backport of commit 08a2cd3

hashicorp · May 30, 2023 · 29923b4 · 29923b4
1 parent 370976f
commit 29923b4
Show file tree

Hide file tree

Showing 727 changed files with 2,700 additions and 42,075 deletions.
diff --git a/.changelog/1914.txt b/.changelog/1914.txt
diff --git a/.changelog/1920.txt b/.changelog/1920.txt
diff --git a/.changelog/1975.txt b/.changelog/1975.txt
diff --git a/.changelog/2029.txt b/.changelog/2029.txt
diff --git a/.changelog/2030.txt b/.changelog/2030.txt
diff --git a/.changelog/2093.txt b/.changelog/2093.txt
diff --git a/.changelog/2100.txt b/.changelog/2100.txt
diff --git a/.changelog/2102.txt → .changelog/2108.txt b/.changelog/2102.txt → .changelog/2108.txt
@@ -1,5 +1,5 @@
 ```release-note:security
-Upgrade to use Go 1.20.4.
+Upgrade to use Go 1.19.9.
 This resolves vulnerabilities [CVE-2023-24537](https://github.com/advisories/GHSA-9f7g-gqwh-jpf5)(`go/scanner`),
 [CVE-2023-24538](https://github.com/advisories/GHSA-v4m2-x4rp-hv22)(`html/template`),
 [CVE-2023-24534](https://github.com/advisories/GHSA-8v5j-pwr7-w5f8)(`net/textproto`) and
@@ -9,4 +9,4 @@ Also, `golang.org/x/net` has been updated to v0.7.0 to resolve CVEs [CVE-2022-41
 ), [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) and [CVE-2022-41723
 ](https://github.com/advisories/GHSA-vvpx-j8f3-3w6h
 .)
-```
+```
diff --git a/.changelog/2124.txt b/.changelog/2124.txt
diff --git a/.changelog/2134.txt b/.changelog/2134.txt
diff --git a/.changelog/2140.txt b/.changelog/2140.txt
@@ -0,0 +1,4 @@
+```release-note:improvement
+helm: update `imageConsulDataplane` value to `hashicorp/consul-dataplane:1.0.2`, `image` value to `hashicorp/consul:1.14.7`, 
+and `imageEnvoy` to `envoyproxy/envoy:v1.24.7`.
+```
diff --git a/.changelog/2152.txt b/.changelog/2152.txt
diff --git a/.changelog/2159.txt b/.changelog/2159.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+control-plane: fix issue with json tags of service defaults fields EnforcingConsecutive5xx, MaxEjectionPercent and BaseEjectionTime.
+```
diff --git a/.changelog/2170.txt b/.changelog/2170.txt
diff --git a/.changelog/2183.txt b/.changelog/2183.txt
diff --git a/.copywrite.hcl b/.copywrite.hcl
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,6 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-# SPDX-License-Identifier: MPL-2.0
-
 blank_issues_enabled: false
 contact_links:
   - name: Consul Community Support

diff --git a/.github/workflows/backport-checker.yml b/.github/workflows/backport-checker.yml
@@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 # This workflow checks that there is either a 'pr/no-backport' label applied to a PR
 # or there is a backport/<pr number>.txt file associated with a PR for a backport label
 

diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml
@@ -1,10 +1,8 @@
-# Copyright (c) HashiCorp, Inc.
-
 ---
 name: Backport Assistant Runner
 
 on:
-  pull_request_target:
+  pull_request:
     types:
       - closed
       - labeled

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 name: build
 on:
   workflow_dispatch:
@@ -21,7 +19,7 @@ jobs:
     outputs:
       go-version: ${{ steps.get-go-version.outputs.go-version }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@v3
       - name: Determine Go version
         id: get-go-version
         # We use .go-version as our source of truth for current Go
@@ -35,7 +33,7 @@ jobs:
     outputs:
       product-version: ${{ steps.get-product-version.outputs.product-version }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@v3
       - name: get product version
         id: get-product-version
         run: |
@@ -49,15 +47,15 @@ jobs:
       filepath: ${{ steps.generate-metadata-file.outputs.filepath }}
     steps:
       - name: "Checkout directory"
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@v3
       - name: Generate metadata file
         id: generate-metadata-file
         uses: hashicorp/actions-generate-metadata@v1
         with:
           version: ${{ needs.get-product-version.outputs.product-version }}
           product: ${{ env.PKG_NAME }}
           repositoryOwner: "hashicorp"
-      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+      - uses: actions/upload-artifact@v3
         with:
           name: metadata.json
           path: ${{ steps.generate-metadata-file.outputs.filepath }}
@@ -109,10 +107,10 @@ jobs:
 
     name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} ${{ matrix.component }} build    
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@v3
 
       - name: Setup go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go }}
 
@@ -134,7 +132,7 @@ jobs:
           zip -r -j out/${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
 
       - name: Upload built binaries 
-        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        uses: actions/upload-artifact@v3
         with:
           name: ${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
           path: ${{ matrix.component}}/out/${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
@@ -162,7 +160,7 @@ jobs:
 
       - name: Test rpm package
         if: ${{ matrix.goos == 'linux' && matrix.component == 'cli' && matrix.goarch == 'amd64'}}
-        uses: addnab/docker-run-action@v3  # TSCCR: no entry for repository "addnab/docker-run-action"
+        uses: addnab/docker-run-action@v3
         with:
           image: registry.access.redhat.com/ubi8/ubi:latest
           options: -v ${{ github.workspace }}:/work
@@ -179,15 +177,15 @@ jobs:
             echo "Test PASSED, expected: ${VERSION}, got: ${CONSUL_K8S_VERSION}"
 
       - name: Upload rpm package
-        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        uses: actions/upload-artifact@v3
         if: ${{ matrix.goos == 'linux' && matrix.component == 'cli' && matrix.goarch == 'amd64'}}
         with:
           name: ${{ env.RPM_PACKAGE }}
           path: out/${{ env.RPM_PACKAGE }}
 
       - name: Test debian package
         if: ${{ matrix.goos == 'linux' && matrix.component == 'cli' && matrix.goarch == 'amd64'}}
-        uses: addnab/docker-run-action@v3  # TSCCR: no entry for repository "addnab/docker-run-action"
+        uses: addnab/docker-run-action@v3
         with:
           image: ubuntu:latest
           options: -v ${{ github.workspace }}:/work
@@ -204,7 +202,7 @@ jobs:
             echo "Test PASSED, expected: ${VERSION}, got: ${CONSUL_K8S_VERSION}"
 
       - name: Upload debian packages 
-        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        uses: actions/upload-artifact@v3
         if: ${{ matrix.goos == 'linux' && matrix.component == 'cli' && matrix.goarch == 'amd64'}}
         with:
           name: ${{ env.DEB_PACKAGE }}
@@ -221,8 +219,8 @@ jobs:
       repo: ${{ github.event.repository.name }}
       version: ${{ needs.get-product-version.outputs.product-version }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+      - uses: actions/checkout@v3
+      - uses: actions/download-artifact@v3
         with:
           name: consul-cni_${{ needs.get-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip
           path: control-plane/dist/cni/linux/${{ matrix.arch }}
@@ -265,8 +263,8 @@ jobs:
       repo: ${{ github.event.repository.name }}
       version: ${{ needs.get-product-version.outputs.product-version }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+      - uses: actions/checkout@v3
+      - uses: actions/download-artifact@v3
         with:
           name: consul-cni_${{ needs.get-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip
           path: control-plane/dist/cni/linux/${{ matrix.arch }}
@@ -307,8 +305,8 @@ jobs:
       repo: ${{ github.event.repository.name }}
       version: ${{ needs.get-product-version.outputs.product-version }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+      - uses: actions/checkout@v3
+      - uses: actions/download-artifact@v3
         with:
           name: consul-cni_${{ needs.get-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip
           path: control-plane/dist/cni/linux/${{ matrix.arch }}

diff --git a/.github/workflows/changelog-checker.yml b/.github/workflows/changelog-checker.yml
@@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 # This workflow checks that there is either a 'pr/no-changelog' label applied to a PR
 # or there is a .changelog/<pr number>.txt file associated with a PR for a changelog entry
 
@@ -21,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@v2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0 # by default the checkout action doesn't checkout all branches

diff --git a/.github/workflows/jira-issues.yaml b/.github/workflows/jira-issues.yaml
@@ -15,7 +15,7 @@ jobs:
     name: Jira Community Issue sync
     steps:    
       - name: Login
-        uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1
+        uses: atlassian/gajira-login@v3.0.0
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
@@ -38,7 +38,7 @@ jobs:
 
       - name: Create ticket if an issue is filed, or if PR not by a team member is opened
         if: github.event.action == 'opened'
-        uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1
+        uses: tomhjp/gh-action-jira-create@v0.2.0
         with:
           project: NET
           issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}"
@@ -58,28 +58,28 @@ jobs:
       - name: Search
         if: github.event.action != 'opened'
         id: search
-        uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2
+        uses: tomhjp/gh-action-jira-search@v0.2.1
         with:
           # cf[10089] is Issue Link (use JIRA API to retrieve)
           jql: 'issuetype = "${{ steps.set-ticket-type.outputs.TYPE }}" and cf[10089] = "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"'
 
       - name: Sync comment
         if: github.event.action == 'created' && steps.search.outputs.issue
-        uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0
+        uses: tomhjp/gh-action-jira-comment@v0.1.0
         with:
           issue: ${{ steps.search.outputs.issue }}
           comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}"
 
       - name: Close ticket
         if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
+        uses: atlassian/gajira-transition@v2.0.1
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "Closed"
 
       - name: Reopen ticket
         if: github.event.action == 'reopened' && steps.search.outputs.issue
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
+        uses: atlassian/gajira-transition@v2.0.1
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "To Do"
diff --git a/.github/workflows/jira-pr.yaml b/.github/workflows/jira-pr.yaml
@@ -13,7 +13,7 @@ jobs:
     name: Jira sync
     steps:    
       - name: Login
-        uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1
+        uses: atlassian/gajira-login@v3.0.0
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
@@ -52,7 +52,7 @@ jobs:
 
       - name: Create ticket if an issue is filed, or if PR not by a team member is opened
         if: ( github.event.action == 'opened' && steps.is-team-member.outputs.MESSAGE == 'false' )
-        uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1
+        uses: tomhjp/gh-action-jira-create@v0.2.0
         with:
           project: NET
           issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}"
@@ -72,28 +72,28 @@ jobs:
       - name: Search
         if: github.event.action != 'opened'
         id: search
-        uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2
+        uses: tomhjp/gh-action-jira-search@v0.2.1
         with:
           # cf[10089] is Issue Link (use JIRA API to retrieve)
           jql: 'issuetype = "${{ steps.set-ticket-type.outputs.TYPE }}" and cf[10089] = "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"'
 
       - name: Sync comment
         if: github.event.action == 'created' && steps.search.outputs.issue
-        uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0
+        uses: tomhjp/gh-action-jira-comment@v0.1.0
         with:
           issue: ${{ steps.search.outputs.issue }}
           comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}"
 
       - name: Close ticket
         if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
+        uses: atlassian/gajira-transition@v2.0.1
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "Closed"
 
       - name: Reopen ticket
         if: github.event.action == 'reopened' && steps.search.outputs.issue
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
+        uses: atlassian/gajira-transition@v2.0.1
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "To Do"
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
@@ -21,7 +21,7 @@ jobs:
     name: test
     runs-on: ubuntu-latest
     steps:
-    - uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
+    - uses: benc-uk/workflow-dispatch@v1.2.2
       name: test
       with:
         workflow: test.yml

diff --git a/.github/workflows/nightly-acceptance.yml b/.github/workflows/nightly-acceptance.yml
@@ -17,7 +17,7 @@ jobs:
     name: cloud
     runs-on: ubuntu-latest
     steps:
-    - uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
+    - uses: benc-uk/workflow-dispatch@v1.2.2
       name: cloud
       with:
         workflow: cloud.yml