Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Codefresh artifact signing#845

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
NimRegev merged 19 commits intomasterfromcodefresh-artifact-signing
Dec 3, 2023
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
Show all changes
19 commits
Select commitHold shift + click to select a range
b9538ed
Rename reference bucket to security
NimRegevNov 12, 2023
ff4f094
Update signed artifacts
NimRegevNov 15, 2023
b46f423
Update codefresh-signed-artifacts.md
NimRegevNov 15, 2023
b72271a
Update git-tokens.md
NimRegevNov 19, 2023
805ee55
Update git-tokens.md
NimRegevNov 19, 2023
c712024
Create git-tokens.md
NimRegevNov 19, 2023
5b490da
Move ref topics to security
NimRegevNov 19, 2023
34ae3f1
Replace reference with security
NimRegevNov 19, 2023
f4a2aad
Update git-tokens.md
NimRegevNov 19, 2023
4410756
Update home-content.yml
NimRegevNov 19, 2023
5c2e5aa
Update secrets
NimRegevNov 19, 2023
ac0f4e9
Update codefresh-signed-artifacts.md
NimRegevNov 19, 2023
cd59994
Update codefresh-signed-artifacts.md
NimRegevNov 30, 2023
808e732
Merge branch 'master' into codefresh-artifact-signing
NimRegevNov 30, 2023
e555b8c
Update related links
NimRegevNov 30, 2023
67c379c
Update codefresh-signed-artifacts.md
NimRegevDec 3, 2023
9eed6b7
Update codefresh-signed-artifacts.md
NimRegevDec 3, 2023
4d2d4d7
Update codefresh-signed-artifacts.md
NimRegevDec 3, 2023
7974a4e
Update codefresh-signed-artifacts.md
NimRegevDec 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions_data/home-content.yml
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -185,7 +185,7 @@
localurl: /docs/deployments/helm/helm-releases-management/
- title: Promoting Helm environments
localurl: /docs/deployments/helm/helm-environment-promotion/
- title: Creating Argo CD applications
- title: CreatingArgo CD applications
localurl: /docs/deployments/gitops/create-application/
- title: Monitoring Argo CD applications
localurl: /docs/deployments/gitops/applications-dashboard/
Expand DownExpand Up@@ -253,14 +253,16 @@
- title: Single Sign-On
localurl: /docs/administration/single-sign-on/

- title:Reference
- title:Security
icon: images/home-icons/guides.png
url: ""
links:
- title: Git tokens
localurl: /docs/reference/git-tokens/
- title: Git tokens for GitOps
localurl: /docs/security/git-tokens/
- title: Secrets for GitOps
localurl: /docs/reference/secrets
localurl: /docs/security/secrets/
- title: Verify authenticity of Codefresh artifacts
localurl: /docs/security/codefresh-signed-artifacts/

- title: "Incubation"
icon: images/home-icons/plugins.svg
Expand Down
16 changes: 7 additions & 9 deletions_data/nav.yml
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -49,12 +49,8 @@
- title: Dashboards & insights
url: "/dashboards"
pages:
- title: Home
- title: Home dashboard
url: "/home-dashboard"
- title: GitOps Environments
url: "/gitops-environments"
- title: GitOps Products
url: "/gitops-products"
- title: DORA metrics
url: "/dora-metrics"
- title: Images
Expand DownExpand Up@@ -593,13 +589,15 @@
- title: Managing Git PATs
url: "/manage-pats"

- title:Reference
url: "/reference"
- title:Security
url: "/security"
pages:
- title: Git tokens
- title: Git tokens for GitOps
url: "/git-tokens"
- title: Secrets
- title: Secrets for GitOps
url: "/secrets"
- title: Verify authenticity of Codefresh artifacts
url: "/codefresh-signed-artifacts"

- title: What's new
url: "/whats-new"
Expand Down
4 changes: 2 additions & 2 deletions_docs/administration/user-self-management/manage-pats.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -6,7 +6,7 @@ sub_group: user-self-management
toc: true
---

As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned GitOps Runtime. This is done through the Git user token, which is an access token unique to each user. For more details, including required scopes and how the Git user token differs from the Git Runtime token, see [Git tokens in Codefresh]({{site.baseurl}}/docs/reference/git-tokens/).
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned GitOps Runtime. This is done through the Git user token, which is an access token unique to each user. For more details, including required scopes and how the Git user token differs from the Git Runtime token, see [Git tokens in Codefresh]({{site.baseurl}}/docs/security/git-tokens/).

The authorization mode depends on the authorization method set up by your account admin:
* OAuth2
Expand DownExpand Up@@ -176,4 +176,4 @@ max-width="70%"


## Related articles
[Git tokens in Codefresh]({{site.baseurl}}/docs/reference/git-tokens/)
[Git tokens in Codefresh]({{site.baseurl}}/docs/security/git-tokens/)
452 changes: 0 additions & 452 deletions_docs/dashboards/gitops-products.md
View file
Open in desktop

This file was deleted.

15 changes: 3 additions & 12 deletions_docs/deployments/gitops/manage-application.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -552,21 +552,12 @@ The table describes the options for the `Rollout` resource.
|**Skip-current-step** | Skip executing the current step, and continue with the next step. |

## Delete Argo CD applications
Delete an Argo CD application from Codefresh. Deleting an application deletes the manifest from the Git repository, and then from the cluster where it is deployed. When deleted from the cluster, the application is removed from the GitOps Apps dashboard in Codefresh.

**Prune resources settings**
**Prune resources** in the application's General settings determines the scope of the delete action.
Delete an Argo CD application from Codefresh. Deleting an application deletes the manifest from the Git repository, and then from the cluster where it is deployed. When deleted from the cluster, the application is removed from the GitOps Apps dashboard in Codefresh.

>**Prune resources** in the application's General settings determines the scope of the delete action.
When selected, both the application and its resources are deleted. When cleared, only the application is deleted. For more information, review [Sync settings]({{site.baseurl}}/docs/deployments/gitops/create-application/#sync-settings).
Codefresh warns you of the implication of deleting the selected application in the Delete form.

**Deleting applications in Argo CD**
When you delete Argo CD applications in the Argo CD UI, you may still see them in Codefresh's GitOps Apps dashboard.

Codefresh employs a validation mechanism to detect applications deleted from Argo CD and to remove them from the GitOps Apps dashboard.
If the application continues to be displayed in the dashboard after it was deleted in Argo CD, it could be that the application hasn't been deleted from the cluster. It is essential to investigate further and check for conditions or settings preventing the application's deletion.


**How to**
1. In the Codefresh UI, from Ops in the sidebar, select [GitOps Apps](https://g.codefresh.io/2.0/applications-dashboard/list){:target="\_blank"}.
1. Select the application to delete.
1. Click the three dots for additional actions, and select **Delete**.
Expand Down
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -125,7 +125,7 @@ The table describes the arguments required to connect a GitHub Action to Codefre
| `CF_IMAGE` | The image to be enriched and reported in Codefresh. Pass the `[account-name]/[image-name]:[tag]` built in your CI. | Required |
| `CF_WORKFLOW_NAME` | The name assigned to the workflow that builds the image. When defined, the name is displayed in the Codefresh platform. Example, `Staging step` | Optional |
| `CF_GIT_BRANCH` | The Git branch with the commit and PR (pull request) data to add to the image. Pass the Branch from the event payload used to trigger your action. | Required |
| `CF_GITHUB_TOKEN` | The GitHub authentication token. See [Git tokens]({{site.baseurl}}/docs/reference/git-tokens/#git-personal-tokens). | Required |
| `CF_GITHUB_TOKEN` | The GitHub authentication token. See [Git tokens]({{site.baseurl}}/docs/security/git-tokens/#git-personal-tokens). | Required |
| `CF_GERRIT_CHANGE_ID` | Relevant only for Gerrit accounts. <br>The change ID or the commit message containing the Change ID to add to the image. For Gerrit, use this instead of `CF_GIT_BRANCH`. | Required |
| `CF_GERRIT_HOST_URL` | Relevant only for Gerrit accounts. <br> The URL of your website with the Gerrit instance, for example, `https://git.company-name.io`. | Required |
| `CF_GERRIT_USERNAME` | Relevant only for Gerrit accounts. <br> The username for your user account in Gerrit.| Required |
Expand Down
18 changes: 9 additions & 9 deletions_docs/installation/gitops/hybrid-gitops.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -815,7 +815,7 @@ If you are not sure which OS to select for `curl`, simply select one, and Codefr

### Before you begin
* Make sure you meet the [minimum requirements](#minimum-system-requirements) for installation
* Make sure you have [Runtime token with the required scopes from your Git provider]({{site.baseurl}}/docs/reference/git-tokens)
* Make sure you have [Runtime token with the required scopes from your Git provider]({{site.baseurl}}/docs/security/git-tokens)
* [Download or upgrade to the latest version of the CLI]({{site.baseurl}}/docs/installation/gitops/upgrade-gitops-cli/)
* Review [Hybrid Runtime installation flags](#hybrid-runtime-installation-flags)
* For ingress-based runtimes, make sure your ingress controller is configured correctly:
Expand DownExpand Up@@ -1000,15 +1000,15 @@ Skip validating scopes for the token provided (for any Git provider). This flag
To skip token validation, add `--skip-permission-validation true`.

> IMPORTANT:
Before using this flag, [review the required scopes for runtime tokens]({{site.baseurl}}/docs/reference/git-tokens/#git-runtime-token-scopes). <br><br>
Before using this flag, [review the required scopes for runtime tokens]({{site.baseurl}}/docs/security/git-tokens/#git-runtime-token-scopes). <br><br>
When defined, Codefresh does not validate the scopes assigned to the token provided. If the token does not include the scopes required for Codefresh to automatically create the repositories for the runtime and Git Source during installation, the installation will fail.
The alternative is to create both repos before the installation.


#### GitHub
GitHub is the default Git provider for Hybrid Runtimes. Being the default provider, for both the CLI wizard and Silent install, you need to provide only the repository URL and the Git runtime token.

> For the required scopes, see [GitHub and GitHub Enterprise Runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
> For the required scopes, see [GitHub and GitHub Enterprise Runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes).

`--repo <repo_url> --git-token <git-runtime-token>`

Expand All@@ -1025,15 +1025,15 @@ where:

Example:
`https://github.com/nr-codefresh/codefresh.io.git/runtimes/defs?ref=codefresh-prod`
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).

{::nomarkdown}
</br>
{:/}

#### GitHub Enterprise

> For the required scopes, see [GitHub and GitHub Enterprise runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes).
> For the required scopes, see [GitHub and GitHub Enterprise runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes).


`--provider github --repo <repo_url> --git-token <git-runtime-token>`
Expand All@@ -1052,15 +1052,15 @@ where:

Example:
`https://ghe-trial.devops.cf-cd.com/codefresh-io/codefresh.io.git/runtimes/defs?ref=codefresh-prod`
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitHub runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#github-and-github-enterprise-runtime-token-scopes)).


{::nomarkdown}
</br>
{:/}

#### GitLab Cloud
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).


`--provider gitlab --repo <https_project_url> --git-token <git_runtime_token>`
Expand All@@ -1086,7 +1086,7 @@ where:

`https://gitlab.com/parent-group/child-group/codefresh.git/runtimes/defs?ref=codefresh-prod` (group hierarchy)

* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitLab runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes)).
* `--git-token <git-runtime-token>` (required), is the Git token authenticating access to the Runtime installation repository (see [GitLab runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes)).


{::nomarkdown}
Expand All@@ -1096,7 +1096,7 @@ where:

#### GitLab Server

> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/reference/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).
> For the required scopes, see [GitLab Cloud and GitLab Server runtime token scopes]({{site.baseurl}}/docs/security/git-tokens/#gitlab-cloud-and-gitlab-server-runtime-token-scopes).

`--provider gitlab --repo <https_project_url> --git-token <git_runtime_token>`

Expand Down
2 changes: 1 addition & 1 deletion_docs/installation/gitops/managed-cluster.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -18,7 +18,7 @@ Adding a managed cluster via Codefresh ensures that Codefresh applies the requir
## Prerequisites

* For _Hosted GitOps_ Runtimes: [Configure access to these IP addresses]({{site.baseurl}}/docs/administration/platform-ip-addresses/)
* Valid Git personal access token with the [required scopes]({{site.baseurl}}/docs/reference/git-tokens)
* Valid Git personal access token with the [required scopes]({{site.baseurl}}/docs/security/git-tokens)
* [Latest version of the Codefresh CLI]({{site.baseurl}}/docs/installation/gitops/upgrade-gitops-cli/)
* Codefresh token in user settings
* For ingress-based GitOps Runtimes, the ingress host of the Runtime (use `cf runtime list` to get this)
Expand Down
2 changes: 1 addition & 1 deletion_docs/installation/gitops/monitor-manage-runtimes.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -208,7 +208,7 @@ The methods for updating any Git token are the same regardless of the reason for
### Update Git Runtime credentials in Codefresh UI

**Before you begin**
* To authenticate through a Git Runtime token, make sure your token is valid and has [the required scopes]({{site.baseurl}}//docs/reference/git-tokens/#git-runtime-token-scopes)
* To authenticate through a Git Runtime token, make sure your token is valid and has [the required scopes]({{site.baseurl}}//docs/security/git-tokens/#git-runtime-token-scopes)

**How to**
1. In the Codefresh UI, on the toolbar, click the **Settings** icon.
Expand Down
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -630,7 +630,7 @@ Version 2.0.0 incorporates a major version and chart change, including breaking
> The `kcfi`installer has been deprecated from Version 2.0.0 and higher.
>Helm is the recommended way to install Codefresh On-Premises. The `kcfi config.yaml` is NOT compatible with Helm-based installation. To reuse the same `config.yaml` for the Helm chart, you need to remove deprecated sections, and update configuration for other sections.

Follow the instructions in [Upgrading to 2.0.0](https://artifacthub.io/packages/helm/codefresh-onprem/codefresh/#to-2-0-0){:target="\_blank"}.
Follow the instructions in [Upgrading to 2.0.0](https://artifacthub.io/packages/helm/codefresh-onprem/codefresh/2.0.0-alpha.13#upgrading){:target="\_blank"}.



Expand Down
Loading
[8]ページ先頭
©2009-2025 Movatter.jp