Feb 7, 2023 · Feb 5, 2023 · Feb 5, 2023 · Feb 7, 2023
diff --git a/_docs/administration/pipeline-settings.md b/_docs/administration/pipeline-settings.md

 Note that templates are simply normal pipelines “marked” as a template. There is no technical difference between templates and actual pipelines.

 ## Enabling cluster-contexts for pipelines
 By default, all pipelines in the account can access all clusters integrated with Codefresh. Restrict pipeline access to clusters by enabling cluster-injection for individual pipelines in the account.

 Selectively restricting access to clusters for a pipeline:
 * Enhances security by restricting access to users from different teams.
 * Reduces the overall duration of the build by shortening the initialization phase.
  Codefresh authenticates the credentials of every cluster that the pipeline accesses during the initialization phase. This action affects build duration for accounts with large numbers of clusters.

 1. In the Codefresh UI, select **Account Settings**, and then [**Pipeline Settings**](https://g.codefresh.io/account-admin/account-conf/pipeline-settings){:target="\_blank"}.
 1. Toggle **Kubernetes cluster context pipeline injection** to ON.

 {% include image.html
 lightbox="true"
 file="/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png"
 url="/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png"
 alt="Enabling cluster contexts for injection into pipelines"
 caption="Enabling cluster contexts for injection into pipelines"
 max-width="60%"
 %}

 You can then select specific clusters for individual pipelines, through the **Kubernetes cluster** option in the [Pipeline's Policies section]({{site.baseurl}}/docs/configure-ci-cd-pipeline/pipelines/#policies).


 ## Pipeline YAML Section

 Here you can restrict the sources of pipeline YAML that users can select. The options are:
diff --git a/_docs/configure-ci-cd-pipeline/pipelines.md b/_docs/configure-ci-cd-pipeline/pipelines.md

 ### Policies

 - **Kubernetes clusters**: Control pipeline access to Kubernetes clusters integrated with Codefresh.
    * To allow the pipeline access to _all_ the cluster contexts integrated with Codefresh (the default), toggle **Inject all Kubernetes cluster context to pipeline builds** to ON.
    *  To allow the pipeline access to _only_ specific clusters, start typing in the name of the cluster as defined in its integration settings, and select it from the list displayed by Codefresh.
    When defined, the initialization step in the pipeline displays the clusters selected for it.
  See [Select Kubernetes cluster contexts](#select-kubernetes-cluster-contexts).



 - **Pipeline Concurrency**: the maximum number of concurrent builds (0-30 or unlimited) -- set this when your pipeline has only one trigger
  > A Pipeline Concurrency of **0** freezes execution of the pipeline, switching it to maintenance mode. Use this concurrency setting to modify existing pipelines and freeze execution until you complete the changes.
 - **Trigger Concurrency**: the maximum number of concurrent builds per trigger (1-31 or unlimited) -- set this when your pipeline has multiple triggers
  - Builds in pending approval will **be** counted when determining the concurrency limit for a pipeline
  - Honor the option defined globally in your Codefresh account

 The **Pipeline and Trigger Concurrency** limits are very important as they allow you to define how many instances of a pipeline can run in parallel when multiple commits or multiple pull requests take place.

 #### Select Kubernetes cluster contexts
 By default, all clusters integrated with Codefresh are automatically available for all pipelines in the account.
 The inject cluster option when enabled for the account allows you to selectively restrict the clusters which can be accessed from pipelines created for the user account.
 > This option is only available for Enterprise customers.

 Increase security by restricting access to users from different teams.
 Codefresh authenticates the credentials of each cluster during the build initialization phase. Fewer clusters mean shorter initializations and reduced build durations.

 **Prerequisites**
 * Account-level pipeline setting **Kubernetes cluster context pipeline injection** enabled
  The option to select clusters for a pipeline is available only when the account-level pipeline setting is enabled. See [Enabling cluster contexts for pipelines]({{site.baseurl}}/docs/administration/pipeline-settings/#enabling-cluster-contexts-for-pipelines).

 * **Update Cluster** permission for users in the Codefresh UI through [Permissions](https://g.codefresh.io/account-admin/permissions/teams){:target="\_blank"}.
  For more information, see [Access Control](https://codefresh.io/docs/docs/administration/access-control/#access-to-kubernetes-clusters-and-pipelines).

 As part of the Pipeline > Policies, you can either allow access to all clusters (the default), or only specific clusters as in the example below.

 {% include
 image.html
 lightbox="true"
 file="/images/pipeline/create/inject-cluster-contexts.png"
 url="/images/pipeline/create/inject-cluster-contexts.png"
 alt="Inject Kubernetes cluster contexts into pipeline"
 caption="Inject Kubernetes cluster contexts into pipeline"
 max-width="60%"
 %}

 When specific clusters are defined:
 * All users in the account with the Update Cluster permission have access only to the selected clusters.
 * The cluster contexts are injected during the build
 * The initialization step displays the selected cluster contexts


 {% include
 image.html
 lightbox="true"
 file="/images/pipeline/create/cluster-contexts-in-init-step.png"
 url="/images/pipeline/create/cluster-contexts-in-init-step.png"
 alt="Imported cluster contexts in pipeline's init step"
 caption="Imported cluster contexts in pipeline's init step"
 max-width="60%"
 %}





 #### Pipeline concurrency
 **Pipeline and Trigger Concurrency** limits are very important as they allow you to define how many instances of a pipeline can run in parallel when multiple commits or multiple pull requests take place.

 > Notice that these limits are *unrelated* to [parallelism within a single pipeline]({{site.baseurl}}/docs/codefresh-yaml/advanced-workflows/).

 * a pipeline that uses a shared resource such as a database or queue and you want to limit how many pipelines can access it
 * a pipeline that deploys to a single production environment (in most cases you only want one active pipeline touching production


 #### Build termination
 The **Build Termination** settings are useful for pipelines where you commit too fast (i.e. faster then the actual runtime of the pipeline).
 All these settings allow you to lesser the build instance for pipelines when too many triggers are launched at the same time.
 You will find them very useful in cases where too many developers are performing small commits and builds take a long time to finish (i.e. build takes 10 minutes to finish and developers perform multiple pushes every 2 minutes)
diff --git a/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png b/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png
diff --git a/images/administration/pipeline-settings/pipeline-settings-ui.png b/images/administration/pipeline-settings/pipeline-settings-ui.png
diff --git a/images/pipeline/create/cluster-contexts-in-init-step.png b/images/pipeline/create/cluster-contexts-in-init-step.png
diff --git a/images/pipeline/create/inject-cluster-contexts.png b/images/pipeline/create/inject-cluster-contexts.png
Original file line number	Diff line number	Diff line change
Expand Up		@@ -47,6 +47,29 @@ Here you can define global template behavior. The options are:

		Note that templates are simply normal pipelines “marked” as a template. There is no technical difference between templates and actual pipelines.

		## Enabling cluster-contexts for pipelines
		By default, all pipelines in the account can access all clusters integrated with Codefresh. Restrict pipeline access to clusters by enabling cluster-injection for individual pipelines in the account.

		Selectively restricting access to clusters for a pipeline:
		* Enhances security by restricting access to users from different teams.
		* Reduces the overall duration of the build by shortening the initialization phase.
		Codefresh authenticates the credentials of every cluster that the pipeline accesses during the initialization phase. This action affects build duration for accounts with large numbers of clusters.

		1. In the Codefresh UI, select Account Settings, and then [Pipeline Settings](https://g.codefresh.io/account-admin/account-conf/pipeline-settings){:target="\_blank"}.
		1. Toggle Kubernetes cluster context pipeline injection to ON.

		{% include image.html
		lightbox="true"
		file="/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png"
		url="/images/administration/pipeline-settings/pipeline-inject-cluster-accnt-setting.png"
		alt="Enabling cluster contexts for injection into pipelines"
		caption="Enabling cluster contexts for injection into pipelines"
		max-width="60%"
		%}

		You can then select specific clusters for individual pipelines, through the Kubernetes cluster option in the [Pipeline's Policies section]({{site.baseurl}}/docs/configure-ci-cd-pipeline/pipelines/#policies).


		## Pipeline YAML Section

		Here you can restrict the sources of pipeline YAML that users can select. The options are:
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -191,6 +191,14 @@ Once you create your pipeline you can also click on the top tab called *Settings

		### Policies

		- Kubernetes clusters: Control pipeline access to Kubernetes clusters integrated with Codefresh.
		* To allow the pipeline access to _all_ the cluster contexts integrated with Codefresh (the default), toggle Inject all Kubernetes cluster context to pipeline builds to ON.
		* To allow the pipeline access to _only_ specific clusters, start typing in the name of the cluster as defined in its integration settings, and select it from the list displayed by Codefresh.
		When defined, the initialization step in the pipeline displays the clusters selected for it.
		See [Select Kubernetes cluster contexts](#select-kubernetes-cluster-contexts).



		- Pipeline Concurrency: the maximum number of concurrent builds (0-30 or unlimited) -- set this when your pipeline has only one trigger
		> A Pipeline Concurrency of 0 freezes execution of the pipeline, switching it to maintenance mode. Use this concurrency setting to modify existing pipelines and freeze execution until you complete the changes.
		- Trigger Concurrency: the maximum number of concurrent builds per trigger (1-31 or unlimited) -- set this when your pipeline has multiple triggers
Expand All		@@ -209,7 +217,56 @@ Once you create your pipeline you can also click on the top tab called *Settings
		- Builds in pending approval will be counted when determining the concurrency limit for a pipeline
		- Honor the option defined globally in your Codefresh account

		The Pipeline and Trigger Concurrency limits are very important as they allow you to define how many instances of a pipeline can run in parallel when multiple commits or multiple pull requests take place.

		#### Select Kubernetes cluster contexts
		By default, all clusters integrated with Codefresh are automatically available for all pipelines in the account.
		The inject cluster option when enabled for the account allows you to selectively restrict the clusters which can be accessed from pipelines created for the user account.
		> This option is only available for Enterprise customers.

		Increase security by restricting access to users from different teams.
		Codefresh authenticates the credentials of each cluster during the build initialization phase. Fewer clusters mean shorter initializations and reduced build durations.

		Prerequisites
		* Account-level pipeline setting Kubernetes cluster context pipeline injection enabled
		The option to select clusters for a pipeline is available only when the account-level pipeline setting is enabled. See [Enabling cluster contexts for pipelines]({{site.baseurl}}/docs/administration/pipeline-settings/#enabling-cluster-contexts-for-pipelines).

		* Update Cluster permission for users in the Codefresh UI through [Permissions](https://g.codefresh.io/account-admin/permissions/teams){:target="\_blank"}.
		For more information, see [Access Control](https://codefresh.io/docs/docs/administration/access-control/#access-to-kubernetes-clusters-and-pipelines).

		As part of the Pipeline > Policies, you can either allow access to all clusters (the default), or only specific clusters as in the example below.

		{% include
		image.html
		lightbox="true"
		file="/images/pipeline/create/inject-cluster-contexts.png"
		url="/images/pipeline/create/inject-cluster-contexts.png"
		alt="Inject Kubernetes cluster contexts into pipeline"
		caption="Inject Kubernetes cluster contexts into pipeline"
		max-width="60%"
		%}

		When specific clusters are defined:
		* All users in the account with the Update Cluster permission have access only to the selected clusters.
		* The cluster contexts are injected during the build
		* The initialization step displays the selected cluster contexts


		{% include
		image.html
		lightbox="true"
		file="/images/pipeline/create/cluster-contexts-in-init-step.png"
		url="/images/pipeline/create/cluster-contexts-in-init-step.png"
		alt="Imported cluster contexts in pipeline's init step"
		caption="Imported cluster contexts in pipeline's init step"
		max-width="60%"
		%}





		#### Pipeline concurrency
		Pipeline and Trigger Concurrency limits are very important as they allow you to define how many instances of a pipeline can run in parallel when multiple commits or multiple pull requests take place.

		> Notice that these limits are unrelated to [parallelism within a single pipeline]({{site.baseurl}}/docs/codefresh-yaml/advanced-workflows/).

Expand All		@@ -218,6 +275,8 @@ Some common scenarios are:
		* a pipeline that uses a shared resource such as a database or queue and you want to limit how many pipelines can access it
		* a pipeline that deploys to a single production environment (in most cases you only want one active pipeline touching production


		#### Build termination
		The Build Termination settings are useful for pipelines where you commit too fast (i.e. faster then the actual runtime of the pipeline).
		All these settings allow you to lesser the build instance for pipelines when too many triggers are launched at the same time.
		You will find them very useful in cases where too many developers are performing small commits and builds take a long time to finish (i.e. build takes 10 minutes to finish and developers perform multiple pushes every 2 minutes)
Expand Down