Release notes for CloudNativePG 1.17 ==================================== History of user-visible changes in the 1.17 minor release of CloudNativePG. For a complete list of changes, please refer to the `commits `_ on the release branch in GitHub. Version 1.17.5 -------------- **Release date:** March 20, 2023 .. Warning:: This is expected to be the last release in the 1.17.X series. Users are encouraged to update to a newer minor version soon.   Enhancements: - Extend the ``debug`` cluster’s log level to the ``initdb`` job (#1503) - Support IPv6 and custom ``pg_hba`` for the PgBouncer pooler (#1395) - Document API calls from the instance manager (#1641) - Clarify deployment name via Helm (#1505) - Add the ``psql`` command to the ``cnpg`` plugin for ``kubectl`` (#1668) allowing the user to start a ``psql`` session with a pod (the primary by default) Technical enhancements: - Adopt Renovate for dependency tracking/updating (#1367, #1473) Fixes: - Prevent panic with error handling in the probes (#1716) - Properly show WAL archiving information with ``status`` command of the ``cnpg`` plugin (#1666) Version 1.17.4 -------------- **Release date:** Feb 14, 2023 Features: - Support for Kubernetes’ projected volumes (#1269) - Support custom environment variables for finer control of the PostgreSQL server process (#1275) Enhancements: - Introduce the ``backup`` command in the ``cnpg`` plugin for ``kubectl`` to issue a new base backup of the cluster (#1348) - Add a database comment on the ``streaming_replica`` user (#1349) - Document the firewall issues with webhooks on GKE (#1364) - Add note about postgresql.conf in ``recovery`` (#1211) - Add instructions on installing plugin using packages (#1357) - Specify Postgres versions supported by each minor release (#1355) - Clarify the meaning of PVC group in CloudNativePG (#1344) - Add an example of the DigitalOcean S3-compatible Spaces (#1289) Technical enhancements: - Added daily end-to-end smoke test for release branches (#1235) Fixes: - Ensure that the PVC roles are always consistent (#1380) - Permit ``walStorage`` resize when using ``pvcTemplate`` (#1315) - Avoid ``PodMonitor`` reconcile if Prometheus is not installed (#1238) - Avoid looking for ``PodMonitor`` when not needed (#1213) Version 1.17.3 -------------- **Release date:** Dec 21, 2022 Important announcements: - Recognizing Armando Ruocco (@armru) as a new CloudNativePG maintainer for his consistent and impactful contributions (#1167) - Remove ARMv7 support (#1092) - FINAL patch release for 1.16: 1.16.5. Release 1.16 reaches end of life. Enhancements: - Improve compatibility with Istio: add support for Istio’s quit endpoint so that jobs with Istio sidecars do not run indefinitely (#967) - Add rpm/deb package for kubectl-cnpg plugin (#1008) - Update default PostgreSQL version for new cluster definitions to 15.1 (#908) - Documentation - Remove references to CNPG sandbox (#1120) - the CNPG sandbox has been deprecated, in favor of instructions on monitoring in the Quickstart documentation - Link to the “Release updates” discussion (#1148) - the release updates discussion will become the default channel for release announcements and discussions - Document emeritus status for maintainers in GOVERNANCE.md (#1033) - explains how maintainers should proceed if they are not ready to continue contributing - Improve instructions on creating pull requests (#1132) - Troubleshooting emergency backup instructions (#1184) - Cover the Kubernetes layer in greater detail in the Architecture documentation (#1432) Fixes: - Ensure PGDATA permissions on bootstrap are properly set to 750 (#1164) - Ensure the PVC containing WALs is deleted when scaling down the cluster (#1135) - Ensure that we create secrets and services only when not found (#1145) - Respect configured pg-wal when restoring (#1216) - Filter out replicas from nodeToClusters map (#1194) Technical enhancements: - Use ``ciclops`` for test summary (#1064): rely on the ciclops GitHub action to provide summaries of the E2E suite, inheriting improvements from that project - Add backport pull request workflow (#965) - automatically backport patches to release branches if they are so annotated - Make the operator log level configurable in e2e test suite (#1094) - Enable test execution based on labels (#951) - Update Go version from 1.18 to 1.19 (#1166) Version 1.17.2 -------------- **Release date:** Nov 10, 2022 Security: - Add ``SeccomProfile`` to Pods and Containers (#888) Enhancements: - ``status`` command for the ``cnpg`` plugin: - Clarify display for fenced clusters (#886) - Improve display for replica clusters (#871) - Documentation: - Improve monitoring page, providing instructions on how to evaluate the observability capabilities of CloudNativePG on a local system using Prometheus and Grafana (#968) - Add page on design reasons for custom controller (#918) - Set PostgreSQL 15.0 as the new default version (#821) Fixes: - Import a database with ``plpgsql`` functions (#974) - Properly find the closest backup when doing Point-in-time recovery (#949) - Clarify that the ``ScheduledBackup`` format does not follow Kubernetes ``CronJob`` format (#883) - Bases the failover logic on the Postgres information from the instance manager, rather than Kubernetes pod readiness, which could be stale (#890) - Ensure we have a WAL to archive for every newly created cluster. The lack could prevent backups from working (#897) - Correct YAML key names for ``barmanObjectStore`` in documentation (#877) - Fix ``krew`` release (#866) Version 1.17.1 -------------- **Release date:** Oct 6, 2022 Enhancements: - Introduce ``leaseDuration`` and ``renewDeadline`` parameters in the controller manager to enhance configuration of the leader election in operator deployments (#759) - Improve the mechanism that checks that the backup object store is empty before archiving a WAL file for the first time: a new file called ``.check-empty-wal-archive`` is placed in the ``PGDATA`` immediately after the cluster is bootstrapped and it is then removed after the first WAL file is successfully archived Security: - Explicitly set permissions of the instance manager binary that is copied in the ``distroless/static:nonroot`` container image, by using the ``nonroot:nonroot`` user (#754) Fixes: - Drop any active connection on a standby after it is promoted to primary (#737) - Honor ``MAPPEDMETRIC`` and ``DURATION`` metric types conversion in the native Prometheus exporter (#765) - Ensure that timestamps that are specified with microsecond precision using the PostgreSQL format are correctly parsed (#741) Version 1.17.0 -------------- **Release date:** Sep 6, 2022 (minor release) Features: - **Separate volume for WAL files:** Support for separating Write Ahead Log (WAL) and database data files onto different disks, potentially leading to better performance on high write systems by easing I/O load on the data directory. This option is controlled with the introduction of the optional ``walStorage`` section to separate WAL files (``pg_wal`` ) in a dedicated volume, separate from the ``PGDATA`` defined in the main and mandatory ``storage`` section (#513). Current limitations: ``walStorage`` can only be set at cluster creation and cannot be added or removed when the cluster is up and running. Enhancements: - Enable configuration of low-level network TCP settings in the PgBouncer connection pooler implementation (#584) - Make sure that the ``cnpg.io/instanceName`` and the ``cnpg.io/podRole`` labels are always present on pods and PVCs (#632 and #680) - Propagate the ``role`` label of an instance to the underlying PVC (#634) - Introduce the ``kubectl cnpg destroy`` command to help remove an instance and all the associated PVCs (#643) Fixes: - Use ``shared_preload_libraries`` when bootstrapping the new cluster’s primary (#642) - Prevent multiple in-place upgrade processes of the operator from running simultaneously by atomically checking whether another one is in progress (#655) - Avoid using a hardcoded file name to store the newly uploaded instance manager, preventing a possible race condition during online upgrades of the operator (#660) - Prevent a panic from happening when invoking ``GetAllAccessibleDatabases`` (#641)