Changelog

Audience

Anyone who wants to know what's new in BOS.

The changelog is updated on every public release. Most-recent first.

2026-05-29

Platform

• Documentation portal expanded: PLANA Business Cloud, BOS, and full Platform reference are now live at docs.planapulse.com
• nginx redirect from /erp/* to /plana-business-cloud/* (the rename: "ERP" → "PLANA Business Cloud")

Fixes

• Cleaner 301 redirect from /erp/ — no longer includes the internal pod port in the Location header

2026-05-22

Platform

• PLANA ERP migrated from Odoo 17 to Odoo 18 in a 15-minute cutover. Customers running on v17 see no behavior change in BOS; PLANA's own internal erp.planapulse.ai is now v18.
• TenantUpgrade Crossplane composition supports cross-major (v17 → v18) via OpenUpgrade two-pass. Validated against the e2etest tenant.
• Annual OCA sync workflow now runs every Saturday at 02:00 UTC across all supported version branches (17.0, 18.0, 19.0)

Fixes

• v18 cutover bugs: plana_user_roles._login signature for v18, filestore UID 100/101 chown, asset bundle 500s
• agreement_legal unique-constraint violation during cross-major upgrade — SQL pre-fix in the Composition; upstream OCA PR open

2026-05-21

Platform — multi-version Odoo framework

• Branch-per-version odoo-modules repo (17.0, 18.0, 19.0)
• Namespace-per-version (plana-odoo, plana-odoo-18, plana-odoo-19)
• Crossplane Composition keyed on spec.odooVersion for tenant routing
• First v18 and v19 tenants provisioned end-to-end on the same day

2026-05-20

Platform

• Flux GitOps bootstrapped and now reconciles infra/k8s/ → the cluster every ~60 seconds
• /web/database/* endpoints blocked at the Envoy Gateway level — closes the cluster-wide DB enumeration path
• TOTP enrolment mandatory on every PLANA staff account

Fixes

• Forgejo SSH outage during gateway adoption — codified TCP listener
  • flipped to in-cluster Service URL
• 6-day konnectivity issue traced to missing ClusterRoleBindings from the 2026-05-13 incident; all 14 restored

2026-05-14

Stabilisation sprint

• TenantUpgrade composition closed the odoo.conf gap (103s upgrade verified)
• Forgejo internal DNS fixed
• RBAC source-of-truth in infra/k8s/rbac-system/, drift checker on every hour
• End-to-end provisioning + failure injection tests pass
• Monitoring + runbooks + Grafana dashboard live

2026-05-13

Platform

• saas-orchestrator HTTP API + namespace deleted. All tenant operations now go through Crossplane CRs (PLANAClient, TenantEnvironment, TenantUpgrade, TemplateSnapshot)
• plana_saas Odoo-side DB also removed

Note

The transition revealed 14 ClusterRoleBindings that depended on the deleted namespace — see the 2026-05-14 incident retro for the recovery story.

2026-04-30

Stability sprint

• PodDisruptionBudgets and LimitRanges on every tenant workload
• Pre-delete dump (insurance backup before destructive operations)
• Tenant probes (liveness / readiness on every Odoo pod)
• Five operator runbooks shipped
• Drift CI catches manifest changes that don't go through git

2026-04-26

Alerting

• Alert hygiene plan authorized: Matrix-only alerts, no email pages
• Penpot + ai-marketing crash loops fixed
• HighPodRestartRate alert tuned (less noise)
• Falco whitelist for legitimate workload behaviour + digest mode

2026-04-22

Security

• Sprint 1 plan authorized: helmet, JWT JTI, securityContext, egress NetworkPolicies, RBAC, Zod, workspace check
• CrowdSec + Coraza chosen for WAF (FOSS, no Cloudflare)

2026-04-21

BOS

• BOS in production at my.planapulse.ai/<slug> (was bos.planapulse.dev)
• Real cashflow balance (replaced mock)
• Zod schemas on every portal API endpoint
• Matrix room auto-creation on tenant provisioning

2026-04-18

BOS

• Live dashboard with KPIs, cashflow, alerts via XML-RPC through pulse-account-api
• Settings + alert thresholds (4 settings columns on the account table)
• Banking proxy through pulse-banking
• Execution history in Redis (PLANA:executions:{workspace})
• Multi-agent: Finance, Warehouse, Marketing, Sales all live
• Workspace API keys (pa_live_…, bcrypt-hashed)
• SSE streaming end-to-end (Anthropic SDK → BaseLLMClient → ai-agents → pulse-account-api → BOS)

2026-04-17

Platform

• Migrated from NGINX Gateway Fabric to Envoy Gateway v1.7.1
• Single Gateway resource (eg-gateway in plana-odoo namespace)
• CrowdSec ExtAuthz + Coraza WAF, fail-closed

Earlier history

For older entries, ask in the workspace Matrix room — we maintain an internal history that we can share on request. The publicly logged changelog starts in April 2026 when BOS opened up to customers.

Where to read more

• What is PLANA Pulse
• Known issues
• Roadmap — mobile is the next big visible change