Skip to content

Commit 9d503b4

Browse files
hasirciogluhqhasirciogluhq
committed
postgresql proxy updated, auto tls added
1 parent 5b131ef commit 9d503b4

File tree

11 files changed

+415
-343
lines changed

11 files changed

+415
-343
lines changed

CHANGELOG.md

Lines changed: 34 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,11 +9,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
99

1010
### Added
1111

12-
- Initial project setup
13-
- Kubernetes deployment configurations
14-
- GitHub Actions workflow for automated deployments
15-
- Minikube test environment setup
16-
1712
### Changed
1813

1914
### Deprecated
@@ -24,6 +19,40 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
2419

2520
### Security
2621

22+
## [1.0.3] - 2025-04-24
23+
24+
### Added
25+
26+
- Enhanced tool-agnostic proxy behavior (supports any connection pooler, not just pgbouncer)
27+
- Updated README with comprehensive documentation about label-based routing
28+
- Dynamic namespace support through environment variables
29+
- Port-forwarding integrated in test scripts for easier local testing
30+
- Automatic service discovery for labeled Kubernetes services
31+
32+
### Changed
33+
34+
- Improved TLS/SSL certificate management: certificates now only stored in Kubernetes, not in local filesystem
35+
- Directly loading certificates from memory instead of temporary files, improving security and performance
36+
- Updated Go version to 1.23.4 in Dockerfile
37+
- Enhanced Kubernetes integration with automatic secret management
38+
- Optimized health check endpoints with atomic state management
39+
- Improved resource utilization in proxy connections
40+
41+
### Security
42+
43+
- Eliminated local file system access for SSL certificates
44+
- Certificates are now stored and retrieved exclusively from Kubernetes secrets
45+
- Memory-only certificate handling reduces security exposure
46+
- Improved TLS handshake error handling with better error messages
47+
- Environment-based configuration to prevent hardcoded secrets
48+
49+
### Fixed
50+
51+
- Resolved potential memory leaks in connection handling
52+
- Fixed certificate renewal logic when certificates expire
53+
- Improved connection cleanup on proxy shutdown
54+
- Better error handling for malformed PostgreSQL protocol messages
55+
2756
## [1.0.2] - 2025-03-16
2857

2958
### Added

Dockerfile

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ WORKDIR /app
44

55
COPY . .
66

7-
RUN go build -o main main.go
7+
RUN go build -o main apps/proxy/main.go
88

99

1010
FROM alpine:latest as runner
@@ -13,6 +13,4 @@ WORKDIR /app
1313

1414
COPY --from=builder /app/main /app/main
1515

16-
EXPOSE 1881
17-
1816
CMD ["./main"]

Dockerfile.test

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ FROM --platform=linux/arm64 alpine:latest
33
WORKDIR /app
44

55
# Copy the locally built binary
6-
COPY xdatabase-proxy .
6+
COPY build/xdatabase-proxy .
77

88
# Expose the port
99
EXPOSE 1881

0 commit comments

Comments
 (0)