Release 1.22.0

Release date: Dec 21, 2023

!!! Important "Important changes from previous versions" This release introduces a significant change, disabling the default usage of the ALTER SYSTEM command in PostgreSQL. For users upgrading from a previous version who wish to retain the old behavior: please refer to the upgrade documentation for detailed instructions.

Features

• Declarative Tablespaces: Introducing the tablespaces stanza in the Cluster spec, enabling comprehensive lifecycle management of PostgreSQL tablespaces for enhanced vertical scalability (cloudnative-pg#3410).

• Temporary Tablespaces: Adding the .spec.tablespaces[*].temporary option to facilitate the utilization of a tablespace for temporary database operations, by incorporating the name into the temp_tablespaces PostgreSQL parameter (cloudnative-pg#3464).

Security

• By default, TLSv1.3 is now enforced on all PostgreSQL 12 or higher installations. Additionally, users can configure the ssl_ciphers, ssl_min_protocol_version, and ssl_max_protocol_version GUCs (cloudnative-pg#3408).
• Integration of Docker image scanning with Dockle and Snyk to enhance security measures (cloudnative-pg#3300).

Enhancements

• Improved reconciliation of external clusters (cloudnative-pg#3533).
• Introduction of the ability to enable/disable the ALTER SYSTEM command (cloudnative-pg#3535).
• Support for Prometheus' dynamic relabeling through the podMonitorMetricRelabelings and podMonitorRelabelings options in the .spec.monitoring stanza of the Cluster and Pooler resources (cloudnative-pg#3075).
• Enhanced computation of the first recoverability point and last successful backup by considering volume snapshots alongside object-store backups (cloudnative-pg#2940).
• Elimination of the use of the PGPASSFILE environment variable when establishing a network connection to PostgreSQL (cloudnative-pg#3522).
• Improved cnpg report plugin command by collecting a cluster's PVCs (cloudnative-pg#3357).
• Enhancement of the cnpg status plugin command, providing information about managed roles, including alerts (cloudnative-pg#3310).
• Introduction of Red Hat UBI 8 container images for the operator, suitable for OLM deployments.
• Connection pooler:
  • Scaling down instances of a Pooler resource to 0 is now possible (cloudnative-pg#3517).
  • Addition of the cnpg.io/podRole label with a value of 'pooler' to every pooler deployment, differentiating them from instance pods (cloudnative-pg#3396).

Fixes

• Reconciliation of metadata, annotations, and labels of PodDisruptionBudget resources (cloudnative-pg#3312 and cloudnative-pg#3434).
• Reconciliation of the metadata of the managed credential secrets (cloudnative-pg#3316).
• Resolution of a bug in the backup snapshot code where an error reading the body would be handled as an overall error, leaving the backup process indefinitely stuck (cloudnative-pg#3321).
• Implicit setting of online backup with the cnpg backup plugin command when either immediate-checkpoint or wait-for-archive options are requested (cloudnative-pg#3449).
• Disabling of wal_sender_timeout when joining through pg_basebackup (cloudnative-pg#3586)
• Reloading of secrets used by external clusters (cloudnative-pg#3565)
• Connection pooler:
  • Ensuring the controller watches all secrets owned by a Pooler resource (cloudnative-pg#3428).
  • Reconciliation of RoleBinding for Pooler resources (cloudnative-pg#3391).
  • Reconciliation of imagePullSecret for Pooler resources (cloudnative-pg#3389).
  • Reconciliation of the service of a Pooler and addition of the required labels (cloudnative-pg#3349).
  • Extension of Pooler labels to the deployment as well, not just the pods (cloudnative-pg#3350).

Changes

• Default operand image set to PostgreSQL 16.1 (cloudnative-pg#3270).
• The ALTER SYSTEM command is now disabled by default (cloudnative-pg#3545).

Release 1.21.2

Release date: Dec 21, 2023

Security

• By default, TLSv1.3 is now enforced on all PostgreSQL 12 or higher installations. Additionally, users can configure the ssl_ciphers, ssl_min_protocol_version, and ssl_max_protocol_version GUCs (cloudnative-pg#3408).
• Integration of Docker image scanning with Dockle and Snyk to enhance security measures (cloudnative-pg#3300).

Enhancements

• Improved reconciliation of external clusters (cloudnative-pg#3533).
• Introduction of the ability to enable/disable the ALTER SYSTEM command (cloudnative-pg#3535).
• Support for Prometheus' dynamic relabeling through the podMonitorMetricRelabelings and podMonitorRelabelings options in the .spec.monitoring stanza of the Cluster and Pooler resources (cloudnative-pg#3075).
• Enhanced computation of the first recoverability point and last successful backup by considering volume snapshots alongside object-store backups (cloudnative-pg#2940).
• Elimination of the use of the PGPASSFILE environment variable when establishing a network connection to PostgreSQL (cloudnative-pg#3522).
• Improved cnpg report plugin command by collecting a cluster's PVCs (cloudnative-pg#3357).
• Enhancement of the cnpg status plugin command, providing information about managed roles, including alerts (cloudnative-pg#3310).
• Introduction of Red Hat UBI 8 container images for the operator, suitable for OLM deployments.
• Connection pooler:
  • Scaling down instances of a Pooler resource to 0 is now possible (cloudnative-pg#3517).
  • Addition of the cnpg.io/podRole label with a value of 'pooler' to every pooler deployment, differentiating them from instance pods (cloudnative-pg#3396).

Fixes

• Reconciliation of metadata, annotations, and labels of PodDisruptionBudget resources (cloudnative-pg#3312 and cloudnative-pg#3434).
• Reconciliation of the metadata of the managed credential secrets (cloudnative-pg#3316).
• Resolution of a bug in the backup snapshot code where an error reading the body would be handled as an overall error, leaving the backup process indefinitely stuck (cloudnative-pg#3321).
• Implicit setting of online backup with the cnpg backup plugin command when either immediate-checkpoint or wait-for-archive options are requested (cloudnative-pg#3449).
• Disabling of wal_sender_timeout when joining through pg_basebackup (cloudnative-pg#3586)
• Reloading of secrets used by external clusters (cloudnative-pg#3565)
• Connection pooler:
  • Ensuring the controller watches all secrets owned by a Pooler resource (cloudnative-pg#3428).
  • Reconciliation of RoleBinding for Pooler resources (cloudnative-pg#3391).
  • Reconciliation of imagePullSecret for Pooler resources (cloudnative-pg#3389).
  • Reconciliation of the service of a Pooler and addition of the required labels (cloudnative-pg#3349).
  • Extension of Pooler labels to the deployment as well, not just the pods (cloudnative-pg#3350).

Changes

• Default operand image set to PostgreSQL 16.1 (cloudnative-pg#3270).