Consul k8s - v0.44.0
0.44.0 (May 17, 2022)
BREAKING CHANGES:
* Helm
* Using the Vault integration requires Consul 1.12.0+. [GH-1213], [GH-1218]
IMPROVEMENTS:
* Helm
* Enable the ability to configure global.consulAPITimeout
to configure how long requests to the Consul API will wait to resolve before canceling. The default value is 5 seconds. [GH-1178]
BUG FIXES:
* Security
* Bump golang.org/x/crypto and golang.org/x/text dependencies to address CVE-2022-27291 and CVE-2021-38561 respectively on both CLI and Control Plane. There's no known exposure within Consul on Kubernetes as the dependencies are not invoked. [GH-1189]
* Control Plane
* Endpoints Controller queuing up service registrations/deregistrations when request to agent on a terminated pod does not time out. This could result in pods not being registered and service instances not being deregistered. [GH-714]
* Helm
* Update client-daemonset to include ca-cert volumeMount only when tls is enabled. [GH-1194]
* Update create-federation-secret-job to look up the automatically generated gossip encryption key by the right name when global.name is unset or set to something other than consul. [GH-1196]
* Add Admin Partitions support to Sync Catalog (Consul Enterprise only). [GH-1180]
* Correct webhook-cert-manager-clusterrole to utilize the web-cert-manager podsecuritypolicy rather than connect-injectors when global.enablePodSecurityPolicies
is true. [GH-1202]
* Enable Consul auto-reload-config only when Vault is enabled. [GH-1213]
* Revert TLS config to be compatible with Consul 1.11. [GH-1218]
Security
Details
- 🔍View and search all Consul k8s releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!