From 665b7200283de196dc5b33b641d37050df108d69 Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Mon, 22 Dec 2025 18:22:41 +0300
Subject: [PATCH 1/2] chore: docs on hermes

---
 README.md        | 18 ++++++++++++++++++
 README.md.gotmpl | 19 ++++++++++++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3baef416a..4885c8699 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/
   - [Enable session cookie](#enable-session-cookie)
   - [X-Frame-Options response header](#x-frame-options-response-header)
   - [Image digests in containers](#image-digests-in-containers)
+  - [Hermes configuration](#hermes-configuration)
 - [Configuring OIDC Provider](#configuring-oidc-provider)
 - [Maintaining MongoDB indexes](#maintaining-mongodb-indexes)
 - [Upgrading](#upgrading)
@@ -71,6 +72,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/
 - Firebase [Realtime Database URL](https://firebase.google.com/docs/database/web/start#create_a_database) with [legacy token](https://firebase.google.com/docs/database/rest/auth#legacy_tokens). See [Firebase Configuration](#firebase-configuration)
 - Valid TLS certificates for Ingress
 - When [external](#external-postgressql) PostgreSQL is used, `pg_cron` and `pg_partman` extensions **must be enabled** for [analytics](https://codefresh.io/docs/docs/dashboards/home-dashboard/#pipelines-dashboard) to work (see [AWS RDS example](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL_pg_cron.html#PostgreSQL_pg_cron.enable)). The `pg_cron` extension should be the 1.4 version or higher for Azure Postgres DB.
+- Redis persistent storage is required for CRON triggers in CI pipelines. Make sure that your external Redis instance supports persistence (AOF or RDB). It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)). See [Hermes configuration](#hermes-configuration) for more details.
 
 ## Get Repo Info
 
@@ -1366,6 +1368,22 @@ cfapi:
       digest: ""
 ```
 
+### Hermes configuration
+
+> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. Thus, ElastiCache is not supported for Hermes. It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
+
+```yaml
+hermes:
+  container:
+    env:
+      REDIS_HOST: redis-ha-haproxy
+      REDIS_PASSWORD:
+        valueFrom:
+          secretKeyRef:
+            name: redis
+            key: REDIS_PASSWORD
+```
+
 ## Configuring OIDC Provider
 
 OpenID Connect (OIDC) allows Codefresh Builds to access resources in your cloud provider (such as AWS, Azure, GCP), without needing to store cloud credentials as long-lived pipeline secret variables.
diff --git a/README.md.gotmpl b/README.md.gotmpl
index a0789f4a7..5b4c20e55 100644
--- a/README.md.gotmpl
+++ b/README.md.gotmpl
@@ -35,6 +35,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/
   - [Enable session cookie](#enable-session-cookie)
   - [X-Frame-Options response header](#x-frame-options-response-header)
   - [Image digests in containers](#image-digests-in-containers)
+  - [Hermes configuration](#hermes-configuration)
 - [Configuring OIDC Provider](#configuring-oidc-provider)
 - [Maintaining MongoDB indexes](#maintaining-mongodb-indexes)
 - [Upgrading](#upgrading)
@@ -72,6 +73,7 @@ Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/
 - Firebase [Realtime Database URL](https://firebase.google.com/docs/database/web/start#create_a_database) with [legacy token](https://firebase.google.com/docs/database/rest/auth#legacy_tokens). See [Firebase Configuration](#firebase-configuration)
 - Valid TLS certificates for Ingress
 - When [external](#external-postgressql) PostgreSQL is used, `pg_cron` and `pg_partman` extensions **must be enabled** for [analytics](https://codefresh.io/docs/docs/dashboards/home-dashboard/#pipelines-dashboard) to work (see [AWS RDS example](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL_pg_cron.html#PostgreSQL_pg_cron.enable)). The `pg_cron` extension should be the 1.4 version or higher for Azure Postgres DB.
+- Redis persistent storage is required for CRON triggers in CI pipelines. Make sure that your external Redis instance supports persistence (AOF or RDB). It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)). See [Hermes configuration](#hermes-configuration) for more details.
 
 ## Get Repo Info
 
@@ -1373,6 +1375,21 @@ cfapi:
       digest: ""
 ```
 
+### Hermes configuration
+
+> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. Thus, ElastiCache is not supported for Hermes. It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
+
+```yaml
+hermes:
+  container:
+    env:
+      REDIS_HOST: redis-ha-haproxy
+      REDIS_PASSWORD:
+        valueFrom:
+          secretKeyRef:
+            name: redis
+            key: REDIS_PASSWORD
+```
 
 ## Configuring OIDC Provider
 
@@ -2472,7 +2489,7 @@ For built-in RabbitMQ `bitnami/rabbitmq` subchart, pre-upgrade hook was added to
 ### To 2-9-9
 
 > **BREAKING CHANGES in Default Runtime**
-> 
+>
 > Default Runtime (`system/default`) drops support for Kubernetes versions older than 1.32 in `deploy` step ([docs](https://codefresh.io/docs/docs/pipelines/steps/deploy/)). Supported versions are: 1.34, 1.33, 1.32.
 
 ####  Affected values

From 3b4e29a39a7fd034e423bb978bb830e8ca2f2bfd Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Mon, 22 Dec 2025 18:24:21 +0300
Subject: [PATCH 2/2] chore: docs on hermes

---
 README.md        | 2 +-
 README.md.gotmpl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 4885c8699..ee47231bd 100644
--- a/README.md
+++ b/README.md
@@ -1370,7 +1370,7 @@ cfapi:
 
 ### Hermes configuration
 
-> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. Thus, ElastiCache is not supported for Hermes. It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
+> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. ⚠️  **Thus, ElastiCache is not supported for Hermes!** It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
 
 ```yaml
 hermes:
diff --git a/README.md.gotmpl b/README.md.gotmpl
index 5b4c20e55..ac90d184f 100644
--- a/README.md.gotmpl
+++ b/README.md.gotmpl
@@ -1377,7 +1377,7 @@ cfapi:
 
 ### Hermes configuration
 
-> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. Thus, ElastiCache is not supported for Hermes. It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
+> **Note!** Unlike other services, `Hermes` requires Redis with persistent storage. ⚠️  **Thus, ElastiCache is not supported for Hermes!** It's recommended to deploy in-cluster Redis with persistence enabled (e.g. [bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) or [redis-ha](https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/Chart.yaml)) and update the `REDIS_HOST` and `REDIS_PASSWORD` accordingly for `hermes` subchart.
 
 ```yaml
 hermes: