* envoyextensions/v0.2.3
* envoyextensions/v0.2.4
* restore replace statements in api after api module was published.
* troubleshoot/v0.2.2
* restore replace statements in api after troubleshoot module was published.
* updating rootgo.mod
Backport of security: bump go, x/net and envoy versions into release/1.15.x
* Bump go version
* Bump x/net
* Bump envoy version
* Add changelog
---------
Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
* Revert "Backport into 1.15 of NET-6944 - Replace usage of deprecated Envoy field envoy.extensions.filters.http.lua.v3.Lua.inline_code (#20052)"
This reverts commit d99c27b355.
* Revert "Backport of NET-4774 - replace usage of deprecated Envoy field match_subject_alt_names into release/1.15.x (#20055)"
This reverts commit dbc87ca992.
* Revert "Backport of NET-6942 - Replace usage of deprecated Envoy field envoy.config.cluster.v3.Cluster.http_protocol_options. into release/1.15.x (#20031)"
This reverts commit 3b70b66ecf.
* Revert "Backport of NET-6317 - update usage of deprecated fields: http2_protocol_options and access_log_path into release/1.15.x (#19951)"
This reverts commit 1268d067c8.
Revert "Backport of NET-6943 - Replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. into release/1.15.x (#20059)"
This reverts commit ca07c058b6.
NET-6943 - Replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. (#20011)
Co-authored-by: John Murret <john.murret@hashicorp.com>
Bump google.golang.org/grpc to 1.56.3
This resolves [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487).
Also includes various fixes from later release versions required for
tests and linters to pass. See 77f44fa878
for the majority of these changes.
Co-authored-by: Chris Thain <chris.m.thain@gmail.com>
Backport of [NET-4865] Bump golang.org/x/net to 0.12.0 into release/1.16.x (#18189)
Bump golang.org/x/net to 0.12.0
While not necessary to directly address CVE-2023-29406 (which should be
handled by using a patched version of Go when building), an
accompanying change to HTTP/2 error handling does impact agent code.
See https://go-review.googlesource.com/c/net/+/506995 for the HTTP/2
change.
Bump this dependency across our submodules as well for the sake of
potential indirect consumers of `x/net/http`.
Manual backport of 84cbf09185.
* APIGW Normalize Status Conditions (#16994)
* normalize status conditions for gateways and routes
* Added tests for checking condition status and panic conditions for
validating combinations, added dummy code for fsm store
* get rid of unneeded gateway condition generator struct
* Remove unused file
* run go mod tidy
* Update tests, add conflicted gateway status
* put back removed status for test
* Fix linting violation, remove custom conflicted status
* Update fsm commands oss
* Fix incorrect combination of type/condition/status
* cleaning up from PR review
* Change "invalidCertificate" to be of accepted status
* Move status condition enums into api package
* Update gateways controller and generated code
* Update conditions in fsm oss tests
* run go mod tidy on consul-container module to fix linting
* Fix type for gateway endpoint test
* go mod tidy from changes to api
* go mod tidy on troubleshoot
* Fix route conflicted reason
* fix route conflict reason rename
* Fix text for gateway conflicted status
* Add valid certificate ref condition setting
* Revert change to resolved refs to be handled in future PR
* Resolve sneaky merge conflicts
---------
Co-authored-by: John Maguire <john.maguire@hashicorp.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Ensure nothing in the troubleshoot go module depends on consul's top level module. This is so we can import troubleshoot into consul-k8s and not import all of consul.
* turns troubleshoot into a go module [authored by @curtbushko]
* gets the envoy protos into the troubleshoot module [authored by @curtbushko]
* adds a new go module `envoyextensions` which has xdscommon and extensioncommon folders that both the xds package and the troubleshoot package can import
* adds testing and linting for the new go modules
* moves the unit tests in `troubleshoot/validateupstream` that depend on proxycfg/xds into the xds package, with a comment describing why those tests cannot be in the troubleshoot package
* fixes all the imports everywhere as a result of these changes
Co-authored-by: Curt Bushko <cbushko@gmail.com>
John Murret