Bump github.com/hashicorp/consul from 1.2.2 to 1.10.10

[dependabot]

Bumps github.com/hashicorp/consul from 1.2.2 to 1.10.10.

Release notes

Sourced from github.com/hashicorp/consul's releases.

v1.10.10

1.10.10 (April 13, 2022)

SECURITY:

• agent: Added a new check field, disable_redirects, that allows for disabling the following of redirects for HTTP checks. The intention is to default this to true in a future release so that redirects must explicitly be enabled. [GH-12685]
• connect: Properly set SNI when configured for services behind a terminating gateway. [GH-12672]

IMPROVEMENTS:

• xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections [GH-12711]

DEPRECATIONS:

• tls: With the upgrade to Go 1.17, the ordering of tls_cipher_suites will no longer be honored, and tls_prefer_server_cipher_suites is now ignored. [GH-12766]

BUG FIXES:

• connect/ca: cancel old Vault renewal on CA configuration. Provide a 1 - 6 second backoff on repeated token renewal requests to prevent overwhelming Vault. [GH-12607]
• raft: upgrade to v1.3.6 which fixes a bug where a read replica node could attempt bootstrapping raft and prevent other nodes from bootstrapping at all [GH-12496]
• replication: Fixed a bug which could prevent ACL replication from continuing successfully after a leader election. [GH-12565]
• server: fix spurious blocking query suppression for discovery chains [GH-12512]

v1.10.9

1.10.9 (February 28, 2022)

SECURITY:

• agent: Use SHA256 instead of MD5 to generate persistence file names.

FEATURES:

• ca: support using an external root CA with the vault CA provider [GH-11910]

IMPROVEMENTS:

• connect: Update supported Envoy versions to include 1.18.6 [GH-12450]
• connect: update Envoy supported version of 1.20 to 1.20.2 [GH-12434]
• debug: reduce the capture time for trace to only a single interval instead of the full duration to make trace.out easier to open without running into OOM errors. [GH-12359]
• raft: add additional logging of snapshot restore progress [GH-12325]
• rpc: improve blocking queries for items that do not exist, by continuing to block until they exist (or the timeout). [GH-12110]
• sentinel: (Enterprise Only) Sentinel now uses SHA256 to generate policy ids
• server: conditionally avoid writing a config entry to raft if it was already the same [GH-12321]
• server: suppress spurious blocking query returns where multiple config entries are involved [GH-12362]

BUG FIXES:

• agent: Parse datacenter from Create/Delete requests for AuthMethods and BindingRules. [GH-12370]
• areas: (Enterprise Only) Fixes a bug when using Yamux pool ( for servers version 1.7.3 and later), the entire pool was locked while connecting to a remote location, which could potentially take a long time. [GH-1368]
• raft: fixed a race condition in leadership transfer that could result in reelection of the current leader [GH-12325]

... (truncated)

Changelog

Sourced from github.com/hashicorp/consul's changelog.

1.10.10 (April 13, 2022)

SECURITY:

• agent: Added a new check field, disable_redirects, that allows for disabling the following of redirects for HTTP checks. The intention is to default this to true in a future release so that redirects must explicitly be enabled. [GH-12685]
• connect: Properly set SNI when configured for services behind a terminating gateway. [GH-12672]

IMPROVEMENTS:

• xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections [GH-12711]

DEPRECATIONS:

• tls: With the upgrade to Go 1.17, the ordering of tls_cipher_suites will no longer be honored, and tls_prefer_server_cipher_suites is now ignored. [GH-12766]

BUG FIXES:

• connect/ca: cancel old Vault renewal on CA configuration. Provide a 1 - 6 second backoff on repeated token renewal requests to prevent overwhelming Vault. [GH-12607]
• raft: upgrade to v1.3.6 which fixes a bug where a read replica node could attempt bootstrapping raft and prevent other nodes from bootstrapping at all [GH-12496]
• replication: Fixed a bug which could prevent ACL replication from continuing successfully after a leader election. [GH-12565]
• server: fix spurious blocking query suppression for discovery chains [GH-12512]

1.10.9 (February 28, 2022)

SECURITY:

• agent: Use SHA256 instead of MD5 to generate persistence file names.

FEATURES:

• ca: support using an external root CA with the vault CA provider [GH-11910]

IMPROVEMENTS:

• connect: Update supported Envoy versions to include 1.18.6 [GH-12450]
• connect: update Envoy supported version of 1.20 to 1.20.2 [GH-12434]
• debug: reduce the capture time for trace to only a single interval instead of the full duration to make trace.out easier to open without running into OOM errors. [GH-12359]
• raft: add additional logging of snapshot restore progress [GH-12325]
• rpc: improve blocking queries for items that do not exist, by continuing to block until they exist (or the timeout). [GH-12110]
• sentinel: (Enterprise Only) Sentinel now uses SHA256 to generate policy ids
• server: conditionally avoid writing a config entry to raft if it was already the same [GH-12321]
• server: suppress spurious blocking query returns where multiple config entries are involved [GH-12362]

BUG FIXES:

• agent: Parse datacenter from Create/Delete requests for AuthMethods and BindingRules. [GH-12370]
• areas: (Enterprise Only) Fixes a bug when using Yamux pool ( for servers version 1.7.3 and later), the entire pool was locked while connecting to a remote location, which could potentially take a long time. [GH-1368]
• raft: fixed a race condition in leadership transfer that could result in reelection of the current leader [GH-12325]
• server: (Enterprise only) Namespace deletion will now attempt to delete as many namespaced config entries as possible instead of halting on the first deletion that failed.
• server: partly fix config entry replication issue that prevents replication in some circumstances [GH-12307]

... (truncated)

Commits

• d1379fe Staging 1.10.10 release
• d1e5433 Update CI and release Go versions to 1.17.9 (#12766)
• 3eed9f9 Merge pull request #12753 from hashicorp/httpcheck-disable-redirects-1.10.x
• 09db19a Add a field to disable following redirects on http checks
• 6f76179 [1.11.x] ci: upsize many slow-running circleci builds (#12749)
• 4657782 Merge pull request #12747 from hashicorp/tgate-san-validate-1.10.x
• 5a60bd1 [1.10.x] xds: ensure that all connect timeout configs can apply equally to tp...
• e961617 test: use docker buildkit backend for envoy integration tests (#12726)
• 36e7920 Use the GatewayService SNI field for upstream SAN validation
• 3187b30 [1.10.x] ci: run envoy integration tests on a real machine (#12717)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #41.