From b098358cd1448e8db5b8077b1b11cab5b4f41464 Mon Sep 17 00:00:00 2001 From: reggie-k Date: Tue, 22 Jul 2025 09:56:33 +0300 Subject: [PATCH 1/6] updated argo cd to 8.0.6-5-cap-v3.0.2-2025-07-21-ac26d0e2 with helm and go-git bump Signed-off-by: reggie-k --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 8f4270156..c99ac9628 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -17,7 +17,7 @@ dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm condition: argo-cd.enabled - version: 8.0.6-4-cap-v3.0.2-2025-07-06-e9fc72a9 + version: 8.0.6-5-cap-v3.0.2-2025-07-21-ac26d0e2 - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.4.8-cap-CR-29689 From 6bb5fc8c19a8a6a4ed0b608eac97588a2baa952c Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Wed, 23 Jul 2025 15:37:47 +0300 Subject: [PATCH 2/6] fix: add registy for internal-router --- .../templates/_components/internal-router/_deployment.yaml | 2 +- charts/gitops-runtime/values.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml b/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml index 1c3cf8536..e73e7b40a 100644 --- a/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml +++ b/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml @@ -33,7 +33,7 @@ spec: - name: 'internal-router' securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.env | nindent 10 }} imagePullPolicy: {{ .Values.image.pullPolicy }} ports: diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index ce68ba28d..f91505114 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -451,6 +451,7 @@ event-reporters: internal-router: replicaCount: 1 image: + registry: docker.io repository: nginxinc/nginx-unprivileged pullPolicy: IfNotPresent tag: 1.28-alpine3.21 From ddc96f15ed28c84592117116e03e8b9cc87d8b36 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Wed, 23 Jul 2025 15:38:00 +0300 Subject: [PATCH 3/6] fix: add registy for internal-router --- charts/gitops-runtime/README.md | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index c536a249d..553f92cb9 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -228,14 +228,14 @@ sealed-secrets: | app-proxy.image-enrichment.serviceAccount.name | string | `"codefresh-image-enrichment-sa"` | Name of the service account to create or the name of the existing one to use | | app-proxy.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.image.repository | string | `"quay.io/codefresh/cap-app-proxy"` | | -| app-proxy.image.tag | string | `"1.3628.0"` | | +| app-proxy.image.tag | string | `"1.3651.0"` | | | app-proxy.imagePullSecrets | list | `[]` | | | app-proxy.initContainer.command[0] | string | `"./init.sh"` | | | app-proxy.initContainer.env | object | `{}` | | | app-proxy.initContainer.extraVolumeMounts | list | `[]` | Extra volume mounts for init container | | app-proxy.initContainer.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.initContainer.image.repository | string | `"quay.io/codefresh/cap-app-proxy-init"` | | -| app-proxy.initContainer.image.tag | string | `"1.3628.0"` | | +| app-proxy.initContainer.image.tag | string | `"1.3651.0"` | | | app-proxy.initContainer.resources.limits | object | `{}` | | | app-proxy.initContainer.resources.requests.cpu | string | `"0.2"` | | | app-proxy.initContainer.resources.requests.memory | string | `"256Mi"` | | @@ -319,9 +319,16 @@ sealed-secrets: | event-reporters.rollout.eventSource.resources | object | `{}` | | | event-reporters.rollout.eventSource.tolerations | list | `[]` | | | event-reporters.rollout.sensor.affinity | object | `{}` | | +| event-reporters.rollout.sensor.atLeastOnce | bool | `true` | At Least Once | | event-reporters.rollout.sensor.env | object | `{}` | Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs | | event-reporters.rollout.sensor.logging | object | `{"enabled":false,"intervalSeconds":0}` | Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. | | event-reporters.rollout.sensor.nodeSelector | object | `{}` | | +| event-reporters.rollout.sensor.policy.status.allow[0] | int | `200` | | +| event-reporters.rollout.sensor.policy.status.allow[1] | int | `201` | | +| event-reporters.rollout.sensor.policy.status.allow[2] | int | `204` | | +| event-reporters.rollout.sensor.policy.status.allow[3] | int | `400` | | +| event-reporters.rollout.sensor.policy.status.allow[4] | int | `401` | | +| event-reporters.rollout.sensor.policy.status.allow[5] | int | `404` | | | event-reporters.rollout.sensor.replicas | int | `1` | | | event-reporters.rollout.sensor.resources | object | `{}` | | | event-reporters.rollout.sensor.retryStrategy | object | `{"duration":0,"factor":1,"jitter":1,"steps":3}` | Retry strategy for events sent to Codefresh | @@ -337,9 +344,16 @@ sealed-secrets: | event-reporters.workflow.eventSource.resources | object | `{}` | | | event-reporters.workflow.eventSource.tolerations | list | `[]` | | | event-reporters.workflow.sensor.affinity | object | `{}` | | +| event-reporters.workflow.sensor.atLeastOnce | bool | `true` | At Least Once | | event-reporters.workflow.sensor.env | object | `{}` | Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs | | event-reporters.workflow.sensor.logging | object | `{"enabled":false,"intervalSeconds":0}` | Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. | | event-reporters.workflow.sensor.nodeSelector | object | `{}` | | +| event-reporters.workflow.sensor.policy.status.allow[0] | int | `200` | | +| event-reporters.workflow.sensor.policy.status.allow[1] | int | `201` | | +| event-reporters.workflow.sensor.policy.status.allow[2] | int | `204` | | +| event-reporters.workflow.sensor.policy.status.allow[3] | int | `400` | | +| event-reporters.workflow.sensor.policy.status.allow[4] | int | `401` | | +| event-reporters.workflow.sensor.policy.status.allow[5] | int | `404` | | | event-reporters.workflow.sensor.replicas | int | `1` | | | event-reporters.workflow.sensor.resources | object | `{}` | | | event-reporters.workflow.sensor.retryStrategy | object | `{"duration":0,"factor":1,"jitter":1,"steps":3}` | Retry strategy for events sent to Codefresh | @@ -410,12 +424,15 @@ sealed-secrets: | global.external-argo-rollouts | object | `{"rollout-reporter":{"enabled":false}}` | Configuration for external Argo Rollouts | | global.external-argo-rollouts.rollout-reporter | object | `{"enabled":false}` | Rollout reporter settings | | global.external-argo-rollouts.rollout-reporter.enabled | bool | `false` | Enable or disable rollout reporter Configuration is defined at .Values.event-reporters.rollout | +| global.httpProxy | string | `""` | global HTTP_PROXY for all components | +| global.httpsProxy | string | `""` | global HTTPS_PROXY for all components | +| global.noProxy | string | `""` | global NO_PROXY for all components | | global.nodeSelector | object | `{}` | Global nodeSelector for all components | -| global.runtime | object | `{"cluster":"https://kubernetes.default.svc","codefreshHosted":false,"eventBus":{"annotations":{},"name":"codefresh-eventbus","nats":{"native":{"affinity":{},"auth":"token","containerTemplate":{"resources":{"limits":{"cpu":"500m","ephemeral-storage":"2Gi","memory":"4Gi"},"requests":{"cpu":"200m","ephemeral-storage":"2Gi","memory":"1Gi"}}},"maxPayload":"4MB","nodeSelector":{},"replicas":3,"tolerations":[]}},"pdb":{"enabled":true,"minAvailable":2}},"gitCredentials":{"password":{"secretKeyRef":{},"value":null},"username":"username"},"ingress":{"annotations":{},"className":"nginx","enabled":false,"hosts":[],"labels":{},"protocol":"https","skipValidation":false,"tls":[]},"ingressUrl":"","isConfigurationRuntime":false,"name":null}` | Runtime level settings | +| global.runtime | object | `{"cluster":"https://kubernetes.default.svc","codefreshHosted":false,"eventBus":{"annotations":{},"jetstream":{"affinity":{},"containerTemplate":{"resources":{"limits":{"cpu":"500m","ephemeral-storage":"2Gi","memory":"4Gi"},"requests":{"cpu":"200m","ephemeral-storage":"2Gi","memory":"1Gi"}}},"maxPayload":"4MB","nodeSelector":{},"replicas":3,"tolerations":[],"version":"latest"},"name":"","nats":{"native":{"affinity":{},"auth":"token","containerTemplate":{"resources":{"limits":{"cpu":"500m","ephemeral-storage":"2Gi","memory":"4Gi"},"requests":{"cpu":"200m","ephemeral-storage":"2Gi","memory":"1Gi"}}},"maxPayload":"4MB","nodeSelector":{},"replicas":3,"tolerations":[]}},"pdb":{"enabled":true,"minAvailable":2},"type":"nats"},"gitCredentials":{"password":{"secretKeyRef":{},"value":null},"username":"username"},"ingress":{"annotations":{},"className":"nginx","enabled":false,"hosts":[],"labels":{},"protocol":"https","skipValidation":false,"tls":[]},"ingressUrl":"","isConfigurationRuntime":false,"name":null}` | Runtime level settings | | global.runtime.cluster | string | `"https://kubernetes.default.svc"` | Runtime cluster. Should not be changed. | | global.runtime.codefreshHosted | bool | `false` | Defines whether this is a Codefresh hosted runtime. Should not be changed. | | global.runtime.eventBus.annotations | object | `{}` | Annotations on EventBus resource | -| global.runtime.eventBus.name | string | `"codefresh-eventbus"` | Eventbus name | +| global.runtime.eventBus.name | string | `""` | Eventbus name | | global.runtime.eventBus.pdb | object | `{"enabled":true,"minAvailable":2}` | Pod disruption budget for the eventbus | | global.runtime.eventBus.pdb.minAvailable | int | `2` | Minimum number of available eventbus pods. For eventbus to stay functional the majority of its replicas should always be available. | | global.runtime.gitCredentials | object | `{"password":{"secretKeyRef":{},"value":null},"username":"username"}` | Git credentials runtime. Runtime is not fully functional without those credentials. If not provided through the installation, they must be provided through the Codefresh UI. | @@ -442,6 +459,7 @@ sealed-secrets: | internal-router.env | object | `{}` | Environment variables - see values.yaml inside the chart for usage | | internal-router.fullnameOverride | string | `"internal-router"` | | | internal-router.image.pullPolicy | string | `"IfNotPresent"` | | +| internal-router.image.registry | string | `"docker.io"` | | | internal-router.image.repository | string | `"nginxinc/nginx-unprivileged"` | | | internal-router.image.tag | string | `"1.28-alpine3.21"` | | | internal-router.imagePullSecrets | list | `[]` | | From 3f4e0a6103b4b0f84c122dd533cdcc6eb2c88d39 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Wed, 23 Jul 2025 15:43:12 +0300 Subject: [PATCH 4/6] fix: add registy for internal-router --- charts/gitops-runtime/values.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index f91505114..13eb0dc2c 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -451,8 +451,7 @@ event-reporters: internal-router: replicaCount: 1 image: - registry: docker.io - repository: nginxinc/nginx-unprivileged + repository: docker.io/nginxinc/nginx-unprivileged pullPolicy: IfNotPresent tag: 1.28-alpine3.21 imagePullSecrets: [] From 8a5b81669488ca687486eae9e54adf31d0c2e944 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Wed, 23 Jul 2025 15:43:53 +0300 Subject: [PATCH 5/6] helm-docs --- charts/gitops-runtime/README.md | 3 +-- .../templates/_components/internal-router/_deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index 553f92cb9..bffe16f44 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -459,8 +459,7 @@ sealed-secrets: | internal-router.env | object | `{}` | Environment variables - see values.yaml inside the chart for usage | | internal-router.fullnameOverride | string | `"internal-router"` | | | internal-router.image.pullPolicy | string | `"IfNotPresent"` | | -| internal-router.image.registry | string | `"docker.io"` | | -| internal-router.image.repository | string | `"nginxinc/nginx-unprivileged"` | | +| internal-router.image.repository | string | `"docker.io/nginxinc/nginx-unprivileged"` | | | internal-router.image.tag | string | `"1.28-alpine3.21"` | | | internal-router.imagePullSecrets | list | `[]` | | | internal-router.ipv6 | object | `{"enabled":false}` | For ipv6 enabled clusters switch ipv6 enabled to true | diff --git a/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml b/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml index e73e7b40a..1c3cf8536 100644 --- a/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml +++ b/charts/gitops-runtime/templates/_components/internal-router/_deployment.yaml @@ -33,7 +33,7 @@ spec: - name: 'internal-router' securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.env | nindent 10 }} imagePullPolicy: {{ .Values.image.pullPolicy }} ports: From c8da7040659f247c7b536960b56a9d1adf1a67b4 Mon Sep 17 00:00:00 2001 From: Mikhail Klimko Date: Wed, 23 Jul 2025 15:58:54 +0300 Subject: [PATCH 6/6] empty