Codefresh on-premises feature management

Enable/disable features for Codefresh accounts in your organization

Codefresh account administrators can toggle specific features of the Codefresh platform on/off in on-premises environments. Feature management helps you to easily implement and manage functionality on an as- and when-needed basis.

You can enable or disable features for:

  1. A single account
  2. Specific accounts
  3. All accounts in the organization

Enable/disable features in on-premises platforms

Enable a feature for all accounts, or override the default setting and enable/disable the feature selectively for specific accounts. Account-level feature overrides are retained when you change the default setting for the feature. Review the feature list to understand the implications of enabling a feature.

  1. Sign in to Codefresh.
  2. On the top-right, click your avatar and then select Admin Panel.
  3. From the sidebar, click Feature Management.
  4. To enable a feature for all accounts under Enable, toggle the required feature to ON.
  5. To enable or disable the feature for a single account or for specific accounts, click the Edit icon, and then select the accounts from the Enable feature for and Disable feature for lists, as required.

Enabling/disabling features for accounts

Enabling/disabling features for accounts

System Features

System Features are generally only for internal use, and should not be changed. For more information, see Enable System Features.

Codefresh strongly recommends against enabling System Features unless you are familiar with the implications of turning on a System Feature.
If you need to turn on a System Feature, we recommend to first contact Codefresh support.

On-premises feature list

Here is an example of the Feature Management page in Admin Management for the organization. Any feature enabled or disabled in this page affects all Codefresh accounts in the organization.

Feature Management for accounts

Feature Management for accounts

The table describes the features you can open for Codefresh accounts, in alphabetical order.

Feature Description Default
appDiffView When enabled, and the application is out of sync, displays the differences for each resource in the application in either Compact or Split view modes.
See Analyze out-of-sync applications with Diff View
abacAndRule When enabled, supports creating ABAC rules for entities in Codefresh pipelines using “AND”.
See Configuring rules for access control in pipelines.
abacHermesTriggers When enabled, restricts access to the legacy version of Cron triggers for users without permissions to edit pipelines. FALSE
accountInfoCopyButton When enabled, the account ID is added to the URL. When sharing the URL with the account information, recipients can seamlessly switch accounts. FALSE
accessibilityContrast When enabled, displays an icon in the Codefresh toolbar allowing you to control the contrast by selecting the option that best suits the logged in user:
  • Invert colors and Bold colors (saturate): Optimized for visually impaired users.
  • Smart Contrast: Increases the contrast between the text and the background to the maximum possible.
allowUserUpdateBoards When enabled, allows users without admin roles to update Helm boards. Users can install, promote, create, and update sections.
See Promoting Helm environments.
cronTriggersInPipelineSpec When enabled, allows users to define Cron triggers in the pipeline YAMLs as a spec.cronTriggers array, instead of using a separate API.
See Cron trigger specifications.
csdpFilterAppsByGitPermissions When enabled (the default), does not display the Git Sources and the Argo CD applications committed to these Git Sources for users without Git permissions or Git credentials for the same. TRUE
dindPodRequestsEqualLimits When enabled, sets both the resource requests and limits for the pod to the same values. FALSE
disableWelcomeScreen When enabled, bypasses the Codefresh Welcome screen that requires the user to enter additional information on first sign-in.
Required mostly in on-premises environments, especially for LDAP, which has all login info already configured.
disableRolloutActionsWithoutRBAC Relevant to GitOps application deployments.
When enabled, disables rollback and rollout controls in the Timeline’s tab’s Rollout Player for the application.
disableInviteWelcomeMail When enabled, does not send the Welcome email to users invited to an account. FALSE
forbidDecrypt When enabled, prevents users from decrypting secrets when running the codefresh get context --decrypt command.
Users can bypass this by running --decrypt with the built-in CF_API_KEY command that is injected into every build.
genAICronExpression When enabled, supports generating Cron expressions in the Codefresh UI using Generative AI. FALSE
gerritIntegration When enabled, enables Gerrit integration in Account settings. See also supportGerrit.
See Gerrit as Git provider for pipelines.
gitopsArgoCdRollback Relevant to GitOps application deployments.
When enabled, allows you to rollback active GitOps applications to previously deployed versions.
See Rollback GitOps applications.
gitopsAppGroups When enabled, allows users to group GitOps applications by annotations, and view these applications in the Groups tab of the GitOps Apps dashboard.
See Application Groups for GitOps applications.
gitopsImageReporting Relevant to ProjectOne.
When enabled, reports images created with Codefresh Pipelines to the Images dashboard.
See Images in Codefresh.
hideCompositionsMenuItem When enabled, does not show Compositions within Artifacts & Insights in the sidebar of the Codefresh UI. FALSE
injectClusterListFromPipelineSettings When enabled, turns on the pipeline setting Kubernetes cluster context pipeline injection for the account. Individual users can then selectively inject clusters for pipelines from those to which they they access.

This feature requires the users to have the Update Cluster permission. If not granted, then this feature has no impact when enabled.
See Enabling cluster-contexts for pipelines.
logMasking When enabled, secrets in build logs, both online and offline logs, are masked and replaced by asterisks.

This feature is currently available only for Enterprise customers.
parallelKubectlOperations When enabled, allows running parallel steps that includes kubectl. Especially Helm install and deploy steps that deploy to multiple clusters with kubectl in parallel. FALSE
pipelineScopes When enabled, enables Codefresh administrators to configure the API scopes for pipelines at account level. All pipelines in the account inherit these scopes. Codefresh administrators can also override these scopes for individual pipelines.
See Pipeline scopes.
promotionFlow New feature currently in development.
When enabled, allows you to drag an application in the GitOps Product dashboard from its current Environment to a different Environment and trigger a promotion flow.
promotionWorkflows New feature currently in development.
When enabled, allows you create and run workflows when a promotion is triggered.
restrictedGitSource When enabled, allows you to create a Restricted Git Source in addition to a standard Git Source.
See Managing Git Sources in GitOps Runtimes.
supportGerrit When enabled, adds the capability to connect to Gerrit as a Git provider.
See Gerrit as Git provider for pipelines.
supportOpenIdConnectInBuilds When enabled (the default), supports OIDC in pipeline builds, including obtaining and using ID tokens to authenticate and authorize pipeline actions on cloud providers.
See OpenID Connect for pipeline integrations.
stepTimeout When enabled (the default), allows you to add the timeout flag with the <duration> and <units> to steps in pipelines. When added, the step terminates execution automatically if the step exceeds the duration of the specified timeout.
See Steps in pipelines and browse the Field descriptions for any step type that is supported, git-clone for example.
useLogsTimestamps When enabled, prepends the date and time to every line in the log.
This flag must be enabled to share URL for build logs.
When enabled, and you have build automation, you may need to adjust the regex for search as the line does not start with the log text.
useRepoAndBranchesNextPagination When enabled, when adding Triggers to pipeline workflows, the Repository dropdown displays repositories and branches in paginated format, with the Next button for navigating between pages. FALSE

Codefresh on-premises installation
Codefresh on-premises upgrade
Codefresh on-premises account & user setup