From a81c61e49ab6dc5e03d422fae5ce61b9fbcb2e59 Mon Sep 17 00:00:00 2001 From: Kristin Brown Date: Tue, 9 Jun 2026 13:35:22 -0400 Subject: [PATCH] Added RemoteMCPServer TLS Signed-off-by: Kristin Brown --- src/app/docs/kagent/resources/release-notes/page.mdx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/app/docs/kagent/resources/release-notes/page.mdx b/src/app/docs/kagent/resources/release-notes/page.mdx index 298fcf07..1e76acf3 100644 --- a/src/app/docs/kagent/resources/release-notes/page.mdx +++ b/src/app/docs/kagent/resources/release-notes/page.mdx @@ -97,7 +97,7 @@ Review the following before upgrading: - **Existing data is preserved**: Tables created by GORM are reused - **Back up first**: Take a snapshot or backup of your database before upgrading. A fresh install on a fresh database is the cleanest path. Restore from your backup if anything goes wrong. - **Automatic rollback on failure**: If a migration fails partway through, changes are rolled back before the controller exits non-zero. On the initial run from a GORM database, rollback to version 0 is skipped to protect pre-existing tables. -- **pgvector pre-check**: When `database.postgres.vectorEnabled: true` is set, the migration runner verifies that the `pgvector` extension is available before running any migrations. A missing extension cannot leave core tables in a partial state. +- **pgvector pre-check**: When `database.postgres.vectorEnabled: true` is set, the migration runner verifies that the `pgvector` extension is available before running any migrations. A missing extension cannot leave core tables in a partial state. - **Safe with multiple replicas**: Migrations use a PostgreSQL session-level advisory lock, so only one controller instance applies migrations at a time. The lock releases automatically if the process crashes. If a crash leaves a dirty migration state, the next startup detects it and rolls back before retrying. ## RBAC scope @@ -143,6 +143,7 @@ Before you upgrade: * **AWS LoadBalancer annotations** — the UI Service now supports AWS LoadBalancer service annotations for easier AWS deployment. * **SSH auth for git-based skills** — fixed SSH authentication when loading skills from private Git repositories. * **MCP connection error handling** — MCP connection errors are now returned to the LLM as context instead of raising exceptions. +* **RemoteMCPServer TLS (v0.9.6)** — you can now connect to an MCP server that uses a private CA, self-signed certificate, or corporate internal CA by setting the `spec.tls` field on a `RemoteMCPServer`. The `spec.tls` shape mirrors the `ModelConfig` TLS configuration. For details, see kagent PR [#1905](https://github.com/kagent-dev/kagent/pull/1905). # v0.8