onprem: 2.2.1 release (#1198)

mikhail-klimko · web-flow · commit b4ea6caf5fdb · 2023-12-22T23:10:12.000+03:00
diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock
@@ -155,5 +155,5 @@ dependencies:
 - name: cf-oidc-provider
   repository: oci://quay.io/codefresh/charts
   version: 0.0.12
-digest: sha256:00e272664f19b5a9366b8252e3469d57d02a9d8f6d012395209bbafa7cd0c2f4
-generated: "2023-12-21T15:39:10.200712245+03:00"
+digest: sha256:c41647766a703dc3ef7d25f551f14f9ef22444fb889de45471a300719e01c2d1
+generated: "2023-12-22T18:56:48.912063009+03:00"
diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 description: Helm Chart for Codefresh On-Prem
 name: codefresh
-version: 2.2.0
+version: 2.2.1
 keywords:
   - codefresh
 home: https://codefresh.io/
@@ -14,10 +14,11 @@ maintainers:
 appVersion: 2.2.0
 annotations:
   artifacthub.io/alternativeName: "codefresh-onprem"
-  artifacthub.io/prerelease: "true"
   artifacthub.io/changes: |
     - kind: changed
-      description: Onprem 2.2.0 release
+      description: Update docs about JWKS for OIDC Provider
+    - kind: changed
+      description: Lock argo-platform version
 dependencies:
   - name: cf-common
     repository: oci://quay.io/codefresh/charts
@@ -230,7 +231,7 @@ dependencies:
     repository: oci://quay.io/codefresh/charts
     condition: argo-platform.enabled
   - name: argo-platform
-    version: "*"
+    version: "1.2577.0"
     repository: oci://quay.io/codefresh/charts
     condition: argo-platform.enabled
   - name: argo-hub-platform
diff --git a/codefresh/README.md b/codefresh/README.md
@@ -1,6 +1,6 @@
 ## Codefresh On-Premises
 
-![Version: 2.2.0](https://img.shields.io/badge/Version-2.2.0-informational?style=flat-square) ![AppVersion: 2.2.0](https://img.shields.io/badge/AppVersion-2.2.0-informational?style=flat-square)
+![Version: 2.2.1](https://img.shields.io/badge/Version-2.2.1-informational?style=flat-square) ![AppVersion: 2.2.0](https://img.shields.io/badge/AppVersion-2.2.0-informational?style=flat-square)
 
 Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes.
 
@@ -1209,7 +1209,30 @@ OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud
 
 > **NOTE!** In production usage use [External Secrets Operator](https://external-secrets.io/latest/) or [HashiCorp Vault](https://developer.hashicorp.com/vault/docs/platform/k8s) to create secrets. The following example uses `kubectl` for brevity.
 
-```shell
+For JWKS use **Public and Private Keypair Set** (if generated at [mkjwk.org](https://mkjwk.org/)), for example:
+
+`cf-oidc-provider-jwks.json`:
+```json
+{
+    "keys": [
+        {
+            "p": "...",
+            "kty": "RSA",
+            "q": "...",
+            "d": "...",
+            "e": "AQAB",
+            "use": "sig",
+            "qi": "...",
+            "dp": "...",
+            "alg": "RS256",
+            "dq": "...",
+            "n": "..."
+        }
+    ]
+}
+```
+
+```console
 # Creating secret containing JWKS.
 # The secret KEY is `cf-oidc-provider-jwks.json`. It then referenced in `OIDC_JWKS_PRIVATE_KEYS_PATH` environment variable in `cf-oidc-provider`.
 # The secret NAME is referenced in `.volumes.jwks-file.nameOverride` (volumeMount is configured in the chart already)
diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl
@@ -1214,7 +1214,31 @@ OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud
 
 > **NOTE!** In production usage use [External Secrets Operator](https://external-secrets.io/latest/) or [HashiCorp Vault](https://developer.hashicorp.com/vault/docs/platform/k8s) to create secrets. The following example uses `kubectl` for brevity.
 
-```shell
+For JWKS use **Public and Private Keypair Set** (if generated at [mkjwk.org](https://mkjwk.org/)), for example:
+
+`cf-oidc-provider-jwks.json`:
+```json
+{
+    "keys": [
+        {
+            "p": "...",
+            "kty": "RSA",
+            "q": "...",
+            "d": "...",
+            "e": "AQAB",
+            "use": "sig",
+            "qi": "...",
+            "dp": "...",
+            "alg": "RS256",
+            "dq": "...",
+            "n": "..."
+        }
+    ]
+}
+```
+
+
+```console
 # Creating secret containing JWKS.
 # The secret KEY is `cf-oidc-provider-jwks.json`. It then referenced in `OIDC_JWKS_PRIVATE_KEYS_PATH` environment variable in `cf-oidc-provider`.
 # The secret NAME is referenced in `.volumes.jwks-file.nameOverride` (volumeMount is configured in the chart already)
