Added support for the following MySQL server enterprise keyring features: keyring UDF functions, keyring_file, keyring_encrypted_file, and keyring_oci. This adds a new "keyring" element to the InnoDB Cluster specification. (WL #15267)

An unhandled exception was emitted by dba.removeInstance() if the finalizer of the pod being deleted (due to eviction, scale down, version upgrade, or general STS change) was not removed; the operation would remain stuck in the terminating state. (Bug #34860802)

Defining a repository URL with a trailing slash was not recognized as a valid URL. (Bug #34731139)

Added podLabels and podAnnotations support for InnoDB cluster and backup profiles. (Bug #34728086, Bug #34733731)

The readinessprobe.sh script could not write to /mysql-ready as a shortcut to indicate readiness for the container. It's now written to /tmp/mysql-ready and functions for new InnoDB clusters. (Bug #34719171)

InnoDB cluster deployment could create a second router before the first router was terminated, and do so when one router was expected. (Bug #34689594)

The MySQL InnoDBCluster helm charts did not allow specifying the podSpec for a router. This prevented specifying settings such as affinity for the deployed routers. (Bug #34659086)

Operator now supports a spec.initDB.dump.options object as a dictionary of key-value pairs that are directly passed to MySQL Shell's loadDump(). (Bug #34648640)

Added a securityContext specification to backups that allows the backup pod to execute and store files as user mysql:mysql instead of user root:root. This also adds a new initContainer named fixdumpdir that changes the mounted directory to mysql:mysql. (Bug #34559403)

Altered security context capabilities by changing the following privileges from 'add' to 'drop': DAC_OVERRIDE, SETGID, SETUID, SYS_NICE, and SYS_RESOURCE. (Bug #108196, Bug #34568118)