Skip to content

Release 1.21.2

Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Mar 11:31
· 629 commits to main since this release
c2fd2ac

Release date: Dec 21, 2023

Security

  • By default, TLSv1.3 is now enforced on all PostgreSQL 12 or higher installations. Additionally, users can configure the ssl_ciphers, ssl_min_protocol_version, and ssl_max_protocol_version GUCs (cloudnative-pg#3408).
  • Integration of Docker image scanning with Dockle and Snyk to enhance security measures (cloudnative-pg#3300).

Enhancements

  • Improved reconciliation of external clusters (cloudnative-pg#3533).
  • Introduction of the ability to enable/disable the ALTER SYSTEM command (cloudnative-pg#3535).
  • Support for Prometheus' dynamic relabeling through the podMonitorMetricRelabelings and podMonitorRelabelings options in the .spec.monitoring stanza of the Cluster and Pooler resources (cloudnative-pg#3075).
  • Enhanced computation of the first recoverability point and last successful backup by considering volume snapshots alongside object-store backups (cloudnative-pg#2940).
  • Elimination of the use of the PGPASSFILE environment variable when establishing a network connection to PostgreSQL (cloudnative-pg#3522).
  • Improved cnpg report plugin command by collecting a cluster's PVCs (cloudnative-pg#3357).
  • Enhancement of the cnpg status plugin command, providing information about managed roles, including alerts (cloudnative-pg#3310).
  • Introduction of Red Hat UBI 8 container images for the operator, suitable for OLM deployments.
  • Connection pooler:
    • Scaling down instances of a Pooler resource to 0 is now possible (cloudnative-pg#3517).
    • Addition of the cnpg.io/podRole label with a value of 'pooler' to every pooler deployment, differentiating them from instance pods (cloudnative-pg#3396).

Fixes

  • Reconciliation of metadata, annotations, and labels of PodDisruptionBudget resources (cloudnative-pg#3312 and cloudnative-pg#3434).
  • Reconciliation of the metadata of the managed credential secrets (cloudnative-pg#3316).
  • Resolution of a bug in the backup snapshot code where an error reading the body would be handled as an overall error, leaving the backup process indefinitely stuck (cloudnative-pg#3321).
  • Implicit setting of online backup with the cnpg backup plugin command when either immediate-checkpoint or wait-for-archive options are requested (cloudnative-pg#3449).
  • Disabling of wal_sender_timeout when joining through pg_basebackup (cloudnative-pg#3586)
  • Reloading of secrets used by external clusters (cloudnative-pg#3565)
  • Connection pooler:

Changes