fix: bump github.com/hashicorp/consul/api from 1.9.1 to 1.12.0

[dependabot]

Bumps github.com/hashicorp/consul/api from 1.9.1 to 1.12.0.

Release notes

Sourced from github.com/hashicorp/consul/api's releases.

v1.11.1

1.11.1 (December 15, 2021)

SECURITY:

• ci: Upgrade golang.org/x/net to address CVE-2021-44716 [GH-11854]

FEATURES:

• Admin Partitions (Consul Enterprise only) This version adds admin partitions, a new entity defining administrative and networking boundaries within a Consul deployment. For more information refer to the Admin Partition documentation. [GH-11855]
• networking: (Enterprise Only) Make segment_limit configurable, cap at 256.

v1.11.0

1.11.0 (December 14, 2021)

BREAKING CHANGES:

• acl: The legacy ACL system that was deprecated in Consul 1.4.0 has been removed. Before upgrading you should verify that nothing is still using the legacy ACL system. See the Migrate Legacy ACL Tokens Learn Guide for more information. [GH-11232]
• cli: consul acl set-agent-token master has been replaced with consul acl set-agent-token recovery [GH-11669]

SECURITY:

• namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace. This change fixes CVE-2021-41805.
• rpc: authorize raft requests CVE-2021-37219 [GH-10925]

FEATURES:

• Admin Partitions (Consul Enterprise only) This version adds admin partitions, a new entity defining administrative and networking boundaries within a Consul deployment. For more information refer to the Admin Partition documentation.
• ca: Add a configurable TTL for Connect CA root certificates. The configuration is supported by the Vault and Consul providers. [GH-11428]
• ca: Add a configurable TTL to the AWS ACM Private CA provider root certificate. [GH-11449]
• health-checks: add support for h2c in http2 ping health checks [GH-10690]
• ui: Add UI support to use Vault as an external source for a service [GH-10769]
• ui: Adding support of Consul API Gateway as an external source. [GH-11371]
• ui: Adds a copy button to each composite row in tokens list page, if Secret ID returns an actual ID [GH-10735]
• ui: Adds visible Consul version information [GH-11803]
• ui: Topology - New views for scenarios where no dependencies exist or ACLs are disabled [GH-11280]

IMPROVEMENTS:

• acl: replication routine to report the last error message. [GH-10612]
• agent: add variation of force-leave that exclusively works on the WAN [GH-11722]
• api: Enable setting query options on agent health and maintenance endpoints. [GH-10691]
• checks: add failures_before_warning setting for interval checks. [GH-10969]
• ci: Upgrade to use Go 1.17.5 [GH-11799]
• cli: Add -cas and -modify-index flags to the consul config delete command to support Check-And-Set (CAS) deletion of config entries [GH-11419]
• config: (Enterprise Only) Allow specifying permission mode for audit logs. [GH-10732]
• config: Support Check-And-Set (CAS) deletion of config entries [GH-11419]
• config: add dns_config.recursor_strategy flag to control the order which DNS recursors are queried [GH-10611]
• config: warn the user if client_addr is empty because client services won't be listening [GH-11461]

... (truncated)

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.11.1 (December 15, 2021)

SECURITY:

• ci: Upgrade golang.org/x/net to address CVE-2021-44716 [GH-11854]

FEATURES:

• Admin Partitions (Consul Enterprise only) This version adds admin partitions, a new entity defining administrative and networking boundaries within a Consul deployment. For more information refer to the Admin Partition documentation. [GH-11855]
• networking: (Enterprise Only) Make segment_limit configurable, cap at 256.

1.11.0 (December 14, 2021)

BREAKING CHANGES:

• acl: The legacy ACL system that was deprecated in Consul 1.4.0 has been removed. Before upgrading you should verify that nothing is still using the legacy ACL system. See the Migrate Legacy ACL Tokens Learn Guide for more information. [GH-11232]
• cli: consul acl set-agent-token master has been replaced with consul acl set-agent-token recovery [GH-11669]

SECURITY:

• namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace. This change fixes CVE-2021-41805.
• rpc: authorize raft requests CVE-2021-37219 [GH-10925]

FEATURES:

• Admin Partitions (Consul Enterprise only) This version adds admin partitions, a new entity defining administrative and networking boundaries within a Consul deployment. For more information refer to the Admin Partition documentation.
• ca: Add a configurable TTL for Connect CA root certificates. The configuration is supported by the Vault and Consul providers. [GH-11428]
• ca: Add a configurable TTL to the AWS ACM Private CA provider root certificate. [GH-11449]
• health-checks: add support for h2c in http2 ping health checks [GH-10690]
• ui: Add UI support to use Vault as an external source for a service [GH-10769]
• ui: Adding support of Consul API Gateway as an external source. [GH-11371]
• ui: Adds a copy button to each composite row in tokens list page, if Secret ID returns an actual ID [GH-10735]
• ui: Adds visible Consul version information [GH-11803]
• ui: Topology - New views for scenarios where no dependencies exist or ACLs are disabled [GH-11280]

IMPROVEMENTS:

• acl: replication routine to report the last error message. [GH-10612]
• agent: add variation of force-leave that exclusively works on the WAN [GH-11722]
• api: Enable setting query options on agent health and maintenance endpoints. [GH-10691]
• checks: add failures_before_warning setting for interval checks. [GH-10969]
• ci: Upgrade to use Go 1.17.5 [GH-11799]
• cli: Add -cas and -modify-index flags to the consul config delete command to support Check-And-Set (CAS) deletion of config entries [GH-11419]
• config: (Enterprise Only) Allow specifying permission mode for audit logs. [GH-10732]
• config: Support Check-And-Set (CAS) deletion of config entries [GH-11419]
• config: add dns_config.recursor_strategy flag to control the order which DNS recursors are queried [GH-10611]
• config: warn the user if client_addr is empty because client services won't be listening [GH-11461]
• connect/ca: cease including the common name field in generated x509 non-CA certificates [GH-10424]
• connect: Add low-level feature to allow an Ingress to retrieve TLS certificates from SDS. [GH-10903]

... (truncated)

Commits

• fed112e Merge pull request #11164 from hashicorp/docs/ingress-sds
• e7bb725 Merge pull request #11829 from hashicorp/ap/upstream-metrics
• d7df511 Merge pull request #11826 from hashicorp/proxycfg/valid-upstreams
• 76803dc proxycfg: ensure all of the watches are canceled if they are cancelable (#11824)
• 70f0afb Merge pull request #11818 from hashicorp/improve-url-not-found-response
• ac4daf1 proxycfg: use external addresses in tproxy when crossing partition boundaries...
• a89d859 Use anonymousToken when querying by secret ID (#11813)
• 0e28bba various partition related todos (#11822)
• 03ecc51 ui: Add version information back into the footer (#11803)
• 338d740 ui: Disable setting wildcard partitions for intentions (#11804)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)