From 40243bd5fdb87a70e5b5b404ca375856dfdba962 Mon Sep 17 00:00:00 2001 From: Siva Date: Wed, 6 May 2026 00:20:14 +0530 Subject: [PATCH 1/4] build(release): bump version to v0.8.0 --- CHANGELOG.md | 27 +++++++++++++++++++ api/apiv1/gen/control_plane/service.go | 2 +- api/apiv1/gen/http/openapi.json | 2 +- api/apiv1/gen/http/openapi.yaml | 2 +- api/apiv1/gen/http/openapi3.json | 2 +- api/apiv1/gen/http/openapi3.yaml | 2 +- api/version.txt | 2 +- changes/unreleased/Added-20260331-120000.yaml | 3 --- changes/unreleased/Added-20260403-120000.yaml | 3 --- changes/unreleased/Added-20260403-130000.yaml | 3 --- changes/unreleased/Added-20260412-202528.yaml | 3 --- changes/unreleased/Added-20260414-120000.yaml | 3 --- changes/unreleased/Added-20260417-120000.yaml | 3 --- changes/unreleased/Added-20260417-130000.yaml | 3 --- changes/unreleased/Added-20260422-004204.yaml | 3 --- .../unreleased/Changed-20260421-130000.yaml | 3 --- .../unreleased/Changed-20260424-130000.yaml | 3 --- .../unreleased/Changed-20260501-104640.yaml | 3 --- changes/unreleased/Fixed-20260409-120000.yaml | 3 --- changes/unreleased/Fixed-20260409-130000.yaml | 3 --- changes/unreleased/Fixed-20260421-120000.yaml | 3 --- changes/unreleased/Fixed-20260424-120000.yaml | 3 --- changes/unreleased/Fixed-20260427-120000.yaml | 3 --- changes/v0.8.0.md | 26 ++++++++++++++++++ docs/api/openapi.md | 8 +++--- docs/api/reference.md | 2 +- docs/changelog.md | 27 +++++++++++++++++++ docs/development/e2e-tests.md | 2 +- docs/installation/installation.md | 10 +++---- docs/installation/mtls.md | 8 +++--- docs/installation/systemd.md | 2 +- docs/installation/upgrading.md | 4 +-- 32 files changed, 104 insertions(+), 72 deletions(-) delete mode 100644 changes/unreleased/Added-20260331-120000.yaml delete mode 100644 changes/unreleased/Added-20260403-120000.yaml delete mode 100644 changes/unreleased/Added-20260403-130000.yaml delete mode 100644 changes/unreleased/Added-20260412-202528.yaml delete mode 100644 changes/unreleased/Added-20260414-120000.yaml delete mode 100644 changes/unreleased/Added-20260417-120000.yaml delete mode 100644 changes/unreleased/Added-20260417-130000.yaml delete mode 100644 changes/unreleased/Added-20260422-004204.yaml delete mode 100644 changes/unreleased/Changed-20260421-130000.yaml delete mode 100644 changes/unreleased/Changed-20260424-130000.yaml delete mode 100644 changes/unreleased/Changed-20260501-104640.yaml delete mode 100644 changes/unreleased/Fixed-20260409-120000.yaml delete mode 100644 changes/unreleased/Fixed-20260409-130000.yaml delete mode 100644 changes/unreleased/Fixed-20260421-120000.yaml delete mode 100644 changes/unreleased/Fixed-20260424-120000.yaml delete mode 100644 changes/unreleased/Fixed-20260427-120000.yaml create mode 100644 changes/v0.8.0.md diff --git a/CHANGELOG.md b/CHANGELOG.md index d40004f5..f20d7a2e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,32 @@ # Changelog +## v0.8.0 - 2026-05-06 + +### Added + +- Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. +- Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. +- Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. +- Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. +- Extended stable random port assignments to service instances — Ports assigned to MCP, PostgREST, and RAG services are now persisted and reused across restarts and database updates, consistent with the behaviour already in place for database instances. +- Added RAG as a supported service type — Deploy a retrieval-augmented generation server alongside your database with hybrid vector and keyword search, automatic credential provisioning, and support for OpenAI, Voyage AI, Anthropic, and Ollama providers. + +### Changed + +- **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. +- **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. +- Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. +- Promote Supporting Services from beta to generally available + +### Fixed + +- Fixed port conflicts between services on the same host producing opaque deployment errors — Port conflicts are now detected at creation time and rejected with a clear validation message. +- Fixed `extra_networks` specified in `orchestrator_opts` not being attached to service containers (MCP, PostgREST, RAG). +- Fixed upgrade path from v0.6.2 — Databases created before v0.7.0 that were missing replication slot resources are now automatically repaired during state migration. +- Fixed embedded etcd clients connecting to all cluster members instead of only their own endpoint — This could cause connectivity issues when cluster membership changed. + ## v0.7.0 - 2026-03-25 ### Added diff --git a/api/apiv1/gen/control_plane/service.go b/api/apiv1/gen/control_plane/service.go index 5109bdf4..06118c2f 100644 --- a/api/apiv1/gen/control_plane/service.go +++ b/api/apiv1/gen/control_plane/service.go @@ -81,7 +81,7 @@ type Service interface { const APIName = "control-plane" // APIVersion is the version of the API as defined in the design. -const APIVersion = "v0.7.0" +const APIVersion = "v0.8.0" // ServiceName is the name of the service as defined in the design. This is the // same value that is set in the endpoint request contexts under the ServiceKey diff --git a/api/apiv1/gen/http/openapi.json b/api/apiv1/gen/http/openapi.json index 9fb76eab..3800cc7e 100644 --- a/api/apiv1/gen/http/openapi.json +++ b/api/apiv1/gen/http/openapi.json @@ -3,7 +3,7 @@ "info": { "title": "pgEdge Control Plane v1 API", "description": "A distributed application that provides a declarative API to deploy and manage Postgres databases.", - "version": "v0.7.0" + "version": "v0.8.0" }, "host": "localhost:3000", "consumes": [ diff --git a/api/apiv1/gen/http/openapi.yaml b/api/apiv1/gen/http/openapi.yaml index fd6c2d32..563aae01 100644 --- a/api/apiv1/gen/http/openapi.yaml +++ b/api/apiv1/gen/http/openapi.yaml @@ -2,7 +2,7 @@ swagger: "2.0" info: title: pgEdge Control Plane v1 API description: A distributed application that provides a declarative API to deploy and manage Postgres databases. - version: v0.7.0 + version: v0.8.0 host: localhost:3000 consumes: - application/json diff --git a/api/apiv1/gen/http/openapi3.json b/api/apiv1/gen/http/openapi3.json index 46f25d63..dd244e60 100644 --- a/api/apiv1/gen/http/openapi3.json +++ b/api/apiv1/gen/http/openapi3.json @@ -3,7 +3,7 @@ "info": { "title": "pgEdge Control Plane v1 API", "description": "A distributed application that provides a declarative API to deploy and manage Postgres databases.", - "version": "v0.7.0" + "version": "v0.8.0" }, "servers": [ { diff --git a/api/apiv1/gen/http/openapi3.yaml b/api/apiv1/gen/http/openapi3.yaml index 9307b89a..c2cb32d4 100644 --- a/api/apiv1/gen/http/openapi3.yaml +++ b/api/apiv1/gen/http/openapi3.yaml @@ -2,7 +2,7 @@ openapi: 3.0.3 info: title: pgEdge Control Plane v1 API description: A distributed application that provides a declarative API to deploy and manage Postgres databases. - version: v0.7.0 + version: v0.8.0 servers: - url: http://localhost:3000 paths: diff --git a/api/version.txt b/api/version.txt index e7f5d1aa..4ea5cafa 100644 --- a/api/version.txt +++ b/api/version.txt @@ -1 +1 @@ -v0.7.0 \ No newline at end of file +v0.8.0 \ No newline at end of file diff --git a/changes/unreleased/Added-20260331-120000.yaml b/changes/unreleased/Added-20260331-120000.yaml deleted file mode 100644 index fba021c8..00000000 --- a/changes/unreleased/Added-20260331-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. -time: 2026-03-31T12:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260403-120000.yaml b/changes/unreleased/Added-20260403-120000.yaml deleted file mode 100644 index 90f2c965..00000000 --- a/changes/unreleased/Added-20260403-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. -time: 2026-04-03T12:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260403-130000.yaml b/changes/unreleased/Added-20260403-130000.yaml deleted file mode 100644 index 1c470e32..00000000 --- a/changes/unreleased/Added-20260403-130000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. -time: 2026-04-03T13:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260412-202528.yaml b/changes/unreleased/Added-20260412-202528.yaml deleted file mode 100644 index 5acf315b..00000000 --- a/changes/unreleased/Added-20260412-202528.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. -time: 2026-04-12T20:25:28.998139-04:00 diff --git a/changes/unreleased/Added-20260414-120000.yaml b/changes/unreleased/Added-20260414-120000.yaml deleted file mode 100644 index 07d48143..00000000 --- a/changes/unreleased/Added-20260414-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. -time: 2026-04-14T12:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260417-120000.yaml b/changes/unreleased/Added-20260417-120000.yaml deleted file mode 100644 index fbd2af58..00000000 --- a/changes/unreleased/Added-20260417-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. -time: 2026-04-17T12:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260417-130000.yaml b/changes/unreleased/Added-20260417-130000.yaml deleted file mode 100644 index 72e92848..00000000 --- a/changes/unreleased/Added-20260417-130000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Extended stable random port assignments to service instances — Ports assigned to MCP, PostgREST, and RAG services are now persisted and reused across restarts and database updates, consistent with the behaviour already in place for database instances. -time: 2026-04-17T13:00:00.000000-04:00 diff --git a/changes/unreleased/Added-20260422-004204.yaml b/changes/unreleased/Added-20260422-004204.yaml deleted file mode 100644 index 31f5e49e..00000000 --- a/changes/unreleased/Added-20260422-004204.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Added -body: Added RAG as a supported service type — Deploy a retrieval-augmented generation server alongside your database with hybrid vector and keyword search, automatic credential provisioning, and support for OpenAI, Voyage AI, Anthropic, and Ollama providers. -time: 2026-04-22T00:42:04.283582+05:30 diff --git a/changes/unreleased/Changed-20260421-130000.yaml b/changes/unreleased/Changed-20260421-130000.yaml deleted file mode 100644 index 85c60999..00000000 --- a/changes/unreleased/Changed-20260421-130000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Changed -body: "**Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error." -time: 2026-04-21T13:00:00.000000-04:00 diff --git a/changes/unreleased/Changed-20260424-130000.yaml b/changes/unreleased/Changed-20260424-130000.yaml deleted file mode 100644 index 29afe17b..00000000 --- a/changes/unreleased/Changed-20260424-130000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Changed -body: Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. -time: 2026-04-24T13:00:00.000000-04:00 diff --git a/changes/unreleased/Changed-20260501-104640.yaml b/changes/unreleased/Changed-20260501-104640.yaml deleted file mode 100644 index 7a7553fc..00000000 --- a/changes/unreleased/Changed-20260501-104640.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Changed -body: Promote Supporting Services from beta to generally available -time: 2026-05-01T10:46:40.2527-05:00 diff --git a/changes/unreleased/Fixed-20260409-120000.yaml b/changes/unreleased/Fixed-20260409-120000.yaml deleted file mode 100644 index a044ccac..00000000 --- a/changes/unreleased/Fixed-20260409-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Fixed -body: Fixed port conflicts between services on the same host producing opaque deployment errors — Port conflicts are now detected at creation time and rejected with a clear validation message. -time: 2026-04-09T12:00:00.000000-04:00 diff --git a/changes/unreleased/Fixed-20260409-130000.yaml b/changes/unreleased/Fixed-20260409-130000.yaml deleted file mode 100644 index da9a81ae..00000000 --- a/changes/unreleased/Fixed-20260409-130000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Fixed -body: Fixed `extra_networks` specified in `orchestrator_opts` not being attached to service containers (MCP, PostgREST, RAG). -time: 2026-04-09T13:00:00.000000-04:00 diff --git a/changes/unreleased/Fixed-20260421-120000.yaml b/changes/unreleased/Fixed-20260421-120000.yaml deleted file mode 100644 index 898b8e0b..00000000 --- a/changes/unreleased/Fixed-20260421-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Fixed -body: Fixed upgrade path from v0.6.2 — Databases created before v0.7.0 that were missing replication slot resources are now automatically repaired during state migration. -time: 2026-04-21T12:00:00.000000-04:00 diff --git a/changes/unreleased/Fixed-20260424-120000.yaml b/changes/unreleased/Fixed-20260424-120000.yaml deleted file mode 100644 index ea080a36..00000000 --- a/changes/unreleased/Fixed-20260424-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Changed -body: "**Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters." -time: 2026-04-24T12:00:00.000000-04:00 diff --git a/changes/unreleased/Fixed-20260427-120000.yaml b/changes/unreleased/Fixed-20260427-120000.yaml deleted file mode 100644 index 2e163665..00000000 --- a/changes/unreleased/Fixed-20260427-120000.yaml +++ /dev/null @@ -1,3 +0,0 @@ -kind: Fixed -body: Fixed embedded etcd clients connecting to all cluster members instead of only their own endpoint — This could cause connectivity issues when cluster membership changed. -time: 2026-04-27T12:00:00.000000-04:00 diff --git a/changes/v0.8.0.md b/changes/v0.8.0.md new file mode 100644 index 00000000..d8bedb6b --- /dev/null +++ b/changes/v0.8.0.md @@ -0,0 +1,26 @@ +## v0.8.0 - 2026-05-06 + +### Added + +- Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. +- Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. +- Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. +- Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. +- Extended stable random port assignments to service instances — Ports assigned to MCP, PostgREST, and RAG services are now persisted and reused across restarts and database updates, consistent with the behaviour already in place for database instances. +- Added RAG as a supported service type — Deploy a retrieval-augmented generation server alongside your database with hybrid vector and keyword search, automatic credential provisioning, and support for OpenAI, Voyage AI, Anthropic, and Ollama providers. + +### Changed + +- **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. +- **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. +- Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. +- Promote Supporting Services from beta to generally available + +### Fixed + +- Fixed port conflicts between services on the same host producing opaque deployment errors — Port conflicts are now detected at creation time and rejected with a clear validation message. +- Fixed `extra_networks` specified in `orchestrator_opts` not being attached to service containers (MCP, PostgREST, RAG). +- Fixed upgrade path from v0.6.2 — Databases created before v0.7.0 that were missing replication slot resources are now automatically repaired during state migration. +- Fixed embedded etcd clients connecting to all cluster members instead of only their own endpoint — This could cause connectivity issues when cluster membership changed. diff --git a/docs/api/openapi.md b/docs/api/openapi.md index bc5fc4e2..36aad485 100644 --- a/docs/api/openapi.md +++ b/docs/api/openapi.md @@ -7,7 +7,7 @@ The Control Plane server serves a JSON OpenAPI v3 specification from the You can also access offline copies of the OpenAPI specification in the pgEdge Control Plane repository. We generate a few versions of the specification to accommodate different tools and use cases: -- [OpenAPI v3 YAML](https://github.com/pgEdge/control-plane/blob/v0.7.0/api/apiv1/gen/http/openapi3.yaml) -- [OpenAPI v3 JSON](https://github.com/pgEdge/control-plane/blob/v0.7.0/api/apiv1/gen/http/openapi3.json) -- [OpenAPI v2 YAML](https://github.com/pgEdge/control-plane/blob/v0.7.0/api/apiv1/gen/http/openapi.yaml) -- [OpenAPI v2 JSON](https://github.com/pgEdge/control-plane/blob/v0.7.0/api/apiv1/gen/http/openapi.json) \ No newline at end of file +- [OpenAPI v3 YAML](https://github.com/pgEdge/control-plane/blob/v0.8.0/api/apiv1/gen/http/openapi3.yaml) +- [OpenAPI v3 JSON](https://github.com/pgEdge/control-plane/blob/v0.8.0/api/apiv1/gen/http/openapi3.json) +- [OpenAPI v2 YAML](https://github.com/pgEdge/control-plane/blob/v0.8.0/api/apiv1/gen/http/openapi.yaml) +- [OpenAPI v2 JSON](https://github.com/pgEdge/control-plane/blob/v0.8.0/api/apiv1/gen/http/openapi.json) \ No newline at end of file diff --git a/docs/api/reference.md b/docs/api/reference.md index b0dcccfc..9f32dd3d 100644 --- a/docs/api/reference.md +++ b/docs/api/reference.md @@ -34,4 +34,4 @@ hide: - \ No newline at end of file + \ No newline at end of file diff --git a/docs/changelog.md b/docs/changelog.md index d40004f5..f20d7a2e 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -1,5 +1,32 @@ # Changelog +## v0.8.0 - 2026-05-06 + +### Added + +- Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. +- Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. +- Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. +- Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. +- Extended stable random port assignments to service instances — Ports assigned to MCP, PostgREST, and RAG services are now persisted and reused across restarts and database updates, consistent with the behaviour already in place for database instances. +- Added RAG as a supported service type — Deploy a retrieval-augmented generation server alongside your database with hybrid vector and keyword search, automatic credential provisioning, and support for OpenAI, Voyage AI, Anthropic, and Ollama providers. + +### Changed + +- **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. +- **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. +- Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. +- Promote Supporting Services from beta to generally available + +### Fixed + +- Fixed port conflicts between services on the same host producing opaque deployment errors — Port conflicts are now detected at creation time and rejected with a clear validation message. +- Fixed `extra_networks` specified in `orchestrator_opts` not being attached to service containers (MCP, PostgREST, RAG). +- Fixed upgrade path from v0.6.2 — Databases created before v0.7.0 that were missing replication slot resources are now automatically repaired during state migration. +- Fixed embedded etcd clients connecting to all cluster members instead of only their own endpoint — This could cause connectivity issues when cluster membership changed. + ## v0.7.0 - 2026-03-25 ### Added diff --git a/docs/development/e2e-tests.md b/docs/development/e2e-tests.md index 0e443343..88b272d7 100644 --- a/docs/development/e2e-tests.md +++ b/docs/development/e2e-tests.md @@ -395,7 +395,7 @@ specifying `FIXTURE_CONTROL_PLANE_IMAGE` with the `{deploy,update,reset}-{lima,ec2}-fixture` targets. For example: ```sh -make update-lima-fixture FIXTURE_CONTROL_PLANE_IMAGE='ghcr.io/pgedge/control-plane:v0.7.0-rc.1' +make update-lima-fixture FIXTURE_CONTROL_PLANE_IMAGE='ghcr.io/pgedge/control-plane:v0.8.0-rc.1' ``` ### Fixture variants diff --git a/docs/installation/installation.md b/docs/installation/installation.md index 9dc15d42..67ce7b1d 100644 --- a/docs/installation/installation.md +++ b/docs/installation/installation.md @@ -98,7 +98,7 @@ Given that output, the following stack definition file will deploy a single Cont ```yaml services: host-1: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-1 @@ -113,7 +113,7 @@ services: constraints: - node.id==vzou89zyd4n3xz6p6jvoohqxx host-2: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-2 @@ -128,7 +128,7 @@ services: constraints: - node.id==5sa7m11ub62t1n22feuhg0mbp host-3: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-3 @@ -191,7 +191,7 @@ For example: ```yaml host-4: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-4 @@ -227,7 +227,7 @@ Paste the output below and click "Generate Stack." This generator is fully local - + ``` yaml {#global-output} # Once submitted, the generated stack will appear here. diff --git a/docs/installation/mtls.md b/docs/installation/mtls.md index 9a5c831b..9148cbd4 100644 --- a/docs/installation/mtls.md +++ b/docs/installation/mtls.md @@ -35,7 +35,7 @@ For example, if you've placed the certificates in a `/opt/pgedge/control-plane` ```yaml services: host-1: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-1 @@ -195,7 +195,7 @@ Now that our certificates are available on each machine, we can update our stack ```yaml services: host-1: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-1 @@ -219,7 +219,7 @@ services: constraints: - node.id==81kw1zwmh9y8hk4rd7igylry0 host-2: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-2 @@ -240,7 +240,7 @@ services: constraints: - node.id==xz7069ytbdq7uzd2tvrj2wlf2 host-3: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 command: run environment: - PGEDGE_HOST_ID=host-3 diff --git a/docs/installation/systemd.md b/docs/installation/systemd.md index 1e674db5..95dd1604 100644 --- a/docs/installation/systemd.md +++ b/docs/installation/systemd.md @@ -91,7 +91,7 @@ Use the following commands to download and install the RPM: ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/') # Set the version to install -VERSION="v0.7.0" +VERSION="v0.8.0" # Download the RPM curl -LO "https://github.com/pgedge/control-plane/releases/download/${VERSION}/pgedge-control-plane_${VERSION#v}_linux_${ARCH}.rpm" diff --git a/docs/installation/upgrading.md b/docs/installation/upgrading.md index 3c497b1f..417b15aa 100644 --- a/docs/installation/upgrading.md +++ b/docs/installation/upgrading.md @@ -6,11 +6,11 @@ Plane. The Control Plane version is specified in the image property of the [stac ```yaml services: host-1: - image: ghcr.io/pgedge/control-plane:v0.7.0 + image: ghcr.io/pgedge/control-plane:v0.8.0 ``` You can *pin* to a specific version by including a version in the `image` -fields in your service specification, such as `ghcr.io/pgedge/control-plane:v0.7.0`. +fields in your service specification, such as `ghcr.io/pgedge/control-plane:v0.8.0`. If you do not include a version, Docker will pull the `ghcr.io/pgedge/control-plane:latest` tag by default. From 8a7352c7acd85e5955350eac33d6b452789ea4fa Mon Sep 17 00:00:00 2001 From: Siva Date: Wed, 6 May 2026 19:15:06 +0530 Subject: [PATCH 2/4] addressing review comments --- CHANGELOG.md | 2 +- changes/v0.8.0.md | 2 +- docs/changelog.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f20d7a2e..e4b513a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,7 @@ - Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. - Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. -- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/installation/systemd) of our docs. - Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. - Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. - Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. diff --git a/changes/v0.8.0.md b/changes/v0.8.0.md index d8bedb6b..59e0b297 100644 --- a/changes/v0.8.0.md +++ b/changes/v0.8.0.md @@ -4,7 +4,7 @@ - Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. - Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. -- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/installation/systemd) of our docs. - Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. - Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. - Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. diff --git a/docs/changelog.md b/docs/changelog.md index f20d7a2e..e4b513a4 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -6,7 +6,7 @@ - Renamed the server binary from `control-plane` to `pgedge-control-plane` to reduce conflicts with other system packages. - Added PostgREST as a supported service type — Deploy the PostgREST REST API server alongside your database with automatic credential provisioning, upfront schema and role validation, and configurable connection pool settings. -- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/v0-8/installation/systemd) of our docs. +- Added preliminary support for systemd as an alternative to Docker Swarm. This feature is currently in "preview" status. You can read more about it in the [systemd page](https://docs.pgedge.com/control-plane/installation/systemd) of our docs. - Added the ability to run user-defined SQL scripts during database creation via the `scripts` field on the database spec. - Added `connect_as` field for service credentials — Services can now explicitly specify which database user they authenticate as by referencing a `database_users` entry, replacing auto-generated service accounts with direct, auditable credential assignment. - Added automatic role transfer when expanding a database cluster — PostgreSQL roles created outside the standard `database_users` configuration are now automatically transferred to new nodes when they join a database. From ffd8ddcf80fd084d4855cc330150aa71d5acb817 Mon Sep 17 00:00:00 2001 From: Jason Lynch Date: Wed, 6 May 2026 12:36:39 -0400 Subject: [PATCH 3/4] feat: enable failsafe mode for single-host nodes (#380) Patroni's failsafe mode prevents instances from going into read-only mode when they lose their connection to the DCS as long as they're able to contact all other Patroni instances in the cluster. There could be edge-cases to this behavior when there's more than one instance in the Patroni cluster, however it's known to be safe if there's only one host in cluster. This commit enables failsafe mode when there's only a single host in the node (meaning the Patroni cluster only has a single instance) and disables it otherwise. This change is backward-compatible and does not need a migration. PLAT-545 --- CHANGELOG.md | 1 + changes/v0.8.0.md | 1 + docs/changelog.md | 1 + server/internal/database/instance_resource.go | 13 ++++++++++++- server/internal/database/spec.go | 4 ++++ 5 files changed, 19 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e4b513a4..49831f48 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. - Promote Supporting Services from beta to generally available +- Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed diff --git a/changes/v0.8.0.md b/changes/v0.8.0.md index 59e0b297..97996d34 100644 --- a/changes/v0.8.0.md +++ b/changes/v0.8.0.md @@ -17,6 +17,7 @@ - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. - Promote Supporting Services from beta to generally available +- Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed diff --git a/docs/changelog.md b/docs/changelog.md index e4b513a4..49831f48 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -19,6 +19,7 @@ - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. - Promote Supporting Services from beta to generally available +- Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed diff --git a/server/internal/database/instance_resource.go b/server/internal/database/instance_resource.go index e2adc4e5..a51a395b 100644 --- a/server/internal/database/instance_resource.go +++ b/server/internal/database/instance_resource.go @@ -16,6 +16,7 @@ import ( "github.com/pgEdge/control-plane/server/internal/patroni" "github.com/pgEdge/control-plane/server/internal/postgres" "github.com/pgEdge/control-plane/server/internal/resource" + "github.com/pgEdge/control-plane/server/internal/utils" ) var _ resource.Resource = (*InstanceResource)(nil) @@ -190,7 +191,8 @@ func (r *InstanceResource) Paths(orchestrator Orchestrator) (InstancePaths, erro } func (r *InstanceResource) initializeInstance(ctx context.Context, rc *resource.Context) error { - primaryInstanceID, err := GetPrimaryInstanceID(ctx, r.patroniClient(), time.Minute) + patroniClient := r.patroniClient() + primaryInstanceID, err := GetPrimaryInstanceID(ctx, patroniClient, time.Minute) if err != nil { return err } @@ -205,6 +207,15 @@ func (r *InstanceResource) initializeInstance(ctx context.Context, rc *resource. return nil } + // Enable failsafe mode if this instance is the only one in the node. + // Otherwise, disable it. + _, err = patroniClient.PatchDynamicConfig(ctx, &patroni.DynamicConfig{ + FailsafeMode: utils.PointerTo(r.Spec.NodeSize == 1), + }) + if err != nil { + return fmt.Errorf("failed to configure failsafe mode: %w", err) + } + conn, err := r.Connection(ctx, rc, "postgres") if err != nil { return err diff --git a/server/internal/database/spec.go b/server/internal/database/spec.go index df13e3c8..4d3c024d 100644 --- a/server/internal/database/spec.go +++ b/server/internal/database/spec.go @@ -541,6 +541,7 @@ type InstanceSpec struct { RestoreConfig *RestoreConfig `json:"restore_config"` PostgreSQLConf map[string]any `json:"postgresql_conf"` ClusterSize int `json:"cluster_size"` + NodeSize int `json:"node_size"` OrchestratorOpts *OrchestratorOpts `json:"orchestrator_opts,omitempty"` InPlaceRestore bool `json:"in_place_restore,omitempty"` AllHostIDs []string `json:"all_host_ids"` // All host IDs in the database @@ -594,6 +595,7 @@ func (s *InstanceSpec) Clone() *InstanceSpec { RestoreConfig: s.RestoreConfig.Clone(), PostgreSQLConf: maps.Clone(s.PostgreSQLConf), ClusterSize: s.ClusterSize, + NodeSize: s.NodeSize, OrchestratorOpts: s.OrchestratorOpts.Clone(), AllHostIDs: slices.Clone(s.AllHostIDs), } @@ -648,6 +650,7 @@ func (s *Spec) NodeInstances() ([]*NodeInstances, error) { clusterSize := len(s.Nodes) nodes := make([]*NodeInstances, clusterSize) for nodeIdx, node := range s.Nodes { + nodeSize := len(node.HostIDs) nodeOrdinal, err := extractOrdinal(node.Name) if err != nil { return nil, fmt.Errorf("failed to extract ordinal from node name: %w", err) @@ -690,6 +693,7 @@ func (s *Spec) NodeInstances() ([]*NodeInstances, error) { RestoreConfig: effectiveRestore, PostgreSQLConf: overridableMapValue(s.PostgreSQLConf, node.PostgreSQLConf), ClusterSize: clusterSize, + NodeSize: nodeSize, OrchestratorOpts: overridableValue(s.OrchestratorOpts, node.OrchestratorOpts), AllHostIDs: allHostIDs, } From 84e444e273051cc1cefae4204122a16199a7a47b Mon Sep 17 00:00:00 2001 From: Jason Lynch Date: Wed, 6 May 2026 13:57:41 -0400 Subject: [PATCH 4/4] docs: fix tense in changelog entries --- CHANGELOG.md | 2 +- changes/v0.8.0.md | 2 +- docs/changelog.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49831f48..a2f2560d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,7 +18,7 @@ - **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. -- Promote Supporting Services from beta to generally available +- Promoted Supporting Services from beta to generally available - Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed diff --git a/changes/v0.8.0.md b/changes/v0.8.0.md index 97996d34..699fec80 100644 --- a/changes/v0.8.0.md +++ b/changes/v0.8.0.md @@ -16,7 +16,7 @@ - **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. -- Promote Supporting Services from beta to generally available +- Promoted Supporting Services from beta to generally available - Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed diff --git a/docs/changelog.md b/docs/changelog.md index 49831f48..a2f2560d 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -18,7 +18,7 @@ - **Breaking:** The `connect_as` field is now required when creating or updating services of any type (MCP, PostgREST, RAG) — requests that omit this field will be rejected with a validation error. - **Breaking:** Database, host, cluster, and service identifiers are now validated to comply with RFC 1035 name requirements — IDs must be 1–36 characters, contain only lowercase letters, digits, and hyphens, and start and end with a letter or digit. The combined length of a database ID and service ID may not exceed 53 characters. - Removed the `pgedge_application` and `pgedge_application_read_only` built-in database roles — These roles are no longer created for new databases. The names are no longer reserved and may be used freely for custom database users. -- Promote Supporting Services from beta to generally available +- Promoted Supporting Services from beta to generally available - Enable Patroni's failsafe mode in single-host nodes to improve resilience in some Etcd outages. Failsafe mode is not enabled in nodes with more than one host. ### Fixed