From 16b00cda0b6741c9d42f595a625281ad64389690 Mon Sep 17 00:00:00 2001
From: Vasil Sudakou <vasil.sudakov@codefresh.io>
Date: Tue, 26 May 2026 13:12:07 +0400
Subject: [PATCH 1/3] fix: security vulnerabilities in gitops-runtime-installer

---
 installer-image/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile
index 5e0e8e60..5b067955 100644
--- a/installer-image/Dockerfile
+++ b/installer-image/Dockerfile
@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1
 
 # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-golang/tags/1.25-debian13-dev
-FROM octopusdeploy/dhi-golang:1.25-debian13-dev@sha256:6ab2431d046a2e21dbcbcb5111e94bec59650d302ec0ac34e696e7e44f708044 AS build
+FROM octopusdeploy/dhi-golang:1.25-debian13-dev@sha256:9df1a12a7a9ee811efe2929045a7eabb8617329e8ce01a3296f4af095f89522c AS build
 ARG TARGETARCH
 ARG CF_CLI_VERSION=v1.0.3
 RUN go install github.com/davidrjonas/semver-cli@latest \
@@ -11,7 +11,7 @@ ADD --unpack=true --chown=nonroot:nonroot --chmod=755 https://github.com/codefre
 
 
 # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-debian-base/customizations/8106437942896324135
-FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:3c5a8f5bf49a3777527797677b3c8c426b0a38a466f3a79f5e059b6adc21943d AS production
+FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:5de4afaf8d55ff711756e2ebd9e27fc05374c37d3805acf85dfed70ef07fbee2 AS production
 ARG TARGETARCH
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/cf/cf-linux-${TARGETARCH} /usr/local/bin/cf
 COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/semver-cli /usr/local/bin/semver-cli

From 82507efdecc504ad1e5428bc323235c074563f5b Mon Sep 17 00:00:00 2001
From: Vasil Sudakou <vasil.sudakov@codefresh.io>
Date: Thu, 28 May 2026 18:29:40 +0400
Subject: [PATCH 2/3] fix(argo-workflows): security vulnerabilities

---
 charts/gitops-runtime/Chart.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml
index 75b9d2db..d4af86bc 100644
--- a/charts/gitops-runtime/Chart.yaml
+++ b/charts/gitops-runtime/Chart.yaml
@@ -22,7 +22,7 @@ dependencies:
     version: 9.4.17
   - name: argo-workflows
     repository: https://codefresh-io.github.io/argo-helm
-    version: 0.45.22-v3.6.7-cap-CR-39681
+    version: 0.45.23-v3.6.7-cap-CFS-7012
     condition: argo-workflows.enabled
   - name: sealed-secrets
     repository: https://bitnami-labs.github.io/sealed-secrets/

From 7c2d274112aef405c63668624ecf54ac5f824e41 Mon Sep 17 00:00:00 2001
From: alinashklyar <alina.shklyar@codefresh.io>
Date: Mon, 1 Jun 2026 12:22:33 +0400
Subject: [PATCH 3/3] delete component test

---
 .github/workflows/component-test.yaml | 73 ---------------------------
 1 file changed, 73 deletions(-)
 delete mode 100644 .github/workflows/component-test.yaml

diff --git a/.github/workflows/component-test.yaml b/.github/workflows/component-test.yaml
deleted file mode 100644
index 2b97bfeb..00000000
--- a/.github/workflows/component-test.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-# File: .github/workflows/docker-go-build.yml
-name: gitops-runtime-helm
-
-on:
-  push:
-    branches:
-      - main
-      - 'stable/*'
-      - 'monthly/*'
-  pull_request:
-    branches:
-      - main
-      - 'stable/*'
-      - 'monthly/*'
-
-jobs:
-  component-test:
-    runs-on: ubuntu-latest
-
-    env:
-      DOCKER_CLI_EXPERIMENTAL: enabled
-      # Enable BuildKit
-      DOCKER_BUILDKIT: 1
-
-    steps:
-      - name: Checkout Repository
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Set up kubectl
-        uses: azure/setup-kubectl@v3
-        with:
-          version: 'v1.29.0'
-      - name: Install K3d
-        run: |
-          curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
-          k3d --version
-
-      - name: Create K3d cluster
-        run: |
-          k3d cluster create test-cluster --wait
-          kubectl get nodes
-
-      - name: install kuttl
-        run: |
-          mkdir -p ./bin
-          curl -L https://github.com/kudobuilder/kuttl/releases/download/v0.22.0/kubectl-kuttl_0.22.0_linux_x86_64 -o ./bin/kuttl;
-
-          chmod +x ./bin/kuttl;
-      - name: Install jq
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y jq
-      - name: install helm
-        run: |
-          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
-
-          chmod 700 get_helm.sh
-
-          ./get_helm.sh
-          helm repo add gitea-charts https://dl.gitea.com/charts/
-          helm repo add mockserver https://www.mock-server.com
-
-
-
-      - name: Run KUTTL tests
-        run: |
-          cd tests/component-tests && ./../../bin/kuttl test --parallel 1 --start-kind=false --namespace e2e-test --config startup.yaml