build(deps): bump github.com/hashicorp/consul/api from 1.12.0 to 1.18.0

[dependabot]

Bumps github.com/hashicorp/consul/api from 1.12.0 to 1.18.0.

Release notes

Sourced from github.com/hashicorp/consul/api's releases.

v1.14.2

1.14.2 (November 30, 2022)

FEATURES:

• connect: Add local_idle_timeout_ms to allow configuring the Envoy route idle timeout on local_app connect: Add IdleTimeout to service-router to allow configuring the Envoy route idle timeout [GH-14340]
• snapshot: (Enterprise Only) Add support for the snapshot agent to use an IAM role for authentication/authorization when managing snapshots in S3.

IMPROVEMENTS:

• dns: Add support for cluster peering .service and .node DNS queries. [GH-15596]

BUG FIXES:

• acl: avoid debug log spam in secondary datacenter servers due to management token not being initialized. [GH-15610]
• agent: Fixed issue where blocking queries with short waits could timeout on the client [GH-15541]
• ca: Fixed issue where using Vault as Connect CA with Vault-managed policies would error on start-up if the intermediate PKI mount existed but was empty [GH-15525]
• cli: (Enterprise Only) Fix issue where consul partition update subcommand was not registered and therefore not available through the cli.
• connect: Fixed issue where using Vault 1.11+ as CA provider would eventually break Intermediate CAs [GH-15217] [GH-15253]
• namespace: (Enterprise Only) Fix a bug that caused blocking queries during namespace replication to timeout
• peering: better represent non-passing states during peer check flattening [GH-15615]
• peering: fix the limit of replication gRPC message; set to 8MB [GH-15503]

v1.14.1

1.14.1 (November 21, 2022)

BUG FIXES:

• cli: Fix issue where consul connect envoy incorrectly uses the HTTPS API configuration for xDS connections. [GH-15466]
• sdk: Fix SDK testutil backwards compatibility by only configuring grpc_tls port for new Consul versions. [GH-15423]

v1.14.0

1.14.0 (November 15, 2022)

BREAKING CHANGES:

• config: Add new ports.grpc_tls configuration option. Introduce a new port to better separate TLS config from the existing ports.grpc config. The new ports.grpc_tls only supports TLS encrypted communication. The existing ports.grpc now only supports plain-text communication. [GH-15339]
• config: update 1.14 config defaults: Enable peering and connect by default. [GH-15302]
• config: update 1.14 config defaults: Set gRPC TLS port default value to 8503 [GH-15302]
• connect: Removes support for Envoy 1.20 [GH-15093]
• peering: Rename PeerName to Peer on prepared queries and exported services. [GH-14854]
• xds: Convert service mesh failover to use Envoy's aggregate clusters. This changes the names of some Envoy dynamic HTTP metrics. [GH-14178]

SECURITY:

... (truncated)

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.14.1 (November 21, 2022)

BUG FIXES:

• cli: Fix issue where consul connect envoy incorrectly uses the HTTPS API configuration for xDS connections. [GH-15466]
• sdk: Fix SDK testutil backwards compatibility by only configuring grpc_tls port for new Consul versions. [GH-15423]

1.14.0 (November 15, 2022)

KNOWN ISSUES:

• cli: consul connect envoy incorrectly enables TLS for gRPC connections when the HTTP API is TLS-enabled.

BREAKING CHANGES:

• config: Add new ports.grpc_tls configuration option. Introduce a new port to better separate TLS config from the existing ports.grpc config. The new ports.grpc_tls only supports TLS encrypted communication. The existing ports.grpc now only supports plain-text communication. [GH-15339]
• config: update 1.14 config defaults: Enable peering and connect by default. [GH-15302]
• config: update 1.14 config defaults: Set gRPC TLS port default value to 8503 [GH-15302]
• connect: Removes support for Envoy 1.20 [GH-15093]
• peering: Rename PeerName to Peer on prepared queries and exported services. [GH-14854]
• xds: Convert service mesh failover to use Envoy's aggregate clusters. This changes the names of some Envoy dynamic HTTP metrics. [GH-14178]

SECURITY:

• Ensure that data imported from peers is filtered by ACLs at the UI Nodes/Services endpoints CVE-2022-3920 [GH-15356]

FEATURES:

• DNS-proxy support via gRPC request. [GH-14811]
• cli: Add -node-name flag to redirect-traffic command to support running in environments without client agents. [GH-14933]
• cli: Add -consul-dns-port flag to the consul connect redirect-traffic command to allow forwarding DNS traffic to a specific Consul DNS port. [GH-15050]
• connect: Add Envoy connection balancing configuration fields. [GH-14616]
• grpc: Added metrics for external gRPC server. Added server_type=internal|external label to gRPC metrics. [GH-14922]
• http: Add new get-or-empty operation to the txn api. Refer to the API docs for more information. [GH-14474]
• peering: Add mesh gateway local mode support for cluster peering. [GH-14817]
• peering: Add support for stale queries for trust bundle lookups [GH-14724]
• peering: Add support to failover to services running on cluster peers. [GH-14396]
• peering: Add support to redirect to services running on cluster peers with service resolvers. [GH-14445]
• peering: Ensure un-exported services get deleted even if the un-export happens while cluster peering replication is down. [GH-14797]
• peering: add support for routine peering control-plane traffic through mesh gateways [GH-14981]
• sdk: Configure iptables to forward DNS traffic to a specific DNS port. [GH-15050]
• telemetry: emit memberlist size metrics and broadcast queue depth metric. [GH-14873]
• ui: Added support for central config merging [GH-14604]
• ui: Create peerings detail page [GH-14947]
• ui: Detect a TokenSecretID cookie and passthrough to localStorage [GH-14495]
• ui: Display notice banner on nodes index page if synthetic nodes are being filtered. [GH-14971]

... (truncated)

Commits

• 13836d5 Backport of ui: Add ServerExternalAddresses to peer token create form into re...
• 18dffc5 Backport of peering: better represent non-passing states during peer check fl...
• a445588 Backport of docs: Update acl-tokens.mdx into release/1.14.x (#15609)
• e674f36 backport of commit 9cc1010534932586620323c5ed17244f76881dfa (#15606)
• 657616a Backport of Remove log line about server mgmt token init into release/1.14.x ...
• b152669 backport of commit 6f18c57f5b7e74154144cd23ec8e57bfa3037635 (#15529)
• 7c0eec4 Add support for configuring Envoys route idle_timeout (#14340) (#15611)
• c5dd81e Backport of docs: typo on cluster peering k8s into release/1.14.x (#15604)
• 9a235cb Backport of docs: Clean up k8s cluster peering instructions into release/1.14...
• e7f8505 Backport of Add peering .service and .node DNS lookups. into release/1.14...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #160.