build(deps): bump github.com/hashicorp/nomad from 1.4.1 to 1.4.6

[dependabot]

Bumps github.com/hashicorp/nomad from 1.4.1 to 1.4.6.

Release notes

Sourced from github.com/hashicorp/nomad's releases.

v1.4.6

1.4.6 (March 10, 2023)

SECURITY:

• variables: Fixed a bug where a workload-associated policy with a deny capability was ignored for the workload's own variables CVE-2023-1296 [GH-16349]

IMPROVEMENTS:

• env/ec2: update cpu metadata [GH-16417]

BUG FIXES:

• client: Fixed a bug that prevented allocations with interpolated values in Consul services from being marked as healthy [GH-16402]
• client: Fixed a bug where clients used the serf advertise address to connect to servers when using Consul auto-discovery [GH-16217]
• docker: Fixed a bug where pause containers would be erroneously removed [GH-16352]
• scheduler: Fixed a bug where collisions in dynamic port offerings would result in spurious plan-for-node-rejected errors [GH-16401]
• server: Fixed a bug where deregistering a job that was already garbage collected would create a new evaluation [GH-16287]
• server: Fixed a bug where node updates that produced errors from service discovery or CSI plugin updates were not logged [GH-16287]
• server: Fixed a bug where the system reconcile summaries command and API would not return any scheduler-related errors [GH-16287]

v1.4.5

1.4.5 (March 01, 2023)

BREAKING CHANGES:

• core: Ensure no leakage of evaluations for batch jobs. Prior to this change allocations and evaluations for batch jobs were never garbage collected until the batch job was explicitly stopped. The new batch_eval_gc_threshold server configuration controls how often they are collected. The default threshold is 24h. [GH-15097]

IMPROVEMENTS:

• api: improved error returned from AllocFS.Logs when response is not JSON [GH-15558]
• build: Update to go1.19.5 [GH-15769]
• build: Update to go1.20 [GH-16029]
• cli: Added -wait flag to deployment status for use with -monitor mode [GH-15262]
• cli: Added tls command to enable creating Certificate Authority and Self signed TLS certificates. There are two sub commands tls ca and tls cert that are helpers when creating certificates. [GH-14296]
• client: detect and cleanup leaked iptables rules [GH-15407]
• consul: add client configuration for grpc_ca_file [GH-15701]
• deps: Update google.golang.org/grpc to v1.51.0 [GH-15402]
• docs: link to an envoy troubleshooting doc when envoy bootstrap fails [GH-15908]
• env/ec2: update cpu metadata [GH-15770]
• fingerprint: Detect CNI plugins and set versions as node attributes [GH-15452]
• scheduler: allow using device IDs in affinity and constraint [GH-15455]
• ui: Add a button for expanding the Task sidebar to full width [GH-15735]
• ui: Made task rows in Allocation tables look more aligned with their parent [GH-15363]
• ui: Show events alongside logs in the Task sidebar [GH-15733]
• ui: The web UI will now show canary_tags of services anyplace we would normally show tags. [GH-15458]

DEPRECATIONS:

... (truncated)

Changelog

Sourced from github.com/hashicorp/nomad's changelog.

1.4.10 (May 19, 2023)

IMPROVEMENTS:

• core: Prevent task.kill_timeout being greater than update.progress_deadline [GH-16761]

BUG FIXES:

• bug: Corrected status description and modification time for canceled evaluations [GH-17071]
• client: Fixed a bug where restarting a terminal allocation turns it into a zombie where allocation and task hooks will run unexpectedly [GH-17175]
• client: clean up resources upon failure to restore task during client restart [GH-17104]
• scale: Fixed a bug where evals could be created with the wrong type [GH-17092]
• scheduler: Fixed a bug where implicit spread targets were treated as separate targets for scoring [GH-17195]
• scheduler: Fixed a bug where scores for spread scheduling could be -Inf [GH-17198]

1.4.9 (May 02, 2023)

IMPROVEMENTS:

• build: Update from Go 1.20.3 to Go 1.20.4 [GH-17056]
• dependency: update runc to 1.1.5 [GH-16712]

BUG FIXES:

• api: Fixed filtering on maps with missing keys [GH-16991]
• build: Linux packages now have vendor label and set the default label to HashiCorp. This fix is implemented for any future releases, but will not be updated for historical releases [GH-16071]
• client: Fix CNI plugin version fingerprint when output includes protocol version [GH-16776]
• client: Fix address for ports in IPv6 networks [GH-16723]
• client: Fixed a bug where restarting proxy sidecar tasks failed [GH-16815]
• client: Prevent a panic when an allocation has a legacy task-level bridge network and uses a driver that does not create a network namespace [GH-16921]
• core: the deployment's list endpoint now supports look up by prefix using the wildcard for namespace [GH-16792]
• csi: gracefully recover tasks that use csi node plugins [GH-16809]
• docker: Fixed a bug where plugin config values were ignored [GH-16713]
• drain: Fixed a bug where drains would complete based on the server status and not the client status of an allocation [GH-14348]
• driver/exec: Fixed a bug where cap_drop and cap_add would not expand capabilities [GH-16643]
• scale: Do not allow scale requests for jobs of type system [GH-16969]
• scheduler: Fix reconciliation of reconnecting allocs when the replacement allocations are not running [GH-16609]
• scheduler: honor false value for distinct_hosts constraint [GH-16907]
• server: Added verification of cron jobs already running before forcing new evals right after leader change [GH-16583]
• services: Fixed a bug preventing group service deregistrations after alloc restarts [GH-16905]

1.4.8 (April 04, 2023)

SECURITY:

• build: update to Go 1.20.3 to prevent denial of service attack via malicious HTTP headers CVE-2023-24534 [GH-16788]

1.4.7 (March 21, 2023)

IMPROVEMENTS:

... (truncated)

Commits

• f09f4d0 Generate files for 1.4.6 release
• 5e5140e acl: respect deny capabilities on job's own variables
• 0815277 Backport of env/aws: update ec2 cpu info data into release/1.4.x (#16430)
• 6972a2e Backport of docker: fix bug where network pause containers would be erroneous...
• 070c018 Backport of allocrunner: fix health check monitoring for Consul services into...
• 7c3d451 Backport of scheduling: prevent self-collision in dynamic port network offeri...
• b2fc889 chore: update website scripts (release/1.4.x) (#16386)
• 7c3f107 deps: Update ioutil deprecated library references to os and io respectively i...
• bce89a7 backport of commit da4e46be307bcaa0a85c3c141b409c5b75361bab (#16394)
• db7dbde Update ioutil library references to os and io respectively for command (#16388)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like github.com/hashicorp/nomad is up-to-date now, so this is no longer needed.