hashicorp/consul-k8s v1.1.4

on GitHub

1.1.4 (Aug 10, 2023)

SECURITY:

• Upgrade to use Go 1.20.6 and x/net/http 0.12.0.
  This resolves CVE-2023-29406(net/http). [GH-2642]
• Upgrade to use Go 1.20.7 and x/net 0.13.0.
  This resolves CVE-2023-29409(crypto/tls)
  and CVE-2023-3978(net/html). [GH-2710]

IMPROVEMENTS:

• Add support to provide the logLevel flag via helm for multiple low level components. Introduces the following fields

1. global.acls.logLevel
2. global.tls.logLevel
3. global.federation.logLevel
4. global.gossipEncryption.logLevel
5. server.logLevel
6. client.logLevel
7. meshGateway.logLevel
8. ingressGateways.logLevel
9. terminatingGateways.logLevel
10. telemetryCollector.logLevel [GH-2302]

• control-plane: increase timeout after login for ACL replication to 60 seconds [GH-2656]
• helm: adds values for securityContext and annotations on TLS and ACL init/cleanup jobs. [GH-2525]
• helm: do not set container securityContexts by default on OpenShift < 4.11 [GH-2678]
• helm: set container securityContexts to match the restricted Pod Security Standards policy to support running Consul in a namespace with restricted PSA enforcement enabled [GH-2572]

BUG FIXES:

• control-plane: fix bug in endpoints controller when deregistering services from consul when a node is deleted. [GH-2571]
• helm: fix CONSUL_LOGIN_DATACENTER for consul client-daemonset. [GH-2652]
• helm: fix ui ingress manifest formatting, and exclude ingressClass when not defined. [GH-2687]