codefresh-io · ATGardner · Jul 14, 2025 · Jul 10, 2025 · Jul 10, 2025 · Jul 10, 2025
@@ -39,9 +39,9 @@ dependencies:
   condition: tunnel-client.enabled
 - name: codefresh-gitops-operator
   repository: oci://quay.io/codefresh/charts
-  version: 0.8.0
+  version: 0.8.1
   alias: gitops-operator
   condition: gitops-operator.enabled
 - name: cf-argocd-extras
   repository: oci://quay.io/codefresh/charts
-  version: 0.5.7
+  version: 0.5.8
@@ -211,13 +211,14 @@ IRW_JIRA_ENRICHMENT_TASK_IMAGE:
       key: enrichmentJiraEnrichmentImage
       optional: true
 NODE_EXTRA_CA_CERTS: /app/config/all/all.cer
+{{ include "codefresh-gitops-runtime.get-proxy-env-vars" . }}
 {{- end -}}
 
 {{/*
 Read defaults from the template above and merge with the values provided in values file
 */}}
 {{- define "cap-app-proxy.environment-variables" -}}
-{{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml ) }}
+{{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml) }}
 {{- $overrides := .Values.env }}
 {{- $mergedValues := mergeOverwrite $defaults $overrides }}
 {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}

@@ -507,3 +507,18 @@ valueFrom:
     optional: true
 {{- end }}
 # ------------------------------------------------------------------------------------------------------------
+
+{{/*
+Print proxy environment variables
+*/}}
+{{- define "codefresh-gitops-runtime.get-proxy-env-vars" -}}
+  {{- if .Values.global.httpProxy }}
+HTTP_PROXY: {{ .Values.global.httpProxy }}
+  {{- end }}
+  {{- if .Values.global.httpsProxy }}
+HTTPS_PROXY: {{ .Values.global.httpsProxy }}
+  {{- end }}
+  {{- if .Values.global.noProxy }}
+NO_PROXY: {{ .Values.global.noProxy }}
+  {{- end }}
+{{- end -}}
@@ -3,7 +3,7 @@ Some app-proxy environment variables are determined by values provided in other
 to keep the separation of components as pseudo library charts, they are defined here to be merged when
 app-proxy components are generated.
 */}}
-{{- define "codefresh-gitops-runtime.app-proxy.calculated-env-vars"}}
+{{- define "codefresh-gitops-runtime.app-proxy.calculated-env-vars" }}
 HELM_RELEASE_NAME: {{ .Release.Name }}
 USER_TOKEN:
   {{- include "codefresh-gitops-runtime.installation-token-env-var-value" . | nindent 2 }}

@@ -2,5 +2,10 @@
   {{- $eventReporterContext := deepCopy . }}
   {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }}
   {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }}
+
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- $mergedEnv := mergeOverwrite $globalProxyEnv $eventReporterContext.Values.rollout.sensor.env }}
+  {{- $_ := set $eventReporterContext.Values.rollout.sensor "env" $mergedEnv }}
+
   {{- include "event-reporters.rollout-reporter.sensor" $eventReporterContext }}
 {{- end }}
@@ -3,5 +3,10 @@
   {{- $eventReporterContext := deepCopy . }}
   {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }}
   {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }}
+
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- $mergedEnv := mergeOverwrite $globalProxyEnv $eventReporterContext.Values.workflow.sensor.env }}
+  {{- $_ := set $eventReporterContext.Values.workflow.sensor "env" $mergedEnv }}
+
   {{- include "event-reporters.workflow-reporter.sensor" $eventReporterContext }}
 {{- end }}
@@ -0,0 +1,33 @@
+{{- define "installer.validate-usage.environment-variables.defaults" -}}
+NAMESPACE:
+  valueFrom:
+    fieldRef:
+      fieldPath: metadata.namespace
+{{- end -}}
+
+{{- define "installer.validate-usage.environment-variables" -}}
+  {{- $defaults := (include "installer.validate-usage.environment-variables.defaults" . | fromYaml) }}
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- $mergedValues := mergeOverwrite $defaults $globalProxyEnv }}
+  {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}
+{{- end -}}
+
+{{- define "installer.validate-values.environment-variables.defaults" -}}
+ARGOCD_CHECK_VERSION: {{ not (get .Values "argo-cd").enabled | quote }}
+ARGOCD_LABELS: "{{ range $k, $v := .Values.installer.argoCdVersionCheck.argoServerLabels }}{{ $k }}={{ $v }},{{ end }}"
+ARGOCD_ROOT_PATH: {{ index .Values "global" "external-argo-cd" "server" "rootpath" | quote }}
+ARGOCD_VERSION_PATH: "/api/version"
+CHART_VERSION: {{ .Chart.Version }}
+NAMESPACE:
+  valueFrom:
+    fieldRef:
+      fieldPath: metadata.namespace
+REQUIRED_VERSION_CONSTRAINT: ">=2.12 <3"
+{{- end -}}
+
+{{- define "installer.validate-values.environment-variables" -}}
+  {{- $defaults := (include "installer.validate-values.environment-variables.defaults" . | fromYaml) }}
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- $mergedValues := mergeOverwrite $defaults $globalProxyEnv }}
+  {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}
+{{- end -}}
@@ -18,11 +18,7 @@ spec:
       - name: validate-usage
         image: "{{ .Values.installer.image.repository }}:{{ .Values.installer.image.tag | default .Chart.Version }}"
         imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
+        {{- include "installer.validate-usage.environment-variables" . | nindent 8}}
         command: ["sh", "-c"]
         args:
         - |

@@ -17,23 +17,7 @@ spec:
       - name: validate-values
         image: "{{ .Values.installer.image.repository }}:{{ .Values.installer.image.tag | default .Chart.Version }}"
         imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
-        - name: CHART_VERSION
-          value: {{ .Chart.Version }}
-        - name: ARGOCD_CHECK_VERSION
-          value: {{ not (get .Values "argo-cd").enabled | quote }}
-        - name: ARGOCD_LABELS
-          value: "{{ range $k, $v := .Values.installer.argoCdVersionCheck.argoServerLabels }}{{ $k }}={{ $v }},{{ end }}"
-        - name: ARGOCD_VERSION_PATH
-          value: "/api/version"
-        - name: REQUIRED_VERSION_CONSTRAINT
-          value: ">=2.12 <3"
-        - name: ARGOCD_ROOT_PATH
-          value: {{ index .Values "global" "external-argo-cd" "server" "rootpath" | default "" }}
+        {{- include "installer.validate-values.environment-variables" . | nindent 8}}
         command: ["sh", "-c"]
         args:
         - | # shell

@@ -0,0 +1,25 @@
+{{- define "installer.cleanup-resources.environment-variables" -}}
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $globalProxyEnv }}
+{{- end -}}
+
+{{- define "installer.delete-runtime-from-platform.environment-variables.defaults" -}}
+{{- $customCASecretKey := ""}}
+{{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef }}
+  {{- $customCASecretKey = .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}
+{{- end }}
+PLATFORM_URL: {{ .Values.global.codefresh.url }}
+RUNTIME_NAME: {{ .Values.global.runtime.name }}
+  {{- if $customCASecretKey }}
+SSL_CERT_FILE: /app/config/codefresh-tls-certs/{{ $customCASecretKey }}
+  {{- end }}
+USER_TOKEN:
+  {{- include "codefresh-gitops-runtime.installation-token-env-var-value" . | nindent 2 }}
+{{- end -}}
+
+{{- define "installer.delete-runtime-from-platform.environment-variables" -}}
+  {{- $defaults := (include "installer.delete-runtime-from-platform.environment-variables.defaults" . | fromYaml) }}
+  {{- $globalProxyEnv := (include "codefresh-gitops-runtime.get-proxy-env-vars" . | fromYaml) }}
+  {{- $mergedValues := mergeOverwrite $defaults $globalProxyEnv }}
+  {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}
+{{- end -}}
@@ -15,6 +15,7 @@ spec:
       - name: cleanup-runtime-resources
         image: "{{ .Values.installer.image.repository }}:{{ .Values.installer.image.tag | default .Chart.Version }}"
         imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
+        {{- include "installer.cleanup-resources.environment-variables" . | nindent 8}}
         command: ["sh", "-c"]
         args:
         - |

@@ -1,8 +1,6 @@
 {{- $customCASecretName := ""}}
-{{- $customCASecretKey := ""}}
 {{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef }}
   {{- $customCASecretName = .Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" .Values.global.codefresh.tls.caCerts.secretKeyRef.name }}
-  {{- $customCASecretKey = .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}
 {{- end }}
 ---
 apiVersion: batch/v1
@@ -21,17 +19,7 @@ spec:
       - name: delete-runtime-from-platform
         image: "{{ .Values.installer.image.repository }}:{{ .Values.installer.image.tag | default .Chart.Version }}"
         imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
-        env:
-        - name: RUNTIME_NAME
-          value: {{ .Values.global.runtime.name }}
-        - name: PLATFORM_URL
-          value: {{ .Values.global.codefresh.url }}
-        - name: USER_TOKEN
-          {{- include "codefresh-gitops-runtime.installation-token-env-var-value" . | nindent 10 }}
-{{- if $customCASecretName }}
-        - name: SSL_CERT_FILE
-          value: /app/config/codefresh-tls-certs/{{ $customCASecretKey }}
-{{- end }}
+        {{- include "installer.delete-runtime-from-platform.environment-variables" . | nindent 8}}
 {{- if $customCASecretName }}
         volumeMounts:
         - mountPath: /app/config/codefresh-tls-certs

@@ -225,7 +225,7 @@ tests:
   set:
     global.codefresh.userToken.token: dummy
     global.codefresh.accountId: asddd
-    global.runtime.ingress.enabled: true 
+    global.runtime.ingress.enabled: true
     global.runtime.ingress.hosts[0]: asddd
   asserts:
   - failedTemplate:
@@ -242,3 +242,27 @@ tests:
       path: data.runtimeName
       value: "test1"
 
+- it: proxy correctly set in app-proxy env
+  template: 'app-proxy/deployment.yaml'
+  values:
+  - ./values/mandatory-values.yaml
+  set:
+    global.httpProxy: "proxy.example.com"
+    global.httpsProxy: "proxys.example.com"
+    global.noProxy: "localhost"
+  asserts:
+  - contains:
+      path: spec.template.spec.containers[0].env
+      content:
+        name: HTTP_PROXY
+        value: proxy.example.com
+  - contains:
+      path: spec.template.spec.containers[0].env
+      content:
+        name: NO_PROXY
+        value: localhost
+  - contains:
+      path: spec.template.spec.containers[0].env
+      content:
+        name: HTTPS_PROXY
+        value: proxys.example.com
@@ -179,6 +179,13 @@ global:
   # -- Global tolerations for all components
   tolerations: []
 
+  # -- global HTTP_PROXY for all components
+  httpProxy: ''
+  # -- global HTTPS_PROXY for all components
+  httpsProxy: ''
+  # -- global NO_PROXY for all components
+  noProxy: ''
+
 # -------------------------------------------------------------------------------------------------------------------------
 # Installer
 # -------------------------------------------------------------------------------------------------------------------------