Skip to content

Commit

Permalink
backport of commit 4dfedf1
Browse files Browse the repository at this point in the history
  • Loading branch information
aimeeu authored Nov 19, 2024
1 parent 4708e06 commit b713454
Show file tree
Hide file tree
Showing 52 changed files with 169 additions and 397 deletions.
3 changes: 0 additions & 3 deletions .changelog/24316.txt

This file was deleted.

3 changes: 0 additions & 3 deletions .changelog/24363.txt

This file was deleted.

3 changes: 0 additions & 3 deletions .changelog/24466.txt

This file was deleted.

35 changes: 0 additions & 35 deletions .github/pull_request_template.md

This file was deleted.

8 changes: 4 additions & 4 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ jobs:
with:
ref: ${{ github.event.inputs.build-ref }}
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

Expand Down Expand Up @@ -142,7 +142,7 @@ jobs:
with:
ref: ${{ github.event.inputs.build-ref }}
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

Expand Down Expand Up @@ -265,7 +265,7 @@ jobs:
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'

- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

Expand Down Expand Up @@ -356,7 +356,7 @@ jobs:
goos: [linux]
goarch: [amd64]
steps:
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{needs.get-go-version.outputs.go-version}}
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: true
go-version-file: .go-version
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ jobs:
echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT"
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.get-go-version.outputs.go-version }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:

steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test-core.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
timeout-minutes: 20
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand All @@ -74,7 +74,7 @@ jobs:
timeout-minutes: 8
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: true
go-version-file: .go-version
Expand Down Expand Up @@ -102,7 +102,7 @@ jobs:
- quick
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand All @@ -70,7 +70,7 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ secrets.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
- run: git config --global core.autocrlf false
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: ".go-version"
- name: Show installed Go version
Expand Down
30 changes: 3 additions & 27 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,18 +94,6 @@ BUG FIXES:
* template: Fixed a panic on client restart when using change_mode=script [[GH-24057](https://github.com/hashicorp/nomad/issues/24057)]
* ui: Fixes an issue where variables paths would not let namespaced users write variables unless they also had wildcard namespace variable write permissions [[GH-24073](https://github.com/hashicorp/nomad/issues/24073)]

## 1.8.7 Enterprise (November 8, 2024)

SECURITY:

* csi: Fixed a bug where a user with csi-write-volume permissions to one namespace can create volumes in another namespace (CVE-2024-10975) [[GH-24396](https://github.com/hashicorp/nomad/issues/24396)]

BUG FIXES:

* connect: add validation to ensure that connect native services specify a port [[GH-24329](https://github.com/hashicorp/nomad/issues/24329)]
* keyring: Fixed a panic on server startup when decrypting AEAD key data with empty RSA block [[GH-24383](https://github.com/hashicorp/nomad/issues/24383)]
* scheduler: fixed a bug where resource calculation did not account correctly for poststart tasks [[GH-24297](https://github.com/hashicorp/nomad/issues/24297)]

## 1.8.6 Enterprise(October 21, 2024)

IMPROVEMENTS:
Expand Down Expand Up @@ -245,7 +233,7 @@ BUG FIXES:
* server: Fixed a bug where expiring heartbeats for garbage collected nodes could panic the server [[GH-23383](https://github.com/hashicorp/nomad/issues/23383)]
* template: Fix template rendering on Windows [[GH-23432](https://github.com/hashicorp/nomad/issues/23432)]
* ui: Actions run from jobs with explicit name properties now work from the web UI [[GH-23553](https://github.com/hashicorp/nomad/issues/23553)]
* ui: Don't show keyboard nav hints when taking a screenshot [[GH-23365](https://github.com/hashicorp/nomad/issues/23365)]
* ui: Dont show keyboard nav hints when taking a screenshot [[GH-23365](https://github.com/hashicorp/nomad/issues/23365)]
* ui: Fix an issue where a remotely purged job would prevent redirect from taking place in the web UI [[GH-23492](https://github.com/hashicorp/nomad/issues/23492)]
* ui: Fix an issue where access to Job Templates in the UI was restricted to variable.write access [[GH-23458](https://github.com/hashicorp/nomad/issues/23458)]
* ui: Fix the Upload Jobspec button on the Run Job page [[GH-23548](https://github.com/hashicorp/nomad/issues/23548)]
Expand Down Expand Up @@ -342,18 +330,6 @@ BUG FIXES:
* ui: Show the namespace in the web UI exec command hint [[GH-20218](https://github.com/hashicorp/nomad/issues/20218)]
* windows: Fixed a regression where scanning task processes was inefficient [[GH-20619](https://github.com/hashicorp/nomad/issues/20619)]

## 1.7.15 (November 8, 2024)

SECURITY:

* csi: Fixed a bug where a user with csi-write-volume permissions to one namespace can create volumes in another namespace (CVE-2024-10975) [[GH-24396](https://github.com/hashicorp/nomad/issues/24396)]

BUG FIXES:

* connect: add validation to ensure that connect native services specify a port [[GH-24329](https://github.com/hashicorp/nomad/issues/24329)]
* deps: Fixed a bug where restarting Nomad could cause an unrelated process with the same PID as a failed executor to be killed [[GH-24265](https://github.com/hashicorp/nomad/issues/24265)]
* scheduler: fixed a bug where resource calculation did not account correctly for poststart tasks [[GH-24297](https://github.com/hashicorp/nomad/issues/24297)]

## 1.7.14 Enterprise (October 21, 2024)

IMPROVEMENTS:
Expand Down Expand Up @@ -645,7 +621,7 @@ IMPROVEMENTS:

* audit (Enterprise): Added ACL token role links to audit log auth objects [[GH-19415](https://github.com/hashicorp/nomad/issues/19415)]
* ui: Added a new example template with Task Actions [[GH-19153](https://github.com/hashicorp/nomad/issues/19153)]
* ui: Don't allow new jobspec download until template is populated, and remove group count from jobs index [[GH-19377](https://github.com/hashicorp/nomad/issues/19377)]
* ui: dont allow new jobspec download until template is populated, and remove group count from jobs index [[GH-19377](https://github.com/hashicorp/nomad/issues/19377)]
* ui: make the exec window look nicer on mobile screens [[GH-19332](https://github.com/hashicorp/nomad/issues/19332)]

BUG FIXES:
Expand Down Expand Up @@ -720,7 +696,7 @@ IMPROVEMENTS:
* ui: for system and sysbatch jobs, now show client name on hover in job panel [[GH-19051](https://github.com/hashicorp/nomad/issues/19051)]
* ui: nicer comment styles in UI example jobs [[GH-19037](https://github.com/hashicorp/nomad/issues/19037)]
* ui: show plan output warnings alongside placement failures and dry-run info when running a job through the web ui [[GH-19225](https://github.com/hashicorp/nomad/issues/19225)]
* ui: simplify presentation of task event times (10m2.230948s becomes 10m2s etc.) [[GH-18595](https://github.com/hashicorp/nomad/issues/18595)]
* ui: simplify presentation of task event times (10m2.230948s bceomes 10m2s etc.) [[GH-18595](https://github.com/hashicorp/nomad/issues/18595)]
* vars: Added a locking feature for Nomad Variables [[GH-18520](https://github.com/hashicorp/nomad/issues/18520)]

DEPRECATIONS:
Expand Down
11 changes: 1 addition & 10 deletions dev/hooks/pre-push
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ if [ -f version/version_ent.go ]; then
fi

# do not push directly to main, stable-*, release/*
# do not push Enterprise tags
# ====================
while read local_ref local_sha remote_ref remote_sha
do
Expand All @@ -46,13 +45,5 @@ do
if echo "$remote_ref"|grep -q 'refs/heads/release/.*'; then
fail "refusing to push directly to a branch prefixed \`release/\`"
fi

if echo "$remote_ref" | grep -q 'refs/tags/v.*\+ent'; then
fail "refusing to push Nomad Enterprise tag"
fi

if echo "$remote_ref" | grep -q 'refs/tags/v.*\+pro'; then
fail "refusing to push Nomad Enterprise (pro) tag"
fi

done

8 changes: 3 additions & 5 deletions e2e/allocexec/docker_exec_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (
"archive/tar"
"bytes"
"context"
"fmt"
"strings"
"testing"
"time"
Expand All @@ -28,14 +27,13 @@ func TestDockerAllocExec(t *testing.T) {
}

func testDockerExecStdin(t *testing.T) {
sub, cleanup := jobs3.Submit(t, "./input/sleepytar.hcl")
_, cleanup := jobs3.Submit(t, "./input/sleepytar.hcl")
t.Cleanup(cleanup)

client, err := nomadapi.NewClient(nomadapi.DefaultConfig())
must.NoError(t, err)

filter := fmt.Sprintf("JobID == \"%s\"", sub.JobID())
allocations, _, err := client.Allocations().List(&nomadapi.QueryOptions{Filter: filter})
allocations, _, err := client.Allocations().List(nil)
must.NoError(t, err)
must.SliceLen(t, 1, allocations)

Expand Down Expand Up @@ -87,7 +85,7 @@ func testDockerExecStdin(t *testing.T) {
nil,
nil,
)
must.NoError(t, err, must.Sprintf("error executing command inside the container: %v", err))
must.NoError(t, err)
must.Zero(t, exitCode)

// check the output of tar
Expand Down
25 changes: 0 additions & 25 deletions e2e/scaling/input/namespace_default_system.nomad

This file was deleted.

Loading

0 comments on commit b713454

Please sign in to comment.