Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/hashicorp/nomad from 1.9.0 to 1.9.2 #489

Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/hashicorp/nomad from 1.9.0 to 1.9.2 #489

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2024
edited
Loading

Bumps github.com/hashicorp/nomad from 1.9.0 to 1.9.2.

Release notes

Sourced from github.com/hashicorp/nomad's releases.

v1.9.2

1.9.2 (November 08, 2024)

SECURITY:

  • csi: Fixed a bug where a user with csi-write-volume permissions to one namespace can create volumes in another namespace (CVE-2024-10975) [GH-24396]

IMPROVEMENTS:

  • api: new parameterized dispatch endpoint sends raw HTTP request body as Payload [GH-24312]
  • connect: Able to accept go-sockaddr address for consul grpc address [GH-24280]
  • consul: add support for service weight [GH-24186]
  • drivers: Add work_dir config to exec/rawexec/java drivers for setting the working directory of processes in a task [GH-24249]
  • drivers: Move executor process out of task cgroup after task starts on cgroups v1 [GH-24340]
  • drivers: add posibility to restrict user and group for exec and rawexec [GH-20073]
  • fingerprint gce: fingerprint preemptibility [GH-24169]
  • getter: Added option to chown artifact(s) to task user [GH-24157]
  • ui: Indicates prestart/poststart tasks by running/failed/pending status [GH-24133]
  • ui: Show region in header when only one region exists, and set it immediately upon logging in with a token [GH-24320]
  • ui: When your token expires, upon signing back in, redirect to your original route [GH-24374]

BUG FIXES:

  • cli: Corrected an ordering mistake in job tag unset help text [GH-24272]
  • connect: add validation to ensure that connect native services specify a port [GH-24329]
  • deps: Fixed a bug where restarting Nomad could cause an unrelated process with the same PID as a failed executor to be killed [GH-24265]
  • keyring: Fixed a panic on server startup when decrypting AEAD key data with empty RSA block [GH-24383]
  • scheduler: fixed a bug where resource calculation did not account correctly for poststart tasks [GH-24297]
  • state: Fixed setting GC threshold to more than 72hrs being ignored [GH-24112]

v1.9.1

1.9.1 (October 21, 2024)

IMPROVEMENTS:

  • cli: Added synopsis for operator root and operator gossip command [GH-23671]
  • cli: Updated example job specifications in nomad job init [GH-24232]

BUG FIXES:

  • consul: Fixed a bug where broken Consul ACL tokens could block registration and deregistration of services and checks [GH-24166]
  • consul: Fixed a bug where service deregistration could fail because Consul ACL tokens were revoked during allocation GC [GH-24166]
  • docker: Always negotiate API version when initializing clients [GH-24237]
  • docker: Fix incorrect auth parsing for private registries [GH-24215]
  • docker: Fixed a bug where alloc exec could leak a goroutine [GH-24244]
  • docker: Fixed a bug where alloc exec with stdin would hang [GH-24202]
  • docker: Fixed a bug where task CPU stats were reported incorrectly [GH-24229]
  • heartbeat: Fixed a bug where failed nodes would not be marked down [GH-24241]
  • scheduler: fixes reconnecting allocations not getting picked correctly when replacements failed [GH-24165]
  • ui: Fix an issue where a dropdown on the variables page would appear underneath table headers [GH-24162]

... (truncated)

Changelog

Sourced from github.com/hashicorp/nomad's changelog.

1.9.2 (November 08, 2024)

SECURITY:

  • csi: Fixed a bug where a user with csi-write-volume permissions to one namespace can create volumes in another namespace (CVE-2024-10975) [GH-24396]

IMPROVEMENTS:

  • api: new parameterized dispatch endpoint sends raw HTTP request body as Payload [GH-24312]
  • connect: Able to accept go-sockaddr address for consul grpc address [GH-24280]
  • consul: add support for service weight [GH-24186]
  • drivers: Add work_dir config to exec/rawexec/java drivers for setting the working directory of processes in a task [GH-24249]
  • drivers: Move executor process out of task cgroup after task starts on cgroups v1 [GH-24340]
  • drivers: add posibility to restrict user and group for exec and rawexec [GH-20073]
  • fingerprint gce: fingerprint preemptibility [GH-24169]
  • getter: Added option to chown artifact(s) to task user [GH-24157]
  • ui: Indicates prestart/poststart tasks by running/failed/pending status [GH-24133]
  • ui: Show region in header when only one region exists, and set it immediately upon logging in with a token [GH-24320]
  • ui: When your token expires, upon signing back in, redirect to your original route [GH-24374]

BUG FIXES:

  • cli: Corrected an ordering mistake in job tag unset help text [GH-24272]
  • connect: add validation to ensure that connect native services specify a port [GH-24329]
  • deps: Fixed a bug where restarting Nomad could cause an unrelated process with the same PID as a failed executor to be killed [GH-24265]
  • keyring: Fixed a panic on server startup when decrypting AEAD key data with empty RSA block [GH-24383]
  • scheduler: fixed a bug where resource calculation did not account correctly for poststart tasks [GH-24297]
  • state: Fixed setting GC threshold to more than 72hrs being ignored [GH-24112]

1.9.1 (October 21, 2024)

IMPROVEMENTS:

  • cli: Added synopsis for operator root and operator gossip command [GH-23671]
  • cli: Updated example job specifications in nomad job init [GH-24232]

BUG FIXES:

  • consul: Fixed a bug where broken Consul ACL tokens could block registration and deregistration of services and checks [GH-24166]
  • consul: Fixed a bug where service deregistration could fail because Consul ACL tokens were revoked during allocation GC [GH-24166]
  • docker: Always negotiate API version when initializing clients [GH-24237]
  • docker: Fix incorrect auth parsing for private registries [GH-24215]
  • docker: Fixed a bug where alloc exec could leak a goroutine [GH-24244]
  • docker: Fixed a bug where alloc exec with stdin would hang [GH-24202]
  • docker: Fixed a bug where task CPU stats were reported incorrectly [GH-24229]
  • heartbeat: Fixed a bug where failed nodes would not be marked down [GH-24241]
  • scheduler: fixes reconnecting allocations not getting picked correctly when replacements failed [GH-24165]
  • ui: Fix an issue where a dropdown on the variables page would appear underneath table headers [GH-24162]
  • ui: Put a max-width on token name so it doesn't collide with the search box in the top nav [GH-24240]
  • windows: Fixed a bug where a crashed executor would orphan task processes [GH-24214]
Commits
  • 75cc694 changelog correction
  • 57de785 Prepare for next release
  • de8a30b Generate files for 1.9.2 release
  • 885172b backport of commit c5249c6ca4dae2cf1f157e88545428ccfd6cc4a7 (#24400)
  • ee55848 backport of commit 498b29b3cf789d05fb2884a1ba6548159f59c9d9 (#24390)
  • e10cb19 Backport of CSI: fix namespace ACL bypass on create/register APIs into releas...
  • af35f3a backport of commit 3d9003879e764d86f5c001719a75a8b8a1955486 (#24395)
  • 8c6e5fe backport of commit a0ff07393b3dc2a17727fd68437873da79c403d7 (#24394)
  • 30ccde5 backport of commit a036b75aef1eb10afa08f31dbae8cbb55423bf9e (#24393)
  • 43c82b3 keyring: Fix a panic when decrypting aead with empty RSA block. (#24391)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github.com/hashicorp/nomad from 1.9.0 to 1.9.2
8003e5b 
Bumps [github.com/hashicorp/nomad](https://github.com/hashicorp/nomad) from 1.9.0 to 1.9.2.
- [Release notes](https://github.com/hashicorp/nomad/releases)
- [Changelog](https://github.com/hashicorp/nomad/blob/main/CHANGELOG.md)
- [Commits](hashicorp/nomad@v1.9.0...v1.9.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/nomad
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot mentioned this pull request Nov 10, 2024
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 11, 2024

Superseded by #491.

@dependabot dependabot bot closed this Nov 11, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/hashicorp/nomad-1.9.2 branch November 11, 2024 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
theme/dependencies
Projects
Nomad - Community Issues Triage
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants