Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb6eb4cc

Browse files
authored
Codefresh artifact signing (#845)
* Rename reference bucket to securityAdded topic for artifact signing and renamed reference bucket as security* Update signed artifactsMinor content edits* Update codefresh-signed-artifacts.mdUpdated with feedback* Update git-tokens.md* Update git-tokens.md* Create git-tokens.md* Move ref topics to securityRenamed reference bucket as security and added codefresh artifacts to bucket* Replace reference with security* Update home-content.yml* Update secrets* Update codefresh-signed-artifacts.md* Update codefresh-signed-artifacts.mdContent edits for forked argo image verifications* Update related links* Update codefresh-signed-artifacts.mdImplemented feedback* Update codefresh-signed-artifacts.md* Update codefresh-signed-artifacts.md* Update codefresh-signed-artifacts.md
1 parent99984d6 commitb6eb4cc

File tree

53 files changed

+202
-602
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

53 files changed

+202
-602
lines changed

‎_data/home-content.yml‎

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -185,7 +185,7 @@
185185
localurl:/docs/deployments/helm/helm-releases-management/
186186
-title:Promoting Helm environments
187187
localurl:/docs/deployments/helm/helm-environment-promotion/
188-
-title:Creating Argo CD applications
188+
-title:CreatingArgo CD applications
189189
localurl:/docs/deployments/gitops/create-application/
190190
-title:Monitoring Argo CD applications
191191
localurl:/docs/deployments/gitops/applications-dashboard/
@@ -253,14 +253,16 @@
253253
-title:Single Sign-On
254254
localurl:/docs/administration/single-sign-on/
255255

256-
-title:Reference
256+
-title:Security
257257
icon:images/home-icons/guides.png
258258
url:""
259259
links:
260-
-title:Git tokens
261-
localurl:/docs/reference/git-tokens/
260+
-title:Git tokens for GitOps
261+
localurl:/docs/security/git-tokens/
262262
-title:Secrets for GitOps
263-
localurl:/docs/reference/secrets
263+
localurl:/docs/security/secrets/
264+
-title:Verify authenticity of Codefresh artifacts
265+
localurl:/docs/security/codefresh-signed-artifacts/
264266

265267
-title:"Incubation"
266268
icon:images/home-icons/plugins.svg

‎_data/nav.yml‎

Lines changed: 7 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -49,12 +49,8 @@
4949
-title:Dashboards & insights
5050
url:"/dashboards"
5151
pages:
52-
-title:Home
52+
-title:Home dashboard
5353
url:"/home-dashboard"
54-
-title:GitOps Environments
55-
url:"/gitops-environments"
56-
-title:GitOps Products
57-
url:"/gitops-products"
5854
-title:DORA metrics
5955
url:"/dora-metrics"
6056
-title:Images
@@ -593,13 +589,15 @@
593589
-title:Managing Git PATs
594590
url:"/manage-pats"
595591

596-
-title:Reference
597-
url:"/reference"
592+
-title:Security
593+
url:"/security"
598594
pages:
599-
-title:Git tokens
595+
-title:Git tokens for GitOps
600596
url:"/git-tokens"
601-
-title:Secrets
597+
-title:Secrets for GitOps
602598
url:"/secrets"
599+
-title:Verify authenticity of Codefresh artifacts
600+
url:"/codefresh-signed-artifacts"
603601

604602
-title:What's new
605603
url:"/whats-new"

‎_docs/administration/user-self-management/manage-pats.md‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ sub_group: user-self-management
66
toc:true
77
---
88

9-
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned GitOps Runtime. This is done through the Git user token, which is an access token unique to each user. For more details, including required scopes and how the Git user token differs from the Git Runtime token, see[Git tokens in Codefresh]({{site.baseurl}}/docs/reference/git-tokens/).
9+
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned GitOps Runtime. This is done through the Git user token, which is an access token unique to each user. For more details, including required scopes and how the Git user token differs from the Git Runtime token, see[Git tokens in Codefresh]({{site.baseurl}}/docs/security/git-tokens/).
1010

1111
The authorization mode depends on the authorization method set up by your account admin:
1212
* OAuth2
@@ -176,4 +176,4 @@ max-width="70%"
176176

177177

178178
##Related articles
179-
[Git tokens in Codefresh]({{site.baseurl}}/docs/reference/git-tokens/)
179+
[Git tokens in Codefresh]({{site.baseurl}}/docs/security/git-tokens/)

‎_docs/dashboards/gitops-products.md‎

Lines changed: 0 additions & 452 deletions
This file was deleted.

‎_docs/deployments/gitops/manage-application.md‎

Lines changed: 3 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -552,21 +552,12 @@ The table describes the options for the `Rollout` resource.
552552
|**Skip-current-step**| Skip executing the current step, and continue with the next step.|
553553

554554
##Delete Argo CD applications
555-
Delete an Argo CD application from Codefresh. Deleting an application deletes the manifest from the Git repository, and then from the cluster where it is deployed. When deleted from the cluster, the application is removed from the GitOps Apps dashboard in Codefresh.
556-
557-
**Prune resources settings**
558-
**Prune resources** in the application's General settings determines the scope of the delete action.
555+
Delete an Argo CD application from Codefresh. Deleting an application deletes the manifest from the Git repository, and then from the cluster where it is deployed. When deleted from the cluster, the application is removed from the GitOps Apps dashboard in Codefresh.
556+
557+
>**Prune resources** in the application's General settings determines the scope of the delete action.
559558
When selected, both the application and its resources are deleted. When cleared, only the application is deleted. For more information, review[Sync settings]({{site.baseurl}}/docs/deployments/gitops/create-application/#sync-settings).
560559
Codefresh warns you of the implication of deleting the selected application in the Delete form.
561560

562-
**Deleting applications in Argo CD**
563-
When you delete Argo CD applications in the Argo CD UI, you may still see them in Codefresh's GitOps Apps dashboard.
564-
565-
Codefresh employs a validation mechanism to detect applications deleted from Argo CD and to remove them from the GitOps Apps dashboard.
566-
If the application continues to be displayed in the dashboard after it was deleted in Argo CD, it could be that the application hasn't been deleted from the cluster. It is essential to investigate further and check for conditions or settings preventing the application's deletion.
567-
568-
569-
**How to**
570561
1. In the Codefresh UI, from Ops in the sidebar, select[GitOps Apps](https://g.codefresh.io/2.0/applications-dashboard/list){:target="\_blank"}.
571562
1. Select the application to delete.
572563
1. Click the three dots for additional actions, and select**Delete**.

‎_docs/gitops-integrations/ci-integrations/github-actions.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,7 +125,7 @@ The table describes the arguments required to connect a GitHub Action to Codefre
125125
|`CF_IMAGE`| The image to be enriched and reported in Codefresh. Pass the`[account-name]/[image-name]:[tag]` built in your CI.| Required|
126126
|`CF_WORKFLOW_NAME`| The name assigned to the workflow that builds the image. When defined, the name is displayed in the Codefresh platform. Example,`Staging step`| Optional|
127127
|`CF_GIT_BRANCH`| The Git branch with the commit and PR (pull request) data to add to the image. Pass the Branch from the event payload used to trigger your action.| Required|
128-
|`CF_GITHUB_TOKEN`| The GitHub authentication token. See[Git tokens]({{site.baseurl}}/docs/reference/git-tokens/#git-personal-tokens).| Required|
128+
|`CF_GITHUB_TOKEN`| The GitHub authentication token. See[Git tokens]({{site.baseurl}}/docs/security/git-tokens/#git-personal-tokens).| Required|
129129
|`CF_GERRIT_CHANGE_ID`| Relevant only for Gerrit accounts. <br>The change ID or the commit message containing the Change ID to add to the image. For Gerrit, use this instead of`CF_GIT_BRANCH`.| Required|
130130
|`CF_GERRIT_HOST_URL`| Relevant only for Gerrit accounts. <br> The URL of your website with the Gerrit instance, for example,`https://git.company-name.io`.| Required|
131131
|`CF_GERRIT_USERNAME`| Relevant only for Gerrit accounts. <br> The username for your user account in Gerrit.| Required|

‎_docs/installation/gitops/hybrid-gitops.md‎

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -815,7 +815,7 @@ If you are not sure which OS to select for `curl`, simply select one, and Codefr
815815

816816
### Before you begin
817817
* Make sure you meet the [minimum requirements](#minimum-system-requirements) for installation
818-
* Make sure you have [Runtime token with the required scopes from your Git provider]({{site.baseurl}}/docs/reference/git-tokens)
818+
* Make sure you have [Runtime token with the required scopes from your Git provider]({{site.baseurl}}/docs/security/git-tokens)
819819
* [Download or upgrade to the latest version of the CLI]({{site.baseurl}}/docs/installation/gitops/upgrade-gitops-cli/)
820820
* Review [Hybrid Runtime installation flags](#hybrid-runtime-installation-flags)
821821
* For ingress-based runtimes, make sure your ingress controller is configured correctly:
@@ -1000,15 +1000,15 @@ Skip validating scopes for the token provided (for any Git provider). This flag
10001000
To skip token validation, add `--skip-permission-validation true`.
10011001

10021002
> IMPORTANT:
1003-
Before using this flag, [review the required scopes for runtime tokens]({{site.baseurl}}/docs/reference/git-tokens/#git-runtime-token-scopes). <br><br>
1003+
Before using this flag, [review the required scopes for runtime tokens]({{site.baseurl}}/docs/security/git-tokens/#git-runtime-token-scopes). <br><br>
10041004
When defined, Codefresh does not validate the scopes assigned to the token provided. If the token does not include the scopes required for Codefresh to automatically create the repositories for the runtime and Git Source during installation, the installation will fail.
10051005
The alternative is to create both repos before the installation.
10061006

10071007

10081008
#### GitHub
10091009
GitHub is the default Git provider for Hybrid Runtimes. Being the default provider, for both the CLI wizard and Silent install, you need to provide only the repository URL and the Git runtime token.
10101010

1011-
> For the required scopes, see [GitHub and GitHub Enterprise Runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
1011+
> For the required scopes, see [GitHub and GitHub Enterprise Runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
10121012

10131013
`--repo <repo_url> --git-token <git-runtime-token>`
10141014

@@ -1025,15 +1025,15 @@ where:
10251025

10261026
Example:
10271027
`https://github.com/nr-codefresh/codefresh.io.git/runtimes/defs?ref=codefresh-prod`
1028-
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
1028+
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
10291029

10301030
{::nomarkdown}
10311031
</br>
10321032
{:/}
10331033

10341034
#### GitHub Enterprise
10351035

1036-
> For the required scopes, see [GitHub and GitHub Enterprise runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
1036+
> For the required scopes, see [GitHub and GitHub Enterprise runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
10371037

10381038

10391039
`--provider github --repo <repo_url> --git-token <git-runtime-token>`
@@ -1052,15 +1052,15 @@ where:
10521052

10531053
Example:
10541054
`https://ghe-trial.devops.cf-cd.com/codefresh-io/codefresh.io.git/runtimes/defs?ref=codefresh-prod`
1055-
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
1055+
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
10561056

10571057

10581058
{::nomarkdown}
10591059
</br>
10601060
{:/}
10611061

10621062
#### GitLab Cloud
1063-
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
1063+
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
10641064

10651065

10661066
`--provider gitlab --repo <https_project_url> --git-token <git_runtime_token>`
@@ -1086,7 +1086,7 @@ where:
10861086

10871087
`https://gitlab.com/parent-group/child-group/codefresh.git/runtimes/defs?ref=codefresh-prod`(group hierarchy)
10881088

1089-
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitLab runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes)).
1089+
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitLab runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes)).
10901090

10911091

10921092
{::nomarkdown}
@@ -1096,7 +1096,7 @@ where:
10961096

10971097
#### GitLab Server
10981098

1099-
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
1099+
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
11001100

11011101
`--provider gitlab --repo <https_project_url> --git-token <git_runtime_token>`
11021102

‎_docs/installation/gitops/managed-cluster.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ Adding a managed cluster via Codefresh ensures that Codefresh applies the requir
1818
##Prerequisites
1919

2020
* For_Hosted GitOps_ Runtimes:[Configure access to these IP addresses]({{site.baseurl}}/docs/administration/platform-ip-addresses/)
21-
* Valid Git personal access token with the[required scopes]({{site.baseurl}}/docs/reference/git-tokens)
21+
* Valid Git personal access token with the[required scopes]({{site.baseurl}}/docs/security/git-tokens)
2222
*[Latest version of the Codefresh CLI]({{site.baseurl}}/docs/installation/gitops/upgrade-gitops-cli/)
2323
* Codefresh token in user settings
2424
* For ingress-based GitOps Runtimes, the ingress host of the Runtime (use`cf runtime list` to get this)

‎_docs/installation/gitops/monitor-manage-runtimes.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -208,7 +208,7 @@ The methods for updating any Git token are the same regardless of the reason for
208208
### Update Git Runtime credentials in Codefresh UI
209209

210210
**Before you begin**
211-
* To authenticate through a Git Runtime token, make sure your token is valid and has [the required scopes]({{site.baseurl}}//docs/reference/git-tokens/#git-runtime-token-scopes)
211+
* To authenticate through a Git Runtime token, make sure your token is valid and has [the required scopes]({{site.baseurl}}//docs/security/git-tokens/#git-runtime-token-scopes)
212212

213213
**How to**
214214
1. In the Codefresh UI, on the toolbar, click the **Settings** icon.

‎_docs/installation/on-premises/codefresh-on-prem-upgrade.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -630,7 +630,7 @@ Version 2.0.0 incorporates a major version and chart change, including breaking
630630
> The`kcfi`installer has been deprecated from Version 2.0.0 and higher.
631631
>Helm is the recommended way to install Codefresh On-Premises. The `kcfi config.yaml` is NOT compatible with Helm-based installation. To reuse the same `config.yaml` for the Helm chart, you need to remove deprecated sections, and update configuration for other sections.
632632

633-
Follow the instructions in [Upgrading to 2.0.0](https://artifacthub.io/packages/helm/codefresh-onprem/codefresh/#to-2-0-0){:target="\_blank"}.
633+
Follow the instructions in [Upgrading to 2.0.0](https://artifacthub.io/packages/helm/codefresh-onprem/codefresh/2.0.0-alpha.13#upgrading){:target="\_blank"}.
634634

635635

636636

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp