GitOps CI integrations

Use Codefresh Hosted GitOps with any popular Continuous Integration (CI) solution, not just with Codefresh CI.

You can connect a third-party CI solution to Codefresh, such as GitHub Actions for example, to take care of common CI tasks such as building/testing/scanning source code, and have Codefresh Hosted GitOps still responsible for the deployment, including image enrichment and reporting.
The integration brings in all the CI information to your images which you can see in the Images dashboard.

See Image enrichment with GitOps integrations.

Codefresh image reporting and enrichment action

To support the integration between Codefresh and third-party CI platforms and tools, we have created dedicated actions for supported CI tools in the Codefresh Marketplace. These actions combine image enrichment and reporting through integrations with issue tracking and container registry tools.

NOTE
You can also configure the integration directly in the Codefresh UI, as described in Connect a third-party CI platform/tool to Codefresh.

Use the action as follows:

  1. Create your pipeline with your CI platform/tool as you usually do.
  2. Use existing CI actions for compiling code, running unit tests, security scanning etc.
  3. Place the final action in the pipeline as the “report image” action provided by Codefresh.
    See:
    GitHub Action Codefresh report image
    Codefresh pipeline Codefresh report image
  4. When the pipeline completes execution, Codefresh retrieves the information on the image that was built and its metadata through the integration names specified (essentially the same data that Codefresh CI would send automatically).
  5. View the image in Codefresh’s Images dashboard, and in any application in which it is used.

Connect a third-party CI platform/tool to GitOps

Connecting the CI platform/tool to GitOps from the UI includes configuring the required arguments, and then generating and copying the YAML manifest for the report image to your pipeline.

  1. In the Codefresh UI, on the toolbar, click the Settings icon, and then from the sidebar, select GitOps Integrations.
  2. Filter by CI tools, then select the CI tool and click Add.
  3. Define the arguments for the CI tool:
    Codefresh pipelines
    GitHub Actions
    Jenkins

NOTE
For the complete list of arguments you can use, see CI integration for GitOps argument reference in this article.

  1. To generate a YAML snippet with the arguments, on the top-right, click Generate Manifest.
    Codefresh validates the generated manifest, and alerts you to undefined arguments that are required, and other errors.

Example of manifest generated for Codefresh pipeline with validation errors

Example of manifest generated for Codefresh pipeline with validation errors
  1. If required, click Close, update as needed and generate the manifest again.
  2. If there are no validation errors, click Copy.
  3. Paste the copied manifest as the last step in your CI pipeline.

CI integration argument reference

The table describes all the arguments required for CI integrations in general. The actual arguments required, differs according to the CI integration tool.

Argument Description Required/Optional/Default
CF_HOST Deprecated from v 0.0.460 and higher. Recommend using CF_RUNTIME_NAME instead.
CF_HOST has been deprecated because the URL is not static, and any change can fail the enrichment.

The URL to the cluster with the Codefresh runtime to integrate with. If you have more than one runtime, select the runtime from the list. Codefresh displays the URL of the selected runtime cluster.
Deprecated
CF_RUNTIME_NAME The runtime to use for the integration. If you have more than one runtime, select the runtime from the list. Required
CF_PLATFORM_URL The root URL of the Codefresh application. The default value is https://g.codefresh.io. Optional
CF_API_KEY The API key for authentication. Generate the key for the integration. Required
CF_CONTAINER_REGISTRY_INTEGRATION The name of the container registry integration created in Codefresh where the image is stored to reference in the CI pipeline. See Container registry integrations.
Alternatively, you can use one of these container registries with explicit credentials:
  • DockerHub registry with CF_DOCKERHUB_USERNAME and CF_DOCKERHUB_PASSWORD.
  • Docker Registry Protocol v2 with CF_REGISTRY_DOMAIN, CF_REGISTRY_USERNAME, and CF_REGISTRY_PASSWORD.
  • Google Artifact Registry (GAR) with CF_GOOGLE_JSON_KEY and CF_GOOGLE_REGISTRY_HOST.
Optional
CF_DOCKERHUB_USERNAME Relevant only to provide explicit credentials to the Docker Hub container registry where the image is stored.
The username for the Docker Hub container registry.

To use a Docker Hub container registry integration created in Codefresh, set CF_CONTAINER_REGISTRY_INTEGRATION instead.
Optional
CF_DOCKERHUB_PASSWORD Relevant only if CF_DOCKERHUB_USERNAME is specified.
The password for the Docker Hub container registry.
Optional
CF_REGISTRY_USERNAME Relevant for container registries that support Docker Registry Protocol v2.
The username for the Docker Registry Protocol v2 container registry.

To use a container registry integration created in Codefresh, set CF_CONTAINER_REGISTRY_INTEGRATION instead.
Optional
CF_REGISTRY_PASSWORD Relevant only if CF_REGISTRY_USERNAME is specified.
The password for the Docker Registry Protocol v2 container registry.
Optional
CF_REGISTRY_DOMAIN Relevant only if CF_REGISTRY_USERNAME and CF_REGISTRY_PASSWORD are specified.
The domain for the Docker Registry Protocol v2 container registry.
Optional
CF_GOOGLE_JSON_KEY Relevant only for Google Artifact Registry (GAR) or Google Container Registry (GCR).
The Google Cloud Platform Service Account key in JSON format to authenticate to GAR or GCR.
Optional
CF_GOOGLE_REGISTRY_HOST Relevant only if CF_GOOGLE_JSON_KEY is specified.
The GAR or GCR host.
For example, us-central1-docker.pkg.dev or gcr.io.
Optional
CF_JIRA_INTEGRATION Deprecated from version 0.0.565 and higher. Replaced by CF_ISSUE_TRACKING_INTEGRATION. Deprecated
CF_ISSUE_TRACKING_INTEGRATION The name of the issue tracking integration created in Codefresh to use for image enrichment. Relevant only if Jira enrichment is required for the image. If you don’t have a Jira integration, click Create Atlassian Jira Integration and configure settings. See Jira integration. Optional
CF_IMAGE The image to be enriched and reported in Codefresh. Pass the [account-name]/[image-name]:[tag] built in your CI. Required
CF_WORKFLOW_NAME The name assigned to the workflow that builds the image. When defined, the name is displayed in the Codefresh platform. Example, Staging step Optional
CF_GIT_BRANCH The Git branch with the commit and PR (pull request) data to add to the image. Pass the Branch from the event payload used to trigger your action. Required
CF_GIT_REPO The Git repository with the configuration and code used to build the image.
  • Optional for GitHub Actions.
  • Required for Codefresh pipelines and Jenkins.
    Required
    CF_GIT_PROVIDER The Git provider for the integration, and can be either github, gitlab, bitbucket, gerrit.
    • Optional when you don't define other related Git provider arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
    • Required when you define at least one of the Git provider arguments. For example, when you define CF_GITLAB_TOKEN, then you must define all Git provider arguments, in this case, CF_GIT_PROVIDER as gitlab, and CF_GITLAB_HOST_URL.
      Optional
      CF_GITLAB_TOKEN The token to authenticate the GitLab account.
      • Optional when you don't define any GitLab-specific arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
      • Required when you define at least one of the GitLab-specific arguments, such as CF_GIT_PROVIDER as gitlab, or CF_GITLAB_HOST_URL.
        Optional
        CF_GITLAB_HOST_URL The URL address of your GitLab Cloud/Server instance.
        • Optional when you don't define other related GitLab-specific arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
        • Required when you define at least one of the GitLab-specific arguments, such as CF_GIT_PROVIDER as gitlab, or CF_GITLAB_TOKEN.
          Optional
          CF_BITBUCKET_USERNAME The username for the Bitbucket or the Bitbucket Server (on-prem) account.
          • Optional when you don't define other related Bitbucket-specific arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
          • Required when you define at least one of the Bitbucket-specific arguments, such as CF_GIT_PROVIDER as bitbucket, CF_BITBUCKET_PASSWORD or CF_BITBUCKET_HOST_URL.
            Optional
            CF_BITBUCKET_PASSWORD The password for the Bitbucket or the BitBucket Server (on-prem) account.
            • Optional when you don't define other related Bitbucket-specific arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
            • Required when you define at least one of the Bitbucket-specific arguments, such as CF_GIT_PROVIDER as bitbucket, CF_BITBUCKET_USERNAME, or CF_BITBUCKET_HOST_URL.
              Optional
              CF_BITBUCKET_HOST_URL Relevant only for Bitbucket Server accounts.
              The URL address of your Bitbucket Server instance. Example, https://bitbucket-server:7990.
              • Optional when you don't define other related Bitbucket Server-specific arguments. When not defined, Codefresh retrieves the required information from the runtime selected for the integration.
              • Required when you define at least one of the Bitbucket Server-specific arguments, such as CF_GIT_PROVIDER as bitbucket, CF_BITBUCKET_USERNAME or CF_BITBUCKET_PASSWORD.
              Optional
              CF_GERRIT_CHANGE_ID Relevant only for Gerrit accounts.
              The change ID or the commit message containing the Change ID to add to the image. For Gerrit, use this instead of CF_GIT_BRANCH.
              Required
              CF_GERRIT_HOST_URL Relevant only for Gerrit accounts.
              The URL of your website with the Gerrit instance, for example, https://git.company-name.io.
              Required
              CF_GERRIT_USERNAME Relevant only for Gerrit accounts.
              The username for your user account in Gerrit.
              Required
              CF_GERRIT_PASSWORD Relevant only for Gerrit accounts.
              The HTTP password for your user account in Gerrit, to use as the access token to authenticate HTTP requests to Gerrit.
              Required
              CF_JIRA_PROJECT_PREFIX Relevant only when CF_ISSUE_TRACKING_INTEGRATION is defined. One or more project prefixes in Jira to identify the Jira ticket number to use.
              NOTE: Multiple project prefixes require runtime version 0.1.30 or higher.
              To specify more than one prefix, use a comma-separated list or a regex.
              • Comma-separated list: DEV,PROD,SAAS
              • Regex: Regex must start with a front slash / and end with /g.
                Example: /[A-Z]{2,}-\d+/g.
              Required
              CF_JIRA_MESSAGE Relevant only when CF_ISSUE_TRACKING_INTEGRATION is defined. The Jira issue IDs matching the string to associate with the image. Required
              CF_JIRA_FAIL_ON_NOT_FOUND Relevant only when CF_ISSUE_TRACKING_INTEGRATION is defined. The report image action when the CF_JIRA_MESSAGE is not found. When set to true, the report image action is failed. Required

              Container registry GitOps integrations
              Issue tracking GitOps integrations