From 45176da542ec9cf80661b4b032b2d3eb5c8791a5 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Mon, 10 Nov 2025 23:13:13 +0200 Subject: [PATCH 01/15] chore: update app version and chart version in Chart.yaml to 1.0.0-rc.1 and 25.11-0 respectively --- charts/gitops-runtime/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index b2ffefe2..114c727c 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 0.1.72 +appVersion: 1.0.0-rc.1 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime -version: 0.0.0 +version: 25.11-0 home: https://github.com/codefresh-io/gitops-runtime-helm icon: https://avatars1.githubusercontent.com/u/11412079?v=3 keywords: From 3c1f24032f6ac4abec08fa5d95ebe42b9d633ee9 Mon Sep 17 00:00:00 2001 From: Eti Zaguri Date: Tue, 11 Nov 2025 08:53:34 +0200 Subject: [PATCH 02/15] dummy PR (#909) From d65791d75359d77e5e6293a89e8905f6cca51dc5 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Thu, 13 Nov 2025 15:14:13 +0200 Subject: [PATCH 03/15] fix: retry on notFound before updating resource status (#914) * [gitops-operator]fix: retry on notFound before updating resource status * trigger ci --------- Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Co-authored-by: Chen Keinan --- charts/gitops-runtime/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 316b89fd..52f3f60f 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -683,7 +683,7 @@ gitops-operator: image: registry: quay.io repository: codefresh/codefresh-gitops-operator - tag: "7bcd56b" + tag: "ecd6518" env: !!merge <<: - *otel-config From 03999e5732bd158b0c436d69afa959f9ce54a98b Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Sun, 16 Nov 2025 11:50:35 +0200 Subject: [PATCH 04/15] [gitops-operator]fix: set transient error (#923) Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> --- charts/gitops-runtime/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 52f3f60f..12c57226 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -683,7 +683,7 @@ gitops-operator: image: registry: quay.io repository: codefresh/codefresh-gitops-operator - tag: "ecd6518" + tag: "305e13e" env: !!merge <<: - *otel-config From 9d8270bb524293c4bb1edd42dc2f7ceff9bbc825 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Mon, 17 Nov 2025 15:14:39 +0200 Subject: [PATCH 05/15] feat: disable Argo Rollouts by default and enable namespace-scoped Argo Workflows (#917) * chore: disable Argo Rollouts by default and add deprecation notice in values.yaml * feat: enable single namespace restriction for Argo Workflows in values.yaml * fix tests * CI Automatic commit - align Chart version * Revert "CI Automatic commit - align Chart version" This reverts commit c28f424c829e47fc240bf71777ddc54d79ce35c4. * CI Automatic commit - align Chart version --------- Co-authored-by: cf-ci-bot-v2 --- charts/gitops-runtime/Chart.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 114c727c..1e3f1a86 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -24,7 +24,7 @@ dependencies: condition: argo-events.enabled - name: argo-workflows repository: https://codefresh-io.github.io/argo-helm - version: 0.45.17-v3.6.7-cap-CR-31761 + version: 0.45.16-v3.6.7-cap-CR-30835 condition: argo-workflows.enabled - name: argo-rollouts repository: https://codefresh-io.github.io/argo-helm @@ -33,7 +33,6 @@ dependencies: - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ version: 2.17.2 - condition: sealed-secrets.enabled - name: codefresh-tunnel-client repository: oci://quay.io/codefresh/charts version: 0.1.22 From 9c22249d2a48c5019e7fd5461412d3bef667a0a4 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Mon, 17 Nov 2025 18:51:22 +0200 Subject: [PATCH 06/15] feat: add branch data to pullrequest info (#932) based on #926 bump gitops-operator to c0f50e0 - feat: add branch data to pullrequest info (codefresh-io/codefresh-gitops-operator#354) bump app-proxy to 592eb04 - feat: add branch data to pullrequest info (codefresh-io/argo-platform#6918) --------- Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> --- charts/gitops-runtime/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 12c57226..c71768cc 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -495,14 +495,14 @@ app-proxy: tag: 1.1.17-main image: repository: quay.io/codefresh/cap-app-proxy - tag: 1.3953.0 + tag: 592eb04 pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 1.3953.0 + tag: 592eb04 pullPolicy: IfNotPresent command: - ./init.sh @@ -683,7 +683,7 @@ gitops-operator: image: registry: quay.io repository: codefresh/codefresh-gitops-operator - tag: "305e13e" + tag: "c0f50e0" env: !!merge <<: - *otel-config From 7f6b6dafbacc7be4009190420c2a84612aadbe4c Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Tue, 18 Nov 2025 17:37:23 +0200 Subject: [PATCH 07/15] [cf-argocd-extras]chore: update depencencies (argo-cd 3.2) (#930) Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> --- charts/gitops-runtime/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index c71768cc..8e609d54 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -143,7 +143,7 @@ global: image: registry: quay.io repository: codefresh/cf-argocd-extras - tag: 2cb6f85 + tag: 5ad6886 nodeSelector: {} tolerations: [] affinity: {} @@ -715,7 +715,7 @@ argo-gateway: image: registry: quay.io repository: codefresh/cf-argocd-extras - tag: 2cb6f85 + tag: 5ad6886 nodeSelector: {} tolerations: [] affinity: {} From 1b011d776ed1f5d8f7051e1886bc2c023821f34d Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Wed, 19 Nov 2025 11:42:59 +0300 Subject: [PATCH 08/15] feat: checksum annotations (#938) (#942) --- .../gitops-runtime/tests/checksum_test.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 charts/gitops-runtime/tests/checksum_test.yaml diff --git a/charts/gitops-runtime/tests/checksum_test.yaml b/charts/gitops-runtime/tests/checksum_test.yaml new file mode 100644 index 00000000..cc1ddf1d --- /dev/null +++ b/charts/gitops-runtime/tests/checksum_test.yaml @@ -0,0 +1,29 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: checksum tests +templates: + - event-reporters/**/deployment.yaml + - event-reporters/**/configmap.yaml + - argo-gateway/deployment.yaml + - argo-gateway/configmap.yaml + - app-proxy/deployment.yaml + - app-proxy/config.yaml + - _components/cap-app-proxy/_deployment.yaml + - _components/cap-app-proxy/_config.yaml + - codefresh-cm.yaml +tests: +- it: default checksum annotations is present + values: + - ./values/mandatory-values-ingress.yaml + asserts: + - exists: + path: spec.template.metadata.annotations["checksum/config-argo-gateway"] + template: argo-gateway/deployment.yaml + - exists: + path: spec.template.metadata.annotations["checksum/config-event-reporter"] + template: event-reporters/cluster-event-reporter/deployment.yaml + - exists: + path: spec.template.metadata.annotations["checksum/config-argocd"] + template: event-reporters/cluster-event-reporter/deployment.yaml + - exists: + path: spec.template.metadata.annotations["checksum/config-cap-app-proxy"] + template: app-proxy/deployment.yaml From ebf0de02f03958476238142d2f8ee718465030b3 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Wed, 19 Nov 2025 11:26:50 +0200 Subject: [PATCH 09/15] [app-proxy]fix(app-proxy): update autoDetectArgoCd to use new values structure (#943) based on https://github.com/codefresh-io/gitops-runtime-helm/pull/944 fix(app-proxy): update autoDetectArgoCd to use new values structure (https://github.com/codefresh-io/argo-platform/pull/6931) --- charts/gitops-runtime/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 8e609d54..379590e9 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -495,14 +495,14 @@ app-proxy: tag: 1.1.17-main image: repository: quay.io/codefresh/cap-app-proxy - tag: 592eb04 + tag: 6201d13 pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 592eb04 + tag: 6201d13 pullPolicy: IfNotPresent command: - ./init.sh From f72f31964c2779dcffdffbc2b149375f2990001d Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Wed, 19 Nov 2025 13:59:36 +0200 Subject: [PATCH 10/15] feat: multi-runtime installation (#939) (#946) * feat: support single-namespaced runtime installation (#617) --------- * Support multi-runtime-installation --------- Co-authored-by: mikhail-klimko Co-authored-by: Philip Kotliyakov Co-authored-by: Noam Gal Co-authored-by: cf-ci-bot-v2 Co-authored-by: ilia-medvedev-codefresh --- charts/gitops-runtime/Chart.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 1e3f1a86..6b5a0a57 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -33,6 +33,7 @@ dependencies: - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ version: 2.17.2 + condition: sealed-secrets.enabled - name: codefresh-tunnel-client repository: oci://quay.io/codefresh/charts version: 0.1.22 From e0a6c220be57056aaf2e9d6aa3d878cd24504488 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Wed, 19 Nov 2025 14:10:22 +0100 Subject: [PATCH 11/15] [gitops-operator]fix: remove git commit statuses (monthly/25.11) (#947) Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Co-authored-by: Scott Merchant --- charts/gitops-runtime/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 379590e9..a180f161 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -683,7 +683,7 @@ gitops-operator: image: registry: quay.io repository: codefresh/codefresh-gitops-operator - tag: "c0f50e0" + tag: "ff25956" env: !!merge <<: - *otel-config From 90b0d32843f3a8422f27a20989a4b0f8c7e383b9 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Sun, 23 Nov 2025 10:27:52 +0200 Subject: [PATCH 12/15] feat: ensure default-git-source exists on every app-proxy restart (#956) * [app-proxy]feat: ensure default-git-source exists on every app-proxy restart * chore: security fixes (https://github.com/codefresh-io/argo-platform/pull/6940) --------- Co-authored-by: codefresh-v2-pipelines[bot] <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Co-authored-by: Noam Gal --- charts/gitops-runtime/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index a180f161..41b5d98b 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -495,14 +495,14 @@ app-proxy: tag: 1.1.17-main image: repository: quay.io/codefresh/cap-app-proxy - tag: 6201d13 + tag: 0afa16e pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 6201d13 + tag: 0afa16e pullPolicy: IfNotPresent command: - ./init.sh From ba36208a369df165bf63b842748660c685005ec8 Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Wed, 26 Nov 2025 16:37:03 +0200 Subject: [PATCH 13/15] fix: remove nonResourceURLs from RBAC rules for event reporters This change simplifies the RBAC configuration by removing the nonResourceURLs rules, which are not necessary for the functionality of the cluster and runtime event reporters. --- .../event-reporters/cluster-event-reporter/rbac.yaml | 4 ---- .../event-reporters/runtime-event-reporter/rbac.yaml | 4 ---- 2 files changed, 8 deletions(-) diff --git a/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/rbac.yaml index 4ab10d33..2b06f30b 100644 --- a/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/rbac.yaml +++ b/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/rbac.yaml @@ -23,10 +23,6 @@ rules: - '*' verbs: - '*' - - nonResourceURLs: - - '*' - verbs: - - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: {{ $context.Values.global.runtime.singleNamespace | ternary "RoleBinding" "ClusterRoleBinding" }} diff --git a/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/rbac.yaml index a11a1e14..6cef61e9 100644 --- a/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/rbac.yaml +++ b/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/rbac.yaml @@ -23,10 +23,6 @@ rules: - '*' verbs: - '*' - - nonResourceURLs: - - '*' - verbs: - - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: {{ $context.Values.global.runtime.singleNamespace | ternary "RoleBinding" "ClusterRoleBinding" }} From cf8bb7e0be2c77fc77bc2f3219aa2043e53db679 Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Thu, 27 Nov 2025 17:41:37 +0200 Subject: [PATCH 14/15] fix: add IS_NAMESPACED_RUNTIME variable to environment variables for event reporters This change introduces the IS_NAMESPACED_RUNTIME variable in the environment configuration for both cluster and runtime event reporters. This variable is set to the value of .Values.global.runtime.singleNamespace, ensuring that the runtime context is correctly reflected in the environment settings. --- .../templates/event-reporters/cluster-event-reporter/_env.yaml | 1 + .../templates/event-reporters/runtime-event-reporter/_env.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/_env.yaml b/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/_env.yaml index d8e1e2ec..0cc3e23a 100644 --- a/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/_env.yaml +++ b/charts/gitops-runtime/templates/event-reporters/cluster-event-reporter/_env.yaml @@ -2,6 +2,7 @@ HTTP_PROXY: {{ .Values.global.httpProxy | squote}} HTTPS_PROXY: {{ .Values.global.httpsProxy | squote }} NO_PROXY: {{ .Values.global.noProxy | squote }} +IS_NAMESPACED_RUNTIME: {{ .Values.global.runtime.singleNamespace }} {{- if and (eq (index .Values "global" "integrations" "argo-cd" "server" "auth" "type") "token") }} {{- if not (index .Values "global" "integrations" "argo-cd" "server" "auth" "token") }} diff --git a/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/_env.yaml b/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/_env.yaml index 02d0cefa..e6063059 100644 --- a/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/_env.yaml +++ b/charts/gitops-runtime/templates/event-reporters/runtime-event-reporter/_env.yaml @@ -2,6 +2,7 @@ HTTP_PROXY: {{ .Values.global.httpProxy | squote}} HTTPS_PROXY: {{ .Values.global.httpsProxy | squote }} NO_PROXY: {{ .Values.global.noProxy | squote }} +IS_NAMESPACED_RUNTIME: {{ .Values.global.runtime.singleNamespace }} {{- if and (eq (index .Values "global" "integrations" "argo-cd" "server" "auth" "type") "token") }} {{- if not (index .Values "global" "integrations" "argo-cd" "server" "auth" "token") }} From 49c2b7eef2e2ef8470086fdf9b75d34f30265aa6 Mon Sep 17 00:00:00 2001 From: "codefresh-v2-pipelines[bot]" <109073600+codefresh-v2-pipelines[bot]@users.noreply.github.com> Date: Sun, 30 Nov 2025 12:14:10 +0000 Subject: [PATCH 15/15] [cf-argocd-extras]fix: update namespace handling in cluster resource reporter --- charts/gitops-runtime/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 41b5d98b..0513a0f0 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -143,7 +143,7 @@ global: image: registry: quay.io repository: codefresh/cf-argocd-extras - tag: 5ad6886 + tag: e6944d6 nodeSelector: {} tolerations: [] affinity: {} @@ -715,7 +715,7 @@ argo-gateway: image: registry: quay.io repository: codefresh/cf-argocd-extras - tag: 5ad6886 + tag: e6944d6 nodeSelector: {} tolerations: [] affinity: {}