Backport of Go discover dependency upgrade into release/1.20.x#22315
Merged
Vikramarjuna merged 104 commits intoMay 12, 2025
Merged
Conversation
In some environments, the script will not fail despite SKIP_CHECK_BRANCH being unset, leading to the script explicitly skipping CI when it should fail fast. Prevent this by explicitly checking for the env var.
* init release branch * init 1.20 nightly tests * drop 1.17 nightly tests for new release cycle * drop 1.17 from test matrix * Update nightly-test-integrations-1.20.x.yml
Commas are not expected after HCL blocks. This is causing parsing in BPA to fail and may interfere w/ other release-related workflows.
* upgrade go to 1.23.1, upgrade ubi image to 9.4 * add changelog * revert go version upgrade
…Vault (#21749) * Update test-integrations.yml Update Vault/Nomad versions to ensure we're testing the latest versions . * Update test to test latest available CE versions
Adds initial sg documentation
#21509) * New proposed structure * Fix structure and add some content * Fix structure and add some content * Fix structure and add some content * Add content * Add content * mtls steps * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * Encryption docs structure change * spacing fixes * Replace <CodeTabs> * <CodeBlockConfig> alignment * indent fixes * spacing * More Code tabs fixes * Structure chenges * Structure chenges * Extra content and CE-713 migration * Extra content * Extra content * Extra content * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review * Test CodeTabs * Test CodeTabs * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* fix spacing of bash scripts * shellcheck all the things * cat filename rather than concatenating pr number
stage rc release
This should be set to the next major version now that `release/1.20.x` has been created.
* update raft to 1.7.0 * add config to disable raft prevote * add changelog
ci: fix conditional skip and add safeguard Adopt a third-party action to avoid script bugs, and to fix a current issue where the script fails to detect all changes when processing push events on PR branches. Adapted from hashicorp/consul-dataplane#637. See that PR for testing details and background context.
fix changelog
* Add partition field for catalog deregister docs * Update website/content/api-docs/catalog.mdx Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* update serf links * add .markdown file extension * update serf links to use /blob/master/ * fix broken links --------- Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>
Add missing `&&` to iptables command. The original commands fail when being directly pasted into a shell.
* Bump Envoy version used for 1.20.x upgrade tests * Improve README + docstrings
No new minor versions, just incrementing the patches for hygiene's sake
* Backport of ci: update the security-scanner gha token into release/1.20.x (#21754) backport of commit eb9dbc9 Co-authored-by: dduzgun-security <deniz.duzgun@hashicorp.com> * Backport of Initialize 1.20 Release into release/1.20.x (#21753) * backport of commit a33e903 * backport of commit 37163dc * backport of commit 38f0907 * backport of commit 6ab7ec2 * backport of commit 7ac4178 * backport of commit 5dfebb2 * backport of commit 316d68c --------- Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> * Backport of Stage rc release into release/1.20.x (#21772) backport of commit d311f2b Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> * Backport of Upgrade ubi image to 9.4 into release/1.20.x (#21773) * backport of commit 888e302 * backport of commit 17499dc * backport of commit d933d37 --------- Co-authored-by: Dhia Ayachi <dhia.ayachi@gmail.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> * Backport of security: update alpine base image to 3.20 into release/1.20.x (#21774) * backport of commit 4421ce1 * Upgrade ubi image to 9.4 (#21750) --------- Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> * Backport of fix spacing of bash scripts into release/1.20.x (#21769) * backport of commit 1e97297 * backport of commit b7053f5 * backport of commit a391f2f --------- Co-authored-by: jm96441n <john.maguire@hashicorp.com> * Backport of [NET-11150] ci: fix conditional skip and add safeguard into release/1.20.x (#21783) backport of commit c3db6c9 Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com> * initial commit * Initial pages * Edits to other pages + nav & redirects * minor fixes * Backport of security: update alpine base image to 3.20 into release/1.20.x (#21774) * backport of commit 4421ce1 * Upgrade ubi image to 9.4 (#21750) --------- Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> * CE-679 * align with main * Content updates * minor edit * Apply suggestions from code review Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com> Co-authored-by: Blake Covarrubias <blake@covarrubi.as> * CoreDNS config update * small edits * typo fix --------- Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: dduzgun-security <deniz.duzgun@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Dhia Ayachi <dhia.ayachi@gmail.com> Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com> Co-authored-by: jm96441n <john.maguire@hashicorp.com> Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com> Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
* Update active version list in .release/versions.hcl * Remove nightly tests for 1.17.x * Add nightly tests for 1.20.x * Gate nightly tests for 1.19.x to Enterprise only * Update CHANGELOG.md
* Page creation * DNS views description * Catalog sync and openshift * Grafana + consul-k8s release notes * nav update * Fix known issues language
Also prevent future re-commits of this submodule path by adding to .gitignore.
…atch options to prevent L7 intentions bypass (#21816) mesh: add options for HTTP incoming request normalization Expose global mesh configuration to enforce inbound HTTP request normalization on mesh traffic via Envoy xDS config. mesh: enable inbound URL path normalization by default mesh: add support for L7 header match contains and ignore_case Enable partial string and case-insensitive matching in L7 intentions header match rules. ui: support L7 header match contains and ignore_case Co-authored-by: Phil Renaud <phil@riotindustries.com> test: add request normalization integration bats tests Add both "positive" and "negative" test suites, showing normalization in action as well as expected results when it is not enabled, for the same set of test cases. Also add some alternative service container test helpers for verifying raw HTTP request paths, which is difficult to do with Fortio. docs: update security and reference docs for L7 intentions bypass prevention - Update security docs with best practices for service intentions configuration - Update configuration entry references for mesh and intentions to reflect new values and add guidance on usage
Update matrices and clarify statements as to when Consul expands support to new major versions of Envoy and Consul dataplane in light of Consul LTS or Envoy EOL status.
* Update compatibility matrix to include 1.20.x * Update compatibility.mdx
github-team-consul-core-pr-approver
previously approved these changes
May 5, 2025
Collaborator
github-team-consul-core-pr-approver
left a comment
github-team-consul-core-pr-approver
left a comment
There was a problem hiding this comment.
Auto approved Consul Bot automated PR
github-actions
Bot
added
type/docs
Vikramarjuna
approved these changes
May 12, 2025
Vikramarjuna
deleted the
backport/nitin/go-discover-fix/mistakenly-optimal-mammal
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #22313 to be assessed for backporting due to the inclusion of the label backport/1.20.
The below text is copied from the body of the original PR.
Description
Go discover dependency upgrade.
Testing & Reproduction steps
Links
PR Checklist
Overview of commits