com/creack/pty

Swap this dependency so we can upgrade to the latest version
and no longer need a replace directive.
2022-01-19 12:33:05 -06:00
Seth Hoenig 2a5f7c0386 deps: swap gzip handler for gorilla
This has been pinned since the Go modules migration, because the
nytimes gzip handler was modified in version v1.1.0 in a way that
is no longer compatible.

Pretty sure it is this commit: c551b6c3b4

Instead use handler.CompressHandler from gorilla, which is a web toolkit we already
make use of for other things.
2022-01-19 11:52:19 -06:00
dependabot[bot] d6d2c9ee7e
build(deps): bump github.com/prometheus/client_golang
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.7.1 to 1.12.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.7.1...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 17:40:19 +00:00
Seth Hoenig 4650e97d29 deps: upgrade docker and runc
This PR upgrades
 - docker dependency to the latest tagged release (v20.10.12)
 - runc dependency to the latest tagged release (v1.0.3)

Docker does not abide by [semver](https://github.com/moby/moby/issues/39302), so it is marked +incompatible,
and transitive dependencies are upgrade manually.

Runc made three relevant breaking changes

 * cgroup manager .Set changed to accept Resources instead of Cgroup
   3f65946756

 * config.Device moved to devices.Device
   https://github.com/opencontainers/runc/pull/2679

 * mountinfo.Mounted now returns an error if the specified path does not exist
   https://github.com/moby/sys/blob/mountinfo/v0.5.0/mountinfo/mountinfo.go#L16
2022-01-18 08:35:26 -06:00
Luiz Aoqui d48e50da9a
Fix log level parsing from lines that include a timestamp (#11838) 2022-01-13 09:56:35 -05:00
Seth Hoenig cfb8152158
Merge pull request #11831 from hashicorp/mods-explain-pinned
mods: explain replace statements
2022-01-13 08:53:17 -06:00
dependabot[bot] 1d4c93c6ea
chore(deps): bump github.com/hashicorp/memberlist from 0.2.2 to 0.3.1
Bumps [github.com/hashicorp/memberlist](https://github.com/hashicorp/memberlist) from 0.2.2 to 0.3.1.
- [Release notes](https://github.com/hashicorp/memberlist/releases)
- [Commits](https://github.com/hashicorp/memberlist/compare/v0.2.2...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/memberlist
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 00:45:05 +00:00
Michael Schurter 34c366d15c deps: update go-getter to v1.5.11
Pulls in https://github.com/hashicorp/go-getter/pull/348

Fixes the possibility to log an sshkey if a specific error condition is
hit.
2022-01-12 14:11:16 -08:00
Seth Hoenig 5ca96d614e mods: explain replace statements 2022-01-12 15:14:46 -06:00
Tim Gross 430d94b81d
deps: upgrade go-getter to 1.5.10 (#11740)
The `go-getter` library was updated to 1.5.9 in #11481 to pick up a
bug fix for automatically unpacking uncompressed tar archives. But
this version had a regression in git `ref` param behavior and was
patched in 1.5.10.
2021-12-23 10:37:52 -05:00
Tim Gross 863486ffb0
deps: update go-getter to 1.5.9 (#11481)
go-getter 1.5.9 includes a patch in 1.5.6 that automatically unpacks
uncompressed tar archives. Previously Nomad only unpacked compressed
archives, but documented that it unpacked all archives.
2021-11-17 11:14:44 -05:00
dependabot[bot] 8f8d6c13cd
build(deps): bump github.com/kr/pretty from 0.1.0 to 0.3.0 in /api (#11135)
* build(deps): bump github.com/kr/pretty from 0.1.0 to 0.3.0 in /api

Bumps [github.com/kr/pretty](https://github.com/kr/pretty) from 0.1.0 to 0.3.0.
- [Release notes](https://github.com/kr/pretty/releases)
- [Commits](https://github.com/kr/pretty/compare/v0.1.0...v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/kr/pretty
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update in core as well and tidy

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tim Gross <tim@0x74696d.com>
2021-11-17 10:41:21 -05:00
dependabot[bot] fe857673da
build(deps): bump github.com/aws/aws-sdk-go from 1.38.20 to 1.42.6 (#11515)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.20 to 1.42.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.20...v1.42.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 10:20:48 -05:00
dependabot[bot] df907cd245
build(deps): bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (#11325)
Bumps [github.com/mitchellh/mapstructure](https://github.com/mitchellh/mapstructure) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/mitchellh/mapstructure/releases)
- [Changelog](https://github.com/mitchellh/mapstructure/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitchellh/mapstructure/compare/v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/mapstructure
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:32:20 -05:00
dependabot[bot] 6a09befa78
build(deps): bump github.com/fatih/color from 1.9.0 to 1.13.0 (#11324)
Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.9.0 to 1.13.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.9.0...v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:16:12 -05:00
dependabot[bot] be4f84de94
build(deps): bump github.com/rs/cors from 1.7.0 to 1.8.0 (#11323)
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:03:10 -05:00
James Rasell fbe1b8eb27
deps: update armon/go-metrics to v0.3.10. 2021-11-15 11:55:50 +01:00
Tim Gross 73e3b15305
build: bump go version to 1.17.3 (#11461) 2021-11-05 15:34:24 -04:00
Mahmood Ali f03d65062d
Fix arm64 panics by updating google/snappy library to latest, 0.0.4 (#11396)
Pick up https://github.com/golang/snappy/pull/56 to handle arm64 architectures to fix panics. tldr; Golang 1.16 changed `memmove` implementation for arm64 requiring additional cpu registers that snappy wasn't preserving in its assembly implementation.

Other projects have experienced this issue as well, searching for `encode_arm64.s:666` on your favorite search engine will reveal some.  Vault updated the dependency earlier this August: https://github.com/hashicorp/vault/pull/12371 .

I believe this issue affects Nomad 1.2.x and 1.1.x. Nomad 1.0.x use Golang 1.15 and isn't affected. However, backporting the change to 1.0.x should be harmless.

Fixed https://github.com/hashicorp/nomad/issues/11385 .
2021-10-27 06:39:16 -07:00
Florian Apolloner c762f64505
Follow up fixes for #11237 (#11260) 2021-10-14 17:23:38 -04:00
James Rasell 61a417d7e2
deps: update hashicorp/go-hclog to v1.0.0 2021-10-07 07:48:41 +01:00
Mahmood Ali 9668245c4c logmon: add a test for leaked goroutines 2021-10-05 12:11:42 -04:00
James Rasell 94a5b1e237
deps: update hashicorp/go-discover. 2021-10-01 12:27:39 +01:00
Tim Gross 6800485dcb devices: externalize nvidia device driver 2021-09-29 13:43:37 -07:00
James Rasell 0e926ef3fd
allow configuration of Docker hostnames in bridge mode (#11173)
Add a new hostname string parameter to the network block which
allows operators to specify the hostname of the network namespace.
Changing this causes a destructive update to the allocation and it
is omitted if empty from API responses. This parameter also supports
interpolation.

In order to have a hostname passed as a configuration param when
creating an allocation network, the CreateNetwork func of the
DriverNetworkManager interface needs to be updated. In order to
minimize the disruption of future changes, rather than add another
string func arg, the function now accepts a request struct along with
the allocID param. The struct has the hostname as a field.

The in-tree implementations of DriverNetworkManager.CreateNetwork
have been modified to account for the function signature change.
In updating for the change, the enhancement of adding hostnames to
network namespaces has also been added to the Docker driver, whilst
the default Linux manager does not current implement it.
2021-09-16 08:13:09 +02:00
Luiz Aoqui bbae221c8c
deps: update go-memdb to 1.3.2 (#11185) 2021-09-14 20:26:45 -04:00
James Rasell 89040d4835
deps: update go-plugin to v1.4.3 to fix Windows handle leak. 2021-09-07 09:27:00 +02:00
Roopak Venkatakrishnan dcf5981bcd
Update x/sys to support go 1.17 (#11065)
Co-authored-by: James Rasell <jrasell@hashicorp.com>
2021-08-25 17:23:01 +02:00
Mahmood Ali fdb82b9398
Update some dependencies to match Enterprise (#10940)
Noticed that the private Enterprise repository dependencies drifted a bit. Here, we update the OSS to the dependencies used by Enterprise.

We should update all dependencies as a matter of hygiene, but that's an issue for another time.
2021-07-27 16:33:18 -04:00
Michael Schurter ea996c321d
Merge pull request #10916 from hashicorp/f-audit-log-mode
Add audit log file mode config parameter
2021-07-27 12:16:37 -07:00
Mahmood Ali d97927ebcf
cli: Use glint to determine if os.Stdout is tty (#10926)
Use glint to determine if os.Stdout is a terminal.

glint Terminal renderer expects os.Stdout [not only to be a terminal, but also to have non-zero size](b492b545f6/renderer_term.go (L39-L46)). It's unclear how this condition arises, but this additional check causes Nomad to render deployments progress through glint when glint cannot support it.

By using golint to perform the check, we eliminate the risk of mis-judgement.
2021-07-23 11:27:47 -04:00
Seth Hoenig 06a272890a deps: upgrade consul api to 1.9.1 2021-07-22 09:26:20 -05:00
Michael Schurter 2260ff3684 deps: sync oss versions with enterprise
see hashicorp/nomad-enterprise#586 for audit logger related dependency
updates
2021-07-20 10:55:31 -07:00
James Rasell fd8685c32b
deps: update consul-template to v0.25.2. 2021-07-13 09:46:32 +02:00
Huan Wang 3da7a4e206
update-gopsutil (#10790) 2021-06-21 10:19:39 -04:00
Tim Gross 40a7b24dca
deps: bump go-getter to 1.5.4 (#10778) 2021-06-17 16:30:00 -04:00
Isabel Suchanek dfaef2468c cli: add monitor flag to deployment status
Adding '-verbose' will print out the allocation information for the
deployment. This also changes the job run command so that it now blocks
until deployment is complete and adds timestamps to the output so that
it's more in line with the output of node drain.

This uses glint to print in place in running in a tty. Because glint
doesn't yet support cmd/powershell, Windows workflows use a different
library to print in place, which results in slightly different
formatting: 1) different margins, and 2) no spinner indicating
deployment in progress.
2021-06-09 16:18:45 -07:00
Mahmood Ali e17082b9cf
update golang to 1.16.3 (#10484) 2021-04-30 13:52:05 -04:00
Michael Schurter a6636723ee vendor: update aws-sdk-go and deps 2021-04-27 15:07:03 -07:00
Seth Hoenig 9c4e2e93d0 deps: update consul api for transparent proxy 2021-04-19 14:56:01 -06:00
Nick Ethier cde820f14b update go.mod 2021-04-16 14:56:07 -04:00
Seth Hoenig c351e5566d deps: upgrade go-plugin dependency
This PR brings go-plugin up to date from ~v1.0.1 to v1.4.0 (about 18 months)
with a grab-bag of bux fixes.
2021-04-12 14:37:04 -06:00
Mahmood Ali 6de35bd1b7 update hcl2 to latest
Update hcl/v2 to point to https://github.com/hashicorp/hcl/commits/nomad-v2.9.1+tweaks1
2021-04-07 16:16:49 -04:00
Seth Hoenig f17ba33f61 consul: plubming for specifying consul namespace in job/group
This PR adds the common OSS changes for adding support for Consul Namespaces,
which is going to be a Nomad Enterprise feature. There is no new functionality
provided by this changeset and hopefully no new bugs.
2021-04-05 10:03:19 -06:00
zhsj 5a182e1d03
deps: update runc to v1.0.0-rc93
includes updates for breaking changes in runc v1.0.0-rc93
2021-03-31 10:57:02 -04:00
Tim Gross f820021f9e deps: bump gopsutil to v3.21.2 2021-03-30 16:02:51 -04:00
Tim Gross f000b460e4 csi: upgrade CSI protobufs to 1.4.0 2021-03-12 10:36:33 -05:00
Seth Hoenig 29801c8e40 consul: upgrade consul/api to 1.8.1 2021-01-29 10:04:45 -06:00
Tim Gross 23cc8b4d77
interpolate maps in dynamic blocks (#9921)
Update hcl2 for patch to fix map interpolation in dynamic blocks
2021-01-29 10:16:07 -05:00
Kent 'picat' Gruber f0d1c4092b
Update go-getter to v1.5.2 with support for vhost style S3 paths (#9349) 2021-01-07 13:34:28 -05:00
Ben Buzbee a8e4aa76c6 Use new go-connlimit with HTTP 429 response
This is essentially a port of Consul's similar fix
Changes are:
go get -u github.com/hashicorp/go-connlimit
go mod vendor
Use new HTTP429 handler

20d1ea7d2d
2020-12-09 17:57:16 -06:00
Drew Bailey cb689a8382
Api/event stream payload values (#9277)
* Get concrete types out of dynamic payload

wip

pull out value setting to func

* Add TestEventSTream_SetPayloadValue

Add more assertions

use alias type in unmarshalJSON to handle payload rawmessage

shorten unmarshal and remove anonymous wrap struct

* use map structure and helper functions to return concrete types

* ensure times are properly handled

* update test name

* put all decode logic in a single function

Co-authored-by: Kris Hicks <khicks@hashicorp.com>
2020-11-05 13:04:18 -05:00
Mahmood Ali f9290090e0 Update vendored libraries 2020-10-21 15:46:56 -04:00
Seth Hoenig 0478a50881
Merge pull request #9118 from hashicorp/f-use-upstream-gopsutil-again
deps: use upstream gopsutil once more
2020-10-20 10:30:44 -05:00
Seth Hoenig 5fc9e74ba7 build: update gomod go version
Keep go.mod go version up to date with the version of Go used
to build Nomad.
2020-10-17 09:04:33 -05:00
Seth Hoenig 8e4df4ca51 deps: use upstream gopsutil once more
The PR we needed https://github.com/shirou/gopsutil/pull/889 has been merged
upstream, which means we can use upstream rather than our fork of psutil.
2020-10-17 08:54:50 -05:00
Mahmood Ali 90a0b5e558
vendor: update go-getter and x/net (#9099)
Update go-getter to the latest release now that hashicorp/go-getter#256 is merged.
Also, pick up a xz CVE fix that go-getter merged in hashicorp/go-getter#279 .
2020-10-15 10:24:24 -04:00
Drew Bailey 8ffe981357
go-memdb v1.3.0 2020-10-14 12:44:41 -04:00
Drew Bailey b4c135358d
use Events to wrap index and events, store in events table 2020-10-14 12:44:39 -04:00
Seth Hoenig 3f5ecd6f42 deps: update aws-sdk-go for ec2metadata bugfix
Newer versions of aws-sdk-go contain a bugfix for retrieving
region vs availability-zone information.
2020-10-06 13:05:29 -05:00
Tim Gross 474c18102d
e2e: extend ConsulTemplate test and fix flakiness (#8997)
Add service discovery integration to the existing consul-template E2E test,
and verify both service and key updates force re-rendering. Fixes flakiness by
using the longer default wait config we use elsewhere.

Removes our last direct dependency on gomega.
2020-10-05 10:51:55 -04:00
Fredrik Hoem Grelland 953d4de8dd
update consul-template to v0.25.1 (#8988) 2020-10-01 14:08:49 -04:00
Yoan Blanc 0f217a6b96
feat: upgrade consul 1.7, and go-discover
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-09-13 11:40:47 +02:00
Tim Gross b927a4c061 remove direct dependency on ginkgo 2020-09-10 13:00:42 -04:00
Mahmood Ali 39e2c64a39 Update cronexpr to pick up month zero padding fix 2020-09-01 11:48:28 -04:00
Seth Hoenig a09d1746bf
Merge branch 'master' into consul-v1.7.7 2020-08-24 10:43:00 -05:00
Yoan Blanc 7b873b7746
vendor: rs/cors v1.7.0
The Olivier Poitrey Go CORS handler through 1.3.0 actively converts
a wildcard CORS policy into reflecting an arbitrary Origin header
value, which is incompatible with the CORS security design, and
could lead to CORS misconfiguration security problems.

CVE-2018-20744

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-08-23 10:36:38 +02:00
Yoan Blanc 63b27d42a2
vendor: consul/api, consul/sdk v1.6.0
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-08-23 09:43:37 +02:00
Yoan Blanc 5e629775ac
vendor: consul v1.7.7
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-08-23 09:41:27 +02:00
Shengjing Zhu c69984f853 Update runc to v1.0.0-rc92 2020-08-19 23:56:35 +08:00
Drew Bailey 1c95bdb616
upgrade go metrics to 0.3.4 (#8637) 2020-08-11 13:26:45 -04:00
Seth Hoenig fb1c85a956 deps: upgrade import of consul/api
Upgrade our consul/api import to the equivelent of consul@v1.8.1 which includes
a bug fix necessary for #6913. If consul would publish a proper api/ submodule tag
we could reference that.
2020-08-06 21:02:33 -05:00
Mahmood Ali 026d8c6eed tests: avoid os.Exit in a test 2020-07-01 15:25:13 -04:00
Mahmood Ali e7a3d6e358 Update github.com/syndtr/gocapability
runc requires a more recent version
2020-06-22 17:10:41 -04:00
Mahmood Ali 7423f38771 Upgrade libcontainer dependency
Upgrade libcontainer dependency to pick up fix for CVE-2019-19921 .
2020-06-22 16:56:54 -04:00
Nick Ethier 6e3313c672
vendor: sync api changes 2020-06-19 11:31:39 -04:00
Michael Schurter 0ed023c61a deps: updated libnetwork dep
Adding missing vendor files as well.
2020-06-18 11:05:31 -07:00
Tim Gross 1a94afbc55
Revert "fix go.mod replace for api by using older semantics (#8113)" (#8115)
This reverts commit e3db589c09ee14c3c427d21662b71e98811e8722.
2020-06-04 11:29:03 -04:00
Tim Gross af421d2ff1
fix go.mod replace for api by using older semantics (#8113) 2020-06-04 10:33:28 -04:00
Mahmood Ali 82c87cf97b
Vendor gopsutil with go mod fix (#8108)
Point to gopsutil fork with shirou/gopsutil#889 changes. I used hashicorp/gopsutil rather than pointing to https://github.com/Lomanic/gopsutil/tree/issue832 directly just in case..
2020-06-03 16:09:27 -04:00
Seth Hoenig 435c0d9fc8 deps: Switch to Go modules for dependency management
This PR switches the Nomad repository from using govendor to Go modules
for managing dependencies. Aspects of the Nomad workflow remain pretty
much the same. The usual Makefile targets should continue to work as
they always did. The API submodule simply defers to the parent Nomad
version on the repository, keeping the semantics of API versioning that
currently exists.
2020-06-02 14:30:36 -05:00