From bb2609efcf7393fed81179723997ca4e9c96cec0 Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Thu, 11 Sep 2025 09:40:09 +0000 Subject: [PATCH 1/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 4 ++-- charts/gitops-runtime/README.md | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 4f18e3a6..61ec416d 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,8 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- - - kind: security - description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' + - kind: changed + description: 'feat: update cap-app-proxy image tags to 1.3750.0 (#720)' dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index df11a648..de81c71c 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -1,5 +1,5 @@ ## Codefresh gitops runtime -![Version: 0.24.1](https://img.shields.io/badge/Version-0.24.1-informational?style=flat-square) ![AppVersion: 0.1.75](https://img.shields.io/badge/AppVersion-0.1.75-informational?style=flat-square) +![Version: 0.24.2](https://img.shields.io/badge/Version-0.24.2-informational?style=flat-square) ![AppVersion: 0.1.75](https://img.shields.io/badge/AppVersion-0.1.75-informational?style=flat-square) ## Prerequisites @@ -206,7 +206,7 @@ We have created a helper utility to resolve this issue: The utility is packaged in a container image. Below are instructions on executing the utility using Docker: ``` -docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.24.1 +docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.24.2 ``` `output_dir` - is a local directory where the utility will output files.
`local_registry` - is your local registry where you want to mirror the images to @@ -219,7 +219,7 @@ The utility will output 4 files into the folder: For usage with external ArgoCD run the utility with `EXTERNAL_ARGOCD` environment variable set to `true`. ``` -docker run -e EXTERNAL_ARGOCD=true -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.24.1 +docker run -e EXTERNAL_ARGOCD=true -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.24.2 ``` ## Openshift @@ -323,14 +323,14 @@ gitops-operator: | app-proxy.image-enrichment.serviceAccount.name | string | `"codefresh-image-enrichment-sa"` | Name of the service account to create or the name of the existing one to use | | app-proxy.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.image.repository | string | `"quay.io/codefresh/cap-app-proxy"` | | -| app-proxy.image.tag | string | `"1.3736.0"` | | +| app-proxy.image.tag | string | `"1.3750.0"` | | | app-proxy.imagePullSecrets | list | `[]` | | | app-proxy.initContainer.command[0] | string | `"./init.sh"` | | | app-proxy.initContainer.env | object | `{}` | | | app-proxy.initContainer.extraVolumeMounts | list | `[]` | Extra volume mounts for init container | | app-proxy.initContainer.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.initContainer.image.repository | string | `"quay.io/codefresh/cap-app-proxy-init"` | | -| app-proxy.initContainer.image.tag | string | `"1.3736.0"` | | +| app-proxy.initContainer.image.tag | string | `"1.3750.0"` | | | app-proxy.initContainer.resources.limits | object | `{}` | | | app-proxy.initContainer.resources.requests.cpu | string | `"0.2"` | | | app-proxy.initContainer.resources.requests.memory | string | `"256Mi"` | | From dca7dc162ece6cabcf29a57051a32f38884ce9fd Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Fri, 12 Sep 2025 14:38:41 +0000 Subject: [PATCH 2/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 61ec416d..3c885a52 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: 'fix: security fix: upgrade cli-v2 and debian versions (#718)' - kind: changed description: 'feat: update cap-app-proxy image tags to 1.3750.0 (#720)' dependencies: From f43be3578eea232f04579be05ec59da3bc2c537a Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Mon, 15 Sep 2025 15:08:09 +0000 Subject: [PATCH 3/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 3c885a52..b9ef1f97 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: updated sealed-secrets-controller (#723) (#724) - kind: changed description: 'fix: security fix: upgrade cli-v2 and debian versions (#718)' - kind: changed From 4728af1a1752327b1a1c886210f8460f6fa97975 Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Wed, 17 Sep 2025 12:11:46 +0000 Subject: [PATCH 4/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index b9ef1f97..92e0a1c0 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: Fix/svc-acc-pre-uninstall-hook (#728) - kind: changed description: updated sealed-secrets-controller (#723) (#724) - kind: changed From a8fc58e18eb39959f78c6e341b4e0eadd3be9fb3 Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Wed, 17 Sep 2025 15:19:43 +0000 Subject: [PATCH 5/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 92e0a1c0..5c0b20c3 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: 'fix: security vulnerability CVE-2025-55190 (#733)' - kind: changed description: Fix/svc-acc-pre-uninstall-hook (#728) - kind: changed From 8c6ce5c7116db64ed8fe1a96f83e00f4fc71fa65 Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Wed, 17 Sep 2025 15:28:42 +0000 Subject: [PATCH 6/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 5c0b20c3..f20f68df 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: Chore/cr 29689 argo events workflow update with security fixes (#727) - kind: changed description: 'fix: security vulnerability CVE-2025-55190 (#733)' - kind: changed From 4cfdbe6673e78f654c08c18cbfba578dedb17e6a Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Fri, 19 Sep 2025 10:04:17 +0000 Subject: [PATCH 7/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index f20f68df..c0141fbf 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: bump argo-rollouts (#731) - kind: changed description: Chore/cr 29689 argo events workflow update with security fixes (#727) - kind: changed From 0831139cf646a2b599f2ee950e951fbcb1046820 Mon Sep 17 00:00:00 2001 From: cf-ci-bot-v2 Date: Fri, 19 Sep 2025 12:18:34 +0000 Subject: [PATCH 8/9] Update Chart.yaml and changelog for 0.24.2 release --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index c0141fbf..4499a5a6 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,6 +14,8 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: |- + - kind: changed + description: Chore-30961 security argocd-exstras (#729) - kind: changed description: bump argo-rollouts (#731) - kind: changed From 9587d2b0c721c0b1133beaefb748acbdcf4b5d3e Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Mon, 22 Sep 2025 13:50:28 +0300 Subject: [PATCH 9/9] upd docs --- charts/gitops-runtime/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index de81c71c..85cf1d17 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -419,10 +419,10 @@ gitops-operator: | argo-workflows.mainContainer.resources.requests.ephemeral-storage | string | `"10Mi"` | | | argo-workflows.server.authModes | list | `["client"]` | auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI | | argo-workflows.server.baseHref | string | `"/workflows/"` | Do not change. Workflows UI is only accessed through internal router, changing this values will break routing to workflows native UI from Codefresh. | -| cf-argocd-extras | object | `{"eventReporter":{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"v0.5.14"}},"enabled":true,"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"serviceMonitor":{"main":{"enabled":false}},"tolerations":[]},"sourcesServer":{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"v0.5.14"}},"enabled":true,"hpa":{"enabled":false,"maxReplicas":10,"minReplicas":1,"targetCPUUtilizationPercentage":70},"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"tolerations":[]}}` | Codefresh extra services for ArgoCD | +| cf-argocd-extras | object | `{"eventReporter":{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"c74d94c"}},"enabled":true,"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"serviceMonitor":{"main":{"enabled":false}},"tolerations":[]},"sourcesServer":{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"c74d94c"}},"enabled":true,"hpa":{"enabled":false,"maxReplicas":10,"minReplicas":1,"targetCPUUtilizationPercentage":70},"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"tolerations":[]}}` | Codefresh extra services for ArgoCD | | cf-argocd-extras.eventReporter.pdb.enabled | bool | `false` | Enable PDB for event-reporter | | cf-argocd-extras.eventReporter.serviceMonitor.main.enabled | bool | `false` | Enable ServiceMonitor for event reporter | -| cf-argocd-extras.sourcesServer | object | `{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"v0.5.14"}},"enabled":true,"hpa":{"enabled":false,"maxReplicas":10,"minReplicas":1,"targetCPUUtilizationPercentage":70},"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"tolerations":[]}` | Sources server configuration | +| cf-argocd-extras.sourcesServer | object | `{"affinity":{},"container":{"image":{"registry":"quay.io","repository":"codefresh/cf-argocd-extras","tag":"c74d94c"}},"enabled":true,"hpa":{"enabled":false,"maxReplicas":10,"minReplicas":1,"targetCPUUtilizationPercentage":70},"nodeSelector":{},"pdb":{"enabled":false,"maxUnavailable":"","minAvailable":"50%"},"resources":{"requests":{"cpu":"100m","memory":"128Mi"}},"tolerations":[]}` | Sources server configuration | | cf-argocd-extras.sourcesServer.hpa.enabled | bool | `false` | Enable HPA for sources server | | cf-argocd-extras.sourcesServer.pdb.enabled | bool | `false` | Enable PDB for sources server | | codefreshWorkflowLogStoreCM | object | `{"enabled":true,"endpoint":"gitops-workflow-logs.codefresh.io","insecure":false}` | Argo workflows logs storage on Codefresh platform settings. Don't change unless instructed by Codefresh support. | @@ -491,7 +491,7 @@ gitops-operator: | gitops-operator.enabled | bool | `true` | | | gitops-operator.env.GITOPS_OPERATOR_VERSION | string | `"0.10.1"` | | | gitops-operator.fullnameOverride | string | `""` | | -| gitops-operator.image | object | `{"registry":"quay.io","repository":"codefresh/codefresh-gitops-operator","tag":"58625b8"}` | GitOps operator image | +| gitops-operator.image | object | `{"registry":"quay.io","repository":"codefresh/codefresh-gitops-operator","tag":"d6c93d9"}` | GitOps operator image | | gitops-operator.imagePullSecrets | list | `[]` | | | gitops-operator.nameOverride | string | `""` | | | gitops-operator.nodeSelector | object | `{}` | | @@ -605,7 +605,7 @@ gitops-operator: | sealed-secrets.fullnameOverride | string | `"sealed-secrets-controller"` | | | sealed-secrets.image.registry | string | `"quay.io"` | | | sealed-secrets.image.repository | string | `"codefresh/sealed-secrets-controller"` | | -| sealed-secrets.image.tag | string | `"0.29.0"` | | +| sealed-secrets.image.tag | string | `"0.32.0"` | | | sealed-secrets.keyrenewperiod | string | `"720h"` | | | sealed-secrets.resources.limits.cpu | string | `"500m"` | | | sealed-secrets.resources.limits.memory | string | `"1Gi"` | |