From 44952eadde035103089235bc7706fda1c75990ff Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 12:57:09 +0400
Subject: [PATCH 01/15] feat: test ci


From eed0d9efcbac70573723b2cbb55ae350a5c1f662 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 15:03:00 +0400
Subject: [PATCH 02/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index fe91609da..dc94b44f4 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -1,6 +1,6 @@
 global:
   codefresh:
-    accountId: 628a80b693a15c0f9c13ab75 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
+    accountId: 63dbba4928d5fd1ef065b781 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
     userToken:
       secretKeyRef:
         name: mysecret

From bed363666235af34a03061ad38e3ae4ca8a1f960 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 17:11:29 +0400
Subject: [PATCH 03/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index dc94b44f4..83fb28cc6 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -1,20 +1,15 @@
 global:
   codefresh:
-    accountId: 63dbba4928d5fd1ef065b781 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
+    accountId: 63dbba4928d5fd1ef065b781 # `gitops-helm-test` Codefresh account
     userToken:
-      secretKeyRef:
-        name: mysecret
-        key: myvalue
-        optional: true
+      token: "" # set in `gitops-runtime-helm/ci` pipeline
 
   runtime:
-    name: default
-    cluster: test-cluster
+    name: "" # set in `gitops-runtime-helm/ci` pipeline
 
     ingress:
-      className: "nginx"
-      hosts:
-      - runtime.codefresh.local
+      className: haproxy-ingress
+      hosts: [] # set in `gitops-runtime-helm/ci` pipeline
 
     repoCredentialsTemplate:
       url: 'https://github.com'

From e839389b8453701dc436e4b939871f21ec1b517a Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 17:18:25 +0400
Subject: [PATCH 04/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index 83fb28cc6..c07506479 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -8,6 +8,7 @@ global:
     name: "" # set in `gitops-runtime-helm/ci` pipeline
 
     ingress:
+      enabled: true
       className: haproxy-ingress
       hosts: [] # set in `gitops-runtime-helm/ci` pipeline
 

From 2b07769b38d4ea759845f196fe813b8353c6cccf Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 17:22:51 +0400
Subject: [PATCH 05/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index c07506479..51f829c7f 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -2,10 +2,10 @@ global:
   codefresh:
     accountId: 63dbba4928d5fd1ef065b781 # `gitops-helm-test` Codefresh account
     userToken:
-      token: "" # set in `gitops-runtime-helm/ci` pipeline
+      token: "dummy" # set in `gitops-runtime-helm/ci` pipeline
 
   runtime:
-    name: "" # set in `gitops-runtime-helm/ci` pipeline
+    name: "dummy" # set in `gitops-runtime-helm/ci` pipeline
 
     ingress:
       enabled: true

From f20220a2b7899b1dd980a551b03ec7c06bb630db Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 17:24:58 +0400
Subject: [PATCH 06/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index 51f829c7f..937380961 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -10,7 +10,8 @@ global:
     ingress:
       enabled: true
       className: haproxy-ingress
-      hosts: [] # set in `gitops-runtime-helm/ci` pipeline
+      hosts:
+        - "runtime.example.com" # set in `gitops-runtime-helm/ci` pipeline
 
     repoCredentialsTemplate:
       url: 'https://github.com'

From 1b222780521384be24466830b1ddd32174d8d5f3 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 18:30:01 +0400
Subject: [PATCH 07/15] feat: test ci

---
 .../ci/default-values-custom-tls.yaml         | 62 -------------------
 .../gitops-runtime/ci/ingressless-values.yaml | 20 ------
 .../ci/values-external-argocd.yaml            | 19 +++---
 3 files changed, 7 insertions(+), 94 deletions(-)
 delete mode 100644 charts/gitops-runtime/ci/default-values-custom-tls.yaml
 delete mode 100644 charts/gitops-runtime/ci/ingressless-values.yaml

diff --git a/charts/gitops-runtime/ci/default-values-custom-tls.yaml b/charts/gitops-runtime/ci/default-values-custom-tls.yaml
deleted file mode 100644
index 271c3c5fd..000000000
--- a/charts/gitops-runtime/ci/default-values-custom-tls.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-global:
-  codefresh:
-    accountId: 628a80b693a15c0f9c13ab75 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
-    userToken:
-      secretKeyRef:
-        name: mysecret
-        key: myvalue
-        optional: true
-    tls:
-      # --  Custom CA certificates bundle for platform access with ssl
-      caCerts:
-        # -- Reference to existing secret
-        secretKeyRef: {}
-        # -- Chart managed secret for custom platform CA certificates
-        secret:
-          # -- Whether to create the secret.
-          create: true
-          # -- The secret key that holds the ca bundle
-          key: 'ca-bundle.crt'
-          # Annotations
-          annotations: {}
-          # Certificate content
-          content: |
-            -----BEGIN CERTIFICATE-----
-            MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
-            gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
-            MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
-            UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
-            NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
-            dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
-            dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
-            dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
-            38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
-            KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
-            DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
-            qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
-            JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
-            PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
-            BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
-            jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
-            eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
-            ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
-            vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
-            qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
-            IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
-            i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
-            O+7ETPTsJ3xCwnR8gooJybQDJbw=
-            -----END CERTIFICATE-----
-
-  runtime:
-    name: default
-
-    ingress:
-      className: "nginx"
-      hosts:
-      - runtime.codefresh.local
-
-    repoCredentialsTemplate:
-      url: 'https://github.com'
-      username: 'username'
-      password: 'dummy'
-
diff --git a/charts/gitops-runtime/ci/ingressless-values.yaml b/charts/gitops-runtime/ci/ingressless-values.yaml
deleted file mode 100644
index 55b9a1433..000000000
--- a/charts/gitops-runtime/ci/ingressless-values.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-global:
-  codefresh:
-    accountId: 628a80b693a15c0f9c13ab75 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
-    userToken:
-      secretKeyRef:
-        name: mysecret
-        key: myvalue
-        optional: true
-
-  runtime:
-    name: default
-    cluster: test-cluster
-
-    ingress:
-      enabled: false
-
-    repoCredentialsTemplate:
-      url: 'https://github.com'
-      username: 'username'
-      password: 'dummy'
diff --git a/charts/gitops-runtime/ci/values-external-argocd.yaml b/charts/gitops-runtime/ci/values-external-argocd.yaml
index 999933f4d..31d72d773 100644
--- a/charts/gitops-runtime/ci/values-external-argocd.yaml
+++ b/charts/gitops-runtime/ci/values-external-argocd.yaml
@@ -1,22 +1,17 @@
-# Values file used to render all image values
 global:
   codefresh:
-    accountId: 628a80b693a15c0f9c13ab75 # Codefresh Account id for ilia-codefresh for now, needs to be some test account
-    gitIntegration:
-      provider:
-        name: 'GITHUB'
-        apiUrl: 'https://api.github.com'
+    accountId: 63dbba4928d5fd1ef065b781 # `gitops-helm-test` Codefresh account
     userToken:
-      secretKeyRef:
-        name: mysecret
-        key: myvalue
-        optional: true
+      token: "dummy" # set in `gitops-runtime-helm/ci` pipeline
 
   runtime:
-    name: default
+    name: "dummy" # set in `gitops-runtime-helm/ci` pipeline
 
     ingress:
-      enabled: false
+      enabled: true
+      className: haproxy-ingress
+      hosts:
+        - "runtime.example.com" # set in `gitops-runtime-helm/ci` pipeline
 
     repoCredentialsTemplate:
       url: 'https://github.com'

From 5f55ca89e20b57616b57c0fe5445aeaf790c2af3 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 18:33:58 +0400
Subject: [PATCH 08/15] feat: test ci

---
 charts/gitops-runtime/ci/values-external-argocd.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/charts/gitops-runtime/ci/values-external-argocd.yaml b/charts/gitops-runtime/ci/values-external-argocd.yaml
index 31d72d773..9f756667e 100644
--- a/charts/gitops-runtime/ci/values-external-argocd.yaml
+++ b/charts/gitops-runtime/ci/values-external-argocd.yaml
@@ -23,3 +23,6 @@ argo-cd:
 
 garage-workflows-artifact-storage:
   enabled: true
+
+installer:
+  skipValidation: true

From 0f27ab4997e53e567d3f8ea833e541f193705c03 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 18:43:28 +0400
Subject: [PATCH 09/15] feat: test ci

---
 charts/gitops-runtime/ci/argocd-values.yaml | 3 +++
 installer-image/Dockerfile                  | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 charts/gitops-runtime/ci/argocd-values.yaml

diff --git a/charts/gitops-runtime/ci/argocd-values.yaml b/charts/gitops-runtime/ci/argocd-values.yaml
new file mode 100644
index 000000000..9b2bc09a5
--- /dev/null
+++ b/charts/gitops-runtime/ci/argocd-values.yaml
@@ -0,0 +1,3 @@
+configs:
+  cm:
+    accounts.admin: apiKey,login
diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile
index 26a431a5b..f4f5f7f9c 100644
--- a/installer-image/Dockerfile
+++ b/installer-image/Dockerfile
@@ -12,7 +12,10 @@ ADD --unpack=true --chown=nonroot:nonroot --chmod=755 https://github.com/codefre
 # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-debian-base/customizations/8106437942896324135
 FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:ab35aedc53ad95d3a95094d6f2c9d052c2cdb43b605ce1f9a4ea677911373b99 AS production
 ARG TARGETARCH
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends sed \
+  && rm -rf /var/lib/apt/lists/*
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/cf/cf-linux-${TARGETARCH} /usr/local/bin/cf
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/semver-cli /usr/local/bin/semver-cli
 WORKDIR /home/codefresh
-USER nonroot
\ No newline at end of file
+USER nonroot

From 8164175eeda7463f913612a78f8484e9303fff24 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 18:45:16 +0400
Subject: [PATCH 10/15] feat: test ci

---
 installer-image/Dockerfile | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile
index f4f5f7f9c..b5166180d 100644
--- a/installer-image/Dockerfile
+++ b/installer-image/Dockerfile
@@ -12,9 +12,6 @@ ADD --unpack=true --chown=nonroot:nonroot --chmod=755 https://github.com/codefre
 # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-debian-base/customizations/8106437942896324135
 FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:ab35aedc53ad95d3a95094d6f2c9d052c2cdb43b605ce1f9a4ea677911373b99 AS production
 ARG TARGETARCH
-RUN apt-get update \
-  && apt-get install -y --no-install-recommends sed \
-  && rm -rf /var/lib/apt/lists/*
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/cf/cf-linux-${TARGETARCH} /usr/local/bin/cf
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/semver-cli /usr/local/bin/semver-cli
 WORKDIR /home/codefresh

From b4b70c63239d40dba320812f34de944dd656b655 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 12 May 2026 18:57:13 +0400
Subject: [PATCH 11/15] feat: test ci

---
 charts/gitops-runtime/ci/values-external-argocd.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/charts/gitops-runtime/ci/values-external-argocd.yaml b/charts/gitops-runtime/ci/values-external-argocd.yaml
index 9f756667e..57c46e796 100644
--- a/charts/gitops-runtime/ci/values-external-argocd.yaml
+++ b/charts/gitops-runtime/ci/values-external-argocd.yaml
@@ -18,6 +18,13 @@ global:
       username: 'username'
       password: 'dummy'
 
+  integrations:
+    argo-cd:
+      server:
+        svc: argocd-server
+      repoServer:
+        svc: argocd-repo-server
+
 argo-cd:
   enabled: false
 

From 18ae082ad576b2583d06fb8c5d36abe9f08fd4cb Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Wed, 13 May 2026 11:52:47 +0400
Subject: [PATCH 12/15] feat: test ci

---
 charts/gitops-runtime/ci/values-external-argocd.yaml | 3 ---
 installer-image/Dockerfile                           | 2 ++
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/charts/gitops-runtime/ci/values-external-argocd.yaml b/charts/gitops-runtime/ci/values-external-argocd.yaml
index 57c46e796..b3733176f 100644
--- a/charts/gitops-runtime/ci/values-external-argocd.yaml
+++ b/charts/gitops-runtime/ci/values-external-argocd.yaml
@@ -30,6 +30,3 @@ argo-cd:
 
 garage-workflows-artifact-storage:
   enabled: true
-
-installer:
-  skipValidation: true
diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile
index b5166180d..362a39be4 100644
--- a/installer-image/Dockerfile
+++ b/installer-image/Dockerfile
@@ -6,6 +6,7 @@ ARG TARGETARCH
 ARG CF_CLI_VERSION=v1.0.2
 RUN go install github.com/davidrjonas/semver-cli@latest \
   && cp $GOPATH/bin/semver-cli /tmp/semver-cli
+RUN apt-get update && apt-get install -y --no-install-recommends sed && rm -rf /var/lib/apt/lists/*
 ADD --unpack=true --chown=nonroot:nonroot --chmod=755 https://github.com/codefresh-io/cli-v2/releases/download/${CF_CLI_VERSION}/cf-linux-${TARGETARCH}.tar.gz /tmp/cf/
 
 
@@ -14,5 +15,6 @@ FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@s
 ARG TARGETARCH
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/cf/cf-linux-${TARGETARCH} /usr/local/bin/cf
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/semver-cli /usr/local/bin/semver-cli
+COPY --from=build /usr/bin/sed /usr/bin/sed
 WORKDIR /home/codefresh
 USER nonroot

From fcbadde6608be7e8812369b036267b24361fbc65 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Wed, 13 May 2026 12:05:19 +0400
Subject: [PATCH 13/15] feat: add gitops-runtime-helm ci

---
 charts/gitops-runtime/ci/versions.json | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 charts/gitops-runtime/ci/versions.json

diff --git a/charts/gitops-runtime/ci/versions.json b/charts/gitops-runtime/ci/versions.json
new file mode 100644
index 000000000..e1c1fd222
--- /dev/null
+++ b/charts/gitops-runtime/ci/versions.json
@@ -0,0 +1,7 @@
+[
+  {
+    "argo-cd": {
+      "chartVersion": "8.0.0"
+    }
+  }
+]

From b517ad8f69079ebba5a5ca52315ee9e3c7dd618d Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Wed, 13 May 2026 12:53:41 +0400
Subject: [PATCH 14/15] feat: test ci

---
 charts/gitops-runtime/ci/default-values.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/gitops-runtime/ci/default-values.yaml b/charts/gitops-runtime/ci/default-values.yaml
index 937380961..ffb8e8ed5 100644
--- a/charts/gitops-runtime/ci/default-values.yaml
+++ b/charts/gitops-runtime/ci/default-values.yaml
@@ -1,8 +1,8 @@
 global:
   codefresh:
-    accountId: 63dbba4928d5fd1ef065b781 # `gitops-helm-test` Codefresh account
+    accountId: 63dbba4928d5fd1ef065b781 # `gitops-helm-test` Codefresh account (see "gitops-runtime-helm CI" note in 1Password)
     userToken:
-      token: "dummy" # set in `gitops-runtime-helm/ci` pipeline
+      token: "dummy" # set in `gitops-runtime-helm/ci` pipeline (see "gitops-runtime-helm CI" note in 1Password)
 
   runtime:
     name: "dummy" # set in `gitops-runtime-helm/ci` pipeline

From c955aa2a2e08eac3e8d6859343830cf9e8a0586f Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Wed, 13 May 2026 14:51:21 +0400
Subject: [PATCH 15/15] feat: test ci