Skip to content

v1.21.2
Compare
Choose a tag to compare
@cnp-autobot cnp-autobot released this 22 Dec 16:34
v1.21.2
988bdd3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Release date: Dec 22, 2023

Security

  • By default, TLSv1.3 is now enforced on all PostgreSQL 12 or higher installations. Additionally, users can configure the ssl_ciphers, ssl_min_protocol_version, and ssl_max_protocol_version GUCs (#3408).
  • Integration of Docker image scanning with Dockle and Snyk to enhance security measures (#3300).

Enhancements

  • Improved reconciliation of external clusters (#3533).
  • Introduction of the ability to enable/disable the ALTER SYSTEM command (#3535).
  • Support for Prometheus' dynamic relabeling through the podMonitorMetricRelabelings and podMonitorRelabelings options in the .spec.monitoring stanza of the Cluster and Pooler resources (#3075).
  • Enhanced computation of the first recoverability point and last successful backup by considering volume snapshots alongside object-store backups (#2940).
  • Elimination of the use of the PGPASSFILE environment variable when establishing a network connection to PostgreSQL (#3522).
  • Improved cnp report plugin command by collecting a cluster's PVCs (#3357).
  • Enhancement of the cnp status plugin command, providing information about managed roles, including alerts (#3310).
  • Introduction of Red Hat UBI 8 container images for the operator, suitable for OLM deployments.
  • Connection pooler:
    • Scaling down instances of a Pooler resource to 0 is now possible (#3517).
    • Addition of the k8s.enterprisedb.io/podRole label with a value of 'pooler' to every pooler deployment, differentiating them from instance pods (#3396).

Fixes

  • Reconciliation of metadata, annotations, and labels of PodDisruptionBudget resources (#3312 and #3434).
  • Reconciliation of the metadata of the managed credential secrets (#3316).
  • Resolution of a bug in the backup snapshot code where an error reading the body would be handled as an overall error, leaving the backup process indefinitely stuck (#3321).
  • Implicit setting of online backup with the cnp backup plugin command when either immediate-checkpoint or wait-for-archive options are requested (#3449).
  • Disabling of wal_sender_timeout when joining through pg_basebackup (#3586)
  • Reloading of secrets used by external clusters (#3565)
  • Connection pooler:
    • Ensuring the controller watches all secrets owned by a Pooler resource (#3428).
    • Reconciliation of RoleBinding for Pooler resources (#3391).
    • Reconciliation of imagePullSecret for Pooler resources (#3389).
    • Reconciliation of the service of a Pooler and addition of the required labels (#3349).
    • Extension of Pooler labels to the deployment as well, not just the pods (#3350).

Changes

  • Default operand image set to PostgreSQL 16.1 (#3270).
Assets 36
Loading