From 958a6ea61100b5bd3457b4caf6c9d052c96395b9 Mon Sep 17 00:00:00 2001 From: Nitya Dhanushkodi Date: Wed, 4 Sep 2024 09:48:45 -0700 Subject: [PATCH 1/2] changelog 1.5.x --- CHANGELOG.md | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 828d01c5f0..7a422cfe3a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,34 @@ +## 1.5.3 (August 30, 2024) + +SECURITY: + +* Bump Go to 1.22.5 to address [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791) [[GH-4228](https://github.com/hashicorp/consul-k8s/issues/4228)] +* Upgrade Docker cli to use v.27.1. This addresses CVE +[CVE-2024-41110](https://nvd.nist.gov/vuln/detail/CVE-2024-41110) [[GH-4228](https://github.com/hashicorp/consul-k8s/issues/4228)] + +IMPROVEMENTS: + +* docker: update go-discover binary [[GH-4287](https://github.com/hashicorp/consul-k8s/issues/4287)] +* docker: update ubi base image to `ubi9-minimal:9.4`. [[GH-4287](https://github.com/hashicorp/consul-k8s/issues/4287)] +* helm: Adds `webhookCertManager.resources` field which can be configured to override the `resource` settings for the `webhook-cert-manager` deployment. [[GH-4184](https://github.com/hashicorp/consul-k8s/issues/4184)] +* helm: Adds `connectInject.apiGateway.managedGatewayClass.resourceJob.resources` field which can be configured to override the `resource` settings for the `gateway-resources-job` job. [[GH-4184](https://github.com/hashicorp/consul-k8s/issues/4184)] +* config-entry: add validate_clusters to mesh config entry [[GH-4256](https://github.com/hashicorp/consul-k8s/issues/4256)] +* helm: Kubernetes v1.30 is now supported. Minimum tested version of Kubernetes is now v1.27. [[GH-4244](https://github.com/hashicorp/consul-k8s/issues/4244)] + +BUG FIXES: + +* Fixes install of Consul on GKE Autopilot where the option 'manageNonStandardCRDs' was not being used for the TCPRoute CRD. [[GH-4213](https://github.com/hashicorp/consul-k8s/issues/4213)] +* api-gateway: fix nil pointer deref bug when the section name in a gateway policy is not specified [[GH-4247](https://github.com/hashicorp/consul-k8s/issues/4247)] +* helm: adds imagePullSecret to the gateway-resources job and the gateway-cleanup job, would fail before if the image was in a private registry [[GH-4210](https://github.com/hashicorp/consul-k8s/issues/4210)] +* openshift: order SecurityContextConstraint volumes alphabetically to match OpenShift behavior. +This ensures that diff detection tools like ArgoCD consider the source and reconciled resources to be identical. [[GH-4227](https://github.com/hashicorp/consul-k8s/issues/4227)] +* sync-catalog: fix infinite retry loop when the catalog fails to connect to consul-server during the sync process [[GH-4266](https://github.com/hashicorp/consul-k8s/issues/4266)] +* terminating-gateways: Fix bug where namespace field was not correctly set on ACL policies if using the `Registration` CRD with the service's namespace unset. [[GH-4224](https://github.com/hashicorp/consul-k8s/issues/4224)] + +## 1.5.2 (August 29, 2024) + +Release redacted, use `1.5.3` + ## 1.5.1 (July 16, 2024) SECURITY: From 8b4f2a26bd99428bd71882052f71bc5d3ff8160b Mon Sep 17 00:00:00 2001 From: Nitya Dhanushkodi Date: Thu, 5 Sep 2024 10:55:54 -0700 Subject: [PATCH 2/2] update skips --- .github/workflows/pr.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index d0d72cb6b3..a302748158 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -44,6 +44,7 @@ jobs: - check-name: Unit test control plane - check-name: Unit test cli - check-name: Unit test acceptance + - check-name: Unit test helm gen steps: - name: Update final status uses: docker://ghcr.io/curtbushko/commit-status-action:e1d661c757934ab35c74210b4b70c44099ec747a