Improve this page on GitHub

Codefresh on-premises feature management

Enable/disable features for Codefresh accounts in your organization

Codefresh account administrators can toggle specific features of the Codefresh platform on/off in on-premises environments. Feature management helps you to easily implement and manage functionality on an as- and when-needed basis.

You can enable or disable features for:

  1. A single account
  2. Specific accounts
  3. All accounts in the organization

Enable/disable features in on-premises platforms

Enable a feature for all accounts, or override the default setting and enable/disable the feature selectively for specific accounts. Account-level feature overrides are retained when you change the default setting for the feature. Review the feature list to understand the implications of enabling a feature.

  1. Sign in to Codefresh.
  2. On the top-right, click your avatar and then select Admin Panel.
  3. From the sidebar, click Feature Management.
  4. To enable a feature for all accounts under Enable, toggle the required feature to ON.
  5. To enable or disable the feature for a single account or for specific accounts, click the Edit icon, and then select the accounts from the Enable feature for and Disable feature for lists, as required.

Enabling/disabling features for accounts

Enabling/disabling features for accounts

System Features

System Features are generally only for internal use, and should not be changed. For more information, see Enable System Features.

IMPORTANT
Codefresh strongly recommends against enabling System Features unless you are familiar with the implications of turning on a System Feature.
If you need to turn on a System Feature, we recommend to first contact Codefresh support.

On-premises feature list

Here is an example of the Feature Management page in Admin Management for the organization. Any feature enabled or disabled in this page affects all Codefresh accounts in the organization.

Feature Management for accounts

Feature Management for accounts

The table describes in alphabetical order, the features you can open for Codefresh accounts.

Feature Description Default    
appDiffView When enabled, and the application is out of sync, displays the differences for each resource in the application in either Compact or Split view modes.
See Analyze out-of-sync applications with Diff View		 TRUE    
abacAndRule When enabled, supports creating ABAC rules for entities in Codefresh pipelines using “AND”.
See Configuring rules for access control in pipelines.		 TRUE    
abacRuntimeEnvironments When enabled, allows creating rules in Permissions which impacts options in Pipeline > Settings > Build Runtime:
  • Build Runtime Environment: When enabled, allows restricting Runtime Environments available for pipelines based on tags. Restricted Runtime Environments are disabled in the Runtime Environments list for the pipeline/build run.
  • Pipeline actions:
    • Manage resources: Select CPU, memory, and minimum disk space for the pipeline/build run.
    • Set runtime environment: Select a Runtime Environment from those available in the Runtime Environments list for the pipeline/build run.
    • Set cloud builds: Set Cloud build and select the resource size for the pipeline/build run.
 FALSE   FALSE
abacHermesTriggers When enabled, restricts access to the legacy version of Cron triggers for users without permissions to edit pipelines. FALSE    
abacUIEnforcement When enabled, for Pipelines, prevents the user from selecting options and performing actions which are not permitted. FALSE    
abacV2UIEnforcement When enabled, for GitOps, prevents the user from selecting options and performing actions which are not permitted. FALSE    
accountInfoCopyButton When enabled, the account ID is added to the URL. When sharing the URL with the account information, recipients can seamlessly switch accounts. FALSE    
accessibilityContrast When enabled, displays an icon in the Codefresh toolbar allowing you to control the contrast by selecting the option that best suits the logged in user:
  • Invert colors and Bold colors (saturate): Optimized for visually impaired users.
  • Smart Contrast: Increases the contrast between the text and the background to the maximum possible.
 FALSE    
allowUserUpdateBoards When enabled, allows users without admin roles to update Helm boards. Users can install, promote, create, and update sections.
See Promoting Helm environments.		 FALSE    
autoBuildSwitchAccount When enabled, and a user accesses a build from a different account, automatically switches to the corresponding account instead of the user having to do so manually. FALSE    
buildsTreeView When enabled (the default), shows a visualization of the parent and child builds of pipelines.
See Creating build views.		 TRUE    
cronTriggersInPipelineSpec When enabled, allows users to define Cron triggers in the pipeline YAMLs as a spec.cronTriggers array, instead of using a separate API.
See Cron trigger specifications.		 TRUE    
csdpFilterAppsByGitPermissions When enabled (the default), does not display the Git Sources and the Argo CD applications committed to these Git Sources for users without Git permissions or Git credentials for the same. TRUE    
delightedSurvey When enabled, displays Delighted CX surveys in the Codefresh UI.
If there are security concerns because of outbound requests from clients, disable this Feature Flag.		 TRUE    
dindPodRequestsEqualLimits When enabled, sets both the resource requests and limits for the pod to the same values. FALSE    
disableWelcomeScreen When enabled, bypasses the Codefresh Welcome screen that requires the user to enter additional information on first sign-in.
Required mostly in on-premises environments, especially for LDAP, which has all login info already configured.		 FALSE    
disableRolloutActionsWithoutRBAC Relevant to GitOps application deployments.
When enabled, disables rollback and rollout controls in the Timeline’s tab’s Rollout Player for the application. 		FALSE    
disableInviteWelcomeMail When enabled, does not send the Welcome email to users invited to an account. FALSE    
forbidDecrypt When enabled, prevents users from decrypting secrets when running the codefresh get context --decrypt command.
Users can bypass this by running --decrypt with the built-in CF_API_KEY command that is injected into every build.		 FALSE    
fullstory When enabled, allows Codefresh to track user activity in the Codefresh UI through Fullstory.
NOTE: When enabled for air-gapped environments, client attempts to communicate with a Fullstory service may result in network errors.		 FALSE    
genAICronExpression When enabled, supports generating Cron expressions in the Codefresh UI using Generative AI. FALSE    
gerritIntegration When enabled, enables Gerrit integration in Account settings. See also supportGerrit.
See Gerrit as Git provider for pipelines.		 FALSE    
gitopsArgoCdRollback Relevant to GitOps application deployments.
When enabled, allows you to rollback active GitOps applications to previously deployed versions.
See Rollback GitOps applications.		 FALSE    
gitopsAppGroups When enabled, allows users to group GitOps applications by annotations, and view these applications in the Groups tab of the GitOps Apps dashboard.
See Application Groups for GitOps applications.		 TRUE    
gitopsDynamicBreadcrumbs When enabled (the default), supports rendering dynamic breadcrumbs for GitOps. TRUE    
gitopsImageReporting Relevant to ProjectOne.
When enabled, reports images created with Codefresh Pipelines to the Images dashboard.
See Images in Codefresh.		 FALSE    
hideCompositionsMenuItem When enabled, does not show Compositions within Artifacts & Insights in the sidebar of the Codefresh UI. FALSE    
injectClusterListFromPipelineSettings When enabled, turns on the pipeline setting Kubernetes cluster context pipeline injection for the account. Individual users can then selectively inject clusters for pipelines from those to which they they access.

This feature requires the users to have the Update Cluster permission. If not granted, then this feature has no impact when enabled.
See Enabling cluster-contexts for pipelines.		 FALSE    
logMasking When enabled, secrets in build logs, both online and offline logs, are masked and replaced by asterisks.

This feature is currently available only for Enterprise customers.		 FALSE    
parallelKubectlOperations When enabled, allows running parallel steps that includes kubectl. Especially Helm install and deploy steps that deploy to multiple clusters with kubectl in parallel. FALSE    
pipelineCreditConsumption When enabled (the default), supports credit-consumption analytics for pipelines. TRUE    
pipelineScopes When enabled, enables Codefresh administrators to configure the API scopes for pipelines at account level. All pipelines in the account inherit these scopes. Codefresh administrators can also override these scopes for individual pipelines.
See Pipeline scopes.		 TRUE    
productCRD New feature currently in development for GitOps.
When enabled, allows creating a Custom Resource Definition (CRD) for the Product entity in GitOps.		 FALSE    
promotionOrchestration New feature currently in development for GitOps.
When enabled, allows promotion orchestration for products including product’s releases API and promotion flow API.		 FALSE    
promotionFlow New feature currently in development.
When enabled, allows you to drag an application in the GitOps Product dashboard from its current Environment to a different Environment and trigger a promotion flow.		 FALSE    
promotionWorkflows New feature currently in development.
When enabled, allows you create and run workflows when a promotion is triggered.		 FALSE    
reportBuildStatusPerPipelineTriggerEvent Currently supported for Bitbucket cloud.
When enabled, for builds with the same pipelineId, reports build statuses separately per triggerId and trigger event.		 FALSE    
restrictedGitSource When enabled, allows you to create a Restricted Git Source in addition to a standard Git Source.
See Managing Git Sources in GitOps Runtimes.		 FALSE    
supportGerrit When enabled, adds the capability to connect to Gerrit as a Git provider.
See Gerrit as Git provider for pipelines.		 FALSE    
rolloutPlayerLiveState When enabled (the default), updates Rollout events directly from AppProxy for faster response times. TRUE    
runtimeEnvironmentTags When enabled, allows creating rules in Permissions for Build Runtime Environments to enable or disable the Runtime Environments available for assignment to pipelines based on tags. Restricted Runtime Environments will appear disabled in Pipeline > Settings > Build Runtime. FALSE    
serviceAccounts When enabled, allows Codefresh administrators to create shared Service Accounts not associated with specific users for centralized access and permissions management. FALSE    
supportOpenIdConnectInBuilds When enabled (the default), supports OIDC in pipeline builds, including obtaining and using ID tokens to authenticate and authorize pipeline actions on cloud providers.
See OpenID Connect for pipeline integrations.		 TRUE    
stepTimeout When enabled (the default), allows you to add the timeout flag with the <duration> and <units> to steps in pipelines. When added, the step terminates execution automatically if the step exceeds the duration of the specified timeout.
See Steps in pipelines and browse the Field descriptions for any step type that is supported, git-clone for example.		 TRUE    
useLogsTimestamps When enabled, prepends the date and time to every line in the log.
This flag must be enabled to share URL for build logs.
When enabled, and you have build automation, you may need to adjust the regex for search as the line does not start with the log text.		 FALSE    
useRepoAndBranchesNextPagination When enabled, when adding Triggers to pipeline workflows, the Repository dropdown displays repositories and branches in paginated format, with the Next button for navigating between pages. FALSE    

Codefresh on-premises installation
Codefresh on-premises upgrade
Codefresh on-premises account & user setup