Merge pull request #268 from anynines/develop

Cut a new a8s-Deployment Release [v0.3.0]
anynines · May 24, 2023 · f4b7ccf · f4b7ccf
2 parents d954d0f + 60daf1e
commit f4b7ccf
Show file tree

Hide file tree

Showing 46 changed files with 2,827 additions and 3,382 deletions.
diff --git a/.github/workflows/update-container-images.yaml b/.github/workflows/update-container-images.yaml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,73 @@ All notable changes to the a9s Dataservices on Kubernetes will be documented
 here, the format is based on [Keep a
 Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [0.3.0] - 2023-05-15
+### Migration Instructions
+* If you use the extensions feature, delete the stateful set objects (**not the PostgreSQL objects**)
+for instances that use extensions. Your data will be preserved, and the stateful sets will
+automatically be recreated.
+* Remove old finalizer `postgresql.operator.a8s.anynines.com` from all PostgreSQL objects.
+* Migrate all `v1alpha1` PostgreSQL custom resources to `v1beta3` before migrating to v0.3.0, as PostgreSQL
+version `v1alpha1` will not be available in v0.3.0.
+
+### Added
+
+* Protect PostgreSQL secrets against accidental or unwanted deletion by adding a finalizer.
+* Protect ServiceBinding secret against accidental or unwanted deletion by adding a finalizer.
+* Add optional read-only service to the PostgreSQL-Operator. The read-only service can be used
+  to distribute the load of read operations across the PostgreSQL instance. It can be enabled via
+  the optional `enableReadOnlyService` field on the Custom Resource.
+* Add field `spec.resources.claims` to the PostgreSQL CRD to allow configuring
+  dynamic resources for the PostgreSQL instance Pods. This feature is in alpha,
+  is implemented only on K8s clusters with version 1.26 or higher and the
+  feature gate DynamicResourceAllocation enabled.
+* Add field `spec.expose` to expose a PostgreSQL instance to outside the K8s cluster where it runs.
+
+### Changed
+
+* Updated description of `NamespacedName` in servicebinding.
+* Deletion of PostgreSQL instance pods now runs in parallel, improving the deletion time in high
+  availability setups.
+* In the Postgresql CRD, the description of the `namespaceSelector` field (which is one of the many
+  fields that control pod affinity and anti-affinity) has been updated to reflect the fact that the
+  field has graduated from beta to stable (in Kubernetes v1.24).
+* **Breaking change:** PostgreSQL CRD has been updated with the following:
+  * `spec.parameters.maxConnections` has a minimum value of 1 and a maximum value
+    of 262143 enforced.
+  * `spec.parameters.maxReplicationSlots` has a minimum value of 0 and a maximum
+    value of 262143 enforced.
+  * `spec.parameters.maxWALSenders` has a minimum value of 0 and a maximum value
+    of 262143 enforced.
+  * `spec.parameters.sharedBuffers` has a minimum value of 16 and a maximum value
+    of 1073741823 enforced.
+  * `spec.parameters.statementTimeoutMillis` has a minimum value of 0 and a
+    maximum value of 2147483647 enforced.
+  > Attempts to create a PostgreSQL API object with one or more values not
+    compliant with the min and max listed above will be rejected with an error by
+    the K8s API server.
+* **Breaking change**: Postgresql-controllers finalizer has been updated from 
+  `postgresql.operator.a8s.anynines.com` to `a8s.anynines.com/postgresql.operator`.
+* **Breaking change**: Postgresql-operator now uses an emptyDir instead of a persistent volume.
+* **Breaking change**: The field `postgresConfiguration` has been renamed to
+  `parameters` in API Version `v1beta3`.
+* Make the secrets that store the credentials of the admin and replication roles
+  of each PostgreSQL instance immutable. Preventing changes to credentials
+  protects against accidental (or unwanted) updates that could cause service
+  outages and improves performance by significantly reducing load on
+  kube-apiserver for clusters that make extensive use of secrets.
+* Make service binding secrets immutable. Preventing changes to credentials
+  protects against accidental (or unwanted) updates that could cause service
+  outages and improves performance by significantly reducing load on
+  kube-apiserver for clusters that make extensive use of secrets.
+* The backup\_agent has been updated, and is now using a smaller image. The new version of the
+  backup\_agent logs to stderr instead of the previously used stdout.
+* Defaulting webhooks have been moved to API version `v1beta3`.
+
+### Removed
+
+* **Breaking change:** PostgreSQL version `v1alpha1` has been removed and is replaced by version 
+`v1beta3`.
+
 ## [0.2.0] - 2022-11-08
 
 ### Added

diff --git a/automation-scripts/update-container-images.sh b/automation-scripts/update-container-images.sh
diff --git a/deploy/a8s/backup-config/kustomization.yaml b/deploy/a8s/backup-config/kustomization.yaml
@@ -15,5 +15,3 @@ secretGenerator:
   - ./access-key-id
   - ./secret-access-key
   - ./encryption-password
-generatorOptions:
-  disableNameSuffixHash: true