Codefresh on-premises feature management
Enable/disable features for Codefresh accounts in your organization
Codefresh account administrators can toggle specific features of the Codefresh platform on/off in on-premises environments. Feature management helps you to easily implement and manage functionality on an as- and when-needed basis.
You can enable or disable features for:
- A single account
- Specific accounts
- All accounts in the organization
Enable/disable features in on-premises platforms
Enable a feature for all accounts, or override the default setting and enable/disable the feature selectively for specific accounts. Account-level feature overrides are retained when you change the default setting for the feature. Review the feature list to understand the implications of enabling a feature.
- Sign in to Codefresh.
- On the top-right, click your avatar and then select Admin Panel.
- From the sidebar, click Feature Management.
- To enable a feature for all accounts under Enable, toggle the required feature to ON.
- To enable or disable the feature for a single account or for specific accounts, click the Edit icon, and then select the accounts from the Enable feature for and Disable feature for lists, as required.
System Features
System Features are generally only for internal use, and should not be changed. For more information, see Enable System Features.
IMPORTANT
Codefresh strongly recommends against enabling System Features unless you are familiar with the implications of turning on a System Feature.
If you need to turn on a System Feature, we recommend to first contact Codefresh support.
On-premises feature list
Here is an example of the Feature Management page in Admin Management for the organization. Any feature enabled or disabled in this page affects all Codefresh accounts in the organization.
The table describes in alphabetical order, the features you can open for Codefresh accounts.
Feature | Description | Default | Notes |
---|---|---|---|
appDiffView |
When enabled, and the application is out of sync, displays the differences for each resource in the application in either Compact or Split view modes. See Analyze out-of-sync applications with Diff View |
TRUE | |
abacAndRule |
When enabled, supports creating ABAC rules for entities in Codefresh pipelines using “AND”. See Configuring rules for access control in pipelines. |
TRUE | |
abacRuntimeEnvironments |
When enabled (the default), allows creating rules in Permissions which impacts options in Pipeline > Settings > Build Runtime:
|
TRUE | Default changed to TRUE in v2.5 |
abacHermesTriggers |
When enabled, restricts access to the legacy version of Cron triggers for users without permissions to edit pipelines. | FALSE | |
abacUIEnforcement |
When enabled (the default), for Pipelines, prevents the user from selecting options and performing actions which are not permitted. | TRUE | Default changed to TRUE in v2.5 |
abacV2UIEnforcement |
When enabled (the default), for GitOps, prevents the user from selecting options and performing actions which are not permitted. | TRUE | Default changed to TRUE in v2.5 |
accountInfoCopyButton |
When enabled (the default), adds the account ID to the URL. When sharing the URL with the account information, recipients can seamlessly switch accounts. | TRUE | Default changed to TRUE in v2.5 |
accessibilityContrast |
When enabled, displays an icon in the Codefresh toolbar allowing you to control the contrast by selecting the option that best suits the logged in user:
|
FALSE | |
allowUserUpdateBoards |
When enabled, allows users without admin roles to update Helm boards. Users can install, promote, create, and update sections. See Promoting Helm environments. |
FALSE | |
autoBuildSwitchAccount |
When enabled, and a user accesses a build from a different account, automatically switches to the corresponding account instead of the user having to do so manually. | FALSE | |
buildsTreeView |
When enabled (the default), shows a visualization of the parent and child builds of pipelines. See Creating build views. |
TRUE | |
cronTriggersInPipelineSpec |
When enabled, allows users to define Cron triggers in the pipeline YAMLs as a spec.cronTriggers array, instead of using a separate API.See Cron trigger specifications. |
TRUE | |
csdpFilterAppsByGitPermissions |
When enabled (the default), does not display the Git Sources and the Argo CD applications committed to these Git Sources for users without Git permissions or Git credentials for the same. | TRUE | |
delightedSurvey |
When enabled, displays Delighted CX surveys in the Codefresh UI. If there are security concerns because of outbound requests from clients, disable this Feature Flag. |
TRUE | |
dindPodRequestsEqualLimits |
When enabled, sets both the resource requests and limits for the pod to the same values. | FALSE | |
disableWelcomeScreen |
When enabled, bypasses the Codefresh Welcome screen that requires the user to enter additional information on first sign-in. Required mostly in on-premises environments, especially for LDAP, which has all login info already configured. |
FALSE | |
disableRolloutActionsWithoutRBAC |
Relevant to GitOps application deployments. When enabled, disables rollback and rollout controls in the Timeline’s tab’s Rollout Player for the application.
|
FALSE | |
disableInviteWelcomeMail |
When enabled, does not send the Welcome email to users invited to an account. | FALSE | |
forbidDecrypt |
When enabled, prevents users from decrypting secrets when running the codefresh get context --decrypt command. Users can bypass this by running --decrypt with the built-in CF_API_KEY command that is injected into every build. |
FALSE | . |
fullstory |
When enabled, allows Codefresh to track user activity in the Codefresh UI through Fullstory. NOTE: When enabled for air-gapped environments, client attempts to communicate with a Fullstory service may result in network errors. |
FALSE | |
genAICronExpression |
When enabled, supports generating Cron expressions in the Codefresh UI using Generative AI. | FALSE | |
gerritIntegration |
When enabled, enables Gerrit integration in Account settings. See also supportGerrit . See Gerrit as Git provider for pipelines. |
FALSE | |
gitopsArgoCdRollback |
Relevant to GitOps application deployments. When enabled, allows you to rollback active GitOps applications to previously deployed versions. See Rollback GitOps applications. |
FALSE | |
gitopsAppGroups |
When enabled, allows users to group GitOps applications by annotations, and view these applications in the Groups tab of the GitOps Apps dashboard. See Application Groups for GitOps applications. |
TRUE | |
gitopsDynamicBreadcrumbs |
When enabled (the default), supports rendering dynamic breadcrumbs for GitOps. | TRUE | |
gitopsImageReporting |
Relevant to ProjectOne. When enabled, reports images created with Codefresh Pipelines to the Images dashboard. See Images in Codefresh. |
FALSE | |
hideCompositionsMenuItem |
When enabled, does not show Compositions within Artifacts & Insights in the sidebar of the Codefresh UI. | FALSE | |
injectClusterListFromPipelineSettings |
When enabled, turns on the pipeline setting Kubernetes cluster context pipeline injection for the account. Individual users can then selectively inject clusters for pipelines from those to which they they access. This feature requires the users to have the Update Cluster permission. If not granted, then this feature has no impact when enabled. See Enabling cluster-contexts for pipelines. |
FALSE | |
logMasking |
When enabled, secrets in build logs, both online and offline logs, are masked and replaced by asterisks. This feature is currently available only for Enterprise customers. |
FALSE | |
parallelKubectlOperations |
When enabled, allows running parallel steps that includes kubectl . Especially Helm install and deploy steps that deploy to multiple clusters with kubectl in parallel. |
FALSE | |
pipelineCreditConsumption |
When enabled (the default), supports credit-consumption analytics for pipelines. | TRUE | |
pipelineScopes |
When enabled, enables Codefresh administrators to configure the API scopes for pipelines at account level. All pipelines in the account inherit these scopes. Codefresh administrators can also override these scopes for individual pipelines. See Pipeline scopes. |
TRUE | |
productCRD |
New feature currently in development for GitOps. When enabled, allows creating a Custom Resource Definition (CRD) for the Product entity in GitOps. |
FALSE | |
promotionOrchestration |
New feature currently in development for GitOps. When enabled, allows promotion orchestration for products including product’s releases API and promotion flow API. |
FALSE | |
promotionFlow |
New feature currently in development. When enabled, allows you to drag an application in the GitOps Product dashboard from its current Environment to a different Environment and trigger a promotion flow. |
FALSE | |
promotionWorkflows |
New feature currently in development. When enabled, allows you create and run workflows when a promotion is triggered. |
FALSE | |
reportBuildStatusPerPipelineTriggerEvent |
Currently supported for Bitbucket cloud. When enabled, for builds with the same pipelineId , reports build statuses separately per triggerId and trigger event. |
FALSE | |
restrictedGitSource |
When enabled, allows you to create a Restricted Git Source in addition to a standard Git Source. See Managing Git Sources in GitOps Runtimes. |
FALSE | |
supportGerrit |
When enabled, adds the capability to connect to Gerrit as a Git provider. See Gerrit as Git provider for pipelines. |
FALSE | |
rolloutPlayerLiveState |
When enabled (the default), updates Rollout events directly from AppProxy for faster response times. | TRUE | |
runtimeEnvironmentTags |
When enabled, allows creating rules in Permissions for Build Runtime Environments to enable or disable the Runtime Environments available for assignment to pipelines based on tags. Restricted Runtime Environments will appear disabled in Pipeline > Settings > Build Runtime. | FALSE | |
serviceAccounts |
When enabled (the default), allows Codefresh administrators to create shared Service Accounts not associated with specific users for centralized access and permissions management. | TRUE | Default changed to TRUE in v2.5 |
supportOpenIdConnectInBuilds |
When enabled (the default), supports OIDC in pipeline builds, including obtaining and using ID tokens to authenticate and authorize pipeline actions on cloud providers. See OpenID Connect for pipeline integrations. |
TRUE | |
stepTimeout |
When enabled (the default), allows you to add the timeout flag with the <duration> and <units> to steps in pipelines. When added, the step terminates execution automatically if the step exceeds the duration of the specified timeout.See Steps in pipelines and browse the Field descriptions for any step type that is supported, git-clone for example. |
TRUE | |
useLogsTimestamps |
When enabled, prepends the date and time to every line in the log. This flag must be enabled to share URL for build logs. When enabled, and you have build automation, you may need to adjust the regex for search as the line does not start with the log text. |
FALSE | |
useRepoAndBranchesNextPagination |
When enabled, when adding Triggers to pipeline workflows, the Repository dropdown displays repositories and branches in paginated format, with the Next button for navigating between pages. | FALSE |
Related articles
Codefresh on-premises installation
Codefresh on-premises upgrade
Codefresh on-premises account & user setup