Installation
To get Helm chart for this release run:
helm pull oci://quay.io/codefresh/gitops-runtime --version 0.28.0Breaking Changes
Argo CD v3.3.2 Compatibility
Argo CD has been updated to v3.3.2
⚠️ Important Notice
Users who have an Argo CD Application that manages their Argo CD installation must enable the following configurations for the upgrade to succeed:
- Sync option:
ServerSideApply=true - Annotation:
argocd.argoproj.io/compare-options: ServerSideDiff=true
Recommendations
Fresh Installation (v0.28+)
If you install cf-gitops-runtime from scratch, the initial commit in your ISC repository will contain all required settings for the self-managing "cf-gitops-runtime" application. No additional action is needed.
Upgrade from v0.27.x or Earlier
If you are upgrading from version < 0.28, perform the following manual actions in your ISC repository:
-
Update Argo CD Application Configuration
Edit
<path-to-ISC-repo>/resources/codefresh/cf-gitops-runtime.yamland add:metadata: annotations: argocd.argoproj.io/compare-options: ServerSideDiff=true
syncPolicy: syncOptions: - ServerSideApply=true
-
Update Chart Version
Edit
resources/<runtime_name>/chart/Chart.yamland update thegitops-runtimeversion:apiVersion: v2 appVersion: 1.0.0 description: Codefresh gitops runtime umbrella chart name: codefresh-gitops-runtime version: 0.28.0 dependencies: - name: gitops-runtime repository: oci://quay.io/codefresh version: 0.28.0
Security
Migration to Docker Hardened Images (DHI)
We have migrated our core components to Docker Hardened Images (DHI). This transition significantly improves the overall security posture and performance of the runtime:
Reduced Surface Area — DHI images are more lightweight, containing only the necessary binaries.
Enhanced Security — These images are built with stricter security standards, reducing the number of vulnerabilities.
Components Migrated:
runtime-installer images moved to DHI.
app-proxy-init migrated to the DHI base image.