fix(deps): update module github.com/cloudnative-pg/cloudnative-pg to v1.27.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/cloudnative-pg/cloudnative-pg	v1.25.1 -> v1.27.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cloudnative-pg/cloudnative-pg (github.com/cloudnative-pg/cloudnative-pg)

v1.27.1

Compare Source

Release date: Oct 23, 2025

Changes

• Delayed the decommissioning of native in-core support for Barman Cloud to at least version 1.29. (#​8670)

• Adopted the new format of postgres-containers and postgis-containers images and image catalog artifacts, and updated the default PostgreSQL version to 18.0-system-trixie (PostgreSQL 18 is now supported). (#​8578, #​8760, #​8558)

• Deprecated the monitoring.enablePodMonitor field in the Cluster and Pooler resources. This field will be removed in a future release. Users who rely on PodMonitor resources should create them manually instead. (#​8753)

Enhancements

• Added support for overriding the PgBouncer auth_type, server_tls_sslmode, and client_tls_sslmode settings, which were previously hardcoded. Default values remain consistent with the former behavior but can now be customized when required. (#​8674)

• Added a CHECKPOINT step before PostgreSQL smart and fast shutdowns to reduce shutdown duration and replica promotion time, especially on systems with a high checkpoint_timeout. (#​8867)

• Added a warning in the instance manager for deprecated or unsupported OS versions, based on the official postgres-containers project. (#​8601)

• Improved certificate parsing error reporting. Failures now log specific errors instead of a generic message, aiding troubleshooting. This is particularly relevant after the CVE-2025-58187 fix in Go 1.25.2 and 1.24.8, which may trigger parsing failures for invalid DNS SANs. (#​8801)

• Added a check to ensure the destination WAL archive path is empty when bootstrapping a cluster using the pg_basebackup method, consistent with other bootstrap methods. (#​8895)

• Added validation to prevent backups from running on hibernated clusters. Backups attempted on such clusters now fail with reason ClusterIsHibernated, following the standard prerequisite check pattern. (#​8870)

• Added support for pprof profiling. Instances can now enable the pprof tool by adding the alpha.cnpg.io/enableInstancePprof annotation to the Cluster resource for advanced debugging. (#​7876)

• cnpg plugin:

  • Updated the Flexible I/O Tester (FIO) image to wallnerryan/fiotools-aio:v2, as provided by Ryan Wallner. (#​8847)

  • Enhanced the cnpg status backup command to provide more detailed status information when using a barman-cloud-based backup plugin. (#​8780, #​8690)

Fixes

• Fixed backup restoration failures when using custom WAL segment sizes with parallel WAL recovery. The operator no longer manages the end-of-WAL file marker during restoration, preventing errors when backups span multiple WAL segments. (#​8873)

• Fixed a bug in major upgrades where a volume snapshot from a previous minor version could be incorrectly used to optimize replica creation. (#​8475)

• Fixed initdb to wait for the application user secret before bootstrapping a new cluster, preventing potential race conditions. (#​8663)

• Fixed quorum-based failover to work correctly in clusters with only two instances using synchronous replication. (#​8680)

• Fixed configuration hash calculation to ignore internal configuration fields, preventing unnecessary reconciliations. (#​8868)

• Fixed the connection retry logic in the cnpgi plugin. The reconciliation loop now detects connection pool changes correctly and uses exponential backoff to reduce "closed pool" errors. (#​8554)

• Fixed volume snapshot usage during replica scaling to work with backup plugins. Previously, this optimization was only available with the in-tree backup implementation, but now clusters using backup plugins can also leverage volume snapshots when creating new replicas. (#​8506)

• Fixed the Pooler templating to correctly inherit settings for the bootstrap controller init container. (#​8394)

• Fixed webhook errors to use the correct API group (postgresql.cnpg.io) in Pooler and backup webhooks, ensuring consistent API error reporting. (#​8485)

• Fixed a potential nil pointer dereference in the hibernation reconciler when handling errors. Contributed by @​PascalBourdier. (#​8756)

• Fixed an issue in the environment cache where callers could inadvertently modify shared data. The LoadEnv function now returns a copy of cached environment slices to prevent mutations from affecting the cache. (#​8880)

v1.27.0

Compare Source

Release date: Aug 12, 2025

Important changes:

• The default behavior of the liveness probe has been updated. An isolated primary is now forcibly shut down within the configured livenessProbeTimeout (default: 30 seconds).

Features:

• Dynamic loading of PostgreSQL extensions: Introduced the .spec.postgresql.extensions stanza for mounting PostgreSQL extensions, packaged as OCI-compliant container images, as read-only and immutable volumes inside instance pods. This allows dynamic extension management without rebuilding base images. (#​7991).

• Logical decoding slot synchronization in HA clusters: Added the synchronizeLogicalDecoding field under spec.replicationSlots.highAvailability to enable automatic synchronization of logical decoding slots across high-availability clusters, ensuring logical replication subscribers continue seamlessly after a publisher failover (#​7931).

• Primary Isolation Check: Promoted to stable the liveness pinger experimental feature introduced in 1.26, adding the .spec.probes.liveness.isolationCheck section to enable primary isolation checks in the liveness probe by default. This improves the detection and handling of primary connectivity issues in Kubernetes environments (#​7845).

Enhancements:

• Introduced an opt-in experimental feature that enables quorum-based failover to improve safety and data durability during failover events. This feature, also called failover quorum, can be activated via the alpha.cnpg.io/failoverQuorum annotation. (#​7572).

• Added support for user maps for predefined users such as streaming_replica, allowing the use of self-managed client certificates with different Common Names in environments with strict policies or shared CAs, while still enabling replicas to join clusters using the streaming_replica role (#​7725).

• Added a new PhaseFailurePlugin phase in the Cluster status to improve observability of plugin-related failures (#​7988).

• Made the Backup.spec field immutable after creation, ensuring consistency and predictability in backup operations (#​7904).

• Added fqdn-uri and fqdn-jdbc-uri fields in the user secret to simplify the retrieval of fully qualified domain name-based connection strings (#​7852).

• CNPG-I:

  • Added Postgres interface support to the CNPG-I operator, continuing the transition toward a plugin-based architecture (#​7179).

  • Added metrics capabilities to the CNPG-I instance webserver, enabling metrics exposure directly from the instance for better observability (#​8033).

Fixes

• Unblocked rollouts when migrating to the barman-cloud plugin using the switchover strategy. Former primary Pods now restart correctly after WAL archiving fails due to missing plugin support. (#​8236)

Supported versions

• Kubernetes 1.33, 1.32, and 1.31
• PostgreSQL 17, 16, 15, 14, and 13
  • PostgreSQL 17.5 is the default image
  • PostgreSQL 13 support ends on November 12, 2025

v1.26.2

Compare Source

Release date: Oct 23, 2025

Changes

• Delayed the decommissioning of native in-core support for Barman Cloud to at least version 1.29. (#​8670)

• Adopted the new format of postgres-containers and postgis-containers images and image catalog artifacts, and updated the default PostgreSQL version to 18.0-system-trixie (PostgreSQL 18 is now supported). (#​8578, #​8760, #​8558)

• Deprecated the monitoring.enablePodMonitor field in the Cluster and Pooler resources. This field will be removed in a future release. Users who rely on PodMonitor resources should create them manually instead. (#​8753)

Enhancements

• Added support for overriding the PgBouncer auth_type, server_tls_sslmode, and client_tls_sslmode settings, which were previously hardcoded. Default values remain consistent with the former behavior but can now be customized when required. (#​8674)

• Added a CHECKPOINT step before PostgreSQL smart and fast shutdowns to reduce shutdown duration and replica promotion time, especially on systems with a high checkpoint_timeout. (#​8867)

• Added a warning in the instance manager for deprecated or unsupported OS versions, based on the official postgres-containers project. (#​8601)

• Improved certificate parsing error reporting. Failures now log specific errors instead of a generic message, aiding troubleshooting. This is particularly relevant after the CVE-2025-58187 fix in Go 1.25.2 and 1.24.8, which may trigger parsing failures for invalid DNS SANs. (#​8801)

• Added a check to ensure the destination WAL archive path is empty when bootstrapping a cluster using the pg_basebackup method, consistent with other bootstrap methods. (#​8895)

• Added validation to prevent backups from running on hibernated clusters. Backups attempted on such clusters now fail with reason ClusterIsHibernated, following the standard prerequisite check pattern. (#​8870)

• Added support for pprof profiling. Instances can now enable the pprof tool by adding the alpha.cnpg.io/enableInstancePprof annotation to the Cluster resource for advanced debugging. (#​7876)

• cnpg plugin:

  • Updated the Flexible I/O Tester (FIO) image to wallnerryan/fiotools-aio:v2, as provided by Ryan Wallner. (#​8847)

  • Enhanced the cnpg status backup command to provide more detailed status information when using a barman-cloud-based backup plugin. (#​8780, #​8690)

Fixes

• Fixed backup restoration failures when using custom WAL segment sizes with parallel WAL recovery. The operator no longer manages the end-of-WAL file marker during restoration, preventing errors when backups span multiple WAL segments. (#​8873)

• Fixed a bug in major upgrades where a volume snapshot from a previous minor version could be incorrectly used to optimize replica creation. (#​8475)

• Fixed initdb to wait for the application user secret before bootstrapping a new cluster, preventing potential race conditions. (#​8663)

• Fixed the connection retry logic in the cnpgi plugin. The reconciliation loop now detects connection pool changes correctly and uses exponential backoff to reduce "closed pool" errors. (#​8554)

• Fixed volume snapshot usage during replica scaling to work with backup plugins. Previously, this optimization was only available with the in-tree backup implementation, but now clusters using backup plugins can also leverage volume snapshots when creating new replicas. (#​8506)

• Fixed the Pooler templating to correctly inherit settings for the bootstrap controller init container. (#​8394)

• Fixed webhook errors to use the correct API group (postgresql.cnpg.io) in Pooler and backup webhooks, ensuring consistent API error reporting. (#​8485)

• Fixed a potential nil pointer dereference in the hibernation reconciler when handling errors. Contributed by @​PascalBourdier. (#​8756)

• Fixed an issue in the environment cache where callers could inadvertently modify shared data. The LoadEnv function now returns a copy of cached environment slices to prevent mutations from affecting the cache. (#​8880)

v1.26.1

Compare Source

Release date: Jul 25, 2025

In memory of DJ Walker-Morgan.

Important Changes

CloudNativePG is moving toward a plugin-based, backup and recovery agnostic architecture (initiated in 1.26.0 with Barman Cloud). As part of this transition, the following fields in the .status section of the Cluster resource are now deprecated:

• firstRecoverabilityPoint
• firstRecoverabilityPointByMethod
• lastSuccessfulBackup
• lastSuccessfulBackupByMethod
• lastFailedBackup

Additionally, the following Prometheus metrics are deprecated:

• cnpg_collector_first_recoverability_point
• cnpg_collector_last_available_backup_timestamp
• cnpg_collector_last_failed_backup_timestamp

These fields and metrics will no longer update when using plugin-based backups (e.g., Barman Cloud via CNPG-I). They remain functional for users still using in-core Barman Cloud and volume snapshot backups.

Note: We, as maintainers, are sorry for any inconvenience caused by not highlighting this change during the 1.26.0 release. As we transition to a plugin-based backup and recovery architecture, we encourage you to test your chosen plugin thoroughly in a staging environment before moving to production to ensure your workflows and observability integration continue to meet your needs. Thank you for your understanding and for working with us as CloudNativePG evolves to provide a more modular and robust experience.

Changes

• Removed 386 and ARM (v5/v6/v7) architectures from the cnpg plugin build matrix, reducing the number of published binaries (#​7648).

Enhancements

• Improved validation of shared_buffers by correctly considering HugePages settings, ensuring accurate memory configuration checks (#​7864).

• Set oom_score_adj for PostgreSQL worker processes to improve prioritization during out-of-memory situations (#​7891).

• Added fqdn-uri and fqdn-jdbc-uri fields in user secrets to simplify application connection string management and align with DNS-based connection best practices (#​7852).

• Added the systemID field and related condition in the Cluster status to track the PostgreSQL system identifier. (#​7717).

Fixes

• Added a mutex in the connection pooler to protect concurrent access to the connections map, improving stability in high-concurrency environments (#​7804).

• Fixed replica cluster instance ordering by correctly detecting the designated primary, improving replica cluster stability and switchover operations (#​8108).

• Added support for reconciling VolumeAttributesClass for PVCs, enhancing storage compatibility and lifecycle management (#​7885).

• Made the internal webserver routines non-blocking to improve responsiveness under load (#​8071).

• Fixed an issue where the ensureReplicationClientLeafCertificate error did not display the correct secretName in the not found message (#​8086).

• Prevented invalid ALTER SUBSCRIPTION statements by updating only PostgreSQL‑supported parameters; unsupported options like copy_data are ignored to avoid reconciliation failures (7844).

• Fixed an issue where the bootstrap-controller in the connection pooler did not apply resources settings correctly (#​7922).

• Ensured online backups fail cleanly if the targetPod becomes unhealthy during backup, preventing partial or misleading backups (#​7944).

• Ensured the Backup resource status is set properly after a failure, improving observability and scripting reliability (#​7898).

• Improved liveness probe handling to avoid unnecessary timeouts when they are not required (#​7902).

v1.26.0

Compare Source

Release date: May 23, 2025

Important Changes

• CloudNativePG is now officially a CNCF project: CloudNativePG has been accepted into the Cloud Native Computing Foundation (CNCF), marking a significant milestone in its evolution. As part of this transition, the project is now governed under CloudNativePG, a Series of LF Projects, LLC, ensuring long-term sustainability and community-driven innovation. (#​7203)

• Deprecation of Native Barman Cloud Support: Native support for Barman Cloud backups and recovery is now deprecated and will be fully removed in CloudNativePG version 1.28.0. Although still available in the current release, users are strongly encouraged to begin migrating their existing clusters to the new Barman Cloud Plugin to ensure a smooth and seamless transition. The plugin should also be used for all new deployments. This change marks the first step toward making CloudNativePG a backup-agnostic solution, a goal that will be fully realized when volume snapshot support is also moved to a plugin-based architecture. (#​6876)

• End of Support for Barman 3.4 and Earlier: CloudNativePG no longer supports Barman versions 3.4 and earlier, including the capability detection framework. Users running older operand versions (from before April 2023) must update their operand before upgrading the operator to avoid compatibility issues. (#​7220)

• Hibernation Command Changes: The hibernate on and hibernate off commands in the cnpg plugin for kubectl now serve as shortcuts for declarative hibernation. The previous imperative approach has been removed in favor of this method. Additionally, the hibernate status command has been removed, as its functionality is now covered by the standard status command. Warning: Do not upgrade to version 1.26 of both the plugin and the operator unless you are prepared to migrate to the declarative hibernation method. (#​7155)

Features

• Declarative Offline In-Place Major Upgrades of PostgreSQL: Introduced support for offline in-place major upgrades when a new operand container image with a higher PostgreSQL major version is applied to a cluster. During the upgrade, all cluster pods are shut down to ensure data consistency. A new job is created to validate upgrade conditions, run pg_upgrade, and set up new directories for PGDATA, WAL files, and tablespaces as needed. Once the upgrade is complete, replicas are re-created. Failed upgrades can be rolled back declaratively. (#​6664)

• Improved Startup and Readiness Probes for Replicas: Enhanced support for Kubernetes startup and readiness probes in PostgreSQL instances, providing greater control over replicas based on the streaming lag. (#​6623)

• Declarative management of extensions and schemas: Introduced the extensions and schemas stanzas in the Database resource to declaratively create, modify, and drop PostgreSQL extensions and schemas within a database. (#​7062)

Enhancements

• Introduced an opt-in experimental feature to enhance the liveness probe with network isolation detection for primary instances. This feature can be activated via the alpha.cnpg.io/livenessPinger annotation (#​7466).

• Introduced the STANDBY_TCP_USER_TIMEOUT operator configuration setting, allowing users to specify the tcp_user_timeout parameter on all standby instances managed by the operator. (#​7036)

• Introduced the DRAIN_TAINTS operator configuration option, enabling users to customize which node taints indicate a node is being drained. This replaces the previous fixed behavior of only recognizing node.kubernetes.io/unschedulable as a drain signal. (#​6928)

• Added a new field in the status of the Cluster resource to track the latest known Pod IP (#​7546).

• Added the pg_extensions metric, providing information about installed PostgreSQL extensions and their latest available versions. (#​7195)

• Added the KUBERNETES_CLUSTER_DOMAIN configuration option to the operator, allowing users to specify the domain suffix for fully qualified domain names (FQDNs) generated within the Kubernetes cluster. If not set, it defaults to cluster.local. (#​6989)

• Implemented the cnpg.io/validation annotation, enabling users to disable the validation webhook on CloudNativePG-managed resources. Use with caution, as this allows unrestricted changes. (#​7196)

• Added support for patching PostgreSQL instance pods using the cnpg.io/podPatch annotation with a JSON Patch. This may introduce discrepancies between the operator’s expectations and Kubernetes behavior, so it should be used with caution. (#​6323)

• Added support for collecting pg_stat_wal metrics in PostgreSQL 18. (#​7005)

• Removed the ENABLE_AZURE_PVC_UPDATES configuration, as it is no longer required to resize Azure volumes correctly. The Azure CSI driver includes the necessary fix as of version 1.11.0. (#​7297)

• The .spec.backup.barmanObjectStore and .spec.backup.retentionPolicy fields are now deprecated in favor of the external Barman Cloud Plugin, and a warning is now emitted by the admission webhook when these fields are used in the Cluster specification (#​7500).

• Added support for LZ4, XZ, and Zstandard compression methods when archiving WAL files via Barman Cloud (deprecated). (#​7151)

• CloudNativePG Interface (CNPG-I):

  • A plugin can now trigger instance rollouts by implementing the EVALUATE verb, ensuring that plugin-induced changes are properly reconciled. (#​7126)

  • Introduced support for WAL recovery via CNPG-I plugins during snapshot restore. (#​7284)

Security

• Set imagePullPolicy to Always for the operator deployment to ensure that images are always pulled from the registry, reducing the risk of using outdated or potentially unsafe local images. (#​7250)

Fixes

• Fixed native replication slot synchronization and logical replication failover for PostgreSQL 17 by appending the dbname parameter to primary_conninfo in replica configurations (#​7298).

• Fixed a regression in WAL restore operations that prevented fallback to the in-tree barmanObjectStore configuration defined in the externalCluster source when a plugin failed to locate a WAL file (#​7507).

• Improved backup efficiency by introducing a fail-fast mechanism in WAL archiving, allowing quicker detection of unexpected primary demotion and avoiding unnecessary retries (#​7483).

• Fixed an off-by-one error in parallel WAL archiving that could cause one extra worker process to be spawned beyond the requested number (#​7389).

• Resolved a race condition that caused the operator to perform two switchovers when updating the PostgreSQL configuration. (#​6991)

• Corrected the PodMonitor configuration by adjusting the matchLabels scope for the targeted pooler and cluster pods. Previously, the matchLabels were too broad, inadvertently inheriting labels from the cluster and leading to data collection from unintended targets. (#​7063)

• Added a webhook warning for clusters with a missing unit (e.g., MB, GB) in the shared_buffers configuration. This will become an error in future releases. Users should update their configurations to include explicit units (e.g., 512MB instead of 512). (#​7160)

• Treated timeout errors during volume snapshot creation as retryable to prevent unnecessary backup failures. (#​7010)

• Moved the defaulting logic for .spec.postgresql.synchronous.dataDurability from the CRD to the webhook to avoid UI issues with OLM. (#​7600)

• CloudNativePG Interface (CNPG-I):

  • Implemented automatic reloading of TLS certificates for plugins when they change. (#​7029)

  • Ensured the operator properly closes the plugin connection when performing a backup using the plugin. (#​7095, #​7096)

  • Fixed an issue that prevented WALs from being archived on a former primary node when using a plugin. (#​6964)

  • Improved performance and resilience of CNPG-I by removing timeouts for local plugin operations, avoiding failures during longer backup or WAL archiving executions (#​7496).

• cnpg plugin:

  • Increased the buffer size in the logs pretty command to better handle larger log output (#​7281).

  • Ensured the plugin-name parameter is required for plugin-based backups and disallowed for non-plugin backup methods (#​7506).

  • Ensured that the primary Pod is recreated during an imperative restart when primaryUpdateMethod is set to restart, aligning its definition with the replicas. (#​7122)

Changes

• Updated the default PostgreSQL version to 17.5 for new cluster definitions. (#​7556)

• Updated the default PgBouncer version to 1.24.1 for new Pooler deployments (#​7399).

Supported versions

• Kubernetes 1.33, 1.32, 1.31, and 1.30
• PostgreSQL 17, 16, 15, 14, and 13
  • PostgreSQL 17.5 is the default image
  • PostgreSQL 13 support ends on November 12, 2025

v1.25.4

Compare Source

Release date: Oct 23, 2025

!!! Warning This is the final release in the 1.25.x series. Users are strongly encouraged to upgrade to a newer minor version, as 1.25 is no longer supported.

Changes

• Adopted the new format of postgres-containers and postgis-containers images and image catalog artifacts, and updated the default PostgreSQL version to 18.0-system-trixie (PostgreSQL 18 is now supported). (#​8578, #​8760, #​8558)

• Deprecated the monitoring.enablePodMonitor field in the Cluster and Pooler resources. This field will be removed in a future release. Users who rely on PodMonitor resources should create them manually instead. (#​8753)

Enhancements

• Added support for overriding the PgBouncer auth_type, server_tls_sslmode, and client_tls_sslmode settings, which were previously hardcoded. Default values remain consistent with the former behavior but can now be customized when required. (#​8674)

• Added a CHECKPOINT step before PostgreSQL smart and fast shutdowns to reduce shutdown duration and replica promotion time, especially on systems with a high checkpoint_timeout. (#​8867)

• Added a warning in the instance manager for deprecated or unsupported OS versions, based on the official postgres-containers project. (#​8601)

• Improved certificate parsing error reporting. Failures now log specific errors instead of a generic message, aiding troubleshooting. This is particularly relevant after the CVE-2025-58187 fix in Go 1.25.2 and 1.24.8, which may trigger parsing failures for invalid DNS SANs. (#​8801)

• Added a check to ensure the destination WAL archive path is empty when bootstrapping a cluster using the pg_basebackup method, consistent with other bootstrap methods. (#​8895)

• Added validation to prevent backups from running on hibernated clusters. Backups attempted on such clusters now fail with reason ClusterIsHibernated, following the standard prerequisite check pattern. (#​8870)

• Added support for pprof profiling. Instances can now enable the pprof tool by adding the alpha.cnpg.io/enableInstancePprof annotation to the Cluster resource for advanced debugging. (#​7876)

• cnpg plugin:

  • Updated the Flexible I/O Tester (FIO) image to wallnerryan/fiotools-aio:v2, as provided by Ryan Wallner. (#​8847)

  • Enhanced the cnpg status backup command to provide more detailed status information when using a barman-cloud-based backup plugin. (#​8780, #​8690)

Fixes

• Fixed backup restoration failures when using custom WAL segment sizes with parallel WAL recovery. The operator no longer manages the end-of-WAL file marker during restoration, preventing errors when backups span multiple WAL segments. (#​8873)

• Fixed a bug in major upgrades where a volume snapshot from a previous minor version could be incorrectly used to optimize replica creation. (#​8475)

• Fixed initdb to wait for the application user secret before bootstrapping a new cluster, preventing potential race conditions. (#​8663)

• Fixed the connection retry logic in the cnpgi plugin. The reconciliation loop now detects connection pool changes correctly and uses exponential backoff to reduce "closed pool" errors. (#​8554)

• Fixed volume snapshot usage during replica scaling to work with backup plugins. Previously, this optimization was only available with the in-tree backup implementation, but now clusters using backup plugins can also leverage volume snapshots when creating new replicas. (#​8506)

• Fixed the Pooler templating to correctly inherit settings for the bootstrap controller init container. (#​8394)

• Fixed webhook errors to use the correct API group (postgresql.cnpg.io) in Pooler and backup webhooks, ensuring consistent API error reporting. (#​8485)

• Fixed a potential nil pointer dereference in the hibernation reconciler when handling errors. Contributed by @​PascalBourdier. (#​8756)

• Fixed an issue in the environment cache where callers could inadvertently modify shared data. The LoadEnv function now returns a copy of cached environment slices to prevent mutations from affecting the cache. (#​8880)

v1.25.3

Compare Source

Release date: Jul 25, 2025

In memory of DJ Walker-Morgan.

Changes

• Removed 386 and ARM (v5/v6/v7) architectures from the cnpg plugin build matrix, reducing the number of published binaries (#​7648).

Enhancements

• Improved validation of shared_buffers by correctly considering HugePages settings, ensuring accurate memory configuration checks (#​7864).

• Set oom_score_adj for PostgreSQL worker processes to improve prioritization during out-of-memory situations (#​7891).

• Added fqdn-uri and fqdn-jdbc-uri fields in user secrets to simplify application connection string management and align with DNS-based connection best practices (#​7852).

• Added the systemID field and related condition in the Cluster status to track the PostgreSQL system identifier. (#​7717).

Fixes

• Added a mutex in the connection pooler to protect concurrent access to the connections map, improving stability in high-concurrency environments (#​7804).

• Fixed replica cluster instance ordering by correctly detecting the designated primary, improving replica cluster stability and switchover operations (#​8108).

• Added support for reconciling VolumeAttributesClass for PVCs, enhancing storage compatibility and lifecycle management (#​7885).

• Made the internal webserver routines non-blocking to improve responsiveness under load (#​8071).

• Fixed an issue where the ensureReplicationClientLeafCertificate error did not display the correct secretName in the not found message (#​8086).

• Prevented invalid ALTER SUBSCRIPTION statements by updating only PostgreSQL‑supported parameters; unsupported options like copy_data are ignored to avoid reconciliation failures (7844).

• Fixed an issue where the bootstrap-controller in the connection pooler did not apply resources settings correctly (#​7922).

• Ensured online backups fail cleanly if the targetPod becomes unhealthy during backup, preventing partial or misleading backups (#​7944).

• Ensured the Backup resource status is set properly after a failure, improving observability and scripting reliability (#​7898).

v1.25.2

Compare Source

Release date: May 23, 2025

Important Changes

• CloudNativePG is now officially a CNCF project: CloudNativePG has been accepted into the Cloud Native Computing Foundation (CNCF), marking a significant milestone in its evolution. As part of this transition, the project is now governed under CloudNativePG, a Series of LF Projects, LLC, ensuring long-term sustainability and community-driven innovation. (#​7203)

Enhancements

• Added the KUBERNETES_CLUSTER_DOMAIN configuration option to the operator, allowing users to specify the domain suffix for fully qualified domain names (FQDNs) generated within the Kubernetes cluster. If not set, it defaults to cluster.local. (#​6989)

• Implemented the cnpg.io/validation annotation, enabling users to disable the validation webhook on CloudNativePG-managed resources. Use with caution, as this allows unrestricted changes. (#​7196)

• Added support for collecting pg_stat_wal metrics in PostgreSQL 18. (#​7005)

• Added support for LZ4, XZ, and Zstandard compression methods when archiving WAL files via Barman Cloud (deprecated). (#​7151)

• CloudNativePG Interface (CNPG-I):

  • A plugin can now trigger instance rollouts by implementing the EVALUATE verb, ensuring that plugin-induced changes are properly reconciled. (#​7126)

  • Introduced support for WAL recovery via CNPG-I plugins during snapshot restore. (#​7284)

Security

• Set imagePullPolicy to Always for the operator deployment to ensure that images are always pulled from the registry, reducing the risk of using outdated or potentially unsafe local images. (#​7250)

Fixes

• Fixed native replication slot synchronization and logical replication failover for PostgreSQL 17 by appending the dbname parameter to primary_conninfo in replica configurations (#​7298).

• Fixed a regression in WAL restore operations that prevented fallback to the in-tree barmanObjectStore configuration defined in the externalCluster source when a plugin failed to locate a WAL file (#​7507).

• Improved backup efficiency by introducing a fail-fast mechanism in WAL archiving, allowing quicker detection of unexpected primary demotion and avoiding unnecessary retries (#​7483).

• Fixed an off-by-one error in parallel WAL archiving that could cause one extra worker process to be spawned beyond the requested number (#​7389).

• Resolved a race condition that caused the operator to perform two switchovers when updating the PostgreSQL configuration. (#​6991)

• Corrected the PodMonitor configuration by adjusting the matchLabels scope for the targeted pooler and cluster pods. Previously, the matchLabels were too broad, inadvertently inheriting labels from the cluster and leading to data collection from unintended targets. (#​7063)

• Added a webhook warning for clusters with a missing unit (e.g., MB, GB) in the shared_buffers configuration. This will become an error in future releases. Users should update their configurations to include explicit units (e.g., 512MB instead of 512). (#​7160)

• Treated timeout errors during volume snapshot creation as retryable to prevent unnecessary backup failures. (#​7010)

• Moved the defaulting logic for .spec.postgresql.synchronous.dataDurability from the CRD to the webhook to avoid UI issues with OLM. (#​7600)

• CloudNativePG Interface (CNPG-I):

  • Implemented automatic reloading of TLS certificates for plugins when they change. (#​7029)

  • Ensured the operator properly closes the plugin connection when performing a backup using the plugin. (#​7095, #​7096)

  • Improved performance and resilience of CNPG-I by removing timeouts for local plugin operations, avoiding failures during longer backup or WAL archiving executions (#​7496).

• cnpg plugin:

  • Increased the buffer size in the logs pretty command to better handle larger log output (#​7281).

  • Ensured the plugin-name parameter is required for plugin-based backups and disallowed for non-plugin backup methods (#​7506).

  • Ensured that the primary Pod is recreated during an imperative restart when primaryUpdateMethod is set to restart, aligning its definition with the replicas. (#​7122)

Changes

• Updated the default PostgreSQL version to 17.5 for new cluster definitions. (#​7556)

• Updated the default PgBouncer version to 1.24.1 for new Pooler deployments (#​7399).

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 7 additional dependencies were updated

Details:

Package	Change
github.com/cloudnative-pg/barman-cloud	v0.1.0 -> v0.3.3
github.com/cloudnative-pg/machinery	v0.1.0 -> v0.3.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring	v0.80.1 -> v0.84.1
github.com/prometheus/client_golang	v1.22.0 -> v1.23.0
golang.org/x/sys	v0.34.0 -> v0.35.0
golang.org/x/term	v0.33.0 -> v0.34.0
sigs.k8s.io/controller-runtime	v0.20.4 -> v0.21.0

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: module github.com/cloudnative-pg/[email protected] requires go >= 1.25.0; switching to go1.25.3
go: downloading go1.25.3 (linux/amd64)
go: download go1.25.3: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off