v1.7.3
1.7.3 (January 15, 2024)
IMPROVEMENTS:
- build: update to go 1.21.6 [GH-19709]
- cgroupslib: Consider CGroups OFF when essential controllers are missing [GH-19176]
- cli: Add new option
nomad setup vault -check
to help cluster operators migrate to workload identities for Vault [GH-19720] - consul: Add fingerprint for Consul Enterprise admin partitions [GH-19485]
- consul: Added support for Consul Enterprise admin partitions [GH-19665]
- consul: Added support for failures_before_warning and failures_before_critical in Nomad agent services [GH-19336]
- consul: Added support for failures_before_warning in Consul service checks [GH-19336]
- drivers/exec: Added support for OOM detection in exec driver [GH-19563]
- drivers: Enable configuring a raw_exec task to not have an upper memory limit [GH-19670]
- identity: Added vault_role to JWT workload identity claims if specified in jobspec [GH-19535]
- ui: Added group name to allocation tooltips on job status panel [GH-19601]
- ui: Adds a warning message to pages in the Web UI when logs are disabled [GH-18823]
- ui: Hide token secret upon successful login [GH-19529]
- ui: when an Action has long output, anchor to the latest messages [GH-19452]
- vault: Add
allow_token_expiration
field to allow Vault tokens to expire without renewal for short-lived tasks [GH-19691] - vault: Nomad clients will no longer attempt to renew Vault tokens that cannot be renewed [GH-19691]
BUG FIXES:
- acl: Fixed a bug where 1.5 and 1.6 clients could not access Nomad Variables and Services via templates [GH-19578]
- acl: Fixed auth method hashing which meant changing some fields would be silently ignored [GH-19677]
- auth: Added new optional OIDCDisableUserInfo setting for OIDC auth provider [GH-19566]
- client: Fixed a bug where where the environment variable / file for the Consul token weren't written. [GH-19490]
- consul (Enterprise): Fixed a bug where the group/task Consul cluster was assigned "default" when unset instead of the namespace-governed value
- core: Ensure job HCL submission data is persisted and restored during the FSM snapshot process [GH-19605]
- namespaces: Failed delete calls no longer return success codes [GH-19483]
- rawexec: Fixed a bug where oom_score_adj would be inherited from Nomad client [GH-19515]
- server: Fix panic when validating non-service reschedule block [GH-19652]
- server: Fix server not waiting for workers to submit nacks for dequeued evaluations before shutting down [GH-19560]
- state: Fixed a bug where purged jobs would not get new deployments [GH-19609]
- ui: Fix rendering of allocations table for jobs that don't have actions [GH-19505]
- vault: Fixed a bug that could cause errors during leadership transition when migrating to the new JWT and workload identity authentication workflow [GH-19689]
- vault: Fixed a bug where
allow_unauthenticated
was enforced when adefault_identity
was set [GH-19585]