From d5d19c74262a31346b78d6f98b73e7675c2858c8 Mon Sep 17 00:00:00 2001 From: cf-ci-bot Date: Wed, 4 Dec 2024 05:05:29 +0000 Subject: [PATCH 01/30] onprem: create onprem-release-2.6 branch --- codefresh/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 81b453e39..887a6eec8 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -81,7 +81,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: kube-integration.enabled - name: charts-manager - version: "*" + version: "~1.19.0" repository: oci://quay.io/codefresh/charts condition: charts-manager.enabled - name: cfsign @@ -211,7 +211,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: cf-broadcaster.enabled - name: helm-repo-manager - version: "*" + version: "~0.17.0" repository: oci://quay.io/codefresh/charts condition: helm-repo-manager.enabled - name: hermes @@ -237,7 +237,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-platform - version: "*" + version: "~1.3168.0" repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-hub-platform From c0036da44e46c19cacc1771a11c7b9bb9707c186 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Wed, 4 Dec 2024 13:04:46 +0300 Subject: [PATCH 02/30] onprem: 2.6.1 (#16) --- codefresh/Chart.lock | 4 +- codefresh/Chart.yaml | 52 +- codefresh/README.md | 57 ++- codefresh/README.md.gotmpl | 56 +++ codefresh/files/indexes/2.6/agenttasks.json | 29 ++ .../files/indexes/2.6/workflowprocesses.json | 460 ++++++++++++++++++ codefresh/values.yaml | 12 +- scripts/update_re_images.sh | 2 + 8 files changed, 638 insertions(+), 34 deletions(-) create mode 100644 codefresh/files/indexes/2.6/agenttasks.json create mode 100644 codefresh/files/indexes/2.6/workflowprocesses.json diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 59c7269fa..52c165096 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -155,5 +155,5 @@ dependencies: - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:6dfa88dd2f583c13454e0e6d7c4a83ebeadd846f9f18a7ce99e8d6685ecfb1c6 -generated: "2024-12-03T16:51:41.402147+03:00" +digest: sha256:b2c2471f1c519f8b06daf9872eb9b64d8a8d61166b0f8a728b032f7cae208a4a +generated: "2024-12-04T11:41:36.404834+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 887a6eec8..0ce8f04a4 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.0 +version: 2.6.1 keywords: - codefresh home: https://codefresh.io/ @@ -15,11 +15,13 @@ appVersion: 2.6.0 annotations: artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" - # artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/containsSecurityUpdates: "true" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | + - kind: security + description: "Misc security updates" - kind: changed - description: "Initial onprem 2.6 release" + description: "Upate Readme.md in images digests and auto-index creation" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -93,11 +95,11 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: tasker-kubernetes.enabled - name: context-manager - version: "*" + version: "~2.31.0" repository: oci://quay.io/codefresh/charts condition: context-manager.enabled - name: pipeline-manager - version: "*" + version: "~3.137.0" repository: oci://quay.io/codefresh/charts condition: pipeline-manager.enabled - name: gitops-dashboard-manager @@ -106,96 +108,96 @@ dependencies: condition: gitops-dashboard-manager.enabled - name: cfapi alias: cfapi - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi.enabled - name: cfapi alias: cfapi-auth - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-auth.enabled - name: cfapi alias: cfapi-internal - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-internal.enabled - name: cfapi alias: cfapi-ws - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-ws.enabled - name: cfapi alias: cfapi-admin - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-admin.enabled - name: cfapi alias: cfapi-endpoints - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-endpoints.enabled - name: cfapi alias: cfapi-terminators - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-terminators.enabled - name: cfapi alias: cfapi-sso-group-synchronizer - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-sso-group-synchronizer.enabled - name: cfapi alias: cfapi-buildmanager - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-buildmanager.enabled - name: cfapi alias: cfapi-cacheevictmanager - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-cacheevictmanager.enabled - name: cfapi alias: cfapi-eventsmanagersubscriptions - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-eventsmanagersubscriptions.enabled - name: cfapi alias: cfapi-kubernetesresourcemonitor - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-kubernetesresourcemonitor.enabled - name: cfapi alias: cfapi-environments - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-environments.enabled - name: cfapi alias: cfapi-gitops-resource-receiver - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-gitops-resource-receiver.enabled - name: cfapi alias: cfapi-downloadlogmanager - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-downloadlogmanager.enabled - name: cfapi alias: cfapi-teams - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-teams.enabled - name: cfapi alias: cfapi-kubernetes-endpoints - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-kubernetes-endpoints.enabled - name: cfapi alias: cfapi-test-reporting - version: "*" + version: "~21.268.0" repository: oci://quay.io/codefresh/charts condition: cfapi-test-reporting.enabled - name: cfui - version: "*" + version: "~14.96.0" repository: oci://quay.io/codefresh/charts condition: cfui.enabled - name: k8s-monitor @@ -203,7 +205,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: k8s-monitor.enabled - name: runtime-environment-manager - version: "*" + version: "~3.38.0" repository: oci://quay.io/codefresh/charts condition: runtime-environment-manager.enabled - name: cf-broadcaster diff --git a/codefresh/README.md b/codefresh/README.md index 0b0f59f6a..512747e35 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.0](https://img.shields.io/badge/Version-2.6.0-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.1](https://img.shields.io/badge/Version-2.6.1-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -1928,6 +1928,61 @@ cfapi: ### [What's new in 2.6.x](https://codefresh.io/docs/docs/whats-new/on-prem-release-notes/#on-premises-version-26) +#### Affected values + +In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. + +For example, default values for `cfapi` might look like this: + +```yaml +container: + image: + registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io + repository: codefresh/cf-api + tag: 21.268.1 + digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" + pullPolicy: IfNotPresent +``` + +this resulting in the following image reference in the pod spec: + +```yaml +spec: + containers: + - name: cfapi + image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 +``` + +> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: + +```yaml +cfapi: + container: + image: + tag: 21.268.1 + # -- Set empty tag for digest + digest: "" +``` + +#### Auto-index creation in MongoDB + +In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: + +> **Note!** Enabling this feature can cause performance degradation during the index creation process. + +> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. + +```yaml +cfapi: + container: + env: + MONGOOSE_AUTO_INDEX: "true" +``` + +Ref: +- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) +- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) + ## Troubleshooting ### Error: Failed to validate connection to Docker daemon; caused by Error: certificate has expired diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index 335079a25..db4f04f93 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -1936,6 +1936,62 @@ cfapi: ### [What's new in 2.6.x](https://codefresh.io/docs/docs/whats-new/on-prem-release-notes/#on-premises-version-26) +#### Affected values + +In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. + +For example, default values for `cfapi` might look like this: + +```yaml +container: + image: + registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io + repository: codefresh/cf-api + tag: 21.268.1 + digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" + pullPolicy: IfNotPresent +``` + +this resulting in the following image reference in the pod spec: + +```yaml +spec: + containers: + - name: cfapi + image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 +``` + +> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: + +```yaml +cfapi: + container: + image: + tag: 21.268.1 + # -- Set empty tag for digest + digest: "" +``` + +#### Auto-index creation in MongoDB + +In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: + +> **Note!** Enabling this feature can cause performance degradation during the index creation process. + +> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. + +```yaml +cfapi: + container: + env: + MONGOOSE_AUTO_INDEX: "true" +``` + +Ref: +- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) +- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) + + ## Troubleshooting ### Error: Failed to validate connection to Docker daemon; caused by Error: certificate has expired diff --git a/codefresh/files/indexes/2.6/agenttasks.json b/codefresh/files/indexes/2.6/agenttasks.json new file mode 100644 index 000000000..8c761fcd0 --- /dev/null +++ b/codefresh/files/indexes/2.6/agenttasks.json @@ -0,0 +1,29 @@ +[ + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "metadata.accountId" : 1, + "metadata.reIdentifier" : 1, + "metadata.shouldExecute" : 1, + "metadata.startAt" : 1, + "metadata.status" : 1, + "metadata.expireAt" : 1 + }, + "name" : "metadata.accountId_1_metadata.reIdentifier_1_metadata.shouldExecute_1_metadata.startAt_1_metadata.status_1_metadata.expireAt_1" + }, + { + "v" : 2.0, + "key" : { + "metadata.expireAt" : 1 + }, + "name" : "metadata.expireAt_1", + "expireAfterSeconds" : 0.0 + } +] diff --git a/codefresh/files/indexes/2.6/workflowprocesses.json b/codefresh/files/indexes/2.6/workflowprocesses.json new file mode 100644 index 000000000..e2e6e65a3 --- /dev/null +++ b/codefresh/files/indexes/2.6/workflowprocesses.json @@ -0,0 +1,460 @@ +[ + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "pendingLicense" : 1.0, + "created" : 1.0 + }, + "name" : "account_1_pendingLicense_1_created_1" + }, + { + "v" : 1.0, + "key" : { + "pipeline" : 1.0, + "status" : 1.0 + }, + "name" : "pipeline_1_status_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1.0, + "triggerType" : 1.0 + }, + "name" : "account_1_triggerType_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1.0, + "pipelineInfo.pipelineId" : 1.0 + }, + "name" : "account_1_pipelineInfo.pipelineId_1" + }, + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "startImmediately" : 1.0, + "status" : 1.0 + }, + "name" : "account_1_startImmediately_1_status_1" + }, + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "scmMetadata.repoName" : 1.0, + "scmMetadata.repoOwner" : 1.0, + "trigger" : 1.0, + "service" : 1.0 + }, + "name" : "account_1_scmMetadata.repoName_1_scmMetadata.repoOwner_1_trigger_1_service_1" + }, + { + "v" : 1.0, + "key" : { + "isPublic" : 1.0 + }, + "name" : "isPublic_1" + }, + { + "v" : 2.0, + "key" : { + "codefreshEnv" : 1, + "status" : 1, + "shouldPerformFinishSystem" : 1, + "_id" : 1 + }, + "name" : "codefreshEnv_1_status_1_shouldPerformFinishSystem_1__id_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "helmInfo.boardId" : 1 + }, + "name" : "account_1_helmInfo.boardId_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1.0, + "environs" : 1.0 + }, + "name" : "account_1_environs_1" + }, + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "status" : 1.0, + "trigger" : 1.0 + }, + "name" : "account_1_status_1_trigger_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "pipeline" : 1, + "trigger" : 1, + "_id" : -1 + }, + "name" : "account_1_pipeline_1_trigger_1__id_-1" + }, + { + "v" : 1.0, + "key" : { + "scmMetadata.branchName" : 1.0, + "account" : 1.0, + "pipeline" : 1.0, + "created" : -1.0, + "finished" : 1.0 + }, + "name" : "scmMetadata.branchName_1_account_1_pipeline_1_created_-1_finished_1" + }, + { + "v" : 2.0, + "key" : { + "trigger" : 1.0, + "account" : 1.0, + "status" : 1.0, + "_id" : -1.0 + }, + "name" : "trigger_1_account_1_status_1__id_-1" + }, + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "trigger" : 1.0, + "scmMetadata.repoName" : 1.0, + "service" : 1.0 + }, + "name" : "account_1_trigger_1_scmMetadata.repoName_1_service_1" + }, + { + "v" : 1.0, + "key" : { + "service" : 1.0, + "status" : 1.0 + }, + "name" : "service_1_status_1" + }, + { + "v" : 1.0, + "key" : { + "finished" : 1.0 + }, + "name" : "finished_1" + }, + { + "v" : 2.0, + "key" : { + "healthStatus.engine.status" : 1.0 + }, + "name" : "healthStatus.engine.status_1" + }, + { + "v" : 2.0, + "key" : { + "codefreshEnv" : 1, + "status" : 1, + "_id" : 1 + }, + "name" : "codefreshEnv_1_status_1__id_1" + }, + { + "v" : 1.0, + "key" : { + "account" : 1.0, + "service" : 1.0, + "trigger" : 1.0 + }, + "name" : "account_1_service_1_trigger_1" + }, + { + "v" : 1.0, + "key" : { + "scmMetadata.branchName" : 1.0, + "service" : 1.0, + "status" : 1.0, + "created" : -1.0 + }, + "name" : "scmMetadata.branchName_1_service_1_status_1_created_-1" + }, + { + "v" : 1.0, + "key" : { + "status" : 1.0, + "trigger" : 1.0 + }, + "name" : "status_1_trigger_1" + }, + { + "v" : 2.0, + "key" : { + "pipeline" : 1.0, + "finished" : -1.0 + }, + "name" : "pipeline_1_finished_-1" + }, + { + "v" : 1.0, + "key" : { + "progress" : 1.0 + }, + "name" : "progress_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1.0, + "environ" : 1.0 + }, + "name" : "account_1_environ_1" + }, + { + "v" : 2.0, + "key" : { + "status" : 1, + "created" : -1 + }, + "name" : "status_1_created_-1" + }, + { + "v" : 2.0, + "key" : { + "createdAt" : 1.0 + }, + "name" : "createdAt_1" + }, + { + "v" : 1.0, + "key" : { + "request" : 1.0 + }, + "name" : "request_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "_id" : 1, + "scmMetadata.repoName" : 1 + }, + "name" : "account_1__id_1_scmMetadata.repoName_1" + }, + { + "v" : 2.0, + "key" : { + "pipeline" : 1, + "created" : -1 + }, + "name" : "pipeline_1_created_-1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "status" : 1, + "created" : 1 + }, + "name" : "account_1_status_1_created_1" + }, + { + "v" : 2.0, + "key" : { + "status" : 1, + "runtimeEnvironmentMetadata.agent" : 1, + "created" : 1 + }, + "name" : "status_1_runtimeEnvironmentMetadata.agent_1_created_1" + }, + { + "v" : 2.0, + "key" : { + "created" : 1 + }, + "name" : "created_1", + "expireAfterSeconds" : 31536000.0 + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "status" : 1, + "trigger" : 1, + "pipeline" : 1, + "keepPVCsForPendingApproval" : 1 + }, + "name" : "account_1_status_1_trigger_1_pipeline_1_keepPVCsForPendingApproval_1", + "partialFilterExpression" : { + "status" : { + "$in" : [ + "pending", + "delayed", + "elected", + "running", + "terminating", + "pending-approval" + ] + } + } + }, + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "scmMetadata.revision" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_scmMetadata.revision_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.revision" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "scmMetadata.userName" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_scmMetadata.userName_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.userName" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "annotations.key" : 1, + "annotations.value" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_annotations.key_1_annotations.value_1__id_-1_pipeline_1", + "sparse" : true + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "pipelineTrigger" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_pipelineTrigger_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "pipelineTrigger" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "scmMetadata.branchName" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_scmMetadata.branchName_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.branchName" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1__id_-1_pipeline_1" + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "scmMetadata.provider" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_scmMetadata.provider_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.provider" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "scmMetadata.repoName" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_scmMetadata.repoName_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.repoName" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "account" : 1, + "trigger" : 1, + "scmMetadata.provider" : 1, + "scmMetadata.event" : 1, + "_id" : -1, + "pipeline" : 1 + }, + "name" : "account_1_trigger_1_scmMetadata.provider_1_scmMetadata.event_1__id_-1_pipeline_1", + "partialFilterExpression" : { + "scmMetadata.event" : { + "$exists" : true + }, + "scmMetadata.provider" : { + "$exists" : true + } + } + }, + { + "v" : 2.0, + "key" : { + "pipeline" : 1, + "_id" : -1 + }, + "name" : "pipeline_1__id_-1" + } +] diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 1c3ca5f26..ee86ea9b5 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -455,17 +455,17 @@ postgresqlCleanJob: # @default -- See below runtimeImages: COMPOSE_IMAGE: quay.io/codefresh/compose:v2.28.1-1.5.0 - CONTAINER_LOGGER_IMAGE: us-docker.pkg.dev/codefresh-inc/public-gcr-io/codefresh/cf-container-logger:1.11.7 - DIND_IMAGE: us-docker.pkg.dev/codefresh-inc/public-gcr-io/codefresh/dind:26.1.4-1.28.8 + CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.11.8 + DIND_IMAGE: quay.io/codefresh/dind:26.1.4-1.28.8 DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.3.17 DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.18 - DOCKER_PUSHER_IMAGE: us-docker.pkg.dev/codefresh-inc/public-gcr-io/codefresh/cf-docker-pusher:6.0.16 + DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16 DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.15 - ENGINE_IMAGE: us-docker.pkg.dev/codefresh-inc/public-gcr-io/codefresh/engine:1.174.19 + ENGINE_IMAGE: quay.io/codefresh/engine:1.175.2 FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.7 GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0 KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 - PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.6 + PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.7 TEMPLATE_ENGINE: quay.io/codefresh/pikolo:0.14.1 CR_6177_FIXER: docker.io/library/alpine:3.20 GC_BUILDER_IMAGE: docker.io/library/alpine:3.20 @@ -925,7 +925,7 @@ helm-repo-manager: enabled: false image: repository: quay.io/codefresh/chartmuseum - tag: a02769a5 + tag: 8795e993 resources: requests: cpu: 100m diff --git a/scripts/update_re_images.sh b/scripts/update_re_images.sh index dfed0a8db..b87405f9d 100755 --- a/scripts/update_re_images.sh +++ b/scripts/update_re_images.sh @@ -58,5 +58,7 @@ done sed -i 's|us-docker.pkg.dev/codefresh-inc/public-gcr-io|quay.io|' $CHARTDIR/values.yaml +sed -i 's/!!merge //g' $CHARTDIR/values.yaml + msg "The list of updated runtime images:\n" echo -e "\e[33m$(cat $CHARTDIR/values.yaml)\e[0m" From 24f2240deaa54fe1073df7e5c1d93278bef82f00 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Mon, 9 Dec 2024 10:50:00 +0300 Subject: [PATCH 03/30] feat(onprem 2.6): add indexes --- codefresh/files/indexes/2.6/analysisruns.json | 332 +++++++++++++++ .../files/indexes/2.6/images-binaries.json | 95 +++++ codefresh/files/indexes/2.6/releases.json | 196 +++++++++ codefresh/files/indexes/2.6/rollouts.json | 393 ++++++++++++++++++ 4 files changed, 1016 insertions(+) create mode 100644 codefresh/files/indexes/2.6/analysisruns.json create mode 100644 codefresh/files/indexes/2.6/images-binaries.json create mode 100644 codefresh/files/indexes/2.6/releases.json create mode 100644 codefresh/files/indexes/2.6/rollouts.json diff --git a/codefresh/files/indexes/2.6/analysisruns.json b/codefresh/files/indexes/2.6/analysisruns.json new file mode 100644 index 000000000..2a5c93752 --- /dev/null +++ b/codefresh/files/indexes/2.6/analysisruns.json @@ -0,0 +1,332 @@ +[ + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "__passiveReferencedBy.name" : 1.0 + }, + "name" : "__passiveReferencedBy.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferencedBy.name" : 1.0, + "__passiveReferencedBy.kind" : 1.0, + "__passiveReferencedBy.namespace" : 1.0, + "__passiveReferencedBy.group" : 1.0, + "__passiveReferencedBy.version" : 1.0 + }, + "name" : "__passiveReferencedBy.name_1___passiveReferencedBy.kind_1___passiveReferencedBy.namespace_1___passiveReferencedBy.group_1___passiveReferencedBy.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferences.name" : 1.0 + }, + "name" : "__passiveReferences.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferences.name" : 1.0, + "__passiveReferences.kind" : 1.0, + "__passiveReferences.namespace" : 1.0, + "__passiveReferences.group" : 1.0, + "__passiveReferences.version" : 1.0 + }, + "name" : "__passiveReferences.name_1___passiveReferences.kind_1___passiveReferences.namespace_1___passiveReferences.group_1___passiveReferences.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferencedBy.name" : 1.0 + }, + "name" : "__inferredReferencedBy.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferencedBy.name" : 1.0, + "__inferredReferencedBy.kind" : 1.0, + "__inferredReferencedBy.namespace" : 1.0, + "__inferredReferencedBy.group" : 1.0, + "__inferredReferencedBy.version" : 1.0 + }, + "name" : "__inferredReferencedBy.name_1___inferredReferencedBy.kind_1___inferredReferencedBy.namespace_1___inferredReferencedBy.group_1___inferredReferencedBy.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferences.name" : 1.0 + }, + "name" : "__inferredReferences.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferences.name" : 1.0, + "__inferredReferences.kind" : 1.0, + "__inferredReferences.namespace" : 1.0, + "__inferredReferences.group" : 1.0, + "__inferredReferences.version" : 1.0 + }, + "name" : "__inferredReferences.name_1___inferredReferences.kind_1___inferredReferences.namespace_1___inferredReferences.group_1___inferredReferences.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "updatedAt" : 1.0 + }, + "name" : "updatedAt_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "projects" : 1.0 + }, + "name" : "projects_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.name" : 1.0 + }, + "name" : "metadata.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.labels" : 1.0 + }, + "name" : "metadata.labels_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.accountId" : 1.0, + "metadata.runtime" : 1.0, + "metadata.cluster" : 1.0, + "metadata.namespace" : 1.0, + "metadata.group" : 1.0, + "metadata.version" : 1.0, + "metadata.kind" : 1.0, + "metadata.name" : 1.0, + "metadata.uid" : 1.0, + "metadata.revision" : 1.0 + }, + "name" : "metadata.accountId_1_metadata.runtime_1_metadata.cluster_1_metadata.namespace_1_metadata.group_1_metadata.version_1_metadata.kind_1_metadata.name_1_metadata.uid_1_metadata.revision_1", + "unique" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.accountId" : 1, + "revision" : 1, + "metadata.labels.rollout-type" : 1, + "metadata.runtime" : 1, + "metadata.labels.step-index" : 1 + }, + "name" : "metadata.accountId_1_revision_1_metadata.labels.rollout-type_1_metadata.runtime_1_metadata.labels.step-index_1" + }, + { + "v" : 2.0, + "key" : { + "metadata.accountId" : 1, + "revision" : 1, + "metadata.labels.rollout-type" : 1, + "metadata.runtime" : 1, + "metadata.creationTimestamp" : -1 + }, + "name" : "metadata.accountId_1_revision_1_metadata.labels.rollout-type_1_metadata.runtime_1_metadata.creationTimestamp_-1" + }, + { + "v" : 2.0, + "key" : { + "ownerReferences.uid" : 1, + "revision" : 1 + }, + "name" : "ownerReferences.uid_1_revision_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + } +] diff --git a/codefresh/files/indexes/2.6/images-binaries.json b/codefresh/files/indexes/2.6/images-binaries.json new file mode 100644 index 000000000..338df48e6 --- /dev/null +++ b/codefresh/files/indexes/2.6/images-binaries.json @@ -0,0 +1,95 @@ +[ + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1.0, + "imageName" : 1.0, + "repositoryName" : 1.0 + }, + "name" : "accountId_1_imageName_1_repositoryName_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1.0, + "repositoryName" : 1.0, + "gitRepository" : 1.0 + }, + "name" : "accountId_1_repositoryName_1_gitRepository_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1.0, + "repositoryName" : 1.0, + "branch" : 1.0 + }, + "name" : "accountId_1_repositoryName_1_branch_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "runtime.name" : 1.0 + }, + "name" : "runtime.name_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1.0, + "repoDigest" : 1.0 + }, + "name" : "accountId_1_repoDigest_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1.0, + "internalImageId" : 1.0 + }, + "name" : "accountId_1_internalImageId_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1, + "binaryId" : 1, + "lastUpdate" : -1, + "_id" : -1 + }, + "name" : "accountId_1_binaryId_1_lastUpdate_-1__id_-1" + }, + { + "v" : 2.0, + "key" : { + "accountId" : 1, + "imageName" : 1 + }, + "name" : "accountId_1_imageName_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + } +] diff --git a/codefresh/files/indexes/2.6/releases.json b/codefresh/files/indexes/2.6/releases.json new file mode 100644 index 000000000..e48f117e5 --- /dev/null +++ b/codefresh/files/indexes/2.6/releases.json @@ -0,0 +1,196 @@ +[ + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.name" : 1.0 + }, + "name" : "applicationMetadata.name_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.labels" : 1.0 + }, + "name" : "applicationMetadata.labels_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.prs.type" : 1.0 + }, + "name" : "application.prs.type_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.prs.key" : 1.0 + }, + "name" : "application.prs.key_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.prs.accountId" : 1.0 + }, + "name" : "application.prs.accountId_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.issues.type" : 1.0 + }, + "name" : "application.issues.type_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.issues.key" : 1.0 + }, + "name" : "application.issues.key_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "application.issues.accountId" : 1.0 + }, + "name" : "application.issues.accountId_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.accountId" : 1.0, + "applicationMetadata.runtime" : 1.0, + "applicationMetadata.name" : 1.0, + "applicationMetadata.namespace" : 1.0, + "application.issues.key" : 1.0 + }, + "name" : "applicationMetadata.accountId_1_applicationMetadata.runtime_1_applicationMetadata.name_1_applicationMetadata.namespace_1_application.issues.key_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.accountId" : 1.0, + "applicationMetadata.runtime" : 1.0, + "applicationMetadata.name" : 1.0, + "applicationMetadata.namespace" : 1.0, + "application.prs.key" : 1.0 + }, + "name" : "applicationMetadata.accountId_1_applicationMetadata.runtime_1_applicationMetadata.name_1_applicationMetadata.namespace_1_application.prs.key_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.accountId" : 1.0, + "applicationMetadata.runtime" : 1.0, + "applicationMetadata.name" : 1.0, + "applicationMetadata.namespace" : 1.0, + "application.committers.userName" : 1.0 + }, + "name" : "applicationMetadata.accountId_1_applicationMetadata.runtime_1_applicationMetadata.name_1_applicationMetadata.namespace_1_application.committers.userName_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.accountId" : 1.0, + "applicationMetadata.runtime" : 1.0, + "applicationMetadata.name" : 1.0, + "applicationMetadata.namespace" : 1.0, + "applicationMetadata.group" : 1.0, + "applicationMetadata.version" : 1.0, + "applicationMetadata.kind" : 1.0, + "historyId" : -1.0 + }, + "name" : "applicationMetadata.accountId_1_applicationMetadata.runtime_1_applicationMetadata.name_1_applicationMetadata.namespace_1_applicationMetadata.group_1_applicationMetadata.version_1_applicationMetadata.kind_1_historyId_-1", + "background" : true, + "unique" : true + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.accountId" : 1.0, + "applicationMetadata.runtime" : 1.0, + "applicationMetadata.name" : 1.0, + "applicationMetadata.namespace" : 1.0, + "applicationMetadata.group" : 1.0, + "applicationMetadata.version" : 1.0, + "reportedToJira" : 1.0, + "historyId" : 1.0, + "application.status.syncStartedAt" : 1.0 + }, + "name" : "applicationMetadata.accountId_1_applicationMetadata.runtime_1_applicationMetadata.name_1_applicationMetadata.namespace_1_applicationMetadata.group_1_applicationMetadata.version_1_reportedToJira_1_historyId_1_application.status.syncStartedAt_1", + "background" : true + }, + { + "v" : 2.0, + "key" : { + "fromState.services.revision" : 1, + "fromState.services.name" : 1, + "applicationMetadata.accountId" : 1 + }, + "name" : "fromState.services.revision_1_fromState.services.name_1_applicationMetadata.accountId_1" + }, + { + "v" : 2.0, + "key" : { + "syncOperationRevision" : 1, + "applicationMetadata.name" : 1, + "applicationMetadata.accountId" : 1, + "historyId" : -1 + }, + "name" : "syncOperationRevision_1_applicationMetadata.name_1_applicationMetadata.accountId_1_historyId_-1" + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.name" : 1, + "applicationMetadata.accountId" : 1, + "historyId" : -1 + }, + "name" : "applicationMetadata.name_1_applicationMetadata.accountId_1_historyId_-1" + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.name" : 1, + "applicationMetadata.accountId" : 1, + "application.status.healthStatus" : 1 + }, + "name" : "applicationMetadata.name_1_applicationMetadata.accountId_1_application.status.healthStatus_1" + }, + { + "v" : 2.0, + "key" : { + "applicationMetadata.name" : 1, + "applicationMetadata.accountId" : 1, + "current" : 1 + }, + "name" : "applicationMetadata.name_1_applicationMetadata.accountId_1_current_1" + }, + { + "v" : 2.0, + "key" : { + "application.status.revision" : 1, + "applicationMetadata.name" : 1, + "applicationMetadata.accountId" : 1 + }, + "name" : "application.status.revision_1_applicationMetadata.name_1_applicationMetadata.accountId_1" + } +] diff --git a/codefresh/files/indexes/2.6/rollouts.json b/codefresh/files/indexes/2.6/rollouts.json new file mode 100644 index 000000000..7d4519f14 --- /dev/null +++ b/codefresh/files/indexes/2.6/rollouts.json @@ -0,0 +1,393 @@ +[ + { + "v" : 2.0, + "key" : { + "_id" : 1.0 + }, + "name" : "_id_" + }, + { + "v" : 2.0, + "key" : { + "__passiveReferencedBy.name" : 1.0 + }, + "name" : "__passiveReferencedBy.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferencedBy.name" : 1.0, + "__passiveReferencedBy.kind" : 1.0, + "__passiveReferencedBy.namespace" : 1.0, + "__passiveReferencedBy.group" : 1.0, + "__passiveReferencedBy.version" : 1.0 + }, + "name" : "__passiveReferencedBy.name_1___passiveReferencedBy.kind_1___passiveReferencedBy.namespace_1___passiveReferencedBy.group_1___passiveReferencedBy.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferences.name" : 1.0 + }, + "name" : "__passiveReferences.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__passiveReferences.name" : 1.0, + "__passiveReferences.kind" : 1.0, + "__passiveReferences.namespace" : 1.0, + "__passiveReferences.group" : 1.0, + "__passiveReferences.version" : 1.0 + }, + "name" : "__passiveReferences.name_1___passiveReferences.kind_1___passiveReferences.namespace_1___passiveReferences.group_1___passiveReferences.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferencedBy.name" : 1.0 + }, + "name" : "__inferredReferencedBy.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferencedBy.name" : 1.0, + "__inferredReferencedBy.kind" : 1.0, + "__inferredReferencedBy.namespace" : 1.0, + "__inferredReferencedBy.group" : 1.0, + "__inferredReferencedBy.version" : 1.0 + }, + "name" : "__inferredReferencedBy.name_1___inferredReferencedBy.kind_1___inferredReferencedBy.namespace_1___inferredReferencedBy.group_1___inferredReferencedBy.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferences.name" : 1.0 + }, + "name" : "__inferredReferences.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "__inferredReferences.name" : 1.0, + "__inferredReferences.kind" : 1.0, + "__inferredReferences.namespace" : 1.0, + "__inferredReferences.group" : 1.0, + "__inferredReferences.version" : 1.0 + }, + "name" : "__inferredReferences.name_1___inferredReferences.kind_1___inferredReferences.namespace_1___inferredReferences.group_1___inferredReferences.version_1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "updatedAt" : 1.0 + }, + "name" : "updatedAt_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "projects" : 1.0 + }, + "name" : "projects_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.name" : 1.0 + }, + "name" : "metadata.name_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.labels" : 1.0 + }, + "name" : "metadata.labels_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "source.syncStartedAt" : 1.0 + }, + "name" : "source.syncStartedAt_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "source.gitSource" : 1.0 + }, + "name" : "source.gitSource_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.accountId" : 1.0, + "metadata.runtime" : 1.0, + "metadata.cluster" : 1.0, + "metadata.namespace" : 1.0, + "metadata.group" : 1.0, + "metadata.version" : 1.0, + "metadata.kind" : 1.0, + "metadata.name" : 1.0, + "metadata.revision" : 1.0, + "metadata.uid" : 1.0, + "metadata.labels.app\\u002ekubernetes\\u002eio/instance" : 1.0 + }, + "name" : "metadata.accountId_1_metadata.runtime_1_metadata.cluster_1_metadata.namespace_1_metadata.group_1_metadata.version_1_metadata.kind_1_metadata.name_1_metadata.revision_1_metadata.uid_1_metadata.labels.app\\u002ekubernetes\\u002eio/instance_1", + "unique" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "source.gitSourceUID" : 1.0 + }, + "name" : "source.gitSourceUID_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "source.gitSourceNamespace" : 1.0 + }, + "name" : "source.gitSourceNamespace_1", + "background" : true, + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + }, + { + "v" : 2.0, + "key" : { + "metadata.appName" : 1, + "metadata.accountId" : 1, + "metadata.runtime" : 1, + "_id" : -1 + }, + "name" : "metadata.appName_1_metadata.accountId_1_metadata.runtime_1__id_-1", + "collation" : { + "locale" : "en_US", + "caseLevel" : false, + "caseFirst" : "off", + "strength" : 1.0, + "numericOrdering" : false, + "alternate" : "non-ignorable", + "maxVariable" : "punct", + "normalization" : false, + "backwards" : false, + "version" : "57.1" + } + } +] From c9444a6177d84d599f6ca651765eeef42d2dc486 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Wed, 11 Dec 2024 16:38:11 +0300 Subject: [PATCH 04/30] onprem: 2.6.2 (#17) --- codefresh/Chart.lock | 48 +++++++++++++++++++------------------- codefresh/Chart.yaml | 21 ++++++++++++++--- codefresh/README.md | 4 ++-- codefresh/README.md.gotmpl | 2 +- codefresh/values.yaml | 2 ++ 5 files changed, 47 insertions(+), 30 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 52c165096..1de240d4a 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -55,7 +55,7 @@ dependencies: version: 1.26.13 - name: context-manager repository: oci://quay.io/codefresh/charts - version: 2.31.2 + version: 2.31.3 - name: pipeline-manager repository: oci://quay.io/codefresh/charts version: 3.137.5 @@ -64,61 +64,61 @@ dependencies: version: 1.14.16 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.1 + version: 21.268.2 - name: cfui repository: oci://quay.io/codefresh/charts - version: 14.96.72 + version: 14.96.74 - name: k8s-monitor repository: oci://quay.io/codefresh/charts version: 4.11.10 @@ -127,7 +127,7 @@ dependencies: version: 3.38.2 - name: cf-broadcaster repository: oci://quay.io/codefresh/charts - version: 1.12.17 + version: 1.12.18 - name: helm-repo-manager repository: oci://quay.io/codefresh/charts version: 0.17.1 @@ -151,9 +151,9 @@ dependencies: version: 1.3168.0 - name: argo-hub-platform repository: oci://quay.io/codefresh/charts - version: 0.1.16 + version: 0.1.17 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:b2c2471f1c519f8b06daf9872eb9b64d8a8d61166b0f8a728b032f7cae208a4a -generated: "2024-12-04T11:41:36.404834+03:00" +digest: sha256:22c436431490668866a5aa7c20fea347994fd186dfff484863ed2586bde765cb +generated: "2024-12-11T15:24:05.738874+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 0ce8f04a4..1f0a0e97d 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.1 +version: 2.6.2 keywords: - codefresh home: https://codefresh.io/ @@ -18,10 +18,25 @@ annotations: artifacthub.io/containsSecurityUpdates: "true" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | + - kind: fixed + description: "(helm-repo-manager) Fix postgres database name" + links: + - name: JIRA Issue + url: https://codefresh-io.atlassian.net/browse/CR-26299 + - kind: fixed + description: "(cf-api) Enable useRepoAndBranchesNextPagination feature-flag by default" + - kind: fixed + description: "(cf-ui) Fix runtime environment ABAC rules are not applied" + links: + - name: JIRA Issue + url: https://codefresh-io.atlassian.net/browse/CR-25550 + - kind: fixed + description: "(context-manager) Fix context decryption when decrypt=false is set in requests" + links: + - name: JIRA Issue + url: https://codefresh-io.atlassian.net/browse/CR-26300 - kind: security description: "Misc security updates" - - kind: changed - description: "Upate Readme.md in images digests and auto-index creation" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts diff --git a/codefresh/README.md b/codefresh/README.md index 512747e35..7e2fd77ae 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.1](https://img.shields.io/badge/Version-2.6.1-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.2](https://img.shields.io/badge/Version-2.6.2-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -203,7 +203,7 @@ However, you might need to use external services like [MongoDB Atlas Database](h #### External MongoDB -**Important:** Recommended version of Mongo is 4.4.x +**Important:** Recommended version of Mongo is 6.x ```yaml seed: diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index db4f04f93..441c7cdab 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -204,7 +204,7 @@ However, you might need to use external services like [MongoDB Atlas Database](h #### External MongoDB -**Important:** Recommended version of Mongo is 4.4.x +**Important:** Recommended version of Mongo is 6.x ```yaml seed: diff --git a/codefresh/values.yaml b/codefresh/values.yaml index ee86ea9b5..607f3b4a4 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -919,6 +919,8 @@ helm-repo-manager: image: registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io repository: codefresh/helm-repo-manager + env: + POSTGRES_DBNAME: codefresh chartmuseum: publicHelmRepo: true ingress: From 5f823bbfb6b98f848fa6e6dee46b4bca9d273365 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 13 Dec 2024 10:47:51 +0300 Subject: [PATCH 05/30] onprem: 2.6.3 (#18) --- codefresh/Chart.lock | 40 +++++++++++++++++++------------------- codefresh/Chart.yaml | 25 ++++-------------------- codefresh/README.md | 9 ++++++++- codefresh/README.md.gotmpl | 7 +++++++ 4 files changed, 39 insertions(+), 42 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 1de240d4a..8a5dcb8eb 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -64,58 +64,58 @@ dependencies: version: 1.14.16 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.2 + version: 21.268.3 - name: cfui repository: oci://quay.io/codefresh/charts version: 14.96.74 @@ -155,5 +155,5 @@ dependencies: - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:22c436431490668866a5aa7c20fea347994fd186dfff484863ed2586bde765cb -generated: "2024-12-11T15:24:05.738874+03:00" +digest: sha256:e6c03a120c2493b692db832d948ecf9cd26bfefbbc9fada40a5d6061b582fc57 +generated: "2024-12-12T17:08:38.756189+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 1f0a0e97d..9ed111bd0 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.2 +version: 2.6.3 keywords: - codefresh home: https://codefresh.io/ @@ -15,28 +15,11 @@ appVersion: 2.6.0 annotations: artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" - artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/containsSecurityUpdates: "false" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - - kind: fixed - description: "(helm-repo-manager) Fix postgres database name" - links: - - name: JIRA Issue - url: https://codefresh-io.atlassian.net/browse/CR-26299 - - kind: fixed - description: "(cf-api) Enable useRepoAndBranchesNextPagination feature-flag by default" - - kind: fixed - description: "(cf-ui) Fix runtime environment ABAC rules are not applied" - links: - - name: JIRA Issue - url: https://codefresh-io.atlassian.net/browse/CR-25550 - - kind: fixed - description: "(context-manager) Fix context decryption when decrypt=false is set in requests" - links: - - name: JIRA Issue - url: https://codefresh-io.atlassian.net/browse/CR-26300 - - kind: security - description: "Misc security updates" + - kind: changed + description: "(cf-api) Enable promotions feature-flags" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts diff --git a/codefresh/README.md b/codefresh/README.md index 7e2fd77ae..bf6423292 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.2](https://img.shields.io/badge/Version-2.6.2-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.3](https://img.shields.io/badge/Version-2.6.3-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -1979,6 +1979,13 @@ cfapi: MONGOOSE_AUTO_INDEX: "true" ``` +```yaml +argo-platform: + api-graphql: + env: + MONGO_AUTOMATIC_INDEX_CREATION: "true" +``` + Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index 441c7cdab..e0b6a6f5a 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -1987,6 +1987,13 @@ cfapi: MONGOOSE_AUTO_INDEX: "true" ``` +```yaml +argo-platform: + api-graphql: + env: + MONGO_AUTOMATIC_INDEX_CREATION: "true" +``` + Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) From 8dc6faf3981616332ea17b06ecd26514deea9481 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 13 Dec 2024 15:25:50 +0300 Subject: [PATCH 06/30] onprem: 2.6.4 (#19) --- codefresh/Chart.yaml | 6 +++--- codefresh/README.md | 2 +- codefresh/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 9ed111bd0..09cbe156a 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.3 +version: 2.6.4 keywords: - codefresh home: https://codefresh.io/ @@ -13,13 +13,13 @@ maintainers: url: https://codefresh-io.github.io/ appVersion: 2.6.0 annotations: - artifacthub.io/prerelease: "true" + # artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" artifacthub.io/containsSecurityUpdates: "false" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: "(cf-api) Enable promotions feature-flags" + description: "Update runtime-images (engine/cf-docker-builder)" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts diff --git a/codefresh/README.md b/codefresh/README.md index bf6423292..5b1b13311 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.3](https://img.shields.io/badge/Version-2.6.3-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.4](https://img.shields.io/badge/Version-2.6.4-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 607f3b4a4..385f08403 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -457,11 +457,11 @@ runtimeImages: COMPOSE_IMAGE: quay.io/codefresh/compose:v2.28.1-1.5.0 CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.11.8 DIND_IMAGE: quay.io/codefresh/dind:26.1.4-1.28.8 - DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.3.17 + DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.4.0 DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.18 DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16 DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.15 - ENGINE_IMAGE: quay.io/codefresh/engine:1.175.2 + ENGINE_IMAGE: quay.io/codefresh/engine:1.176.1 FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.7 GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0 KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 From 121d52048be9a67a9617511febdc780468954dca Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Tue, 24 Dec 2024 16:56:21 +0200 Subject: [PATCH 07/30] Patch - 2.6.5 update open source components (#20) --- codefresh/Chart.yaml | 6 +++--- codefresh/README.md | 4 ++-- codefresh/values.yaml | 18 +++++++++--------- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 09cbe156a..a3a88092b 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.4 +version: 2.6.5 keywords: - codefresh home: https://codefresh.io/ @@ -19,7 +19,7 @@ annotations: # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: "Update runtime-images (engine/cf-docker-builder)" + description: "Update consul chart to 11.3.22, mongosh to 2.3.7, curl to 8.11.1 & dind to 27.4" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -29,7 +29,7 @@ dependencies: version: 0.9.0 condition: internal-gateway.enabled - name: consul - version: 11.3.21 + version: 11.3.22 repository: https://charts.bitnami.com/bitnami condition: consul.enabled - name: mongodb diff --git a/codefresh/README.md b/codefresh/README.md index 5b1b13311..6f7627818 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.4](https://img.shields.io/badge/Version-2.6.4-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.5](https://img.shields.io/badge/Version-2.6.5-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -2086,7 +2086,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | argo-platform.runtime-monitor | object | See below | runtime-monitor Don't enable! Not used in onprem! | | argo-platform.ui | object | See below | ui | | argo-platform.useExternalSecret | bool | `false` | Use regular k8s secret object. Keep `false`! | -| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"27.3-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.10.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | +| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"27.4-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.11.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | | cf-broadcaster | object | See below | broadcaster | | cf-oidc-provider | object | See below | cf-oidc-provider | | cf-platform-analytics-etlstarter | object | See below | etl-starter | diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 385f08403..ac99de66b 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -36,7 +36,7 @@ seed: image: registry: quay.io repository: codefresh/mongosh - tag: 2.3.1 + tag: 2.3.7 # -- Root user in plain text (required ONLY for seed job!). mongodbRootUser: "root" # -- Root user from existing secret @@ -425,7 +425,7 @@ hooks: image: registry: quay.io repository: codefresh/mongosh - tag: 2.3.1 + tag: 2.3.7 affinity: {} nodeSelector: {} podSecurityContext: {} @@ -467,8 +467,8 @@ runtimeImages: KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.7 TEMPLATE_ENGINE: quay.io/codefresh/pikolo:0.14.1 - CR_6177_FIXER: docker.io/library/alpine:3.20 - GC_BUILDER_IMAGE: docker.io/library/alpine:3.20 + CR_6177_FIXER: docker.io/library/alpine:3.21 + GC_BUILDER_IMAGE: docker.io/library/alpine:3.21 #-------------------- # Codefresh subcharts @@ -766,7 +766,7 @@ cfsign: image: registry: quay.io repository: codefresh/curl - tag: 8.10.1 + tag: 8.11.1 affinity: {} nodeSelector: {} podSecurityContext: {} @@ -1191,12 +1191,12 @@ builder: image: registry: quay.io repository: codefresh/curl - tag: 8.10.1 + tag: 8.11.1 container: image: registry: docker.io repository: library/docker - tag: 27.3-dind + tag: 27.4-dind affinity: {} nodeSelector: {} podSecurityContext: {} @@ -1212,12 +1212,12 @@ runner: image: registry: quay.io repository: codefresh/curl - tag: 8.10.1 + tag: 8.11.1 container: image: registry: docker.io repository: library/docker - tag: 27.3-dind + tag: 27.4-dind affinity: {} nodeSelector: {} podSecurityContext: {} From be191db3e09dc8bff67f2bb8f16b3478d6198c03 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 10 Jan 2025 11:08:03 +0300 Subject: [PATCH 08/30] onprem: 2.6.6 (#21) --- codefresh/Chart.lock | 76 +++++++++++++++++++++---------------------- codefresh/Chart.yaml | 8 ++--- codefresh/README.md | 3 +- codefresh/values.yaml | 10 ++++-- 4 files changed, 51 insertions(+), 46 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 8a5dcb8eb..2e357e37c 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -7,7 +7,7 @@ dependencies: version: 0.9.0 - name: consul repository: https://charts.bitnami.com/bitnami - version: 11.3.21 + version: 11.4.1 - name: mongodb repository: https://charts.bitnami.com/bitnami version: 14.4.1 @@ -40,120 +40,120 @@ dependencies: version: 4.11.2 - name: cluster-providers repository: oci://quay.io/codefresh/charts - version: 1.17.10 + version: 1.17.11 - name: kube-integration repository: oci://quay.io/codefresh/charts - version: 1.31.11 + version: 1.31.14 - name: charts-manager repository: oci://quay.io/codefresh/charts - version: 1.19.2 + version: 1.19.3 - name: cfsign repository: oci://quay.io/codefresh/charts - version: 1.8.6 + version: 1.8.7 - name: tasker-kubernetes repository: oci://quay.io/codefresh/charts - version: 1.26.13 + version: 1.26.14 - name: context-manager repository: oci://quay.io/codefresh/charts - version: 2.31.3 + version: 2.31.4 - name: pipeline-manager repository: oci://quay.io/codefresh/charts - version: 3.137.5 + version: 3.137.7 - name: gitops-dashboard-manager repository: oci://quay.io/codefresh/charts - version: 1.14.16 + version: 1.14.17 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.3 + version: 21.268.5 - name: cfui repository: oci://quay.io/codefresh/charts - version: 14.96.74 + version: 14.96.75 - name: k8s-monitor repository: oci://quay.io/codefresh/charts version: 4.11.10 - name: runtime-environment-manager repository: oci://quay.io/codefresh/charts - version: 3.38.2 + version: 3.38.3 - name: cf-broadcaster repository: oci://quay.io/codefresh/charts - version: 1.12.18 + version: 1.12.19 - name: helm-repo-manager repository: oci://quay.io/codefresh/charts version: 0.17.1 - name: hermes repository: oci://quay.io/codefresh/charts - version: 0.21.14 + version: 0.21.17 - name: nomios repository: oci://quay.io/codefresh/charts - version: 0.11.8 + version: 0.11.9 - name: cronus repository: oci://quay.io/codefresh/charts - version: 0.8.8 + version: 0.8.9 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.72 + version: 0.49.73 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.72 + version: 0.49.73 - name: argo-platform repository: oci://quay.io/codefresh/charts version: 1.3168.0 - name: argo-hub-platform repository: oci://quay.io/codefresh/charts - version: 0.1.17 + version: 0.1.18 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:e6c03a120c2493b692db832d948ecf9cd26bfefbbc9fada40a5d6061b582fc57 -generated: "2024-12-12T17:08:38.756189+03:00" +digest: sha256:ad35e8c10ef3541991d2a9c0515bd4f992f22933209de003dfd0dfb917965ba9 +generated: "2025-01-09T16:19:01.68063+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index a3a88092b..5b3652eb7 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.5 +version: 2.6.6 keywords: - codefresh home: https://codefresh.io/ @@ -18,8 +18,8 @@ annotations: artifacthub.io/containsSecurityUpdates: "false" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - - kind: changed - description: "Update consul chart to 11.3.22, mongosh to 2.3.7, curl to 8.11.1 & dind to 27.4" + - kind: security + description: "Miscellaneous security updates" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -29,7 +29,7 @@ dependencies: version: 0.9.0 condition: internal-gateway.enabled - name: consul - version: 11.3.22 + version: 11.4.1 repository: https://charts.bitnami.com/bitnami condition: consul.enabled - name: mongodb diff --git a/codefresh/README.md b/codefresh/README.md index 6f7627818..804804d9d 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.5](https://img.shields.io/badge/Version-2.6.5-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.6](https://img.shields.io/badge/Version-2.6.6-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -2232,6 +2232,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | global.runnerService | string | `"runner"` | Default runner service name. | | global.runtimeEnvironmentManagerPort | int | `80` | Default runtime-environment-manager service port. | | global.runtimeEnvironmentManagerService | string | `"runtime-environment-manager"` | Default runtime-environment-manager service name. | +| global.security | object | `{"allowInsecureImages":true}` | Bitnami | | global.storageClass | string | `""` | Global StorageClass for Persistent Volume(s) | | global.tlsSignPort | int | `4999` | Default tls-sign service port. | | global.tlsSignService | string | `"cfsign"` | Default tls-sign service name. | diff --git a/codefresh/values.yaml b/codefresh/values.yaml index ac99de66b..4ff039d4b 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -417,6 +417,10 @@ global: # Use `.Values.seed.postgresSeedJob` instead postgresSeedJob: {} + # -- Bitnami + security: + allowInsecureImages: true + # -- Pre/post-upgrade Job hooks. # Updates images in `system/default` runtime. # @default -- See below @@ -454,14 +458,14 @@ postgresqlCleanJob: # -- runtimeImages # @default -- See below runtimeImages: - COMPOSE_IMAGE: quay.io/codefresh/compose:v2.28.1-1.5.0 + COMPOSE_IMAGE: quay.io/codefresh/compose:v2.32.1-1.5.1 CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.11.8 DIND_IMAGE: quay.io/codefresh/dind:26.1.4-1.28.8 - DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.4.0 + DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.4.1 DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.18 DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16 DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.15 - ENGINE_IMAGE: quay.io/codefresh/engine:1.176.1 + ENGINE_IMAGE: quay.io/codefresh/engine:1.176.3 FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.7 GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0 KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 From 151da4c73f805c1259a89b348bfdc6fc67925305 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Wed, 12 Feb 2025 10:29:24 +0300 Subject: [PATCH 09/30] onprem: 2.6.7 security updates (#25) --- codefresh/Chart.lock | 52 +++++++++++++++++++++---------------------- codefresh/Chart.yaml | 8 +++---- codefresh/README.md | 4 ++-- codefresh/values.yaml | 14 ++++++------ 4 files changed, 39 insertions(+), 39 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 2e357e37c..e086a49d8 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -40,10 +40,10 @@ dependencies: version: 4.11.2 - name: cluster-providers repository: oci://quay.io/codefresh/charts - version: 1.17.11 + version: 1.17.12 - name: kube-integration repository: oci://quay.io/codefresh/charts - version: 1.31.14 + version: 1.31.15 - name: charts-manager repository: oci://quay.io/codefresh/charts version: 1.19.3 @@ -52,7 +52,7 @@ dependencies: version: 1.8.7 - name: tasker-kubernetes repository: oci://quay.io/codefresh/charts - version: 1.26.14 + version: 1.26.15 - name: context-manager repository: oci://quay.io/codefresh/charts version: 2.31.4 @@ -61,67 +61,67 @@ dependencies: version: 3.137.7 - name: gitops-dashboard-manager repository: oci://quay.io/codefresh/charts - version: 1.14.17 + version: 1.14.18 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.5 + version: 21.268.7 - name: cfui repository: oci://quay.io/codefresh/charts version: 14.96.75 - name: k8s-monitor repository: oci://quay.io/codefresh/charts - version: 4.11.10 + version: 4.11.11 - name: runtime-environment-manager repository: oci://quay.io/codefresh/charts version: 3.38.3 @@ -148,12 +148,12 @@ dependencies: version: 0.49.73 - name: argo-platform repository: oci://quay.io/codefresh/charts - version: 1.3168.0 + version: 1.3169.1-onprem-d65a019 - name: argo-hub-platform repository: oci://quay.io/codefresh/charts version: 0.1.18 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:ad35e8c10ef3541991d2a9c0515bd4f992f22933209de003dfd0dfb917965ba9 -generated: "2025-01-09T16:19:01.68063+03:00" +digest: sha256:89f044b131537ebfba9610627b2b23140233521a78bfa00424e7b978946bc949 +generated: "2025-02-10T17:19:35.620581+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 5b3652eb7..c3364351a 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.6 +version: 2.6.7 keywords: - codefresh home: https://codefresh.io/ @@ -15,11 +15,11 @@ appVersion: 2.6.0 annotations: # artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" - artifacthub.io/containsSecurityUpdates: "false" + artifacthub.io/containsSecurityUpdates: "true" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: security - description: "Miscellaneous security updates" + description: "Miscellaneous security updates (10.02.2025)" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -237,7 +237,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-platform - version: "~1.3168.0" + version: "1.3169.1-onprem-d65a019" repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-hub-platform diff --git a/codefresh/README.md b/codefresh/README.md index 804804d9d..b60c1f52a 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.6](https://img.shields.io/badge/Version-2.6.6-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.7](https://img.shields.io/badge/Version-2.6.7-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -2086,7 +2086,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | argo-platform.runtime-monitor | object | See below | runtime-monitor Don't enable! Not used in onprem! | | argo-platform.ui | object | See below | ui | | argo-platform.useExternalSecret | bool | `false` | Use regular k8s secret object. Keep `false`! | -| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"27.4-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.11.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | +| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"27.5-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.11.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | | cf-broadcaster | object | See below | broadcaster | | cf-oidc-provider | object | See below | cf-oidc-provider | | cf-platform-analytics-etlstarter | object | See below | etl-starter | diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 4ff039d4b..bba914b11 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -458,19 +458,19 @@ postgresqlCleanJob: # -- runtimeImages # @default -- See below runtimeImages: - COMPOSE_IMAGE: quay.io/codefresh/compose:v2.32.1-1.5.1 - CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.11.8 + COMPOSE_IMAGE: quay.io/codefresh/compose:v2.32.2-1.5.2 + CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.12.2 DIND_IMAGE: quay.io/codefresh/dind:26.1.4-1.28.8 - DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.4.1 + DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.4.2 DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.18 DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16 DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.15 - ENGINE_IMAGE: quay.io/codefresh/engine:1.176.3 + ENGINE_IMAGE: quay.io/codefresh/engine:1.177.4 FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.7 GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0 KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.7 - TEMPLATE_ENGINE: quay.io/codefresh/pikolo:0.14.1 + TEMPLATE_ENGINE: quay.io/codefresh/pikolo:0.14.2 CR_6177_FIXER: docker.io/library/alpine:3.21 GC_BUILDER_IMAGE: docker.io/library/alpine:3.21 @@ -1200,7 +1200,7 @@ builder: image: registry: docker.io repository: library/docker - tag: 27.4-dind + tag: 27.5-dind affinity: {} nodeSelector: {} podSecurityContext: {} @@ -1221,7 +1221,7 @@ runner: image: registry: docker.io repository: library/docker - tag: 27.4-dind + tag: 27.5-dind affinity: {} nodeSelector: {} podSecurityContext: {} From 778e715bcb5408d179a0774a15685e1f1019b0aa Mon Sep 17 00:00:00 2001 From: vitalii-codefresh Date: Wed, 5 Mar 2025 10:03:01 +0200 Subject: [PATCH 10/30] onprem: 2.6.8 (#27) --- codefresh/Chart.lock | 48 +++++++++++++++++++++---------------------- codefresh/Chart.yaml | 18 ++++++++++++---- codefresh/README.md | 2 +- codefresh/values.yaml | 4 +++- 4 files changed, 42 insertions(+), 30 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index e086a49d8..8de3456a2 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -7,7 +7,7 @@ dependencies: version: 0.9.0 - name: consul repository: https://charts.bitnami.com/bitnami - version: 11.4.1 + version: 11.4.8 - name: mongodb repository: https://charts.bitnami.com/bitnami version: 14.4.1 @@ -19,7 +19,7 @@ dependencies: version: 12.0.4 - name: redis repository: https://charts.bitnami.com/bitnami - version: 20.3.0 + version: 20.9.0 - name: redis-ha repository: https://dandydeveloper.github.io/charts version: 4.26.1 @@ -64,58 +64,58 @@ dependencies: version: 1.14.18 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.7 + version: 21.268.8 - name: cfui repository: oci://quay.io/codefresh/charts version: 14.96.75 @@ -142,10 +142,10 @@ dependencies: version: 0.8.9 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.73 + version: 0.49.76 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.73 + version: 0.49.76 - name: argo-platform repository: oci://quay.io/codefresh/charts version: 1.3169.1-onprem-d65a019 @@ -155,5 +155,5 @@ dependencies: - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:89f044b131537ebfba9610627b2b23140233521a78bfa00424e7b978946bc949 -generated: "2025-02-10T17:19:35.620581+03:00" +digest: sha256:cae4ba166e0a91d195af3df797c43294a9d2b1de2771524a4fb2d04946babd59 +generated: "2025-03-04T10:59:18.787343+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index c3364351a..f5572c268 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.7 +version: 2.6.8 keywords: - codefresh home: https://codefresh.io/ @@ -19,7 +19,17 @@ annotations: # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: security - description: "Miscellaneous security updates (10.02.2025)" + description: "Miscellaneous security updates (27.02.2025)" + - kind: fixed + description: "Fixed removing a user with assigned SSO configuration that does not exist on the platform" + links: + - name: JIRA Issue + url: https://codefresh-io.atlassian.net/browse/CR-27590 + - kind: fixed + description: "Fixed unassigning removed SSO configuration for a user" + links: + - name: JIRA Issue + url: https://codefresh-io.atlassian.net/browse/CR-27590 dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -29,7 +39,7 @@ dependencies: version: 0.9.0 condition: internal-gateway.enabled - name: consul - version: 11.4.1 + version: 11.4.8 repository: https://charts.bitnami.com/bitnami condition: consul.enabled - name: mongodb @@ -45,7 +55,7 @@ dependencies: repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql-ha.enabled - name: redis - version: 20.3.0 + version: 20.9.0 repository: https://charts.bitnami.com/bitnami condition: redis.enabled - name: redis-ha diff --git a/codefresh/README.md b/codefresh/README.md index b60c1f52a..c60571ea5 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.7](https://img.shields.io/badge/Version-2.6.7-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.8](https://img.shields.io/badge/Version-2.6.8-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. diff --git a/codefresh/values.yaml b/codefresh/values.yaml index bba914b11..2cb9c5888 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -466,7 +466,7 @@ runtimeImages: DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16 DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.15 ENGINE_IMAGE: quay.io/codefresh/engine:1.177.4 - FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.7 + FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.8 GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0 KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.2.6 PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.7 @@ -1177,6 +1177,8 @@ redis-ha: # Ref: https://github.com/bitnami/charts/blob/main/bitnami/rabbitmq/values.yaml rabbitmq: enabled: true + image: + tag: 3.13.7-debian-12-r5 replicaCount: 1 auth: username: user From 03ab8f44d8342d6f957f7716f530aa2d38b7e8ec Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Mon, 10 Mar 2025 16:43:35 +0300 Subject: [PATCH 11/30] onprem: 2.6.9 (#29) --- codefresh/Chart.lock | 6 +++--- codefresh/Chart.yaml | 18 ++++-------------- codefresh/README.md | 2 +- codefresh/tests/misc/misc_test.yaml | 27 +++++++++++++++++++++++++++ 4 files changed, 35 insertions(+), 18 deletions(-) create mode 100644 codefresh/tests/misc/misc_test.yaml diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 8de3456a2..00c9fa992 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -148,12 +148,12 @@ dependencies: version: 0.49.76 - name: argo-platform repository: oci://quay.io/codefresh/charts - version: 1.3169.1-onprem-d65a019 + version: 1.3169.1-onprem-915b48a - name: argo-hub-platform repository: oci://quay.io/codefresh/charts version: 0.1.18 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.15 -digest: sha256:cae4ba166e0a91d195af3df797c43294a9d2b1de2771524a4fb2d04946babd59 -generated: "2025-03-04T10:59:18.787343+03:00" +digest: sha256:416dcda251f5cd35df121c7beb2a922e581177f0fcdbe54e486bd3130a1eb835 +generated: "2025-03-07T17:14:47.941403+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index f5572c268..82ae853d5 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.8 +version: 2.6.9 keywords: - codefresh home: https://codefresh.io/ @@ -15,21 +15,11 @@ appVersion: 2.6.0 annotations: # artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" - artifacthub.io/containsSecurityUpdates: "true" + # artifacthub.io/containsSecurityUpdates: "true" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - - kind: security - description: "Miscellaneous security updates (27.02.2025)" - kind: fixed - description: "Fixed removing a user with assigned SSO configuration that does not exist on the platform" - links: - - name: JIRA Issue - url: https://codefresh-io.atlassian.net/browse/CR-27590 - - kind: fixed - description: "Fixed unassigning removed SSO configuration for a user" - links: - - name: JIRA Issue - url: https://codefresh-io.atlassian.net/browse/CR-27590 + description: "Optional CACHE_PASSWORD env var for argo-platform (api-graphql/promotion-orchestrator)" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts @@ -247,7 +237,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-platform - version: "1.3169.1-onprem-d65a019" + version: "1.3169.1-onprem-915b48a" repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-hub-platform diff --git a/codefresh/README.md b/codefresh/README.md index c60571ea5..01d219479 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.8](https://img.shields.io/badge/Version-2.6.8-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.6.9](https://img.shields.io/badge/Version-2.6.9-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. diff --git a/codefresh/tests/misc/misc_test.yaml b/codefresh/tests/misc/misc_test.yaml new file mode 100644 index 000000000..b454c3d00 --- /dev/null +++ b/codefresh/tests/misc/misc_test.yaml @@ -0,0 +1,27 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/master/schema/helm-testsuite.json +suite: Misc tests +templates: + - charts/argo-platform/templates/**/*.yaml +tests: + - it: argo-platform api-graphql should have empty CACHE_PASSWORD when no .Values.global.redisPassword or .Values.global.redisPasswordSecretKeyRef is provided + template: charts/argo-platform/templates/api-graphql/workload.yaml + set: + global.redisPassword: "" + asserts: + - notContains: + path: spec.template.spec.containers[0].env + content: + name: CACHE_PASSWORD + any: true + + - it: argo-platform promotion-orchestrator should have empty CACHE_PASSWORD when no .Values.global.redisPassword or .Values.global.redisPasswordSecretKeyRef is provided + template: charts/argo-platform/templates/promotion-orchestrator/workload.yaml + set: + global.redisPassword: "" + asserts: + - notContains: + path: spec.template.spec.containers[0].env + content: + name: CACHE_PASSWORD + any: true + From 6523ef278a20c58b386cd8ca4e307758a27cce62 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Thu, 13 Mar 2025 17:52:50 +0300 Subject: [PATCH 12/30] onprem: 2.7.0 From e016573c3f86525097682765cb2f1fe2eb7b9a6a Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 13:24:20 +0300 Subject: [PATCH 13/30] onprem: 2.7.0 --- codefresh/Chart.lock | 98 +- codefresh/Chart.yaml | 76 +- .../tests/misc/global_constrains_test.yaml | 1065 +++++++++++++++++ codefresh/tests/values/global.yaml | 22 + codefresh/values.yaml | 9 + 5 files changed, 1183 insertions(+), 87 deletions(-) create mode 100644 codefresh/tests/misc/global_constrains_test.yaml create mode 100644 codefresh/tests/values/global.yaml diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 00c9fa992..49e0194c2 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -3,11 +3,11 @@ dependencies: repository: oci://quay.io/codefresh/charts version: 0.18.1 - name: internal-gateway - repository: oci://quay.io/codefresh/charts - version: 0.9.0 + repository: oci://quay.io/codefresh/charts/dev + version: 0.10.2 - name: consul repository: https://charts.bitnami.com/bitnami - version: 11.4.8 + version: 11.4.10 - name: mongodb repository: https://charts.bitnami.com/bitnami version: 14.4.1 @@ -19,141 +19,141 @@ dependencies: version: 12.0.4 - name: redis repository: https://charts.bitnami.com/bitnami - version: 20.9.0 + version: 20.11.3 - name: redis-ha repository: https://dandydeveloper.github.io/charts version: 4.26.1 - name: rabbitmq repository: https://charts.bitnami.com/bitnami - version: 14.7.0 + version: 15.3.3 - name: nats repository: https://charts.bitnami.com/bitnami - version: 8.4.9 + version: 9.0.6 - name: builder repository: oci://quay.io/codefresh/charts - version: 1.3.0 + version: 1.4.0 - name: runner repository: oci://quay.io/codefresh/charts - version: 1.3.0 + version: 1.4.0 - name: ingress-nginx repository: https://kubernetes.github.io/ingress-nginx version: 4.11.2 - name: cluster-providers repository: oci://quay.io/codefresh/charts - version: 1.17.12 + version: 1.17.14 - name: kube-integration repository: oci://quay.io/codefresh/charts - version: 1.31.15 + version: 1.31.17 - name: charts-manager repository: oci://quay.io/codefresh/charts - version: 1.19.3 + version: 1.22.2 - name: cfsign repository: oci://quay.io/codefresh/charts - version: 1.8.7 + version: 1.8.8 - name: tasker-kubernetes repository: oci://quay.io/codefresh/charts - version: 1.26.15 + version: 1.26.17 - name: context-manager repository: oci://quay.io/codefresh/charts - version: 2.31.4 + version: 2.33.6 - name: pipeline-manager repository: oci://quay.io/codefresh/charts - version: 3.137.7 + version: 3.138.3 - name: gitops-dashboard-manager repository: oci://quay.io/codefresh/charts - version: 1.14.18 + version: 1.14.20 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.268.8 + version: 21.274.7 - name: cfui repository: oci://quay.io/codefresh/charts - version: 14.96.75 + version: 14.97.49 - name: k8s-monitor repository: oci://quay.io/codefresh/charts - version: 4.11.11 + version: 4.11.13 - name: runtime-environment-manager repository: oci://quay.io/codefresh/charts - version: 3.38.3 + version: 3.39.3 - name: cf-broadcaster repository: oci://quay.io/codefresh/charts - version: 1.12.19 + version: 1.12.21 - name: helm-repo-manager repository: oci://quay.io/codefresh/charts - version: 0.17.1 + version: 0.20.2 - name: hermes repository: oci://quay.io/codefresh/charts - version: 0.21.17 + version: 0.21.18 - name: nomios repository: oci://quay.io/codefresh/charts - version: 0.11.9 + version: 0.11.10 - name: cronus repository: oci://quay.io/codefresh/charts - version: 0.8.9 + version: 0.8.10 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.76 + version: 0.49.77 - name: cf-platform-analytics repository: oci://quay.io/codefresh/charts - version: 0.49.76 + version: 0.49.77 - name: argo-platform repository: oci://quay.io/codefresh/charts - version: 1.3169.1-onprem-915b48a + version: 1.3343.1 - name: argo-hub-platform repository: oci://quay.io/codefresh/charts - version: 0.1.18 + version: 0.1.21 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts - version: 0.0.15 -digest: sha256:416dcda251f5cd35df121c7beb2a922e581177f0fcdbe54e486bd3130a1eb835 -generated: "2025-03-07T17:14:47.941403+03:00" + version: 0.0.16 +digest: sha256:7ab6519cb8b1146be784eb72ca94eaef2ebeefb2b57e7db0b285ada0e4f3e588 +generated: "2025-03-14T13:02:42.457938+03:00" diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 82ae853d5..93972bca1 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Helm Chart for Codefresh On-Prem name: codefresh -version: 2.6.9 +version: 2.7.0 keywords: - codefresh home: https://codefresh.io/ @@ -11,25 +11,25 @@ sources: maintainers: - name: codefresh url: https://codefresh-io.github.io/ -appVersion: 2.6.0 +appVersion: 2.7.0 annotations: - # artifacthub.io/prerelease: "true" + artifacthub.io/prerelease: "true" artifacthub.io/alternativeName: "codefresh-onprem" # artifacthub.io/containsSecurityUpdates: "true" # supported kinds are added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - - kind: fixed - description: "Optional CACHE_PASSWORD env var for argo-platform (api-graphql/promotion-orchestrator)" + - kind: changed + description: "Initial 2.7 release" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts version: 0.18.1 - name: internal-gateway - repository: oci://quay.io/codefresh/charts - version: 0.9.0 + repository: oci://quay.io/codefresh/charts/dev + version: 0.10.2 condition: internal-gateway.enabled - name: consul - version: 11.4.8 + version: 11.4.10 repository: https://charts.bitnami.com/bitnami condition: consul.enabled - name: mongodb @@ -45,7 +45,7 @@ dependencies: repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql-ha.enabled - name: redis - version: 20.9.0 + version: 20.11.3 repository: https://charts.bitnami.com/bitnami condition: redis.enabled - name: redis-ha @@ -53,21 +53,21 @@ dependencies: version: 4.26.1 condition: redis-ha.enabled - name: rabbitmq - version: 14.7.0 + version: 15.3.3 repository: https://charts.bitnami.com/bitnami condition: rabbitmq.enabled - name: nats - version: 8.4.9 + version: 9.0.6 repository: https://charts.bitnami.com/bitnami condition: nats.enabled - name: builder repository: oci://quay.io/codefresh/charts condition: builder.enabled - version: 1.3.0 + version: 1.4.0 - name: runner repository: oci://quay.io/codefresh/charts condition: runner.enabled - version: 1.3.0 + version: 1.4.0 - name: ingress-nginx version: 4.11.2 repository: https://kubernetes.github.io/ingress-nginx @@ -81,7 +81,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: kube-integration.enabled - name: charts-manager - version: "~1.19.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: charts-manager.enabled - name: cfsign @@ -93,11 +93,11 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: tasker-kubernetes.enabled - name: context-manager - version: "~2.31.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: context-manager.enabled - name: pipeline-manager - version: "~3.137.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: pipeline-manager.enabled - name: gitops-dashboard-manager @@ -106,96 +106,96 @@ dependencies: condition: gitops-dashboard-manager.enabled - name: cfapi alias: cfapi - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi.enabled - name: cfapi alias: cfapi-auth - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-auth.enabled - name: cfapi alias: cfapi-internal - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-internal.enabled - name: cfapi alias: cfapi-ws - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-ws.enabled - name: cfapi alias: cfapi-admin - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-admin.enabled - name: cfapi alias: cfapi-endpoints - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-endpoints.enabled - name: cfapi alias: cfapi-terminators - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-terminators.enabled - name: cfapi alias: cfapi-sso-group-synchronizer - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-sso-group-synchronizer.enabled - name: cfapi alias: cfapi-buildmanager - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-buildmanager.enabled - name: cfapi alias: cfapi-cacheevictmanager - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-cacheevictmanager.enabled - name: cfapi alias: cfapi-eventsmanagersubscriptions - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-eventsmanagersubscriptions.enabled - name: cfapi alias: cfapi-kubernetesresourcemonitor - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-kubernetesresourcemonitor.enabled - name: cfapi alias: cfapi-environments - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-environments.enabled - name: cfapi alias: cfapi-gitops-resource-receiver - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-gitops-resource-receiver.enabled - name: cfapi alias: cfapi-downloadlogmanager - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-downloadlogmanager.enabled - name: cfapi alias: cfapi-teams - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-teams.enabled - name: cfapi alias: cfapi-kubernetes-endpoints - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-kubernetes-endpoints.enabled - name: cfapi alias: cfapi-test-reporting - version: "~21.268.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfapi-test-reporting.enabled - name: cfui - version: "~14.96.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: cfui.enabled - name: k8s-monitor @@ -203,7 +203,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: k8s-monitor.enabled - name: runtime-environment-manager - version: "~3.38.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: runtime-environment-manager.enabled - name: cf-broadcaster @@ -211,7 +211,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: cf-broadcaster.enabled - name: helm-repo-manager - version: "~0.17.0" + version: "*" repository: oci://quay.io/codefresh/charts condition: helm-repo-manager.enabled - name: hermes @@ -237,7 +237,7 @@ dependencies: repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-platform - version: "1.3169.1-onprem-915b48a" + version: "*" repository: oci://quay.io/codefresh/charts condition: argo-platform.enabled - name: argo-hub-platform diff --git a/codefresh/tests/misc/global_constrains_test.yaml b/codefresh/tests/misc/global_constrains_test.yaml new file mode 100644 index 000000000..55fdc75a3 --- /dev/null +++ b/codefresh/tests/misc/global_constrains_test.yaml @@ -0,0 +1,1065 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/quintush/helm-unittest/master/schema/helm-testsuite.json +suite: Should test global tolerations/nodeSelector/affinity/imagePullSecret +templates: + - charts/**/*.yaml + - internal-gateway.yaml +tests: + - it: argo-platform-abac should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/abac/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + + - it: argo-platform-analytics-reporter should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/analytics-reporter/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-api-events should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/api-events/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-api-graphql should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/api-graphql/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-audit should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/audit/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-broadcaster should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/broadcaster/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-cron-executor should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/cron-executor/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-event-handler should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/event-handler/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-promotion-orchestrator should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/promotion-orchestrator/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-platform-ui should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-platform/templates/ui/workload.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: argo-hub-platform should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/argo-hub-platform/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cf-builder should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/builder/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cf-runner should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/runner/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cf-broadcaster should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cf-broadcaster/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cfapi should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cfapi/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cfsign should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cfsign/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cfui should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cfui/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: charts-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/charts-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cluster-providers should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cluster-providers/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: context-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/context-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: cronus should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cronus/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: gitops-dashboard-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/gitops-dashboard-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: helm-repo-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/helm-repo-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: hermes should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/hermes/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: internal-gateway should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: internal-gateway.yaml + documentSelector: + path: kind + value: Deployment + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: k8s-monitor should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/k8s-monitor/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: kube-integration should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/kube-integration/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: nomios should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/nomios/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: pipeline-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/pipeline-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: platform-analytics should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cf-platform-analytics-platform/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: platform-analytics-etl should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/cf-platform-analytics-etlstarter/templates/etl/system-etl-postgres/controller.yaml + asserts: + - contains: + path: spec.jobTemplate.spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.jobTemplate.spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.jobTemplate.spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.jobTemplate.spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: runtime-environment-manager should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/runtime-environment-manager/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" + + - it: tasker-kubernetes should have global tolerations/nodeSelector/affinity/imagePullSecret + values: + - ../values/global.yaml + template: charts/tasker-kubernetes/templates/controller.yaml + asserts: + - contains: + path: spec.template.spec.imagePullSecrets + content: + name: my-secret + - contains: + path: spec.template.spec.tolerations + content: + key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + - equal: + path: spec.template.spec.nodeSelector + value: + key: "value" + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" diff --git a/codefresh/tests/values/global.yaml b/codefresh/tests/values/global.yaml new file mode 100644 index 000000000..a0a98dffc --- /dev/null +++ b/codefresh/tests/values/global.yaml @@ -0,0 +1,22 @@ +global: + imagePullSecrets: + - my-secret + + tolerations: + - key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + + nodeSelector: + key: "value" + + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 2cb9c5888..5d390346c 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -164,6 +164,15 @@ global: # -- Global Env vars env: {} + # -- Global tolerations constraints + tolerations: [] + + # -- Global affinity constraints + affinity: {} + + # -- Global nodeSelector constraints + nodeSelector: {} + # -- New Relic Key newrelicLicenseKey: "" From ab15a1c2e7b7087cd5d1688f2f80d9a357eb1a53 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 13:25:05 +0300 Subject: [PATCH 14/30] onprem: 2.7.0 --- codefresh/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codefresh/Chart.yaml b/codefresh/Chart.yaml index 93972bca1..96af206c9 100644 --- a/codefresh/Chart.yaml +++ b/codefresh/Chart.yaml @@ -25,7 +25,7 @@ dependencies: repository: oci://quay.io/codefresh/charts version: 0.18.1 - name: internal-gateway - repository: oci://quay.io/codefresh/charts/dev + repository: oci://quay.io/codefresh/charts version: 0.10.2 condition: internal-gateway.enabled - name: consul From 83a39fb54b9151bb8a486bf4e1f07a3f84afe3c8 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 13:30:35 +0300 Subject: [PATCH 15/30] onprem: 2.7.0 --- codefresh/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/codefresh/README.md b/codefresh/README.md index 01d219479..7a725526b 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1,6 +1,6 @@ ## Codefresh On-Premises -![Version: 2.6.9](https://img.shields.io/badge/Version-2.6.9-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square) +![Version: 2.7.0](https://img.shields.io/badge/Version-2.7.0-informational?style=flat-square) ![AppVersion: 2.7.0](https://img.shields.io/badge/AppVersion-2.7.0-informational?style=flat-square) Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes. @@ -2149,6 +2149,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | gencerts | object | See below | Job to generate internal runtime secrets. Required at first install. | | gitops-dashboard-manager | object | See below | gitops-dashboard-manager | | global | object | See below | Global parameters | +| global.affinity | object | `{}` | Global affinity constraints | | global.appProtocol | string | `"https"` | Application protocol. | | global.appUrl | string | `"onprem.codefresh.local"` | Application root url. Will be used in Ingress objects as hostname | | global.broadcasterPort | int | `80` | Default broadcaster service port. | @@ -2196,6 +2197,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | global.natsPort | int | `4222` | Default nats service port. | | global.natsService | string | `"nats"` | Default nats service name. | | global.newrelicLicenseKey | string | `""` | New Relic Key | +| global.nodeSelector | object | `{}` | Global nodeSelector constraints | | global.oidcProviderClientId | string | `nil` | Default OIDC Provider service client ID in plain text. | | global.oidcProviderClientSecret | string | `nil` | Default OIDC Provider service client secret in plain text. | | global.oidcProviderPort | int | `443` | Default OIDC Provider service port. | @@ -2236,6 +2238,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | global.storageClass | string | `""` | Global StorageClass for Persistent Volume(s) | | global.tlsSignPort | int | `4999` | Default tls-sign service port. | | global.tlsSignService | string | `"cfsign"` | Default tls-sign service name. | +| global.tolerations | list | `[]` | Global tolerations constraints | | helm-repo-manager | object | See below | helm-repo-manager | | hermes | object | See below | hermes | | hooks | object | See below | Pre/post-upgrade Job hooks. Updates images in `system/default` runtime. | From e4e606b76288125644e5fd8eb3ff58abe88f52e7 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 13:44:30 +0300 Subject: [PATCH 16/30] onprem: 2.7.0 --- codefresh/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 5d390346c..1d6806dbd 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -1009,7 +1009,7 @@ k8s-monitor: container: image: registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io - repository: codefresh/cf-k8s-monitor + repository: codefresh/k8s-monitor resources: requests: cpu: 100m From b910c8c0c0adf910ee6d98e20501f033f8c5df59 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 14:10:38 +0300 Subject: [PATCH 17/30] onprem: 2.7.0 --- codefresh/values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 1d6806dbd..7c8c89ff6 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -1803,6 +1803,9 @@ argo-platform: podAnnotations: checksum/secret: '{{ include (print $.Template.BasePath "/promotion-orchestrator/secret.yaml") . | sha256sum }}' + classic-event-bridge: + enabled: false + # -- cf-oidc-provider # @default -- See below cf-oidc-provider: From c3c6a5e135e273c56a33240aa4dc52090a82dfff Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 16:06:45 +0300 Subject: [PATCH 18/30] onprem: 2.7.0 --- codefresh/README.md.gotmpl | 31 +++++++++++++++++++++++++++++++ codefresh/values.yaml | 3 +++ 2 files changed, 34 insertions(+) diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index e0b6a6f5a..671fe549e 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -45,6 +45,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [To 2.4.0](#to-240) - [To 2.5.0](#to-250) - [To 2.6.0](#to-260) + - [To 2.7.0](#to-270) - [Rollback](#rollback) - [Troubleshooting](#troubleshooting) - [Values](#values) @@ -1998,6 +1999,36 @@ Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +### To 2.7.0 + +### [What's new in 2.7.x](https://codefresh.io/docs/docs/whats-new/on-prem-release-notes/#on-premises-version-27) + +#### Affected values + +- Added option to provide global `tolerations`/`nodeSelector`/`affinity` for all Codefresh subcharts +> **Note!** This global setting will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) + +```yaml +global: + tolerations: + - key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + + nodeSelector: + key: "value" + + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" +``` ## Troubleshooting diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 7c8c89ff6..05879ba46 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -165,12 +165,15 @@ global: env: {} # -- Global tolerations constraints + # Apply toleratons to all Codefresh subcharts. Will not be applied on Bitnami subcharts. tolerations: [] # -- Global affinity constraints + # Apply affinity to all Codefresh subcharts. Will not be applied on Bitnami subcharts. affinity: {} # -- Global nodeSelector constraints + # Apply nodeSelector to all Codefresh subcharts. Will not be applied on Bitnami subcharts. nodeSelector: {} # -- New Relic Key From d5ed3ab95fdf663244e17ec49d5e9506482e5586 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 16:07:14 +0300 Subject: [PATCH 19/30] onprem: 2.7.0 --- codefresh/README.md | 38 +++++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index 7a725526b..79a2d583d 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -45,6 +45,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [To 2.4.0](#to-240) - [To 2.5.0](#to-250) - [To 2.6.0](#to-260) + - [To 2.7.0](#to-270) - [Rollback](#rollback) - [Troubleshooting](#troubleshooting) - [Values](#values) @@ -1990,6 +1991,37 @@ Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +### To 2.7.0 + +### [What's new in 2.7.x](https://codefresh.io/docs/docs/whats-new/on-prem-release-notes/#on-premises-version-27) + +#### Affected values + +- Added option to provide global `tolerations`/`nodeSelector`/`affinity` for all Codefresh subcharts +> **Note!** This global setting will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) + +```yaml +global: + tolerations: + - key: "key" + operator: "Equal" + value: "value" + effect: "NoSchedule" + + nodeSelector: + key: "value" + + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "key" + operator: "In" + values: + - "value" +``` + ## Troubleshooting ### Error: Failed to validate connection to Docker daemon; caused by Error: certificate has expired @@ -2149,7 +2181,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | gencerts | object | See below | Job to generate internal runtime secrets. Required at first install. | | gitops-dashboard-manager | object | See below | gitops-dashboard-manager | | global | object | See below | Global parameters | -| global.affinity | object | `{}` | Global affinity constraints | +| global.affinity | object | `{}` | Global affinity constraints Apply affinity to all Codefresh subcharts. Will not be applied on Bitnami subcharts. | | global.appProtocol | string | `"https"` | Application protocol. | | global.appUrl | string | `"onprem.codefresh.local"` | Application root url. Will be used in Ingress objects as hostname | | global.broadcasterPort | int | `80` | Default broadcaster service port. | @@ -2197,7 +2229,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | global.natsPort | int | `4222` | Default nats service port. | | global.natsService | string | `"nats"` | Default nats service name. | | global.newrelicLicenseKey | string | `""` | New Relic Key | -| global.nodeSelector | object | `{}` | Global nodeSelector constraints | +| global.nodeSelector | object | `{}` | Global nodeSelector constraints Apply nodeSelector to all Codefresh subcharts. Will not be applied on Bitnami subcharts. | | global.oidcProviderClientId | string | `nil` | Default OIDC Provider service client ID in plain text. | | global.oidcProviderClientSecret | string | `nil` | Default OIDC Provider service client secret in plain text. | | global.oidcProviderPort | int | `443` | Default OIDC Provider service port. | @@ -2238,7 +2270,7 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server | global.storageClass | string | `""` | Global StorageClass for Persistent Volume(s) | | global.tlsSignPort | int | `4999` | Default tls-sign service port. | | global.tlsSignService | string | `"cfsign"` | Default tls-sign service name. | -| global.tolerations | list | `[]` | Global tolerations constraints | +| global.tolerations | list | `[]` | Global tolerations constraints Apply toleratons to all Codefresh subcharts. Will not be applied on Bitnami subcharts. | | helm-repo-manager | object | See below | helm-repo-manager | | hermes | object | See below | hermes | | hooks | object | See below | Pre/post-upgrade Job hooks. Updates images in `system/default` runtime. | From 03a753cdb0aa7ea204ace4ab61e5a012c3e0b269 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:33:06 +0300 Subject: [PATCH 20/30] onprem: 2.7.0 --- codefresh/README.md.gotmpl | 52 ++++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 24 deletions(-) diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index 671fe549e..49374dc3f 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -1207,6 +1207,32 @@ cfapi: USE_SHA256_GITHUB_SIGNATURE: "true" ``` +### Auto-index creation in MongoDB + +In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: + +> **Note!** Enabling this feature can cause performance degradation during the index creation process. + +> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. + +```yaml +cfapi: + container: + env: + MONGOOSE_AUTO_INDEX: "true" +``` + +```yaml +argo-platform: + api-graphql: + env: + MONGO_AUTOMATIC_INDEX_CREATION: "true" +``` + +Ref: +- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) +- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) + ## Configuring OIDC Provider OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud provider (such as AWS, Azure, GCP), without needing to store cloud credentials as long-lived pipeline secret variables. @@ -1975,29 +2001,7 @@ cfapi: #### Auto-index creation in MongoDB -In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: - -> **Note!** Enabling this feature can cause performance degradation during the index creation process. - -> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. - -```yaml -cfapi: - container: - env: - MONGOOSE_AUTO_INDEX: "true" -``` - -```yaml -argo-platform: - api-graphql: - env: - MONGO_AUTOMATIC_INDEX_CREATION: "true" -``` - -Ref: -- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) -- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +Auto-index creation in MongoDB[#auto-index-creation-in-mongodb] ### To 2.7.0 @@ -2006,7 +2010,7 @@ Ref: #### Affected values - Added option to provide global `tolerations`/`nodeSelector`/`affinity` for all Codefresh subcharts -> **Note!** This global setting will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) +> **Note!** These global settings will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) ```yaml global: From e72f179e9a220ccc7a370d5850f10748174a0ce3 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:33:12 +0300 Subject: [PATCH 21/30] onprem: 2.7.0 --- codefresh/README.md | 52 ++++++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 24 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index 79a2d583d..1ff690642 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1202,6 +1202,32 @@ cfapi: USE_SHA256_GITHUB_SIGNATURE: "true" ``` +### Auto-index creation in MongoDB + +In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: + +> **Note!** Enabling this feature can cause performance degradation during the index creation process. + +> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. + +```yaml +cfapi: + container: + env: + MONGOOSE_AUTO_INDEX: "true" +``` + +```yaml +argo-platform: + api-graphql: + env: + MONGO_AUTOMATIC_INDEX_CREATION: "true" +``` + +Ref: +- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) +- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) + ## Configuring OIDC Provider OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud provider (such as AWS, Azure, GCP), without needing to store cloud credentials as long-lived pipeline secret variables. @@ -1967,29 +1993,7 @@ cfapi: #### Auto-index creation in MongoDB -In Codefresh On-Prem 2.6.x, the `cfapi` can create indexes in MongoDB automatically. This feature is disabled by default. To enable it, set the following environment variable: - -> **Note!** Enabling this feature can cause performance degradation during the index creation process. - -> **Note!** It is recommended to add indexes during a maintenance window. The indexes list is provided in `codefresh/files/indexes//.json` files. - -```yaml -cfapi: - container: - env: - MONGOOSE_AUTO_INDEX: "true" -``` - -```yaml -argo-platform: - api-graphql: - env: - MONGO_AUTOMATIC_INDEX_CREATION: "true" -``` - -Ref: -- [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) -- [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +Auto-index creation in MongoDB[#auto-index-creation-in-mongodb] ### To 2.7.0 @@ -1998,7 +2002,7 @@ Ref: #### Affected values - Added option to provide global `tolerations`/`nodeSelector`/`affinity` for all Codefresh subcharts -> **Note!** This global setting will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) +> **Note!** These global settings will not be applied to Bitnami subcharts (e.g. `mongodb`, `redis`, `rabbitmq`, `postgres`. etc) ```yaml global: From 805dae716dd401dd4e79c154d63b7ec7e55d4956 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:34:40 +0300 Subject: [PATCH 22/30] onprem: 2.7.0 --- codefresh/README.md | 1 + codefresh/README.md.gotmpl | 1 + 2 files changed, 2 insertions(+) diff --git a/codefresh/README.md b/codefresh/README.md index 1ff690642..56783de7e 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -33,6 +33,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [Projects pipelines limit](#projects-pipelines-limit) - [Enable session cookie](#enable-session-cookie) - [X-Frame-Options response header](#x-frame-options-response-header) + - [Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) - [Configuring OIDC Provider](#configuring-oidc-provider) - [Upgrading](#upgrading) - [To 2.0.0](#to-200) diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index 49374dc3f..f0b8e3114 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -33,6 +33,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [Projects pipelines limit](#projects-pipelines-limit) - [Enable session cookie](#enable-session-cookie) - [X-Frame-Options response header](#x-frame-options-response-header) + - [Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) - [Configuring OIDC Provider](#configuring-oidc-provider) - [Upgrading](#upgrading) - [To 2.0.0](#to-200) From 3cb7d85f6d1667a79e3cf71583dfeb26471368a5 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:35:19 +0300 Subject: [PATCH 23/30] onprem: 2.7.0 --- codefresh/README.md | 2 +- codefresh/README.md.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index 56783de7e..2aa70934c 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -1994,7 +1994,7 @@ cfapi: #### Auto-index creation in MongoDB -Auto-index creation in MongoDB[#auto-index-creation-in-mongodb] +[Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) ### To 2.7.0 diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index f0b8e3114..a1ba79b81 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -2002,7 +2002,7 @@ cfapi: #### Auto-index creation in MongoDB -Auto-index creation in MongoDB[#auto-index-creation-in-mongodb] +[Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) ### To 2.7.0 From 681c27fccbdef562543d67623af49d44ad30b6ea Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:38:01 +0300 Subject: [PATCH 24/30] onprem: 2.7.0 --- codefresh/README.md | 71 ++++++++++++++++++++----------------- codefresh/README.md.gotmpl | 72 +++++++++++++++++++++----------------- 2 files changed, 77 insertions(+), 66 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index 2aa70934c..0cabf2427 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -34,6 +34,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [Enable session cookie](#enable-session-cookie) - [X-Frame-Options response header](#x-frame-options-response-header) - [Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) + - [Image digests in containers](#image-digests-in-containers) - [Configuring OIDC Provider](#configuring-oidc-provider) - [Upgrading](#upgrading) - [To 2.0.0](#to-200) @@ -1229,6 +1230,42 @@ Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +### Image digests in containers + +In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. + +For example, default values for `cfapi` might look like this: + +```yaml +container: + image: + registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io + repository: codefresh/cf-api + tag: 21.268.1 + digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" + pullPolicy: IfNotPresent +``` + +this resulting in the following image reference in the pod spec: + +```yaml +spec: + containers: + - name: cfapi + image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 +``` + +> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: + +```yaml +cfapi: + container: + image: + tag: 21.268.1 + # -- Set empty tag for digest + digest: "" +``` + ## Configuring OIDC Provider OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud provider (such as AWS, Azure, GCP), without needing to store cloud credentials as long-lived pipeline secret variables. @@ -1958,39 +1995,7 @@ cfapi: #### Affected values -In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. - -For example, default values for `cfapi` might look like this: - -```yaml -container: - image: - registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io - repository: codefresh/cf-api - tag: 21.268.1 - digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" - pullPolicy: IfNotPresent -``` - -this resulting in the following image reference in the pod spec: - -```yaml -spec: - containers: - - name: cfapi - image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 -``` - -> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: - -```yaml -cfapi: - container: - image: - tag: 21.268.1 - # -- Set empty tag for digest - digest: "" -``` +[Image digests in containers](#image-digests-in-containers) #### Auto-index creation in MongoDB diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index a1ba79b81..c233320e4 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -34,6 +34,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/ - [Enable session cookie](#enable-session-cookie) - [X-Frame-Options response header](#x-frame-options-response-header) - [Auto-index creation in MongoDB](#auto-index-creation-in-mongodb) + - [Image digests in containers](#image-digests-in-containers) - [Configuring OIDC Provider](#configuring-oidc-provider) - [Upgrading](#upgrading) - [To 2.0.0](#to-200) @@ -1234,6 +1235,43 @@ Ref: - [Create an Index in Atlas DB](https://www.mongodb.com/docs/atlas/atlas-ui/indexes/#create-an-index) - [Create an Index with mongosh](https://www.mongodb.com/docs/manual/reference/method/db.collection.createIndex/) +### Image digests in containers + +In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. + +For example, default values for `cfapi` might look like this: + +```yaml +container: + image: + registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io + repository: codefresh/cf-api + tag: 21.268.1 + digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" + pullPolicy: IfNotPresent +``` + +this resulting in the following image reference in the pod spec: + +```yaml +spec: + containers: + - name: cfapi + image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 +``` + +> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: + +```yaml +cfapi: + container: + image: + tag: 21.268.1 + # -- Set empty tag for digest + digest: "" +``` + + ## Configuring OIDC Provider OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud provider (such as AWS, Azure, GCP), without needing to store cloud credentials as long-lived pipeline secret variables. @@ -1966,39 +2004,7 @@ cfapi: #### Affected values -In Codefresh On-Prem 2.6.x all Codefresh owner microservices include image digests in the default subchart values. - -For example, default values for `cfapi` might look like this: - -```yaml -container: - image: - registry: us-docker.pkg.dev/codefresh-enterprise/gcr.io - repository: codefresh/cf-api - tag: 21.268.1 - digest: "sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8" - pullPolicy: IfNotPresent -``` - -this resulting in the following image reference in the pod spec: - -```yaml -spec: - containers: - - name: cfapi - image: us-docker.pkg.dev/codefresh-enterprise/gcr.io/codefresh/cf-api:21.268.1@sha256:bae42f8efc18facc2bf93690fce4ab03ef9607cec4443fada48292d1be12f5f8 -``` - -> **Note!** When the `digest` is providerd, the `tag` is ignored! You can omit digest and use tag only like the following `values.yaml` example: - -```yaml -cfapi: - container: - image: - tag: 21.268.1 - # -- Set empty tag for digest - digest: "" -``` +[Image digests in containers](#image-digests-in-containers) #### Auto-index creation in MongoDB From fe51332878ecfb4cd6b9cfd3964a66ccf6da172a Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 17:40:50 +0300 Subject: [PATCH 25/30] onprem: 2.7.0 --- codefresh/README.md | 4 ++++ codefresh/README.md.gotmpl | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/codefresh/README.md b/codefresh/README.md index 0cabf2427..96e08de07 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -2093,6 +2093,10 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server ./configure-dind-certs.sh -n $RUNTIME_NAMESPACE https://$CODEFRESH_HOST $CODEFRESH_API_TOKEN ``` +### Consul Error: Refusing to rejoin cluster because the server has been offline for more than the configured server_rejoin_age_max + +After platform upgrade, Consul fails with the error `refusing to rejoin cluster because the server has been offline for more than the configured server_rejoin_age_max - consider wiping your data dir`. There is [known issue](https://github.com/hashicorp/consul/issues/20722) of **hashicorp/consul** behaviour. Try to wipe out or delete the consul PV with config data and restart Consul StatefulSet. + ## Values | Key | Type | Default | Description | diff --git a/codefresh/README.md.gotmpl b/codefresh/README.md.gotmpl index c233320e4..295d90812 100644 --- a/codefresh/README.md.gotmpl +++ b/codefresh/README.md.gotmpl @@ -2102,4 +2102,8 @@ kubectl -n $NAMESPACE delete secret codefresh-certs-server ./configure-dind-certs.sh -n $RUNTIME_NAMESPACE https://$CODEFRESH_HOST $CODEFRESH_API_TOKEN ``` +### Consul Error: Refusing to rejoin cluster because the server has been offline for more than the configured server_rejoin_age_max + +After platform upgrade, Consul fails with the error `refusing to rejoin cluster because the server has been offline for more than the configured server_rejoin_age_max - consider wiping your data dir`. There is [known issue](https://github.com/hashicorp/consul/issues/20722) of **hashicorp/consul** behaviour. Try to wipe out or delete the consul PV with config data and restart Consul StatefulSet. + {{ template "chart.valuesSection" . }} From 0c3a22c9f7f0c0a8295fac7a8daa6ec457c276d0 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 18:15:12 +0300 Subject: [PATCH 26/30] onprem: 2.7.0 --- codefresh/Chart.lock | 46 ++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/codefresh/Chart.lock b/codefresh/Chart.lock index 49e0194c2..c8f75f603 100644 --- a/codefresh/Chart.lock +++ b/codefresh/Chart.lock @@ -3,7 +3,7 @@ dependencies: repository: oci://quay.io/codefresh/charts version: 0.18.1 - name: internal-gateway - repository: oci://quay.io/codefresh/charts/dev + repository: oci://quay.io/codefresh/charts version: 0.10.2 - name: consul repository: https://charts.bitnami.com/bitnami @@ -64,61 +64,61 @@ dependencies: version: 1.14.20 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfapi repository: oci://quay.io/codefresh/charts - version: 21.274.7 + version: 21.274.9 - name: cfui repository: oci://quay.io/codefresh/charts - version: 14.97.49 + version: 14.97.50 - name: k8s-monitor repository: oci://quay.io/codefresh/charts version: 4.11.13 @@ -148,12 +148,12 @@ dependencies: version: 0.49.77 - name: argo-platform repository: oci://quay.io/codefresh/charts - version: 1.3343.1 + version: 1.3344.0 - name: argo-hub-platform repository: oci://quay.io/codefresh/charts version: 0.1.21 - name: cf-oidc-provider repository: oci://quay.io/codefresh/charts version: 0.0.16 -digest: sha256:7ab6519cb8b1146be784eb72ca94eaef2ebeefb2b57e7db0b285ada0e4f3e588 -generated: "2025-03-14T13:02:42.457938+03:00" +digest: sha256:83072ee3b8654194f3fb06b189775de8f1220062dad9f8ec858c54641e3aeefb +generated: "2025-03-14T18:07:51.289296+03:00" From 85ae84ef2fa1e869f2700ab7dd34a5029f20b614 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 18:17:38 +0300 Subject: [PATCH 27/30] onprem: 2.7.0 --- codefresh/.ci/values/external-secrets.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/codefresh/.ci/values/external-secrets.yaml b/codefresh/.ci/values/external-secrets.yaml index 7f82f184c..75dc72763 100644 --- a/codefresh/.ci/values/external-secrets.yaml +++ b/codefresh/.ci/values/external-secrets.yaml @@ -22,7 +22,7 @@ secrets: ext-rabbitmq: enabled: true stringData: - rabbitmq-hostname: cf-rabbitmq:5672 + rabbitmq-hostname: my-rabbitmq:5672 rabbitmq-password: cVz9ZdJKYm7u rabbitmq-username: user ext-firebase: @@ -95,4 +95,7 @@ global: key: redis-password redisUrlSecretKeyRef: name: cf-codefresh-ext-redis - key: redis-url \ No newline at end of file + key: redis-url + +rabbitmq: + fullnameOverride: my-rabbitmq From 2760da149e5485db2a98274e8217da326cde1ac3 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 18:21:24 +0300 Subject: [PATCH 28/30] onprem: 2.7.0 --- codefresh/README.md | 2 +- codefresh/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index 96e08de07..f8f087d14 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -2132,7 +2132,7 @@ After platform upgrade, Consul fails with the error `refusing to rejoin cluster | argo-platform.runtime-monitor | object | See below | runtime-monitor Don't enable! Not used in onprem! | | argo-platform.ui | object | See below | ui | | argo-platform.useExternalSecret | bool | `false` | Use regular k8s secret object. Keep `false`! | -| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"27.5-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.11.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | +| builder | object | `{"affinity":{},"container":{"image":{"registry":"docker.io","repository":"library/docker","tag":"28.0-dind"}},"enabled":true,"initContainers":{"register":{"image":{"registry":"quay.io","repository":"codefresh/curl","tag":"8.11.1"}}},"nodeSelector":{},"podSecurityContext":{},"resources":{},"tolerations":[]}` | builder | | cf-broadcaster | object | See below | broadcaster | | cf-oidc-provider | object | See below | cf-oidc-provider | | cf-platform-analytics-etlstarter | object | See below | etl-starter | diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 05879ba46..4d0440e70 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -1214,7 +1214,7 @@ builder: image: registry: docker.io repository: library/docker - tag: 27.5-dind + tag: 28.0-dind affinity: {} nodeSelector: {} podSecurityContext: {} @@ -1235,7 +1235,7 @@ runner: image: registry: docker.io repository: library/docker - tag: 27.5-dind + tag: 28.0-dind affinity: {} nodeSelector: {} podSecurityContext: {} From c2dc8e158a542e563542e118be40d8e3b0525af1 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 19:12:18 +0300 Subject: [PATCH 29/30] onprem: 2.7.0 --- codefresh/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 4d0440e70..697985bb0 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -628,6 +628,7 @@ cfapi-test-reporting: # @default -- See below internal-gateway: enabled: true + libraryMode: true controller: replicas: 2 container: From 49fc553f7320685939cdabcd43012f4bd1c78e99 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Fri, 14 Mar 2025 19:24:10 +0300 Subject: [PATCH 30/30] onprem: 2.7.0 --- codefresh/README.md | 2 +- codefresh/templates/secrets/regsecret.yaml | 15 +-------------- codefresh/values.yaml | 3 ++- 3 files changed, 4 insertions(+), 16 deletions(-) diff --git a/codefresh/README.md b/codefresh/README.md index f8f087d14..2159cd66a 100644 --- a/codefresh/README.md +++ b/codefresh/README.md @@ -2225,7 +2225,7 @@ After platform upgrade, Consul fails with the error `refusing to rejoin cluster | global.gitopsDashboardManagerService | string | `"gitops-dashboard-manager"` | Default gitops-dashboarad-manager service name. | | global.helmRepoManagerService | string | `"helm-repo-manager"` | Default helm-repo-manager service name. | | global.hermesService | string | `"hermes"` | Default hermes service name. | -| global.imagePullSecrets | list | `[]` | Global Docker registry secret names as array | +| global.imagePullSecrets | list | `["codefresh-registry"]` | Global Docker registry secret names as array | | global.imageRegistry | string | `""` | Global Docker image registry | | global.kubeIntegrationPort | int | `9000` | Default kube-integration service port. | | global.kubeIntegrationService | string | `"kube-integration"` | Default kube-integration service name. | diff --git a/codefresh/templates/secrets/regsecret.yaml b/codefresh/templates/secrets/regsecret.yaml index 50a060885..40624470c 100644 --- a/codefresh/templates/secrets/regsecret.yaml +++ b/codefresh/templates/secrets/regsecret.yaml @@ -1,23 +1,10 @@ -{{ $name := printf "%v-%v-%v" .Release.Name .Values.global.codefresh "registry" }} --- apiVersion: v1 kind: Secret metadata: - name: {{ $name }} + name: codefresh-registry labels: {{ include "codefresh.labels" . | nindent 4 }} type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: {{ include "codefresh.imagePullSecret" . }} ---- -{{- if index .Values "argo-platform" "enabled" }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Release.Name }}-registry - labels: - {{ include "codefresh.labels" . | nindent 4 }} -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: {{ include "codefresh.imagePullSecret" . }} -{{- end }} \ No newline at end of file diff --git a/codefresh/values.yaml b/codefresh/values.yaml index 697985bb0..ad2c63698 100644 --- a/codefresh/values.yaml +++ b/codefresh/values.yaml @@ -156,7 +156,8 @@ global: imageRegistry: "" # -- Global Docker registry secret names as array - imagePullSecrets: [] + imagePullSecrets: + - 'codefresh-registry' # -- Global StorageClass for Persistent Volume(s) storageClass: ""