From c1f9d378cbc82607d5ba1e4f61dd596ae444340c Mon Sep 17 00:00:00 2001 From: hc-github-team-consul-core Date: Tue, 15 Oct 2024 12:16:49 -0400 Subject: [PATCH] Backport of Post-release updates for 1.20.0 into release/1.20.x (#21830) Post-release updates for 1.20.0 (#21829) * Update active version list in .release/versions.hcl * Remove nightly tests for 1.17.x * Add nightly tests for 1.20.x * Gate nightly tests for 1.19.x to Enterprise only * Update CHANGELOG.md Co-authored-by: Nathan Coleman --- .github/workflows/nightly-test-1.19.x.yaml | 9 ++++++ ...t-1.17.x.yaml => nightly-test-1.20.x.yaml} | 12 +++---- .release/versions.hcl | 5 +-- CHANGELOG.md | 31 +++++++++++++++++++ 4 files changed, 47 insertions(+), 10 deletions(-) rename .github/workflows/{nightly-test-1.17.x.yaml => nightly-test-1.20.x.yaml} (97%) diff --git a/.github/workflows/nightly-test-1.19.x.yaml b/.github/workflows/nightly-test-1.19.x.yaml index 2f5398596b2f..20c80dcb2395 100644 --- a/.github/workflows/nightly-test-1.19.x.yaml +++ b/.github/workflows/nightly-test-1.19.x.yaml @@ -14,8 +14,15 @@ env: GOPRIVATE: github.com/hashicorp # Required for enterprise deps jobs: + check-ent: + runs-on: ubuntu-latest + if: ${{ endsWith(github.repository, '-enterprise') }} + steps: + - run: echo "Building Enterprise" + frontend-test-workspace-node: runs-on: ubuntu-latest + needs: [ check-ent ] steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: @@ -45,6 +52,7 @@ jobs: frontend-build-ce: runs-on: ubuntu-latest + needs: [ check-ent ] env: JOBS: 2 CONSUL_NSPACES_ENABLED: 0 @@ -117,6 +125,7 @@ jobs: frontend-build-ent: runs-on: ubuntu-latest + needs: [ check-ent ] env: JOBS: 2 CONSUL_NSPACES_ENABLED: 1 diff --git a/.github/workflows/nightly-test-1.17.x.yaml b/.github/workflows/nightly-test-1.20.x.yaml similarity index 97% rename from .github/workflows/nightly-test-1.17.x.yaml rename to .github/workflows/nightly-test-1.20.x.yaml index 10eb3d9e0173..37f035def29b 100644 --- a/.github/workflows/nightly-test-1.17.x.yaml +++ b/.github/workflows/nightly-test-1.20.x.yaml @@ -1,7 +1,7 @@ # Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 -name: Nightly Frontend Test 1.17.x +name: Nightly Frontend Test 1.20.x on: schedule: - cron: '0 4 * * *' @@ -9,8 +9,8 @@ on: env: EMBER_PARTITION_TOTAL: 4 # Has to be changed in tandem with the matrix.partition - BRANCH: "release/1.17.x" - BRANCH_NAME: "release-1.17.x" # Used for naming artifacts + BRANCH: "release/1.20.x" + BRANCH_NAME: "release-1.20.x" # Used for naming artifacts GOPRIVATE: github.com/hashicorp # Required for enterprise deps jobs: @@ -22,7 +22,7 @@ jobs: frontend-test-workspace-node: runs-on: ubuntu-latest - needs: [check-ent] + needs: [ check-ent ] steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: @@ -52,7 +52,7 @@ jobs: frontend-build-ce: runs-on: ubuntu-latest - needs: [check-ent] + needs: [ check-ent ] env: JOBS: 2 CONSUL_NSPACES_ENABLED: 0 @@ -125,7 +125,7 @@ jobs: frontend-build-ent: runs-on: ubuntu-latest - needs: [check-ent] + needs: [ check-ent ] env: JOBS: 2 CONSUL_NSPACES_ENABLED: 1 diff --git a/.release/versions.hcl b/.release/versions.hcl index 7c5b4ee7eb28..253430f3ccc1 100644 --- a/.release/versions.hcl +++ b/.release/versions.hcl @@ -8,14 +8,11 @@ schema = 1 active_versions { version "1.20" { ce_active = true - }, - version "1.19" { - ce_active = true } + version "1.19" {} version "1.18" { lts = true } - version "1.17" {} version "1.15" { lts = true } diff --git a/CHANGELOG.md b/CHANGELOG.md index b13ac86b3bd3..8c5c420d0aa9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,34 @@ +## 1.20.0 (October 14, 2024) + +SECURITY: + +* Explicitly set 'Content-Type' header to mitigate XSS vulnerability. [[GH-21704](https://github.com/hashicorp/consul/issues/21704)] +* Implement HTML sanitization for user-generated content to prevent XSS attacks in the UI. [[GH-21711](https://github.com/hashicorp/consul/issues/21711)] +* UI: Remove codemirror linting due to package dependency [[GH-21726](https://github.com/hashicorp/consul/issues/21726)] +* Upgrade Go to use 1.22.7. This addresses CVE +[CVE-2024-34155](https://nvd.nist.gov/vuln/detail/CVE-2024-34155) [[GH-21705](https://github.com/hashicorp/consul/issues/21705)] +* Upgrade to support aws/aws-sdk-go `v1.55.5 or higher`. This resolves CVEs +[CVE-2020-8911](https://nvd.nist.gov/vuln/detail/cve-2020-8911) and +[CVE-2020-8912](https://nvd.nist.gov/vuln/detail/cve-2020-8912). [[GH-21684](https://github.com/hashicorp/consul/issues/21684)] +* ui: Pin a newer resolution of Braces [[GH-21710](https://github.com/hashicorp/consul/issues/21710)] +* ui: Pin a newer resolution of Codemirror [[GH-21715](https://github.com/hashicorp/consul/issues/21715)] +* ui: Pin a newer resolution of Markdown-it [[GH-21717](https://github.com/hashicorp/consul/issues/21717)] +* ui: Pin a newer resolution of ansi-html [[GH-21735](https://github.com/hashicorp/consul/issues/21735)] + +FEATURES: + +* grafana: added the dashboards service-to-service dashboard, service dashboard, and consul dataplane dashboard [[GH-21806](https://github.com/hashicorp/consul/issues/21806)] +* server: remove v2 tenancy, catalog, and mesh experiments [[GH-21592](https://github.com/hashicorp/consul/issues/21592)] + +IMPROVEMENTS: + +* security: upgrade ubi base image to 9.4 [[GH-21750](https://github.com/hashicorp/consul/issues/21750)] +* connect: Add Envoy 1.31 and 1.30 to support matrix [[GH-21616](https://github.com/hashicorp/consul/issues/21616)] + +BUG FIXES: + +* jwt-provider: change dns lookup family from the default of AUTO which would prefer ipv6 to ALL if LOGICAL_DNS is used or PREFER_IPV4 if STRICT_DNS is used to gracefully handle transitions to ipv6. [[GH-21703](https://github.com/hashicorp/consul/issues/21703)] + ## 1.20.0-rc1 (September 19, 2024) SECURITY: