From 3537d06c550183b2524519f881dd0d7b91b2b2d4 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Thu, 5 Feb 2026 19:37:16 +0000 Subject: [PATCH] chore: Update manifests after automerge --- .../ClusterRole-cloudnative-pg-edit.yaml | 4 +- .../ClusterRole-cloudnative-pg-view.yaml | 4 +- .../ClusterRole-cloudnative-pg.yaml | 4 +- .../ClusterRoleBinding-cloudnative-pg.yaml | 4 +- ...figMap-cnpg-controller-manager-config.yaml | 4 +- .../ConfigMap-cnpg-default-monitoring.yaml | 150 +++++++++--------- ...Definition-backups.postgresql.cnpg.io.yaml | 14 +- ...usterimagecatalogs.postgresql.cnpg.io.yaml | 2 +- ...efinition-clusters.postgresql.cnpg.io.yaml | 47 +++++- ...finition-databases.postgresql.cnpg.io.yaml | 2 +- ...on-failoverquorums.postgresql.cnpg.io.yaml | 2 +- ...tion-imagecatalogs.postgresql.cnpg.io.yaml | 2 +- ...Definition-poolers.postgresql.cnpg.io.yaml | 73 ++++++++- ...ition-publications.postgresql.cnpg.io.yaml | 2 +- ...n-scheduledbackups.postgresql.cnpg.io.yaml | 2 +- ...tion-subscriptions.postgresql.cnpg.io.yaml | 2 +- .../Deployment-cloudnative-pg.yaml | 20 +-- ...n-cnpg-mutating-webhook-configuration.yaml | 4 +- .../PodMonitor-cloudnative-pg.yaml | 4 +- .../Service-cnpg-webhook-service.yaml | 4 +- .../ServiceAccount-cloudnative-pg.yaml | 4 +- ...cnpg-validating-webhook-configuration.yaml | 4 +- 22 files changed, 232 insertions(+), 126 deletions(-) diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-edit.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-edit.yaml index 04fca0d2b..dd4ffbbf1 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-edit.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-edit.yaml @@ -3,10 +3,10 @@ kind: ClusterRole metadata: name: cloudnative-pg-edit labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm rules: - apiGroups: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-view.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-view.yaml index f0a7774e3..3aba49527 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-view.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-view.yaml @@ -3,10 +3,10 @@ kind: ClusterRole metadata: name: cloudnative-pg-view labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm rules: - apiGroups: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg.yaml index fc86aaa91..9527b795e 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg.yaml @@ -3,10 +3,10 @@ kind: ClusterRole metadata: name: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm rules: - apiGroups: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg.yaml index 31cd3a8ca..bebd852f3 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg.yaml @@ -3,10 +3,10 @@ kind: ClusterRoleBinding metadata: name: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-controller-manager-config.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-controller-manager-config.yaml index 12812c582..88539d8ba 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-controller-manager-config.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-controller-manager-config.yaml @@ -4,9 +4,9 @@ metadata: name: cnpg-controller-manager-config namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm data: {} diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-default-monitoring.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-default-monitoring.yaml index 863cd9249..66823f18f 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-default-monitoring.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-default-monitoring.yaml @@ -4,40 +4,40 @@ metadata: name: cnpg-default-monitoring namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm cnpg.io/reload: "" data: queries: | backends: query: | - SELECT sa.datname - , sa.usename - , sa.application_name - , states.state - , COALESCE(sa.count, 0) AS total - , COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds - FROM ( VALUES ('active') - , ('idle') - , ('idle in transaction') - , ('idle in transaction (aborted)') - , ('fastpath function call') - , ('disabled') - ) AS states(state) - LEFT JOIN ( - SELECT datname - , state - , usename - , COALESCE(application_name, '') AS application_name - , COUNT(*) - , COALESCE(EXTRACT (EPOCH FROM (max(now() - xact_start))), 0) AS max_tx_secs - FROM pg_catalog.pg_stat_activity - GROUP BY datname, state, usename, application_name - ) sa ON states.state = sa.state - WHERE sa.usename IS NOT NULL + SELECT sa.datname + , sa.usename + , sa.application_name + , states.state + , COALESCE(sa.count, 0) AS total + , COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds + FROM ( VALUES ('active') + , ('idle') + , ('idle in transaction') + , ('idle in transaction (aborted)') + , ('fastpath function call') + , ('disabled') + ) AS states(state) + LEFT JOIN ( + SELECT datname + , state + , usename + , COALESCE(application_name, '') AS application_name + , COUNT(*) + , COALESCE(EXTRACT (EPOCH FROM (max(now() - xact_start))), 0) AS max_tx_secs + FROM pg_catalog.pg_stat_activity + GROUP BY datname, state, usename, application_name + ) sa ON states.state = sa.state + WHERE sa.usename IS NOT NULL metrics: - datname: usage: "LABEL" @@ -60,22 +60,22 @@ data: backends_waiting: query: | - SELECT count(*) AS total - FROM pg_catalog.pg_locks blocked_locks - JOIN pg_catalog.pg_locks blocking_locks - ON blocking_locks.locktype = blocked_locks.locktype - AND blocking_locks.database IS NOT DISTINCT FROM blocked_locks.database - AND blocking_locks.relation IS NOT DISTINCT FROM blocked_locks.relation - AND blocking_locks.page IS NOT DISTINCT FROM blocked_locks.page - AND blocking_locks.tuple IS NOT DISTINCT FROM blocked_locks.tuple - AND blocking_locks.virtualxid IS NOT DISTINCT FROM blocked_locks.virtualxid - AND blocking_locks.transactionid IS NOT DISTINCT FROM blocked_locks.transactionid - AND blocking_locks.classid IS NOT DISTINCT FROM blocked_locks.classid - AND blocking_locks.objid IS NOT DISTINCT FROM blocked_locks.objid - AND blocking_locks.objsubid IS NOT DISTINCT FROM blocked_locks.objsubid - AND blocking_locks.pid != blocked_locks.pid - JOIN pg_catalog.pg_stat_activity blocking_activity ON blocking_activity.pid = blocking_locks.pid - WHERE NOT blocked_locks.granted + SELECT count(*) AS total + FROM pg_catalog.pg_locks blocked_locks + JOIN pg_catalog.pg_locks blocking_locks + ON blocking_locks.locktype = blocked_locks.locktype + AND blocking_locks.database IS NOT DISTINCT FROM blocked_locks.database + AND blocking_locks.relation IS NOT DISTINCT FROM blocked_locks.relation + AND blocking_locks.page IS NOT DISTINCT FROM blocked_locks.page + AND blocking_locks.tuple IS NOT DISTINCT FROM blocked_locks.tuple + AND blocking_locks.virtualxid IS NOT DISTINCT FROM blocked_locks.virtualxid + AND blocking_locks.transactionid IS NOT DISTINCT FROM blocked_locks.transactionid + AND blocking_locks.classid IS NOT DISTINCT FROM blocked_locks.classid + AND blocking_locks.objid IS NOT DISTINCT FROM blocked_locks.objid + AND blocking_locks.objsubid IS NOT DISTINCT FROM blocked_locks.objsubid + AND blocking_locks.pid != blocked_locks.pid + JOIN pg_catalog.pg_stat_activity blocking_activity ON blocking_activity.pid = blocking_locks.pid + WHERE NOT blocked_locks.granted metrics: - total: usage: "GAUGE" @@ -113,16 +113,17 @@ data: description: "Time at which postgres started (based on epoch)" pg_replication: - query: "SELECT CASE WHEN ( - NOT pg_catalog.pg_is_in_recovery() - OR pg_catalog.pg_last_wal_receive_lsn() = pg_catalog.pg_last_wal_replay_lsn()) - THEN 0 - ELSE GREATEST (0, - EXTRACT(EPOCH FROM (now() - pg_catalog.pg_last_xact_replay_timestamp()))) - END AS lag, - pg_catalog.pg_is_in_recovery() AS in_recovery, - EXISTS (TABLE pg_stat_wal_receiver) AS is_wal_receiver_up, - (SELECT count(*) FROM pg_catalog.pg_stat_replication) AS streaming_replicas" + query: | + SELECT CASE WHEN ( + NOT pg_catalog.pg_is_in_recovery() + OR pg_catalog.pg_last_wal_receive_lsn() = pg_catalog.pg_last_wal_replay_lsn()) + THEN 0 + ELSE GREATEST (0, + EXTRACT(EPOCH FROM (now() - pg_catalog.pg_last_xact_replay_timestamp()))) + END AS lag, + pg_catalog.pg_is_in_recovery() AS in_recovery, + EXISTS (TABLE pg_stat_wal_receiver) AS is_wal_receiver_up, + (SELECT count(*) FROM pg_catalog.pg_stat_replication) AS streaming_replicas metrics: - lag: usage: "GAUGE" @@ -178,6 +179,9 @@ data: , COALESCE(CAST(CAST('x'||pg_catalog.right(pg_catalog.split_part(last_failed_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_failed_wal_start_lsn , EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time FROM pg_catalog.pg_stat_archiver + predicate_query: | + SELECT NOT pg_catalog.pg_is_in_recovery() + OR pg_catalog.current_setting('archive_mode') = 'always' metrics: - archived_count: usage: "COUNTER" @@ -390,20 +394,20 @@ data: pg_stat_replication: primary: true query: | - SELECT usename - , COALESCE(application_name, '') AS application_name - , COALESCE(client_addr::text, '') AS client_addr - , COALESCE(client_port::text, '') AS client_port - , EXTRACT(EPOCH FROM backend_start) AS backend_start - , COALESCE(pg_catalog.age(backend_xmin), 0) AS backend_xmin_age - , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), sent_lsn) AS sent_diff_bytes - , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), write_lsn) AS write_diff_bytes - , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), flush_lsn) AS flush_diff_bytes - , COALESCE(pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), replay_lsn),0) AS replay_diff_bytes - , COALESCE((EXTRACT(EPOCH FROM write_lag)),0)::float AS write_lag_seconds - , COALESCE((EXTRACT(EPOCH FROM flush_lag)),0)::float AS flush_lag_seconds - , COALESCE((EXTRACT(EPOCH FROM replay_lag)),0)::float AS replay_lag_seconds - FROM pg_catalog.pg_stat_replication + SELECT usename + , COALESCE(application_name, '') AS application_name + , COALESCE(client_addr::text, '') AS client_addr + , COALESCE(client_port::text, '') AS client_port + , EXTRACT(EPOCH FROM backend_start) AS backend_start + , COALESCE(pg_catalog.age(backend_xmin), 0) AS backend_xmin_age + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), sent_lsn) AS sent_diff_bytes + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), write_lsn) AS write_diff_bytes + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), flush_lsn) AS flush_diff_bytes + , COALESCE(pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), replay_lsn),0) AS replay_diff_bytes + , COALESCE((EXTRACT(EPOCH FROM write_lag)),0)::float AS write_lag_seconds + , COALESCE((EXTRACT(EPOCH FROM flush_lag)),0)::float AS flush_lag_seconds + , COALESCE((EXTRACT(EPOCH FROM replay_lag)),0)::float AS replay_lag_seconds + FROM pg_catalog.pg_stat_replication metrics: - usename: usage: "LABEL" @@ -463,13 +467,13 @@ data: pg_extensions: query: | SELECT - current_database() as datname, - name as extname, - default_version, - installed_version, - CASE - WHEN default_version = installed_version THEN 0 - ELSE 1 + current_database() as datname, + name as extname, + default_version, + installed_version, + CASE + WHEN default_version = installed_version THEN 0 + ELSE 1 END AS update_available FROM pg_catalog.pg_available_extensions WHERE installed_version IS NOT NULL diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-backups.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-backups.postgresql.cnpg.io.yaml index a092d5126..569d677be 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-backups.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-backups.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: backups.postgresql.cnpg.io spec: @@ -211,6 +211,11 @@ spec: - key - name type: object + useDefaultAzureCredentials: + description: |- + Use the default Azure authentication flow, which includes DefaultAzureCredential. + This allows authentication using environment variables and managed identities. + type: boolean type: object backupId: description: The ID of the Barman backup @@ -304,6 +309,13 @@ spec: podName: description: The pod name type: string + sessionID: + description: |- + The instance manager session ID. This is a unique identifier generated at instance manager + startup and changes on every restart (including container reboots). Used to detect if + the instance manager was restarted during long-running operations like backups, which + would terminate any running backup process. + type: string type: object majorVersion: description: |- diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusterimagecatalogs.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusterimagecatalogs.postgresql.cnpg.io.yaml index 4977e56e8..6fb9038ab 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusterimagecatalogs.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusterimagecatalogs.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: clusterimagecatalogs.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusters.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusters.postgresql.cnpg.io.yaml index 1d9d63909..fed2aa858 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusters.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusters.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: clusters.postgresql.cnpg.io spec: @@ -984,9 +984,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -1077,6 +1078,11 @@ spec: - key - name type: object + useDefaultAzureCredentials: + description: |- + Use the default Azure authentication flow, which includes DefaultAzureCredential. + This allows authentication using environment variables and managed identities. + type: boolean type: object data: description: |- @@ -1908,7 +1914,9 @@ spec: description: The target timeline ("latest" or a positive integer) type: string targetTime: - description: The target time as a timestamp in the RFC3339 standard + description: |- + The target time as a timestamp in RFC3339 format or PostgreSQL timestamp format. + Timestamps without an explicit timezone are interpreted as UTC. type: string targetXID: description: The target transaction ID @@ -2410,7 +2418,7 @@ spec: resources: description: |- resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources @@ -2607,6 +2615,11 @@ spec: - key - name type: object + useDefaultAzureCredentials: + description: |- + Use the default Azure authentication flow, which includes DefaultAzureCredential. + This allows authentication using environment variables and managed identities. + type: boolean type: object data: description: |- @@ -4267,7 +4280,7 @@ spec: name: description: The name of the extension, required minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + pattern: ^[a-z0-9]([-a-z0-9_]*[a-z0-9])?$ type: string required: - image @@ -5020,6 +5033,24 @@ spec: signerName: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec.unverifiedUserAnnotations` field of + the PodCertificateRequest objects that Kubelet creates. + + Entries are subject to the same validation as object metadata annotations, + with the addition that all keys must be domain-prefixed. No restrictions + are placed on values, except an overall size limitation on the entire field. + + Signers should document the keys and values they support. Signers should + deny requests that contain keys they do not recognize. + type: object required: - keyType - signerName @@ -5645,7 +5676,7 @@ spec: resources: description: |- resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources @@ -5892,7 +5923,7 @@ spec: resources: description: |- resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources @@ -6291,7 +6322,7 @@ spec: resources: description: |- resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-databases.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-databases.postgresql.cnpg.io.yaml index 731492429..688563a64 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-databases.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-databases.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: databases.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-failoverquorums.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-failoverquorums.postgresql.cnpg.io.yaml index e98e90b4c..ddd598f6f 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-failoverquorums.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-failoverquorums.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: failoverquorums.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-imagecatalogs.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-imagecatalogs.postgresql.cnpg.io.yaml index a0dfeddbb..564e856fe 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-imagecatalogs.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-imagecatalogs.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: imagecatalogs.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-poolers.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-poolers.postgresql.cnpg.io.yaml index e6a612298..3edd40b64 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-poolers.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-poolers.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: poolers.postgresql.cnpg.io spec: @@ -2519,7 +2519,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. properties: @@ -5592,7 +5594,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. properties: @@ -6353,8 +6357,8 @@ spec: will be made available to those containers which consume them by name. - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. + This is a stable field but requires that the + DynamicResourceAllocation feature gate is enabled. This field is immutable. items: @@ -6806,9 +6810,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -7563,7 +7568,7 @@ spec: resources: description: |- resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources @@ -8398,6 +8403,24 @@ spec: signerName: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec.unverifiedUserAnnotations` field of + the PodCertificateRequest objects that Kubelet creates. + + Entries are subject to the same validation as object metadata annotations, + with the addition that all keys must be domain-prefixed. No restrictions + are placed on values, except an overall size limitation on the entire field. + + Signers should document the keys and values they support. Signers should + deny requests that contain keys they do not recognize. + type: object required: - keyType - signerName @@ -8807,6 +8830,42 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + workloadRef: + description: |- + WorkloadRef provides a reference to the Workload object that this Pod belongs to. + This field is used by the scheduler to identify the PodGroup and apply the + correct group scheduling policies. The Workload object referenced + by this field may not exist at the time the Pod is created. + This field is immutable, but a Workload object with the same name + may be recreated with different policies. Doing this during pod scheduling + may result in the placement not conforming to the expected policies. + properties: + name: + description: |- + Name defines the name of the Workload object this Pod belongs to. + Workload must be in the same namespace as the Pod. + If it doesn't match any existing Workload, the Pod will remain unschedulable + until a Workload object is created and observed by the kube-scheduler. + It must be a DNS subdomain. + type: string + podGroup: + description: |- + PodGroup is the name of the PodGroup within the Workload that this Pod + belongs to. If it doesn't match any existing PodGroup within the Workload, + the Pod will remain unschedulable until the Workload object is recreated + and observed by the kube-scheduler. It must be a DNS label. + type: string + podGroupReplicaKey: + description: |- + PodGroupReplicaKey specifies the replica key of the PodGroup to which this + Pod belongs. It is used to distinguish pods belonging to different replicas + of the same pod group. The pod group policy is applied separately to each replica. + When set, it must be a DNS label. + type: string + required: + - name + - podGroup + type: object required: - containers type: object diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-publications.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-publications.postgresql.cnpg.io.yaml index c66e62dba..d21395698 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-publications.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-publications.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: publications.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-scheduledbackups.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-scheduledbackups.postgresql.cnpg.io.yaml index f59cb59d9..c652a9a49 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-scheduledbackups.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-scheduledbackups.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: scheduledbackups.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-subscriptions.postgresql.cnpg.io.yaml b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-subscriptions.postgresql.cnpg.io.yaml index e88f2e037..113c500c5 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-subscriptions.postgresql.cnpg.io.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-subscriptions.postgresql.cnpg.io.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 helm.sh/resource-policy: keep name: subscriptions.postgresql.cnpg.io spec: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg.yaml b/clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg.yaml index fd723e6e1..0b2e0a43c 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg.yaml @@ -4,10 +4,10 @@ metadata: name: cloudnative-pg namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm spec: replicas: 2 @@ -18,9 +18,9 @@ spec: template: metadata: annotations: - checksum/rbac: 625d3dbff4558ad674205e1cd8555211cddb507d587760354c9c1871e366b859 - checksum/config: ffb213960dde6a3a8cc898d67058389735af67e191de063efd4d39b4e1130db4 - checksum/monitoring-config: 1e0e508ea8c794ca396cd418f9fc622311e161e94283828fa8b61896a86f60c9 + checksum/rbac: f56b7f8a804f170d0321013a76b6986d87676d3d2686ab6e516c78728c914633 + checksum/config: a9a8db623df05650079bba7bb18a20557d311139de2c1115f8a80327aefa16b5 + checksum/monitoring-config: 76f52b5d508cf7d22063ef07656ad78f7277ee177de83e23b5b06f7f54ebc924 labels: app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg @@ -36,19 +36,19 @@ spec: - /manager env: - name: OPERATOR_IMAGE_NAME - value: "ghcr.io/cloudnative-pg/cloudnative-pg:1.28.0" + value: "ghcr.io/cloudnative-pg/cloudnative-pg:1.28.1" - name: OPERATOR_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: MONITORING_QUERIES_CONFIGMAP value: "cnpg-default-monitoring" - image: "ghcr.io/cloudnative-pg/cloudnative-pg:1.28.0" + image: "ghcr.io/cloudnative-pg/cloudnative-pg:1.28.1" imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /readyz - port: 9443 + port: webhook-server scheme: HTTPS initialDelaySeconds: 3 name: manager @@ -62,7 +62,7 @@ spec: readinessProbe: httpGet: path: /readyz - port: 9443 + port: webhook-server scheme: HTTPS initialDelaySeconds: 3 resources: {} @@ -80,7 +80,7 @@ spec: failureThreshold: 6 httpGet: path: /readyz - port: 9443 + port: webhook-server scheme: HTTPS periodSeconds: 5 volumeMounts: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml b/clusters/cl01tl/manifests/cloudnative-pg/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml index 35f8c9ce2..e9ef005b2 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml @@ -3,10 +3,10 @@ kind: MutatingWebhookConfiguration metadata: name: cnpg-mutating-webhook-configuration labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm webhooks: - admissionReviewVersions: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/PodMonitor-cloudnative-pg.yaml b/clusters/cl01tl/manifests/cloudnative-pg/PodMonitor-cloudnative-pg.yaml index 71f4431f4..10ad74528 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/PodMonitor-cloudnative-pg.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/PodMonitor-cloudnative-pg.yaml @@ -4,10 +4,10 @@ metadata: name: cloudnative-pg namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm spec: selector: diff --git a/clusters/cl01tl/manifests/cloudnative-pg/Service-cnpg-webhook-service.yaml b/clusters/cl01tl/manifests/cloudnative-pg/Service-cnpg-webhook-service.yaml index 48e5432ac..a4210195c 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/Service-cnpg-webhook-service.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/Service-cnpg-webhook-service.yaml @@ -4,10 +4,10 @@ metadata: name: cnpg-webhook-service namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg.yaml index 1577c7d93..6351115e5 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg.yaml @@ -4,8 +4,8 @@ metadata: name: cloudnative-pg namespace: cloudnative-pg labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/cloudnative-pg/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yaml b/clusters/cl01tl/manifests/cloudnative-pg/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yaml index 2645fd317..66b692c55 100644 --- a/clusters/cl01tl/manifests/cloudnative-pg/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yaml +++ b/clusters/cl01tl/manifests/cloudnative-pg/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yaml @@ -3,10 +3,10 @@ kind: ValidatingWebhookConfiguration metadata: name: cnpg-validating-webhook-configuration labels: - helm.sh/chart: cloudnative-pg-0.27.0 + helm.sh/chart: cloudnative-pg-0.27.1 app.kubernetes.io/name: cloudnative-pg app.kubernetes.io/instance: cloudnative-pg - app.kubernetes.io/version: "1.28.0" + app.kubernetes.io/version: "1.28.1" app.kubernetes.io/managed-by: Helm webhooks: - admissionReviewVersions: -- 2.49.1