Codefresh on-premises feature management

Enable/disable features for Codefresh accounts in your organization

Codefresh account administrators can toggle specific features of the Codefresh platform on/off in on-premises environments. Feature management helps you to easily implement and manage functionality on an as- and when-needed basis.

You can enable or disable features for:

  1. A single account
  2. Specific accounts
  3. All accounts in the organization

Enable/disable features in on-premises platforms

Enable a feature for all accounts, or override the default setting and enable/disable the feature selectively for specific accounts. Account-level feature overrides are retained when you change the default setting for the feature. Review the feature list to understand the implications of enabling a feature.

  1. Sign in to Codefresh.
  2. On the top-right, click your avatar and then select Admin Panel.
  3. From the sidebar, click Feature Management.
  4. To enable a feature for all accounts under Enable, toggle the required feature to ON.
  5. To enable or disable the feature for a single account or for specific accounts, click the Edit icon, and then select the accounts from the Enable feature for and Disable feature for lists, as required.

Enabling/disabling features for accounts

Enabling/disabling features for accounts

System Features

System Features are generally only for internal use, and should not be changed. For more information, see Enable System Features.

IMPORTANT
Codefresh strongly recommends against enabling System Features unless you are familiar with the implications of turning on a System Feature.
If you need to turn on a System Feature, we recommend to first contact Codefresh support.

On-premises feature list

Here is an example of the Feature Management page in Admin Management for the organization. Any feature enabled or disabled in this page affects all Codefresh accounts in the organization.

Feature Management for accounts

Feature Management for accounts

The table describes in alphabetical order, the features you can open for Codefresh accounts.

Feature Description Default Notes
appDiffView When enabled, and the application is out of sync, displays the differences for each resource in the application in either Compact or Split view modes.
See Analyze out-of-sync applications with Diff View
TRUE  
abacAndRule When enabled, supports creating ABAC rules for entities in Codefresh pipelines using “AND”.
See Configuring rules for access control in pipelines.
TRUE  
abacRuntimeEnvironments When enabled (the default), allows creating rules in Permissions which impacts options in Pipeline > Settings > Build Runtime:
  • Build Runtime Environment: When enabled, allows restricting Runtime Environments available for pipelines based on tags. Restricted Runtime Environments are disabled in the Runtime Environments list for the pipeline/build run.
  • Pipeline actions:
    • Manage resources: Select CPU, memory, and minimum disk space for the pipeline/build run.
    • Set runtime environment: Select a Runtime Environment from those available in the Runtime Environments list for the pipeline/build run.
    • Set cloud builds: Set Cloud build and select the resource size for the pipeline/build run.
TRUE Default changed to TRUE in v2.5
abacHermesTriggers When enabled, restricts access to the legacy version of Cron triggers for users without permissions to edit pipelines. FALSE  
abacUIEnforcement When enabled (the default), for Pipelines, prevents the user from selecting options and performing actions which are not permitted. TRUE Default changed to TRUE in v2.5
abacV2UIEnforcement When enabled (the default), for GitOps, prevents the user from selecting options and performing actions which are not permitted. TRUE Default changed to TRUE in v2.5
accountInfoCopyButton When enabled (the default), adds the account ID to the URL. When sharing the URL with the account information, recipients can seamlessly switch accounts. TRUE Default changed to TRUE in v2.5
accessibilityContrast When enabled, displays an icon in the Codefresh toolbar allowing you to control the contrast by selecting the option that best suits the logged in user:
  • Invert colors and Bold colors (saturate): Optimized for visually impaired users.
  • Smart Contrast: Increases the contrast between the text and the background to the maximum possible.
FALSE  
allowUserUpdateBoards When enabled, allows users without admin roles to update Helm boards. Users can install, promote, create, and update sections.
See Promoting Helm environments.
FALSE  
autoBuildSwitchAccount When enabled, and a user accesses a build from a different account, automatically switches to the corresponding account instead of the user having to do so manually. FALSE  
buildsTreeView When enabled (the default), shows a visualization of the parent and child builds of pipelines.
See Creating build views.
TRUE  
cronTriggersInPipelineSpec When enabled, allows users to define Cron triggers in the pipeline YAMLs as a spec.cronTriggers array, instead of using a separate API.
See Cron trigger specifications.
TRUE  
csdpFilterAppsByGitPermissions When enabled (the default), does not display the Git Sources and the Argo CD applications committed to these Git Sources for users without Git permissions or Git credentials for the same. TRUE  
delightedSurvey When enabled, displays Delighted CX surveys in the Codefresh UI.
If there are security concerns because of outbound requests from clients, disable this Feature Flag.
TRUE  
dindPodRequestsEqualLimits When enabled, sets both the resource requests and limits for the pod to the same values. FALSE  
disableWelcomeScreen When enabled, bypasses the Codefresh Welcome screen that requires the user to enter additional information on first sign-in.
Required mostly in on-premises environments, especially for LDAP, which has all login info already configured.
FALSE  
disableRolloutActionsWithoutRBAC Relevant to GitOps application deployments.
When enabled, disables rollback and rollout controls in the Timeline’s tab’s Rollout Player for the application.
FALSE  
disableInviteWelcomeMail When enabled, does not send the Welcome email to users invited to an account. FALSE  
forbidDecrypt When enabled, prevents users from decrypting secrets when running the codefresh get context --decrypt command.
Users can bypass this by running --decrypt with the built-in CF_API_KEY command that is injected into every build.
FALSE .
fullstory When enabled, allows Codefresh to track user activity in the Codefresh UI through Fullstory.
NOTE: When enabled for air-gapped environments, client attempts to communicate with a Fullstory service may result in network errors.
FALSE  
genAICronExpression When enabled, supports generating Cron expressions in the Codefresh UI using Generative AI. FALSE  
gerritIntegration When enabled, enables Gerrit integration in Account settings. See also supportGerrit.
See Gerrit as Git provider for pipelines.
FALSE  
gitopsArgoCdRollback Relevant to GitOps application deployments.
When enabled, allows you to rollback active GitOps applications to previously deployed versions.
See Rollback GitOps applications.
FALSE  
gitopsAppGroups When enabled, allows users to group GitOps applications by annotations, and view these applications in the Groups tab of the GitOps Apps dashboard.
See Application Groups for GitOps applications.
TRUE  
gitopsDynamicBreadcrumbs When enabled (the default), supports rendering dynamic breadcrumbs for GitOps. TRUE  
gitopsImageReporting Relevant to ProjectOne.
When enabled, reports images created with Codefresh Pipelines to the Images dashboard.
See Images in Codefresh.
FALSE  
hideCompositionsMenuItem When enabled, does not show Compositions within Artifacts & Insights in the sidebar of the Codefresh UI. FALSE  
injectClusterListFromPipelineSettings When enabled, turns on the pipeline setting Kubernetes cluster context pipeline injection for the account. Individual users can then selectively inject clusters for pipelines from those to which they they access.

This feature requires the users to have the Update Cluster permission. If not granted, then this feature has no impact when enabled.
See Enabling cluster-contexts for pipelines.
FALSE  
logMasking When enabled, secrets in build logs, both online and offline logs, are masked and replaced by asterisks.

This feature is currently available only for Enterprise customers.
FALSE  
parallelKubectlOperations When enabled, allows running parallel steps that includes kubectl. Especially Helm install and deploy steps that deploy to multiple clusters with kubectl in parallel. FALSE  
pipelineCreditConsumption When enabled (the default), supports credit-consumption analytics for pipelines. TRUE  
pipelineScopes When enabled, enables Codefresh administrators to configure the API scopes for pipelines at account level. All pipelines in the account inherit these scopes. Codefresh administrators can also override these scopes for individual pipelines.
See Pipeline scopes.
TRUE  
productCRD New feature currently in development for GitOps.
When enabled, allows creating a Custom Resource Definition (CRD) for the Product entity in GitOps.
FALSE  
promotionOrchestration New feature currently in development for GitOps.
When enabled, allows promotion orchestration for products including product’s releases API and promotion flow API.
FALSE  
promotionFlow New feature currently in development.
When enabled, allows you to drag an application in the GitOps Product dashboard from its current Environment to a different Environment and trigger a promotion flow.
FALSE  
promotionWorkflows New feature currently in development.
When enabled, allows you create and run workflows when a promotion is triggered.
FALSE  
reportBuildStatusPerPipelineTriggerEvent Currently supported for Bitbucket cloud.
When enabled, for builds with the same pipelineId, reports build statuses separately per triggerId and trigger event.
FALSE  
restrictedGitSource When enabled, allows you to create a Restricted Git Source in addition to a standard Git Source.
See Managing Git Sources in GitOps Runtimes.
FALSE  
supportGerrit When enabled, adds the capability to connect to Gerrit as a Git provider.
See Gerrit as Git provider for pipelines.
FALSE  
rolloutPlayerLiveState When enabled (the default), updates Rollout events directly from AppProxy for faster response times. TRUE  
runtimeEnvironmentTags When enabled, allows creating rules in Permissions for Build Runtime Environments to enable or disable the Runtime Environments available for assignment to pipelines based on tags. Restricted Runtime Environments will appear disabled in Pipeline > Settings > Build Runtime. FALSE  
serviceAccounts When enabled (the default), allows Codefresh administrators to create shared Service Accounts not associated with specific users for centralized access and permissions management. TRUE Default changed to TRUE in v2.5
supportOpenIdConnectInBuilds When enabled (the default), supports OIDC in pipeline builds, including obtaining and using ID tokens to authenticate and authorize pipeline actions on cloud providers.
See OpenID Connect for pipeline integrations.
TRUE  
stepTimeout When enabled (the default), allows you to add the timeout flag with the <duration> and <units> to steps in pipelines. When added, the step terminates execution automatically if the step exceeds the duration of the specified timeout.
See Steps in pipelines and browse the Field descriptions for any step type that is supported, git-clone for example.
TRUE  
useLogsTimestamps When enabled, prepends the date and time to every line in the log.
This flag must be enabled to share URL for build logs.
When enabled, and you have build automation, you may need to adjust the regex for search as the line does not start with the log text.
FALSE  
useRepoAndBranchesNextPagination When enabled, when adding Triggers to pipeline workflows, the Repository dropdown displays repositories and branches in paginated format, with the Next button for navigating between pages. FALSE  

Codefresh on-premises installation
Codefresh on-premises upgrade
Codefresh on-premises account & user setup