Merge branch 'master' into fes-support

2021-11-25 15:55:14 +01:00 · 2021-11-25 15:55:14 +01:00 · 8d52e8d3c6
parent fa63803be9 fbd980af78
commit 8d52e8d3c6
36 changed files with 242 additions and 101 deletions
--- a/.github/ISSUE_TEMPLATE/postgres-operator-issue-template.md
+++ b/.github/ISSUE_TEMPLATE/postgres-operator-issue-template.md
@ -9,7 +9,7 @@ assignees: ''

 Please, answer some short questions which should help us to understand your problem / question better?

- **Which image of the operator are you using?** e.g. registry.opensource.zalan.do/acid/postgres-operator:v1.7.0
+- **Which image of the operator are you using?** e.g. registry.opensource.zalan.do/acid/postgres-operator:v1.7.1
 - **Where do you run it - cloud or metal? Kubernetes or OpenShift?** [AWS K8s | GCP ... | Bare Metal K8s]
 - **Are you running Postgres Operator in production?** [yes | no]
 - **Type of issue?** [Bug report, question, feature request, etc.]
--- a/2
+++ b/2
@ -85,7 +85,7 @@ mocks:
 	GO111MODULE=on go generate ./...

 tools:
-	GO111MODULE=on go get k8s.io/client-go@kubernetes-1.22.2
+	GO111MODULE=on go get k8s.io/client-go@kubernetes-1.22.3
 	GO111MODULE=on go get github.com/golang/mock/mockgen@v1.6.0
 	GO111MODULE=on go mod tidy

--- a/README.md
+++ b/README.md
@ -61,7 +61,7 @@ We introduce the major version into the backup path to smoothen the [major versi
 The new operator configuration can set a compatibility flag *enable_spilo_wal_path_compat* to make Spilo look for wal segments in the current path but also old format paths.
 This comes at potential performance costs and should be disabled after a few days.

-The newest Spilo image is: `registry.opensource.zalan.do/acid/spilo-14:2.1-p2`
+The newest Spilo image is: `registry.opensource.zalan.do/acid/spilo-14:2.1-p3`

 The last Spilo 12 image is: `registry.opensource.zalan.do/acid/spilo-12:1.6-p5`

--- a/charts/postgres-operator-ui/Chart.yaml
+++ b/charts/postgres-operator-ui/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v1
 name: postgres-operator-ui
-version: 1.7.0
-appVersion: 1.7.0
+version: 1.7.1
+appVersion: 1.7.1
 home: https://github.com/zalando/postgres-operator
 description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience
 keywords:
--- a/charts/postgres-operator-ui/index.yaml
+++ b/charts/postgres-operator-ui/index.yaml
@ -2,11 +2,34 @@ apiVersion: v1
 entries:
  postgres-operator-ui:
  - apiVersion: v1
-    appVersion: 1.7.0
-    created: "2021-08-27T10:23:17.723412079+02:00"
+    appVersion: 1.7.1
+    created: "2021-11-03T11:44:00.75040818+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
-    digest: ad08ee5fe31bb2e7c3cc1299c2e778511a3c05305bc17357404b2615b32ea92a
+    digest: 97aed1a1d37cd5f8441eea9522f38e56cc829786ad2134c437a5e6a15c995869
+    home: https://github.com/zalando/postgres-operator
+    keywords:
+    - postgres
+    - operator
+    - ui
+    - cloud-native
+    - patroni
+    - spilo
+    maintainers:
+    - email: opensource@zalando.de
+      name: Zalando
+    name: postgres-operator-ui
+    sources:
+    - https://github.com/zalando/postgres-operator
+    urls:
+    - postgres-operator-ui-1.7.1.tgz
+    version: 1.7.1
+  - apiVersion: v1
+    appVersion: 1.7.0
+    created: "2021-11-03T11:44:00.748544296+01:00"
+    description: Postgres Operator UI provides a graphical interface for a convenient
+      database-as-a-service user experience
+    digest: 37fba1968347daad393dbd1c6ee6e5b6a24d1095f972c0102197531c62dcada8
    home: https://github.com/zalando/postgres-operator
    keywords:
    - postgres
@ -26,7 +49,7 @@ entries:
    version: 1.7.0
  - apiVersion: v1
    appVersion: 1.6.3
-    created: "2021-08-27T10:23:17.722255571+02:00"
+    created: "2021-11-03T11:44:00.745261041+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: 08b810aa632dcc719e4785ef184e391267f7c460caa99677f2d00719075aac78
@ -49,7 +72,7 @@ entries:
    version: 1.6.3
  - apiVersion: v1
    appVersion: 1.6.2
-    created: "2021-08-27T10:23:17.721712848+02:00"
+    created: "2021-11-03T11:44:00.743617168+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: 14d1559bb0bd1e1e828f2daaaa6f6ac9ffc268d79824592c3589b55dd39241f6
@ -72,7 +95,7 @@ entries:
    version: 1.6.2
  - apiVersion: v1
    appVersion: 1.6.1
-    created: "2021-08-27T10:23:17.721175629+02:00"
+    created: "2021-11-03T11:44:00.741913772+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: 3d321352f2f1e7bb7450aa8876e3d818aa9f9da9bd4250507386f0490f2c1969
@ -95,7 +118,7 @@ entries:
    version: 1.6.1
  - apiVersion: v1
    appVersion: 1.6.0
-    created: "2021-08-27T10:23:17.720655498+02:00"
+    created: "2021-11-03T11:44:00.740290409+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: 1e0aa1e7db3c1daa96927ffbf6fdbcdb434562f961833cb5241ddbe132220ee4
@ -118,7 +141,7 @@ entries:
    version: 1.6.0
  - apiVersion: v1
    appVersion: 1.5.0
-    created: "2021-08-27T10:23:17.720112359+02:00"
+    created: "2021-11-03T11:44:00.738607341+01:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: c91ea39e6d51d57f4048fb1b6ec53b40823f2690eb88e4e4f1a036367b9fdd61
@ -139,4 +162,4 @@ entries:
    urls:
    - postgres-operator-ui-1.5.0.tgz
    version: 1.5.0
-generated: "2021-08-27T10:23:17.719397521+02:00"
+generated: "2021-11-03T11:44:00.736383918+01:00"
--- a/charts/postgres-operator-ui/postgres-operator-ui-1.7.1.tgz
+++ b/charts/postgres-operator-ui/postgres-operator-ui-1.7.1.tgz
--- a/charts/postgres-operator-ui/values.yaml
+++ b/charts/postgres-operator-ui/values.yaml
@ -8,7 +8,7 @@ replicaCount: 1
 image:
  registry: registry.opensource.zalan.do
  repository: acid/postgres-operator-ui
-  tag: v1.7.0
+  tag: v1.7.1
  pullPolicy: "IfNotPresent"

 # Optionally specify an array of imagePullSecrets.
@ -39,7 +39,7 @@ resources:

 # configure UI ENVs
 envs:
-  # IMPORTANT: While operator chart and UI chart are idendependent, this is the interface between
+  # IMPORTANT: While operator chart and UI chart are independent, this is the interface between
  # UI and operator API. Insert the service name of the operator API here!
  operatorApiUrl: "http://postgres-operator:8080"
  operatorClusterNameLabel: "cluster-name"
--- a/charts/postgres-operator/Chart.yaml
+++ b/charts/postgres-operator/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v1
 name: postgres-operator
-version: 1.7.0
-appVersion: 1.7.0
+version: 1.7.1
+appVersion: 1.7.1
 home: https://github.com/zalando/postgres-operator
 description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes
 keywords:
--- a/charts/postgres-operator/crds/operatorconfigurations.yaml
+++ b/charts/postgres-operator/crds/operatorconfigurations.yaml
@ -4,8 +4,6 @@ metadata:
  name: operatorconfigurations.acid.zalan.do
  labels:
    app.kubernetes.io/name: postgres-operator
-  annotations:
-    "helm.sh/hook": crd-install
 spec:
  group: acid.zalan.do
  names:
@ -65,7 +63,7 @@ spec:
            properties:
              docker_image:
                type: string
-                default: "registry.opensource.zalan.do/acid/spilo-14:2.1-p2"
+                default: "registry.opensource.zalan.do/acid/spilo-14:2.1-p3"
              enable_crd_validation:
                type: boolean
                default: true
@ -402,7 +400,7 @@ spec:
                properties:
                  logical_backup_docker_image:
                    type: string
-                    default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+                    default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"
                  logical_backup_google_application_credentials:
                    type: string
                  logical_backup_job_prefix:
@ -537,7 +535,7 @@ spec:
                    default: "pooler"
                  connection_pooler_image:
                    type: string
-                    default: "registry.opensource.zalan.do/acid/pgbouncer:master-18"
+                    default: "registry.opensource.zalan.do/acid/pgbouncer:master-19"
                  connection_pooler_max_db_connections:
                    type: integer
                    default: 60
--- a/charts/postgres-operator/crds/postgresqls.yaml
+++ b/charts/postgres-operator/crds/postgresqls.yaml
@ -4,8 +4,6 @@ metadata:
  name: postgresqls.acid.zalan.do
  labels:
    app.kubernetes.io/name: postgres-operator
-  annotations:
-    "helm.sh/hook": crd-install
 spec:
  group: acid.zalan.do
  names:
--- a/charts/postgres-operator/crds/postgresteams.yaml
+++ b/charts/postgres-operator/crds/postgresteams.yaml
@ -4,8 +4,6 @@ metadata:
  name: postgresteams.acid.zalan.do
  labels:
    app.kubernetes.io/name: postgres-operator
-  annotations:
-    "helm.sh/hook": crd-install
 spec:
  group: acid.zalan.do
  names:
--- a/charts/postgres-operator/index.yaml
+++ b/charts/postgres-operator/index.yaml
@ -2,11 +2,33 @@ apiVersion: v1
 entries:
  postgres-operator:
  - apiVersion: v1
-    appVersion: 1.7.0
-    created: "2021-08-27T10:21:42.643185124+02:00"
+    appVersion: 1.7.1
+    created: "2021-11-03T11:43:09.121092027+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
-    digest: 1c4a1d289188ef72e409892fd2b86c008a37420af04a9796a8829ff84ab09e61
+    digest: 7262563bec0b058e669ae6bcff0226e33fa9ece9c41ac46a53274046afe7700c
+    home: https://github.com/zalando/postgres-operator
+    keywords:
+    - postgres
+    - operator
+    - cloud-native
+    - patroni
+    - spilo
+    maintainers:
+    - email: opensource@zalando.de
+      name: Zalando
+    name: postgres-operator
+    sources:
+    - https://github.com/zalando/postgres-operator
+    urls:
+    - postgres-operator-1.7.1.tgz
+    version: 1.7.1
+  - apiVersion: v1
+    appVersion: 1.7.0
+    created: "2021-11-03T11:43:09.119630978+01:00"
+    description: Postgres Operator creates and manages PostgreSQL clusters running
+      in Kubernetes
+    digest: c3e99fb94305f81484b8b1af18eefb78681f3b5d057d5ad10565e4afb7c65ffe
    home: https://github.com/zalando/postgres-operator
    keywords:
    - postgres
@ -25,7 +47,7 @@ entries:
    version: 1.7.0
  - apiVersion: v1
    appVersion: 1.6.3
-    created: "2021-08-27T10:21:42.640069574+02:00"
+    created: "2021-11-03T11:43:09.118146221+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: ea08f991bf23c9ad114bca98ebcbe3e2fa15beab163061399394905eaee89b35
@ -47,7 +69,7 @@ entries:
    version: 1.6.3
  - apiVersion: v1
    appVersion: 1.6.2
-    created: "2021-08-27T10:21:42.638502739+02:00"
+    created: "2021-11-03T11:43:09.115637274+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: d886f8a0879ca07d1e5246ee7bc55710e1c872f3977280fe495db6fc2057a7f4
@ -69,7 +91,7 @@ entries:
    version: 1.6.2
  - apiVersion: v1
    appVersion: 1.6.1
-    created: "2021-08-27T10:21:42.636936467+02:00"
+    created: "2021-11-03T11:43:09.114107417+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: 4ba5972cd486dcaa2d11c5613a6f97f6b7b831822e610fe9e10a57ea1db23556
@ -91,7 +113,7 @@ entries:
    version: 1.6.1
  - apiVersion: v1
    appVersion: 1.6.0
-    created: "2021-08-27T10:21:42.63533527+02:00"
+    created: "2021-11-03T11:43:09.112550808+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: f52149718ea364f46b4b9eec9a65f6253ad182bb78df541d14cd5277b9c8a8c3
@ -113,7 +135,7 @@ entries:
    version: 1.6.0
  - apiVersion: v1
    appVersion: 1.5.0
-    created: "2021-08-27T10:21:42.632932257+02:00"
+    created: "2021-11-03T11:43:09.110907395+01:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: 198351d5db52e65cdf383d6f3e1745d91ac1e2a01121f8476f8b1be728b09531
@ -133,4 +155,4 @@ entries:
    urls:
    - postgres-operator-1.5.0.tgz
    version: 1.5.0
-generated: "2021-08-27T10:21:42.631372502+02:00"
+generated: "2021-11-03T11:43:09.109237601+01:00"
--- a/charts/postgres-operator/postgres-operator-1.7.1.tgz
+++ b/charts/postgres-operator/postgres-operator-1.7.1.tgz
--- a/charts/postgres-operator/templates/crds.yaml
+++ b/charts/postgres-operator/templates/crds.yaml
@ -1,6 +0,0 @@
-{{ if .Values.crd.create }}
-{{- range $path, $bytes := .Files.Glob "crds/*.yaml" }}
-{{ $.Files.Get $path }}
---
-{{- end }}
-{{- end }}
--- a/charts/postgres-operator/templates/user-facing-clusterroles.yaml
+++ b/charts/postgres-operator/templates/user-facing-clusterroles.yaml
@ -0,0 +1,71 @@
+{{ if .Values.rbac.createAggregateClusterRoles }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    app.kubernetes.io/name: {{ template "postgres-operator.name" . }}
+    helm.sh/chart: {{ template "postgres-operator.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  name: {{ template "postgres-operator.fullname" . }}:users:admin
+rules:
+- apiGroups:
+  - acid.zalan.do
+  resources:
+  - postgresqls
+  - postgresqls/status
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+    app.kubernetes.io/name: {{ template "postgres-operator.name" . }}
+    helm.sh/chart: {{ template "postgres-operator.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  name: {{ template "postgres-operator.fullname" . }}:users:edit
+rules:
+- apiGroups:
+  - acid.zalan.do
+  resources:
+  - postgresqls
+  verbs:
+  - create
+  - update
+  - patch
+  - delete
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+    app.kubernetes.io/name: {{ template "postgres-operator.name" . }}
+    helm.sh/chart: {{ template "postgres-operator.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  name: {{ template "postgres-operator.fullname" . }}:users:view
+rules:
+- apiGroups:
+  - acid.zalan.do
+  resources:
+  - postgresqls
+  - postgresqls/status
+  verbs:
+  - get
+  - list
+  - watch
+{{ end }}
--- a/charts/postgres-operator/values.yaml
+++ b/charts/postgres-operator/values.yaml
@ -1,7 +1,7 @@
 image:
  registry: registry.opensource.zalan.do
  repository: acid/postgres-operator
-  tag: v1.7.0
+  tag: v1.7.1
  pullPolicy: "IfNotPresent"

  # Optionally specify an array of imagePullSecrets.
@ -35,7 +35,7 @@ configGeneral:
  # Select if setup uses endpoints (default), or configmaps to manage leader (DCS=k8s)
  # kubernetes_use_configmaps: false
  # Spilo docker image
-  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p2
+  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p3
  # min number of instances in Postgres cluster. -1 = no limit
  min_instances: -1
  # max number of instances in Postgres cluster. -1 = no limit
@ -280,7 +280,7 @@ configAwsOrGcp:
 # configure K8s cron job managed by the operator
 configLogicalBackup:
  # image for pods of the logical backup job (example runs pg_dumpall)
-  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"
  # path of google cloud service account json file
  # logical_backup_google_application_credentials: ""

@ -345,7 +345,7 @@ configConnectionPooler:
  # db user for pooler to use
  connection_pooler_user: "pooler"
  # docker image
-  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-18"
+  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-19"
  # max db connections the pooler should hold
  connection_pooler_max_db_connections: 60
  # default pooling mode
@ -361,11 +361,8 @@ configConnectionPooler:
 rbac:
  # Specifies whether RBAC resources should be created
  create: true
-
-crd:
-  # Specifies whether custom resource definitions should be created
-  # When using helm3, this is ignored; instead use "--skip-crds" to skip.
-  create: true
+  # Specifies whether ClusterRoles that are aggregated into the K8s default roles should be created. (https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings)
+  createAggregateClusterRoles: false

 serviceAccount:
  # Specifies whether a ServiceAccount should be created
--- a/docs/administrator.md
+++ b/docs/administrator.md
@ -291,6 +291,8 @@ kubectl create -f manifests/user-facing-clusterroles.yaml
 It creates zalando-postgres-operator:user:view, :edit and :admin clusterroles
 that are aggregated into the K8s [default roles](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings).

+For Helm deployments setting `rbac.createAggregateClusterRoles: true` adds these clusterroles to the deployment.
+
 ## Use taints and tolerations for dedicated PostgreSQL nodes

 To ensure Postgres pods are running on nodes without any other application pods,
@ -762,7 +764,7 @@ WALE_S3_PREFIX=$WAL_S3_BUCKET/spilo/{WAL_BUCKET_SCOPE_PREFIX}{SCOPE}{WAL_BUCKET_
 ```

 The operator sets the prefix to an empty string so that spilo will generate it
-from the configured `WAL_S3_BUCKET`. 
+from the configured `WAL_S3_BUCKET`.

 :warning: When you overwrite the configuration by defining `WAL_S3_BUCKET` in
 the [pod_environment_configmap](#custom-pod-environment-variables) you have
@ -885,6 +887,7 @@ data:
  USE_WALG_BACKUP: "true"
  USE_WALG_RESTORE: "true"
  CLONE_USE_WALG_RESTORE: "true"
+  WALG_AZ_PREFIX: "azure://container-name/$(SCOPE)/$(PGVERSION)" # Enables Azure Backups (SCOPE = Cluster name) (PGVERSION = Postgres version) 
 ```

 3. Setup your operator configuration values. With the `psql-backup-creds`
@ -1075,7 +1078,7 @@ make docker

 # build in image in minikube docker env
 eval $(minikube docker-env)
-docker build -t registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.0 .
+docker build -t registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.1 .

 # apply UI manifests next to a running Postgres Operator
 kubectl apply -f manifests/
--- a/docs/index.md
+++ b/docs/index.md
@ -71,6 +71,8 @@ Please, report any issues discovered to https://github.com/zalando/postgres-oper

 ## Talks

+- "Watching after your PostGIS herd" talk by Felix Kunde, FOSS4G 2021: [video](https://www.youtube.com/watch?v=T96FvjSv98A) | [slides](https://docs.google.com/presentation/d/1IICz2RsjNAcosKVGFna7io-65T2zBbGcBHFFtca24cc/edit?usp=sharing)
+
 - "PostgreSQL on K8S at Zalando: Two years in production" talk by Alexander Kukushkin, FOSSDEM 2020: [video](https://fosdem.org/2020/schedule/event/postgresql_postgresql_on_k8s_at_zalando_two_years_in_production/) | [slides](https://fosdem.org/2020/schedule/event/postgresql_postgresql_on_k8s_at_zalando_two_years_in_production/attachments/slides/3883/export/events/attachments/postgresql_postgresql_on_k8s_at_zalando_two_years_in_production/slides/3883/PostgreSQL_on_K8s_at_Zalando_Two_years_in_production.pdf)

 - "Postgres as a Service at Zalando" talk by Jan Mußler, DevOpsDays Poznań 2019: [video](https://www.youtube.com/watch?v=FiWS5m72XI8)
@ -87,10 +89,14 @@ Please, report any issues discovered to https://github.com/zalando/postgres-oper

 ## Posts

+- "Getting started with the Zalando Operator for PostgreSQL" by Daniel Westermann on [dbi services blog](https://blog.dbi-services.com/getting-started-with-the-zalando-operator-for-postgresql/), Mar. 2021.
+
+- "Our experience with Postgres Operator for Kubernetes by Zalando" by Nikolay Bogdanov on [flant blog](https://blog.flant.com/our-experience-with-postgres-operator-for-kubernetes-by-zalando/), Feb. 2021.
+
 - "How to set up continuous backups and monitoring" by Pål Kristensen on [GitHub](https://github.com/zalando/postgres-operator/issues/858#issuecomment-608136253), Mar. 2020.

 - "Postgres on Kubernetes with the Zalando operator" by Vito Botta on [has_many :code](https://vitobotta.com/2020/02/05/postgres-kubernetes-zalando-operator/), Feb. 2020.

- "Running PostgreSQL in Google Kubernetes Engine" by Kenneth Rørvik on [Repill Linpro](https://www.redpill-linpro.com/techblog/2019/09/28/postgres-in-kubernetes.html), Sep. 2019.
+- "Running PostgreSQL in Google Kubernetes Engine" by Kenneth Rørvik on [Repill Linpro blog](https://www.redpill-linpro.com/techblog/2019/09/28/postgres-in-kubernetes.html), Sep. 2019.

 - "Zalando Postgres Operator: One Year Later" by Sergey Dudoladov on [Open Source Zalando](https://opensource.zalando.com/blog/2018/11/postgres-operator/), Nov. 2018
--- a/docs/reference/operator_parameters.md
+++ b/docs/reference/operator_parameters.md
@ -606,7 +606,7 @@ grouped under the `logical_backup` key.
  runs `pg_dumpall` on a replica if possible and uploads compressed results to
  an S3 bucket under the key `/spilo/pg_cluster_name/cluster_k8s_uuid/logical_backups`.
  The default image is the same image built with the Zalando-internal CI
-  pipeline. Default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+  pipeline. Default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"

 * **logical_backup_google_application_credentials**
  Specifies the path of the google cloud service account json file. Default is empty.
--- a/docs/user.md
+++ b/docs/user.md
@ -141,14 +141,18 @@ other roles.

 To define the secrets for the users in a different namespace than that of the
 cluster, one can set `enable_cross_namespace_secret` and declare the namespace
-for the secrets in the manifest in the following manner,
+for the secrets in the manifest in the following manner (note, that it has to
+be reflected in the `database` section, too),

 ```yaml
 spec:
  users:
-  #users with secret in dfferent namespace
-   appspace.db_user:
+    # users with secret in different namespace
+    appspace.db_user:
    - createdb
+  databases:
+    # namespace notation is part of user name
+    app_db: appspace.db_user
 ```

 Here, anything before the first dot is considered the namespace and the text after
@ -554,7 +558,8 @@ schema creation. This means they are currently not set when `defaultUsers`
 For all LOGIN roles the operator will create K8s secrets in the namespace
 specified in `secretNamespace`, if `enable_cross_namespace_secret` is set to
 `true` in the config. Otherwise, they are created in the same namespace like
-the Postgres cluster.
+the Postgres cluster. Unlike roles specified with `namespace.username` under
+`users`, the namespace will not be part of the role name here.

 ```yaml
 spec:
--- a/go.mod
+++ b/go.mod
@ -3,18 +3,18 @@ module github.com/zalando/postgres-operator
 go 1.16

 require (
-	github.com/aws/aws-sdk-go v1.41.0
+	github.com/aws/aws-sdk-go v1.41.16
 	github.com/golang/mock v1.6.0
 	github.com/lib/pq v1.10.3
 	github.com/motomux/pretty v0.0.0-20161209205251-b2aad2c9a95d
 	github.com/r3labs/diff v1.1.0
 	github.com/sirupsen/logrus v1.8.1
 	github.com/stretchr/testify v1.7.0
-	golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.22.2
-	k8s.io/apiextensions-apiserver v0.22.2
-	k8s.io/apimachinery v0.22.2
-	k8s.io/client-go v0.22.2
-	k8s.io/code-generator v0.22.2
+	k8s.io/api v0.22.3
+	k8s.io/apiextensions-apiserver v0.22.3
+	k8s.io/apimachinery v0.22.3
+	k8s.io/client-go v0.22.3
+	k8s.io/code-generator v0.22.3
 )
--- a/go.sum
+++ b/go.sum
@ -50,8 +50,8 @@ github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hC
 github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
-github.com/aws/aws-sdk-go v1.41.0 h1:XUzHLFWQVhmFtmKTodnAo5QdooPQfpVfilCxIV3aLoE=
-github.com/aws/aws-sdk-go v1.41.0/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
+github.com/aws/aws-sdk-go v1.41.16 h1:rNbPreEO4K2b8LwhHOe5+iNRH3Ih35L+H9U5tLdcevo=
+github.com/aws/aws-sdk-go v1.41.16/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
@ -435,8 +435,9 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 h1:/ZScEX8SfEmUGRHs0gxpqteO5nfNW6axyZbBdw9A12g=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -500,6 +501,7 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q=
@ -563,6 +565,7 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
@ -733,18 +736,18 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.22.2 h1:M8ZzAD0V6725Fjg53fKeTJxGsJvRbk4TEm/fexHMtfw=
-k8s.io/api v0.22.2/go.mod h1:y3ydYpLJAaDI+BbSe2xmGcqxiWHmWjkEeIbiwHvnPR8=
-k8s.io/apiextensions-apiserver v0.22.2 h1:zK7qI8Ery7j2CaN23UCFaC1hj7dMiI87n01+nKuewd4=
-k8s.io/apiextensions-apiserver v0.22.2/go.mod h1:2E0Ve/isxNl7tWLSUDgi6+cmwHi5fQRdwGVCxbC+KFA=
-k8s.io/apimachinery v0.22.2 h1:ejz6y/zNma8clPVfNDLnPbleBo6MpoFy/HBiBqCouVk=
-k8s.io/apimachinery v0.22.2/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
-k8s.io/apiserver v0.22.2/go.mod h1:vrpMmbyjWrgdyOvZTSpsusQq5iigKNWv9o9KlDAbBHI=
-k8s.io/client-go v0.22.2 h1:DaSQgs02aCC1QcwUdkKZWOeaVsQjYvWv8ZazcZ6JcHc=
-k8s.io/client-go v0.22.2/go.mod h1:sAlhrkVDf50ZHx6z4K0S40wISNTarf1r800F+RlCF6U=
-k8s.io/code-generator v0.22.2 h1:+bUv9lpTnAWABtPkvO4x0kfz7j/kDEchVt0P/wXU3jQ=
-k8s.io/code-generator v0.22.2/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o=
-k8s.io/component-base v0.22.2/go.mod h1:5Br2QhI9OTe79p+TzPe9JKNQYvEKbq9rTJDWllunGug=
+k8s.io/api v0.22.3 h1:wOoES2GoSkUsdped2RB4zYypPqWtvprGoKCENTOOjP4=
+k8s.io/api v0.22.3/go.mod h1:azgiXFiXqiWyLCfI62/eYBOu19rj2LKmIhFPP4+33fs=
+k8s.io/apiextensions-apiserver v0.22.3 h1:bKku7MqawIbtTZc084BZoMV4fz0WZuvCnB5E+yrQXGM=
+k8s.io/apiextensions-apiserver v0.22.3/go.mod h1:f4plF+CXeqI89jAXL0Ml4LI/kSAZ54JS94+XOX1sae8=
+k8s.io/apimachinery v0.22.3 h1:mrvBG5CZnEfwgpVqWcrRKvdsYECTrhAR6cApAgdsflk=
+k8s.io/apimachinery v0.22.3/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
+k8s.io/apiserver v0.22.3/go.mod h1:oam7lH/F1Kto/WTamyQYrD68fS0mGUBORAFf6x/9Mxs=
+k8s.io/client-go v0.22.3 h1:6onkOSc+YNdwq5zXE0wFXicq64rrym+mXwHu/CPVGO4=
+k8s.io/client-go v0.22.3/go.mod h1:ElDjYf8gvZsKDYexmsmnMQ0DYO8W9RwBjfQ1PI53yow=
+k8s.io/code-generator v0.22.3 h1:24xLuKySzFl1XupMarNBkpt10q0N+73R9dF7wzJO/hE=
+k8s.io/code-generator v0.22.3/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o=
+k8s.io/component-base v0.22.3/go.mod h1:kuybv1miLCMoOk3ebrqF93GbQHQx6W2287FC0YEQY6s=
 k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027 h1:Uusb3oh8XcdzDF/ndlI4ToKTYVlkCSJP39SRY2mfRAw=
 k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
--- a/kubectl-pg/go.mod
+++ b/kubectl-pg/go.mod
@ -5,7 +5,7 @@ go 1.16
 require (
 	github.com/spf13/cobra v1.1.3
 	github.com/spf13/viper v1.7.1
-	github.com/zalando/postgres-operator v1.7.0
+	github.com/zalando/postgres-operator v1.7.1
 	k8s.io/api v0.22.2
 	k8s.io/apiextensions-apiserver v0.22.2
 	k8s.io/apimachinery v0.22.2
--- a/manifests/complete-postgres-manifest.yaml
+++ b/manifests/complete-postgres-manifest.yaml
@ -9,7 +9,7 @@ metadata:
 #    "delete-date": "2020-08-31"  # can only be deleted on that day if "delete-date "key is configured
 #    "delete-clustername": "acid-test-cluster"  # can only be deleted when name matches if "delete-clustername" key is configured
 spec:
-  dockerImage: registry.opensource.zalan.do/acid/spilo-14:2.1-p2
+  dockerImage: registry.opensource.zalan.do/acid/spilo-14:2.1-p3
  teamId: "acid"
  numberOfInstances: 2
  users:  # Application/Robot users
--- a/manifests/configmap.yaml
+++ b/manifests/configmap.yaml
@ -16,7 +16,7 @@ data:
  # connection_pooler_default_cpu_request: "500m"
  # connection_pooler_default_memory_limit: 100Mi
  # connection_pooler_default_memory_request: 100Mi
-  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-18"
+  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-19"
  # connection_pooler_max_db_connections: 60
  # connection_pooler_mode: "transaction"
  # connection_pooler_number_of_instances: 2
@ -32,7 +32,7 @@ data:
  # default_memory_request: 100Mi
  # delete_annotation_date_key: delete-date
  # delete_annotation_name_key: delete-clustername
-  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p2
+  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p3
  # downscaler_annotations: "deployment-time,downscaler/*"
  # enable_admin_role_for_users: "true"
  # enable_crd_validation: "true"
@ -65,7 +65,7 @@ data:
  # inherited_labels: application,environment
  # kube_iam_role: ""
  # log_s3_bucket: ""
-  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"
  # logical_backup_google_application_credentials: ""
  logical_backup_job_prefix: "logical-backup-"
  logical_backup_provider: "s3"
--- a/manifests/minimal-fake-pooler-deployment.yaml
+++ b/manifests/minimal-fake-pooler-deployment.yaml
@ -23,7 +23,7 @@ spec:
      serviceAccountName: postgres-operator
      containers:
      - name: postgres-operator
-        image: registry.opensource.zalan.do/acid/pgbouncer:master-18
+        image: registry.opensource.zalan.do/acid/pgbouncer:master-19
        imagePullPolicy: IfNotPresent
        resources:
          requests:
--- a/manifests/operatorconfiguration.crd.yaml
+++ b/manifests/operatorconfiguration.crd.yaml
@ -61,7 +61,7 @@ spec:
            properties:
              docker_image:
                type: string
-                default: "registry.opensource.zalan.do/acid/spilo-14:2.1-p2"
+                default: "registry.opensource.zalan.do/acid/spilo-14:2.1-p3"
              enable_crd_validation:
                type: boolean
                default: true
@ -395,7 +395,7 @@ spec:
                properties:
                  logical_backup_docker_image:
                    type: string
-                    default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+                    default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"
                  logical_backup_google_application_credentials:
                    type: string
                  logical_backup_job_prefix:
@ -530,7 +530,7 @@ spec:
                    default: "pooler"
                  connection_pooler_image:
                    type: string
-                    default: "registry.opensource.zalan.do/acid/pgbouncer:master-18"
+                    default: "registry.opensource.zalan.do/acid/pgbouncer:master-19"
                  connection_pooler_max_db_connections:
                    type: integer
                    default: 60
--- a/manifests/postgres-operator.yaml
+++ b/manifests/postgres-operator.yaml
@ -19,7 +19,7 @@ spec:
      serviceAccountName: postgres-operator
      containers:
      - name: postgres-operator
-        image: registry.opensource.zalan.do/acid/postgres-operator:v1.7.0
+        image: registry.opensource.zalan.do/acid/postgres-operator:v1.7.1
        imagePullPolicy: IfNotPresent
        resources:
          requests:
--- a/manifests/postgresql-operator-default-configuration.yaml
+++ b/manifests/postgresql-operator-default-configuration.yaml
@ -3,7 +3,7 @@ kind: OperatorConfiguration
 metadata:
  name: postgresql-operator-default-configuration
 configuration:
-  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p2
+  docker_image: registry.opensource.zalan.do/acid/spilo-14:2.1-p3
  # enable_crd_validation: true
  # enable_lazy_spilo_upgrade: false
  enable_pgversion_env_var: true
@ -128,7 +128,7 @@ configuration:
    # wal_gs_bucket: ""
    # wal_s3_bucket: ""
  logical_backup:
-    logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0"
+    logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.1"
    # logical_backup_google_application_credentials: ""
    logical_backup_job_prefix: "logical-backup-"
    logical_backup_provider: "s3"
@ -169,7 +169,7 @@ configuration:
    connection_pooler_default_cpu_request: "500m"
    connection_pooler_default_memory_limit: 100Mi
    connection_pooler_default_memory_request: 100Mi
-    connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-18"
+    connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-19"
    # connection_pooler_max_db_connections: 60
    connection_pooler_mode: "transaction"
    connection_pooler_number_of_instances: 2
--- a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go
+++ b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go
@ -315,6 +315,22 @@ func (in *MaintenanceWindow) DeepCopy() *MaintenanceWindow {
 	return out
 }

+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MajorVersionUpgradeConfiguration) DeepCopyInto(out *MajorVersionUpgradeConfiguration) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MajorVersionUpgradeConfiguration.
+func (in *MajorVersionUpgradeConfiguration) DeepCopy() *MajorVersionUpgradeConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(MajorVersionUpgradeConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *OperatorConfiguration) DeepCopyInto(out *OperatorConfiguration) {
 	*out = *in
@ -370,6 +386,7 @@ func (in *OperatorConfigurationData) DeepCopyInto(out *OperatorConfigurationData
 		}
 	}
 	out.PostgresUsersConfiguration = in.PostgresUsersConfiguration
+	out.MajorVersionUpgrade = in.MajorVersionUpgrade
 	in.Kubernetes.DeepCopyInto(&out.Kubernetes)
 	out.PostgresPodResources = in.PostgresPodResources
 	out.Timeouts = in.Timeouts
--- a/pkg/cluster/cluster.go
+++ b/pkg/cluster/cluster.go
@ -1206,6 +1206,7 @@ func (c *Cluster) initRobotUsers() error {
 			if strings.Contains(username, ".") {
 				splits := strings.Split(username, ".")
 				namespace = splits[0]
+				c.logger.Warningf("enable_cross_namespace_secret is set. Database role name contains the respective namespace i.e. %s is the created user", username)
 			}
 		}

--- a/pkg/controller/controller.go
+++ b/pkg/controller/controller.go
@ -95,7 +95,9 @@ func NewController(controllerConfig *spec.ControllerConfig, controllerId string)
 	// disabling the sending of events also to the logoutput
 	// the operator currently duplicates a lot of log entries with this setup
 	// eventBroadcaster.StartLogging(logger.Infof)
-	recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: myComponentName})
+	scheme := scheme.Scheme
+	acidv1.AddToScheme(scheme)
+	recorder := eventBroadcaster.NewRecorder(scheme, v1.EventSource{Component: myComponentName})

 	c := &Controller{
 		config:           *controllerConfig,
--- a/pkg/controller/operator_config.go
+++ b/pkg/controller/operator_config.go
@ -39,7 +39,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.EnableSpiloWalPathCompat = fromCRD.EnableSpiloWalPathCompat
 	result.EtcdHost = fromCRD.EtcdHost
 	result.KubernetesUseConfigMaps = fromCRD.KubernetesUseConfigMaps
-	result.DockerImage = util.Coalesce(fromCRD.DockerImage, "registry.opensource.zalan.do/acid/spilo-14:2.1-p2")
+	result.DockerImage = util.Coalesce(fromCRD.DockerImage, "registry.opensource.zalan.do/acid/spilo-14:2.1-p3")
 	result.Workers = util.CoalesceUInt32(fromCRD.Workers, 8)
 	result.MinInstances = fromCRD.MinInstances
 	result.MaxInstances = fromCRD.MaxInstances
@ -155,7 +155,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur

 	// logical backup config
 	result.LogicalBackupSchedule = util.Coalesce(fromCRD.LogicalBackup.Schedule, "30 00 * * *")
-	result.LogicalBackupDockerImage = util.Coalesce(fromCRD.LogicalBackup.DockerImage, "registry.opensource.zalan.do/acid/logical-backup:v1.7.0")
+	result.LogicalBackupDockerImage = util.Coalesce(fromCRD.LogicalBackup.DockerImage, "registry.opensource.zalan.do/acid/logical-backup:v1.7.1")
 	result.LogicalBackupProvider = util.Coalesce(fromCRD.LogicalBackup.BackupProvider, "s3")
 	result.LogicalBackupS3Bucket = fromCRD.LogicalBackup.S3Bucket
 	result.LogicalBackupS3Region = fromCRD.LogicalBackup.S3Region
--- a/pkg/generated/clientset/versioned/fake/clientset_generated.go
+++ b/pkg/generated/clientset/versioned/fake/clientset_generated.go
@ -82,7 +82,10 @@ func (c *Clientset) Tracker() testing.ObjectTracker {
 	return c.tracker
 }

-var _ clientset.Interface = &Clientset{}
+var (
+	_ clientset.Interface = &Clientset{}
+	_ testing.FakeClient  = &Clientset{}
+)

 // AcidV1 retrieves the AcidV1Client
 func (c *Clientset) AcidV1() acidv1.AcidV1Interface {
--- a/pkg/util/config/config.go
+++ b/pkg/util/config/config.go
@ -114,7 +114,7 @@ type Scalyr struct {
 // LogicalBackup defines configuration for logical backup
 type LogicalBackup struct {
 	LogicalBackupSchedule                     string `name:"logical_backup_schedule" default:"30 00 * * *"`
-	LogicalBackupDockerImage                  string `name:"logical_backup_docker_image" default:"registry.opensource.zalan.do/acid/logical-backup:v1.7.0"`
+	LogicalBackupDockerImage                  string `name:"logical_backup_docker_image" default:"registry.opensource.zalan.do/acid/logical-backup:v1.7.1"`
 	LogicalBackupProvider                     string `name:"logical_backup_provider" default:"s3"`
 	LogicalBackupS3Bucket                     string `name:"logical_backup_s3_bucket" default:""`
 	LogicalBackupS3Region                     string `name:"logical_backup_s3_region" default:""`
@ -152,7 +152,7 @@ type Config struct {
 	WatchedNamespace        string            `name:"watched_namespace"` // special values: "*" means 'watch all namespaces', the empty string "" means 'watch a namespace where operator is deployed to'
 	KubernetesUseConfigMaps bool              `name:"kubernetes_use_configmaps" default:"false"`
 	EtcdHost                string            `name:"etcd_host" default:""` // special values: the empty string "" means Patroni will use K8s as a DCS
-	DockerImage             string            `name:"docker_image" default:"registry.opensource.zalan.do/acid/spilo-14:2.1-p2"`
+	DockerImage             string            `name:"docker_image" default:"registry.opensource.zalan.do/acid/spilo-14:2.1-p3"`
 	SidecarImages           map[string]string `name:"sidecar_docker_images"` // deprecated in favour of SidecarContainers
 	SidecarContainers       []v1.Container    `name:"sidecars"`
 	PodServiceAccountName   string            `name:"pod_service_account_name" default:"postgres-pod"`
--- a/ui/manifests/deployment.yaml
+++ b/ui/manifests/deployment.yaml
@ -18,7 +18,7 @@ spec:
      serviceAccountName: postgres-operator-ui
      containers:
        - name: "service"
-          image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.6.0
+          image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.1
          ports:
            - containerPort: 8081
              protocol: "TCP"