Architecture
The Codefresh solution is built around an enterprise version of the Argo ecosystem, that is fully GitOps-compliant, with industry-standard security.
Codefresh platform
The Codefresh platform is the SAAS component in the Codefresh solution. Located outside the firewall, it does not communicate directly with the other Codefresh components such as the Codefresh runtime, the organization system, and user systems behind the firewall.
The platform:
- Securely stores and retrieves user entities
- Enforces the permissions model
- Controls authentication, user management, and billing
Codefresh runtime
The Codefresh runtime is a logical box installed on the customer’s K8s cluster. It houses the enterprise distribution of the Argo ecosystem and the Codefresh application proxy.
The runtime:
- Ensures that the installation repository and the Git Sources are always in sync, and applies Git changes back to the cluster
- Receives events and information from the user’s organization systems to execute workflows
Codefresh application proxy
The Codefresh application proxy interfaces between users and organization systems behind the enterprise firewall.
The application proxy:
- Gets permissions from the Codefresh platform for the required operations
- Impersonates current user to perform operations
- Commits changes to Git repositories to make changes to GitOps-controlled entities
- Performs state-change operations to non-GitOps-controlled entities, for example, to Argo ecosystem components, such as terminating an Argo Workflow
- Retrieves a list of Git repositories for visualization in Codefresh client