7a28fcb8af
Resolves #12095 by WONTFIXing it. This approach disables `writeToFile` as it allows arbitrary host filesystem writes and is only a small quality of life improvement over multiple `template` stanzas. This approach has the significant downside of leaving people who have altered their `template.function_denylist` *still vulnerable!* I added an upgrade note, but we should have implemented the denylist as a `map[string]bool` so that new funcs could be denied without overriding custom configurations. This PR also includes a bug fix that broke enabling all consul-template funcs. We repeatedly failed to differentiate between a nil (unset) denylist and an empty (allow all) one.
7 lines
247 B
Plaintext
7 lines
247 B
Plaintext
```release-note:bug
|
|
template: Fixed a bug preventing allowing all consul-template functions.
|
|
```
|
|
```release-note:improvement
|
|
template: Upgraded to from consul-template v0.25.2 to v0.28.0 which includes the sprig library of functions and more.
|
|
```
|