kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-04 17:35:43 +03:00
Code Issues Packages Projects Releases Wiki Activity
24,354 Commits 1 Branch 0 Tags
ceed255d73b87dee8f36ddf4ea756f363d4e8d83
Commit Graph

245 Commits

Author SHA1 Message Date
Tim Gross
9102a244f4 deps: update go-plugin to 1.4.9 (#16292) 
Fixes #16288. An earlier version of `go-plugin` introduced a warning log if
`SecureConfig` is unset. For Nomad and other applications that have "internal"
`go-plugin` consumers where the application runs itself as a plugin, this causes
spurious warn-level logs. For Nomad in particular this means every task driver
and logmon invocation emits the log, which is our primary operation.

The change was reverted upstream, so this changeset picks up the reverted
version.
 2023-03-02 13:39:57 -05:00
dependabot[bot]
a877fd9f97 build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 (#16220) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-22 11:13:25 -06:00
dependabot[bot]
26f8a955d7 build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#16198) 
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.6.12 to 1.6.18.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.6.12...v1.6.18)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-16 10:40:21 -05:00
Seth Hoenig
511d0c1e70 artifact: protect against unbounded artifact decompression (1.5.0) (#16151) 
* artifact: protect against unbounded artifact decompression

Starting with 1.5.0, set defaut values for artifact decompression limits.

artifact.decompression_size_limit (default "100GB") - the maximum amount of
data that will be decompressed before triggering an error and cancelling
the operation

artifact.decompression_file_count_limit (default 4096) - the maximum number
of files that will be decompressed before triggering an error and
cancelling the operation.

* artifact: assert limits cannot be nil in validation
 2023-02-14 09:28:39 -06:00
dependabot[bot]
b8616bf16b build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.12 to 3.23.1 (#16059) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.22.12 to 3.23.1.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.22.12...v3.23.1)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:36:39 -05:00
dependabot[bot]
25fd8ec753 build(deps): bump github.com/containernetworking/plugins (#16060) 
Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](https://github.com/containernetworking/plugins/compare/v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:35:50 -05:00
dependabot[bot]
fc22c15201 build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 (#16142) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.52.0 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.53.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:34:55 -05:00
dependabot[bot]
1d5fafe50a build(deps): bump github.com/docker/cli (#16141) 
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 20.10.23+incompatible to 23.0.1+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v20.10.23...v23.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:34:42 -05:00
Seth Hoenig
c35af4c577 deps: update go-set, go-landlock (#16146) 
Made a breaking change in go-set (String() signature), need to update
both these dependencies together and also fix a thing in structs.go
 2023-02-13 08:26:30 -06:00
Seth Hoenig
7798fe3330 deps: upgrade to hashicorp/golang-lru/v2 (#16085) 2023-02-08 15:20:33 -06:00
dependabot[bot]
631fd4778e build(deps): bump github.com/docker/docker from 20.10.21+incompatible to 20.10.23+incompatible (#15848) 
* build(deps): bump github.com/docker/docker

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.21+incompatible to 20.10.23+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v20.10.21...v20.10.23)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* changelog: add entry for docker/docker

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
 2023-01-30 09:10:06 -06:00
dependabot[bot]
df2272bb58 build(deps): bump github.com/brianvoe/gofakeit/v6 from 6.19.0 to 6.20.1 (#15846) 
Bumps [github.com/brianvoe/gofakeit/v6](https://github.com/brianvoe/gofakeit) from 6.19.0 to 6.20.1.
- [Release notes](https://github.com/brianvoe/gofakeit/releases)
- [Commits](https://github.com/brianvoe/gofakeit/compare/v6.19.0...v6.20.1)

---
updated-dependencies:
- dependency-name: github.com/brianvoe/gofakeit/v6
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-30 09:06:08 -06:00
dependabot[bot]
de1a96c445 build(deps): bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3 (#15847) 
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-30 09:04:20 -06:00
dependabot[bot]
dc77354fcc build(deps): bump github.com/docker/cli (#15938) 
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 20.10.22+incompatible to 20.10.23+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v20.10.22...v20.10.23)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-30 08:47:12 -06:00
dependabot[bot]
7c956ce65a build(deps): bump github.com/shoenig/test from 0.6.0 to 0.6.1 in /api (#15939) 
* build(deps): bump github.com/shoenig/test from 0.6.0 to 0.6.1 in /api

Bumps [github.com/shoenig/test](https://github.com/shoenig/test) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/shoenig/test/releases)
- [Commits](https://github.com/shoenig/test/compare/v0.6.0...v0.6.1)

---
updated-dependencies:
- dependency-name: github.com/shoenig/test
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* deps: update test

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
 2023-01-29 14:03:56 -06:00
dependabot[bot]
3ecc5d13b8 build(deps): bump github.com/aws/aws-sdk-go from 1.44.175 to 1.44.184 (#15849) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.175 to 1.44.184.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.175...v1.44.184)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-25 19:04:56 -05:00
dependabot[bot]
fa1868779c build(deps): bump github.com/prometheus/common from 0.37.0 to 0.39.0 (#15793) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.37.0 to 0.39.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.37.0...v0.39.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-19 11:01:28 -06:00
dependabot[bot]
95afb4e0af build(deps): bump github.com/shoenig/go-landlock from 0.1.3 to 0.1.4 (#15795) 
Bumps [github.com/shoenig/go-landlock](https://github.com/shoenig/go-landlock) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/shoenig/go-landlock/releases)
- [Commits](https://github.com/shoenig/go-landlock/compare/v0.1.3...v0.1.4)

---
updated-dependencies:
- dependency-name: github.com/shoenig/go-landlock
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-19 10:32:46 -06:00
dependabot[bot]
ce19044b11 build(deps): bump github.com/rs/cors from 1.8.2 to 1.8.3 (#15794) 
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-19 10:31:55 -06:00
dependabot[bot]
4dae083026 build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 (#15792) 
* build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* deps: format go.mod correctly

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
 2023-01-19 10:30:29 -06:00
dependabot[bot]
62caaf992d build(deps): bump github.com/hashicorp/go-hclog from 1.3.1 to 1.4.0 (#15791) 
Bumps [github.com/hashicorp/go-hclog](https://github.com/hashicorp/go-hclog) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/hashicorp/go-hclog/releases)
- [Commits](https://github.com/hashicorp/go-hclog/compare/v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-hclog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-19 09:52:04 -06:00
James Rasell
859cb6e3fb Merge branch 'main' into sso/gh-13120-oidc-login 2023-01-18 10:05:31 +00:00
dependabot[bot]
9622649eaf build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.12 (#15726) 
* build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.12

Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.6.6 to 1.6.12.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.6.6...v1.6.12)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* cl: add cl for containerd/containerd

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Seth Hoenig <shoenig@duck.com>
 2023-01-13 09:22:41 -06:00
dependabot[bot]
5936b3b8cb build(deps): bump github.com/aws/aws-sdk-go from 1.44.163 to 1.44.175 (#15719) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.163 to 1.44.175.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.163...v1.44.175)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-13 08:06:28 -06:00
dependabot[bot]
d45f74342c build(deps): bump golang.org/x/crypto from 0.1.0 to 0.5.0 (#15721) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.1.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.1.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-13 08:05:26 -06:00
dependabot[bot]
48008be535 build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (#15723) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.22.11 to 3.22.12.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/commits/v3.22.12)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-13 08:04:18 -06:00
James Rasell
847bf72843 deps: add OIDC required deps to main module. 2023-01-13 13:16:20 +00:00
Seth Hoenig
4698d8da79 consul/connect: support for proxy upstreams opaque config (#15761) 
This PR adds support for configuring `proxy.upstreams[].config` for
Consul Connect upstreams. This is an opaque config value to Nomad -
the data is passed directly to Consul and is unknown to Nomad.
 2023-01-12 08:20:54 -06:00
Piotr Kazmierczak
4cd60c3560 acl: binding rules evaluation (#15697) 
Binder provides an interface for binding claims and ACL roles/policies of Nomad.
 2023-01-10 16:08:08 +01:00
Seth Hoenig
283be3d641 deps: update shoenig/test to v0.6.0 (#15715) 
Adds support for custom cmp.Options; need to fix one minor thing
causing api breakage.
 2023-01-09 09:37:08 -06:00
dependabot[bot]
d71d7fd056 build(deps): bump github.com/hashicorp/go-set from 0.1.6 to 0.1.7 (#15624) 
Bumps [github.com/hashicorp/go-set](https://github.com/hashicorp/go-set) from 0.1.6 to 0.1.7.
- [Release notes](https://github.com/hashicorp/go-set/releases)
- [Commits](https://github.com/hashicorp/go-set/compare/v0.1.6...v0.1.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-set
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-02 10:16:16 -06:00
dependabot[bot]
afdee45b6c build(deps): bump github.com/docker/cli (#15623) 
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 20.10.21+incompatible to 20.10.22+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v20.10.21...v20.10.22)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-02 10:15:29 -06:00
dependabot[bot]
6bfa6aec83 build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0 (#15622) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/golang/sys/releases)
- [Commits](https://github.com/golang/sys/compare/v0.2.0...v0.3.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-02 10:14:58 -06:00
dependabot[bot]
3864be2247 build(deps): bump github.com/hashicorp/consul/api from 1.15.3 to 1.18.0 (#15621) 
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) from 1.15.3 to 1.18.0.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/api/v1.15.3...api/v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-02 10:14:31 -06:00
dependabot[bot]
8b77a419bb build(deps): bump github.com/hashicorp/go-plugin from 1.4.6 to 1.4.8 (#15620) 
Bumps [github.com/hashicorp/go-plugin](https://github.com/hashicorp/go-plugin) from 1.4.6 to 1.4.8.
- [Release notes](https://github.com/hashicorp/go-plugin/releases)
- [Changelog](https://github.com/hashicorp/go-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-plugin/compare/v1.4.6...v1.4.8)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-02 10:14:03 -06:00
dependabot[bot]
6bcf76c1b3 build(deps): bump github.com/aws/aws-sdk-go from 1.44.142 to 1.44.163 (#15594) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.142 to 1.44.163.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.142...v1.44.163)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-20 11:41:23 -06:00
dependabot[bot]
eb44f64a42 build(deps): bump github.com/shirou/gopsutil/v3 from 3.22.10 to 3.22.11 (#15467) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.22.10 to 3.22.11.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/commits)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-20 11:22:29 -06:00
dependabot[bot]
a79ea56910 build(deps): bump github.com/prometheus/client_golang (#15466) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-20 11:21:00 -06:00
dependabot[bot]
23a7cae57f build(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 (#15464) 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.4.3)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-20 11:20:15 -06:00
dependabot[bot]
15fd6b8260 build(deps): bump github.com/container-storage-interface/spec (#15463) 
Bumps [github.com/container-storage-interface/spec](https://github.com/container-storage-interface/spec) from 1.4.0 to 1.7.0.
- [Release notes](https://github.com/container-storage-interface/spec/releases)
- [Commits](https://github.com/container-storage-interface/spec/compare/v1.4.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/container-storage-interface/spec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-20 11:19:50 -06:00
Seth Hoenig
51cc205cc1 deps: update shoenig/test to 0.5.2 and fixup breaking changes (#15574) 2022-12-20 07:52:10 -06:00
Michael Schurter
fcb8831868 Migrate acls to generics (#13721) 
* Migrate acls to generics

See hashicorp/go-immutable-radix#43

* deps: fixup go.mod formatting

Co-authored-by: Seth Hoenig <shoenig@duck.com>
 2022-12-19 09:56:28 -08:00
Seth Hoenig
12034f90a3 api: make api tests fast and more concurrency safe (#15543) 
This PR tries to make API tests run fast, as an experiment to later apply
to all packages. Key changes include

- Swapping freeport for test/portal for port allocations
- Swappng some uses of WaitForResult with test/wait
- Turning on parallelism in api/testutil/slow.go
- Switching to custom public runner (32 vcpu)

There's also chunk of cleanup brought in for the ride
 2022-12-16 12:25:28 -06:00
Seth Hoenig
cfc67c3422 client: sandbox go-getter subprocess with landlock (#15328) 
* client: sandbox go-getter subprocess with landlock

This PR re-implements the getter package for artifact downloads as a subprocess.

Key changes include

On all platforms, run getter as a child process of the Nomad agent.
On Linux platforms running as root, run the child process as the nobody user.
On supporting Linux kernels, uses landlock for filesystem isolation (via go-landlock).
On all platforms, restrict environment variables of the child process to a static set.
notably TMP/TEMP now points within the allocation's task directory
kernel.landlock attribute is fingerprinted (version number or unavailable)
These changes make Nomad client more resilient against a faulty go-getter implementation that may panic, and more secure against bad actors attempting to use artifact downloads as a privilege escalation vector.

Adds new e2e/artifact suite for ensuring artifact downloading works.

TODO: Windows git test (need to modify the image, etc... followup PR)

* landlock: fixup items from cr

* cr: fixup tests and go.mod file
 2022-12-07 16:02:25 -06:00
Seth Hoenig
c8e0d5d37d fingerprint: add fingerprinting for CNI plugins presense and version (#15452) 
This PR adds a fingerprinter to set the attribute
"plugins.cni.version.<name>" => "<version>"

for each CNI plugin in <client>.cni_path (/opt/cni/bin by default).
 2022-12-05 14:22:47 -06:00
dependabot[bot]
717fddb521 build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 (#15402) 
* build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* changelog: add entry for #15402

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
 2022-11-29 14:55:17 -05:00
dependabot[bot]
6d547e6115 build(deps): bump github.com/hashicorp/consul/sdk from 0.11.0 to 0.13.0 (#15401) 
Bumps [github.com/hashicorp/consul/sdk](https://github.com/hashicorp/consul) from 0.11.0 to 0.13.0.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/sdk/v0.11.0...sdk/v0.13.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-29 14:26:48 -05:00
dependabot[bot]
1a7fda4c4c build(deps): bump github.com/mitchellh/cli from 1.1.4 to 1.1.5 (#15400) 
Bumps [github.com/mitchellh/cli](https://github.com/mitchellh/cli) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/mitchellh/cli/releases)
- [Commits](https://github.com/mitchellh/cli/compare/v1.1.4...v1.1.5)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-29 14:00:46 -05:00
dependabot[bot]
59d6068a9d build(deps): bump github.com/zclconf/go-cty from 1.12.0 to 1.12.1 (#15403) 
Bumps [github.com/zclconf/go-cty](https://github.com/zclconf/go-cty) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/zclconf/go-cty/releases)
- [Changelog](https://github.com/zclconf/go-cty/blob/main/CHANGELOG.md)
- [Commits](https://github.com/zclconf/go-cty/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/zclconf/go-cty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-29 13:45:58 -05:00
dependabot[bot]
a84043e148 build(deps): bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2 (#15404) 
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-29 13:28:46 -05:00