misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fc.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: Prakash <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>

Author: 12 people

Wire.go

@@ -125,6 +125,7 @@ import (
 	"github.com/devtron-labs/devtron/pkg/chart/gitOpsConfig"
 	chartRepoRepository "github.com/devtron-labs/devtron/pkg/chartRepo/repository"
 	"github.com/devtron-labs/devtron/pkg/commonService"
+	"github.com/devtron-labs/devtron/pkg/configDiff"
 	delete2 "github.com/devtron-labs/devtron/pkg/delete"
 	deployment2 "github.com/devtron-labs/devtron/pkg/deployment"
 	"github.com/devtron-labs/devtron/pkg/deployment/common"
@@ -711,6 +712,13 @@ func InitializeApp() (*App, error) {
 		scopedVariable.NewScopedVariableRestHandlerImpl,
 		wire.Bind(new(scopedVariable.ScopedVariableRestHandler), new(*scopedVariable.ScopedVariableRestHandlerImpl)),
 
+		router.NewDeploymentConfigurationRouter,
+		wire.Bind(new(router.DeploymentConfigurationRouter), new(*router.DeploymentConfigurationRouterImpl)),
+		restHandler.NewDeploymentConfigurationRestHandlerImpl,
+		wire.Bind(new(restHandler.DeploymentConfigurationRestHandler), new(*restHandler.DeploymentConfigurationRestHandlerImpl)),
+		configDiff.NewDeploymentConfigurationServiceImpl,
+		wire.Bind(new(configDiff.DeploymentConfigurationService), new(*configDiff.DeploymentConfigurationServiceImpl)),
+
 		router.NewTelemetryRouterImpl,
 		wire.Bind(new(router.TelemetryRouter), new(*router.TelemetryRouterImpl)),
 		restHandler.NewTelemetryRestHandlerImpl,

api/bean/AppView.go

@@ -144,6 +144,7 @@ type AppEnvironmentContainer struct {
 type DeploymentDetailContainer struct {
 	InstalledAppId                int                    `json:"installedAppId,omitempty"`
 	AppId                         int                    `json:"appId,omitempty"`
+	PcoId                         int                    `json:"pcoId"`
 	CdPipelineId                  int                    `json:"cdPipelineId,omitempty"`
 	TriggerType                   string                 `json:"triggerType,omitempty"`
 	ParentEnvironmentName         string                 `json:"parentEnvironmentName"`
@@ -183,6 +184,8 @@ type DeploymentDetailContainer struct {
 	HelmPackageName               string                 `json:"helmPackageName"`
 	HelmReleaseInstallStatus      string                 `json:"-"`
 	DeploymentConfig              *bean.DeploymentConfig `json:"-"`
+	IsPipelineTriggered           bool                   `json:"isPipelineTriggered"`
+	ReleaseMode                   string                 `json:"releaseMode"`
 }
 
 type AppDetailContainer struct {

api/helm-app/gRPC/applist.pb.go

@@ -44,6 +44,7 @@ service ApplicationService {
   rpc ValidateOCIRegistry(RegistryCredential) returns(OCIRegistryResponse) {}
   rpc GetResourceTreeForExternalResources(ExternalResourceTreeRequest) returns(ResourceTreeResponse){}
   rpc GetFluxAppDetail(FluxAppDetailRequest)returns(FluxAppDetail){}
+  rpc  GetReleaseDetails(ReleaseIdentifier)returns(DeployedAppDetail){}
 
 }
 

api/helm-app/gRPC/applist.proto

@@ -1136,7 +1136,7 @@ func (impl *HelmAppServiceImpl) appListRespProtoTransformer(deployedApps *gRPC.D
 			// do not add app in the list which are created using cd_pipelines (check combination of clusterId, namespace, releaseName)
 			var toExcludeFromList bool
 			for _, helmCdPipeline := range helmCdPipelines {
-				helmAppReleaseName := util2.BuildDeployedAppName(helmCdPipeline.App.AppName, helmCdPipeline.Environment.Name)
+				helmAppReleaseName := helmCdPipeline.DeploymentAppName
 				if deployedapp.AppName == helmAppReleaseName && int(deployedapp.EnvironmentDetail.ClusterId) == helmCdPipeline.Environment.ClusterId && deployedapp.EnvironmentDetail.Namespace == helmCdPipeline.Environment.Namespace {
 					toExcludeFromList = true
 					break

api/helm-app/gRPC/applist_grpc.pb.go

@@ -0,0 +1,135 @@
+package restHandler
+
+import (
+	"fmt"
+	"github.com/devtron-labs/devtron/api/restHandler/common"
+	"github.com/devtron-labs/devtron/pkg/auth/authorisation/casbin"
+	"github.com/devtron-labs/devtron/pkg/auth/user"
+	"github.com/devtron-labs/devtron/pkg/configDiff"
+	"github.com/devtron-labs/devtron/pkg/configDiff/bean"
+	"github.com/devtron-labs/devtron/util/rbac"
+	"github.com/gorilla/schema"
+	"go.uber.org/zap"
+	"gopkg.in/go-playground/validator.v9"
+	"net/http"
+)
+
+type DeploymentConfigurationRestHandler interface {
+	ConfigAutoComplete(w http.ResponseWriter, r *http.Request)
+	GetConfigData(w http.ResponseWriter, r *http.Request)
+}
+type DeploymentConfigurationRestHandlerImpl struct {
+	logger                         *zap.SugaredLogger
+	userAuthService                user.UserService
+	validator                      *validator.Validate
+	enforcerUtil                   rbac.EnforcerUtil
+	deploymentConfigurationService configDiff.DeploymentConfigurationService
+	enforcer                       casbin.Enforcer
+}
+
+func NewDeploymentConfigurationRestHandlerImpl(logger *zap.SugaredLogger,
+	userAuthService user.UserService,
+	enforcerUtil rbac.EnforcerUtil,
+	deploymentConfigurationService configDiff.DeploymentConfigurationService,
+	enforcer casbin.Enforcer,
+) *DeploymentConfigurationRestHandlerImpl {
+	return &DeploymentConfigurationRestHandlerImpl{
+		logger:                         logger,
+		userAuthService:                userAuthService,
+		enforcerUtil:                   enforcerUtil,
+		deploymentConfigurationService: deploymentConfigurationService,
+		enforcer:                       enforcer,
+	}
+}
+
+func (handler *DeploymentConfigurationRestHandlerImpl) ConfigAutoComplete(w http.ResponseWriter, r *http.Request) {
+	userId, err := handler.userAuthService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	appId, err := common.ExtractIntQueryParam(w, r, "appId", 0)
+	if err != nil {
+		return
+	}
+	envId, err := common.ExtractIntQueryParam(w, r, "envId", 0)
+	if err != nil {
+		return
+	}
+
+	//RBAC START
+	token := r.Header.Get(common.TokenHeaderKey)
+	object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
+	ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
+	if !ok {
+		common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
+		return
+	}
+	//RBAC END
+
+	res, err := handler.deploymentConfigurationService.ConfigAutoComplete(appId, envId)
+	if err != nil {
+		handler.logger.Errorw("service err, ConfigAutoComplete ", "appId", appId, "envId", envId, "err", err)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	common.WriteJsonResp(w, err, res, http.StatusOK)
+}
+
+func (handler *DeploymentConfigurationRestHandlerImpl) GetConfigData(w http.ResponseWriter, r *http.Request) {
+	userId, err := handler.userAuthService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	configDataQueryParams, err := getConfigDataQueryParams(r)
+	if err != nil {
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+
+	//RBAC START
+	token := r.Header.Get(common.TokenHeaderKey)
+	object := handler.enforcerUtil.GetAppRBACName(configDataQueryParams.AppName)
+	ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
+	if !ok {
+		common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
+		return
+	}
+	//RBAC END
+
+	res, err := handler.deploymentConfigurationService.GetAllConfigData(r.Context(), configDataQueryParams)
+	if err != nil {
+		handler.logger.Errorw("service err, GetAllConfigData ", "err", err)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	res.IsAppAdmin = handler.enforceForAppAndEnv(configDataQueryParams.AppName, configDataQueryParams.EnvName, token, casbin.ActionUpdate)
+
+	common.WriteJsonResp(w, nil, res, http.StatusOK)
+}
+
+func (handler *DeploymentConfigurationRestHandlerImpl) enforceForAppAndEnv(appName, envName string, token string, action string) bool {
+	object := handler.enforcerUtil.GetAppRBACNameByAppName(appName)
+	if ok := handler.enforcer.Enforce(token, casbin.ResourceApplications, action, object); !ok {
+		return false
+	}
+
+	object = handler.enforcerUtil.GetEnvRBACNameByAppAndEnvName(appName, envName)
+	if ok := handler.enforcer.Enforce(token, casbin.ResourceEnvironment, action, object); !ok {
+		return false
+	}
+	return true
+}
+func getConfigDataQueryParams(r *http.Request) (*bean.ConfigDataQueryParams, error) {
+	v := r.URL.Query()
+	var decoder = schema.NewDecoder()
+	decoder.IgnoreUnknownKeys(true)
+	queryParams := bean.ConfigDataQueryParams{}
+	err := decoder.Decode(&queryParams, v)
+	if err != nil {
+		return nil, err
+	}
+
+	return &queryParams, nil
+}

api/helm-app/service/HelmAppService.go

@@ -19,6 +19,7 @@ package restHandler
 import (
 	"encoding/json"
 	"fmt"
+	securityBean "github.com/devtron-labs/devtron/pkg/security/bean"
 	"net/http"
 	"strconv"
 
@@ -70,7 +71,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 	}
 
 	decoder := json.NewDecoder(r.Body)
-	var request *security.ImageScanRequest
+	var request *securityBean.ImageScanRequest
 	err = decoder.Decode(&request)
 	if err != nil {
 		impl.logger.Errorw("request err, ScanExecutionList", "err", err, "payload", request)
@@ -82,8 +83,8 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 	if err != nil {
 		impl.logger.Errorw("service err, ScanExecutionList", "err", err, "payload", request)
 		if util.IsErrNoRows(err) {
-			responseList := make([]*security.ImageScanHistoryResponse, 0)
-			common.WriteJsonResp(w, nil, &security.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
+			responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
+			common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
 		} else {
 			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		}
@@ -126,8 +127,8 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 	if err != nil {
 		impl.logger.Errorw("service err, ScanExecutionList", "err", err, "payload", request)
 		if util.IsErrNoRows(err) {
-			responseList := make([]*security.ImageScanHistoryResponse, 0)
-			common.WriteJsonResp(w, nil, &security.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
+			responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
+			common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
 		} else {
 			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		}
@@ -177,7 +178,7 @@ func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter,
 		}
 	}
 	image := v.Get("image")
-	request := &security.ImageScanRequest{
+	request := &securityBean.ImageScanRequest{
 		ImageScanDeployInfoId: imageScanDeployInfoId,
 		Image:                 image,
 		ArtifactId:            artifactId,
@@ -189,7 +190,7 @@ func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter,
 	if err != nil {
 		impl.logger.Errorw("service err, FetchExecutionDetail", "err", err, "payload", request)
 		if util.IsErrNoRows(err) {
-			common.WriteJsonResp(w, nil, &security.ImageScanExecutionDetail{}, http.StatusOK)
+			common.WriteJsonResp(w, nil, &securityBean.ImageScanExecutionDetail{}, http.StatusOK)
 		} else {
 			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		}
@@ -221,7 +222,7 @@ func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter,
 		}
 		//RBAC
 	} else {
-		common.WriteJsonResp(w, err, &security.ImageScanExecutionDetail{}, http.StatusOK)
+		common.WriteJsonResp(w, err, &securityBean.ImageScanExecutionDetail{}, http.StatusOK)
 	}
 
 	common.WriteJsonResp(w, err, executionDetail, http.StatusOK)
@@ -230,7 +231,7 @@ func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter,
 func (impl ImageScanRestHandlerImpl) FetchMinScanResultByAppIdAndEnvId(w http.ResponseWriter, r *http.Request) {
 	v := r.URL.Query()
 	var appId, envId int
-	request := &security.ImageScanRequest{}
+	request := &securityBean.ImageScanRequest{}
 	appIds := v.Get("appId")
 	if len(appIds) > 0 {
 		appId, err := strconv.Atoi(appIds)
@@ -299,8 +300,8 @@ func (impl ImageScanRestHandlerImpl) VulnerabilityExposure(w http.ResponseWriter
 	if err != nil {
 		impl.logger.Errorw("service err, VulnerabilityExposure", "err", err, "payload", request)
 		if util.IsErrNoRows(err) {
-			responseList := make([]*security.ImageScanHistoryResponse, 0)
-			common.WriteJsonResp(w, nil, &security.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
+			responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
+			common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
 		} else {
 			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		}

api/restHandler/DeploymentConfigurationRestHandler.go

@@ -20,12 +20,12 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	securityBean "github.com/devtron-labs/devtron/internal/sql/repository/security/bean"
 	"net/http"
 	"strconv"
 
 	"github.com/devtron-labs/devtron/api/bean"
 	"github.com/devtron-labs/devtron/api/restHandler/common"
-	security2 "github.com/devtron-labs/devtron/internal/sql/repository/security"
 	"github.com/devtron-labs/devtron/pkg/auth/authorisation/casbin"
 	user2 "github.com/devtron-labs/devtron/pkg/auth/user"
 	"github.com/devtron-labs/devtron/pkg/cluster"
@@ -221,18 +221,18 @@ func (impl PolicyRestHandlerImpl) GetPolicy(w http.ResponseWriter, r *http.Reque
 		req.Id = ids
 	}
 	var clusterId, environmentId, appId int
-	var policyLevel security2.PolicyLevel
-	if level == security2.Global.String() {
-		policyLevel = security2.Global
-	} else if level == security2.Cluster.String() {
+	var policyLevel securityBean.PolicyLevel
+	if level == securityBean.Global.String() {
+		policyLevel = securityBean.Global
+	} else if level == securityBean.Cluster.String() {
 		clusterId = req.Id
-		policyLevel = security2.Cluster
-	} else if level == security2.Environment.String() {
+		policyLevel = securityBean.Cluster
+	} else if level == securityBean.Environment.String() {
 		environmentId = req.Id
-		policyLevel = security2.Environment
-	} else if level == security2.Application.String() {
+		policyLevel = securityBean.Environment
+	} else if level == securityBean.Application.String() {
 		appId = req.Id
-		policyLevel = security2.Application
+		policyLevel = securityBean.Application
 	}
 
 	token := r.Header.Get("token")

api/restHandler/ImageScanRestHandler.go

@@ -207,6 +207,11 @@ func (handler *PipelineConfigRestHandlerImpl) CreateCdPipeline(w http.ResponseWr
 	handler.Logger.Infow("request payload, CreateCdPipeline", "payload", cdPipeline)
 	userUploaded, err := handler.chartService.CheckIfChartRefUserUploadedByAppId(cdPipeline.AppId)
 	if !userUploaded {
+		for i, p := range cdPipeline.Pipelines {
+			if len(p.ReleaseMode) == 0 {
+				cdPipeline.Pipelines[i].ReleaseMode = util.PIPELINE_RELEASE_MODE_CREATE
+			}
+		}
 		err = handler.validator.Struct(cdPipeline)
 		if err != nil {
 			handler.Logger.Errorw("validation err, CreateCdPipeline", "err", err, "payload", cdPipeline)

api/restHandler/PolicyRestHandler.go

@@ -0,0 +1,31 @@
+package router
+
+import (
+	"github.com/devtron-labs/devtron/api/restHandler"
+	"github.com/gorilla/mux"
+)
+
+type DeploymentConfigurationRouter interface {
+	initDeploymentConfigurationRouter(configRouter *mux.Router)
+}
+
+type DeploymentConfigurationRouterImpl struct {
+	deploymentGroupRestHandler restHandler.DeploymentConfigurationRestHandler
+}
+
+func NewDeploymentConfigurationRouter(deploymentGroupRestHandler restHandler.DeploymentConfigurationRestHandler) *DeploymentConfigurationRouterImpl {
+	router := &DeploymentConfigurationRouterImpl{
+		deploymentGroupRestHandler: deploymentGroupRestHandler,
+	}
+	return router
+}
+
+func (router DeploymentConfigurationRouterImpl) initDeploymentConfigurationRouter(configRouter *mux.Router) {
+	configRouter.Path("/autocomplete").
+		HandlerFunc(router.deploymentGroupRestHandler.ConfigAutoComplete).
+		Methods("GET")
+	configRouter.Path("/data").
+		HandlerFunc(router.deploymentGroupRestHandler.GetConfigData).
+		Methods("GET")
+
+}

api/restHandler/app/pipeline/configure/DeploymentPipelineRestHandler.go

@@ -114,6 +114,7 @@ type MuxRouter struct {
 	rbacRoleRouter                     user.RbacRoleRouter
 	scopedVariableRouter               ScopedVariableRouter
 	ciTriggerCron                      cron.CiTriggerCron
+	deploymentConfigurationRouter      DeploymentConfigurationRouter
 	infraConfigRouter                  infraConfig.InfraConfigRouter
 	argoApplicationRouter              argoApplication.ArgoApplicationRouter
 	fluxApplicationRouter              fluxApplication2.FluxApplicationRouter
@@ -146,6 +147,7 @@ func NewMuxRouter(logger *zap.SugaredLogger,
 	scopedVariableRouter ScopedVariableRouter,
 	ciTriggerCron cron.CiTriggerCron,
 	proxyRouter proxy.ProxyRouter,
+	deploymentConfigurationRouter DeploymentConfigurationRouter,
 	infraConfigRouter infraConfig.InfraConfigRouter,
 	argoApplicationRouter argoApplication.ArgoApplicationRouter,
 	devtronResourceRouter devtronResource.DevtronResourceRouter,
@@ -210,6 +212,7 @@ func NewMuxRouter(logger *zap.SugaredLogger,
 		rbacRoleRouter:                     rbacRoleRouter,
 		scopedVariableRouter:               scopedVariableRouter,
 		ciTriggerCron:                      ciTriggerCron,
+		deploymentConfigurationRouter:      deploymentConfigurationRouter,
 		infraConfigRouter:                  infraConfigRouter,
 		argoApplicationRouter:              argoApplicationRouter,
 		devtronResourceRouter:              devtronResourceRouter,
@@ -293,8 +296,9 @@ func (r MuxRouter) Init() {
 	chartRefRouter := r.Router.PathPrefix("/orchestrator/chartref").Subrouter()
 	r.ChartRefRouter.initChartRefRouter(chartRefRouter)
 
-	configMapRouter := r.Router.PathPrefix("/orchestrator/config").Subrouter()
-	r.ConfigMapRouter.initConfigMapRouter(configMapRouter)
+	configRouter := r.Router.PathPrefix("/orchestrator/config").Subrouter()
+	r.ConfigMapRouter.initConfigMapRouter(configRouter)
+	r.deploymentConfigurationRouter.initDeploymentConfigurationRouter(configRouter)
 
 	appStoreRouter := r.Router.PathPrefix("/orchestrator/app-store").Subrouter()
 	r.AppStoreRouter.Init(appStoreRouter)