Skip to content

v1.22.0
Compare
Choose a tag to compare
@github-actions github-actions released this 21 Dec 12:41
· 391 commits to main since this release
v1.22.0
86b9dc8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release date: Dec 21, 2023

!!! Important "Important changes from previous versions" This release introduces a significant change, disabling the default usage of the ALTER SYSTEM command in PostgreSQL. For users upgrading from a previous version who wish to retain the old behavior: please refer to the upgrade documentation for detailed instructions.

Features

  • Declarative Tablespaces: Introducing the tablespaces stanza in the Cluster spec, enabling comprehensive lifecycle management of PostgreSQL tablespaces for enhanced vertical scalability (#3410).

  • Temporary Tablespaces: Adding the .spec.tablespaces[*].temporary option to facilitate the utilization of a tablespace for temporary database operations, by incorporating the name into the temp_tablespaces PostgreSQL parameter (#3464).

Security

  • By default, TLSv1.3 is now enforced on all PostgreSQL 12 or higher installations. Additionally, users can configure the ssl_ciphers, ssl_min_protocol_version, and ssl_max_protocol_version GUCs (#3408).
  • Integration of Docker image scanning with Dockle and Snyk to enhance security measures (#3300).

Enhancements

  • Improved reconciliation of external clusters (#3533).
  • Introduction of the ability to enable/disable the ALTER SYSTEM command (#3535).
  • Support for Prometheus' dynamic relabeling through the podMonitorMetricRelabelings and podMonitorRelabelings options in the .spec.monitoring stanza of the Cluster and Pooler resources (#3075).
  • Enhanced computation of the first recoverability point and last successful backup by considering volume snapshots alongside object-store backups (#2940).
  • Elimination of the use of the PGPASSFILE environment variable when establishing a network connection to PostgreSQL (#3522).
  • Improved cnpg report plugin command by collecting a cluster's PVCs (#3357).
  • Enhancement of the cnpg status plugin command, providing information about managed roles, including alerts (#3310).
  • Introduction of Red Hat UBI 8 container images for the operator, suitable for OLM deployments.
  • Connection pooler:
    • Scaling down instances of a Pooler resource to 0 is now possible (#3517).
    • Addition of the cnpg.io/podRole label with a value of 'pooler' to every pooler deployment, differentiating them from instance pods (#3396).

Fixes

  • Reconciliation of metadata, annotations, and labels of PodDisruptionBudget resources (#3312 and #3434).
  • Reconciliation of the metadata of the managed credential secrets (#3316).
  • Resolution of a bug in the backup snapshot code where an error reading the body would be handled as an overall error, leaving the backup process indefinitely stuck (#3321).
  • Implicit setting of online backup with the cnpg backup plugin command when either immediate-checkpoint or wait-for-archive options are requested (#3449).
  • Disabling of wal_sender_timeout when joining through pg_basebackup (#3586)
  • Reloading of secrets used by external clusters (#3565)
  • Connection pooler:
    • Ensuring the controller watches all secrets owned by a Pooler resource (#3428).
    • Reconciliation of RoleBinding for Pooler resources (#3391).
    • Reconciliation of imagePullSecret for Pooler resources (#3389).
    • Reconciliation of the service of a Pooler and addition of the required labels (#3349).
    • Extension of Pooler labels to the deployment as well, not just the pods (#3350).

Changes

  • Default operand image set to PostgreSQL 16.1 (#3270).
  • The ALTER SYSTEM command is now disabled by default (#3545).
Assets 37