From da8766be9dd05940e1a9fe720d461eb3bb817dea Mon Sep 17 00:00:00 2001 From: "codefresh-git-integration[bot]" <151943927+codefresh-git-integration[bot]@users.noreply.github.com> Date: Wed, 24 Jun 2026 20:09:52 +0000 Subject: [PATCH 1/2] Update Chart.yaml and changelog for 0.29.16 release --- charts/gitops-runtime/Chart.yaml | 10 ++-------- charts/gitops-runtime/README.md | 10 +++++----- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 342aa9c6..86474804 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -16,14 +16,8 @@ annotations: artifacthub.io/containsSecurityUpdates: "true" # Supported kinds: `added`, `changed`, `deprecated`, `removed`, `fixed`, `security`: artifacthub.io/changes: |- - - kind: security - description: 'Update "argo-gateway" to "3683869". Security fixes' - - kind: security - description: 'Update "cap-app-proxy" to "1.4103.0". Security fixes' - - kind: security - description: 'Update "codefresh-gitops-operator" to "c03bf91". Security fixes' - - kind: security - description: 'Update "csdp-image-enrichers" to "1.1.28-main". Security fixes' + - kind: changed + description: 'fix(internal-router): bump nginx-unprivileged for security fix (#1223)' dependencies: # The image for this chart was overridden because argocd doesn’t release the chart for 3.3.10 version. # Don't forget to remove the image override after updating to a new version of the chart. diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index 18c94f42..ccc25f22 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -1,5 +1,5 @@ ## Codefresh gitops runtime -![Version: 0.29.15](https://img.shields.io/badge/Version-0.29.15-informational?style=flat-square) ![AppVersion: 0.2.3](https://img.shields.io/badge/AppVersion-0.2.3-informational?style=flat-square) +![Version: 0.29.16](https://img.shields.io/badge/Version-0.29.16-informational?style=flat-square) ![AppVersion: 0.2.3](https://img.shields.io/badge/AppVersion-0.2.3-informational?style=flat-square) ## Table of Content @@ -205,7 +205,7 @@ We have created a helper utility to resolve this issue: The utility is packaged in a container image. Below are instructions on executing the utility using Docker: ``` -docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.29.15 +docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.29.16 ``` `output_dir` - is a local directory where the utility will output files.
`local_registry` - is your local registry where you want to mirror the images to @@ -218,7 +218,7 @@ The utility will output 4 files into the folder: For usage with external ArgoCD run the utility with `EXTERNAL_ARGOCD` environment variable set to `true`. ``` -docker run -e EXTERNAL_ARGOCD=true -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.29.15 +docker run -e EXTERNAL_ARGOCD=true -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.29.16 ``` ## Openshift @@ -799,12 +799,12 @@ global: | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"gitops-runtime"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | | redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | -| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. # https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | | redis-ha.topologySpreadConstraints.whenUnsatisfiable | string | `""` (defaults to `ScheduleAnyway`) | Enforcement policy, hard or soft | -| redis-secret-init | object | `{"affinity":{},"image":{"registry":"docker.io","repository":"alpine/kubectl","tag":"1.35.4"},"nodeSelector":{},"tolerations":[]}` | Enable hook job to create redis secret | +| redis-secret-init | object | `{"affinity":{},"image":{"registry":"docker.io","repository":"alpine/kubectl","tag":"1.36.2"},"nodeSelector":{},"tolerations":[]}` | Enable hook job to create redis secret | | redis.image | object | `{"registry":"public.ecr.aws","repository":"docker/library/redis","tag":"8.2.1-alpine"}` | Redis image | | redis.metrics | object | `{"enabled":true,"env":{},"envFrom":[],"image":{"registry":"ghcr.io","repository":"oliver006/redis_exporter","tag":"v1.72.1"},"livenessProbe":{"enabled":true,"failureThreshold":5,"initialDelaySeconds":30,"periodSeconds":15,"successThreshold":1,"timeoutSeconds":15},"readinessProbe":{"enabled":true,"failureThreshold":5,"initialDelaySeconds":30,"periodSeconds":15,"successThreshold":1,"timeoutSeconds":15},"resources":{},"serviceMonitor":{"enabled":false}}` | Enable metrics sidecar | | redis.metrics.serviceMonitor | object | `{"enabled":false}` | Enable a prometheus ServiceMonitor | From cec64c21de5d59992248cfee560b0d0350474da4 Mon Sep 17 00:00:00 2001 From: Vasil Sudakou Date: Thu, 25 Jun 2026 00:16:25 +0400 Subject: [PATCH 2/2] chore: update release notes --- charts/gitops-runtime/Chart.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 86474804..4a981ecd 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -16,8 +16,12 @@ annotations: artifacthub.io/containsSecurityUpdates: "true" # Supported kinds: `added`, `changed`, `deprecated`, `removed`, `fixed`, `security`: artifacthub.io/changes: |- - - kind: changed - description: 'fix(internal-router): bump nginx-unprivileged for security fix (#1223)' + - kind: security + description: 'Update "codefresh-tunnel-client" to 0.1.25. Security fixes' + - kind: security + description: 'Update "nginx-unprivileged" to 1.31.2-alpine3.23. Security fixes' + - kind: security + description: 'Update "alpine/kubectl" to 1.36.2. Security fixes' dependencies: # The image for this chart was overridden because argocd doesn’t release the chart for 3.3.10 version. # Don't forget to remove the image override after updating to a new version of the chart.