diff --git a/helm_charts/icap/templates/deployment-template-pg.yml b/helm_charts/icap/templates/deployment-template-pg.yml index 854c2e5..44ba8a7 100644 --- a/helm_charts/icap/templates/deployment-template-pg.yml +++ b/helm_charts/icap/templates/deployment-template-pg.yml @@ -1,4 +1,9 @@ {{- if .Values.postgres_mdicapsrv.enabled }} + +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := "postgres-mdicapsrv" }} +{{- end }} + {{- if (eq .Values.icap_components.md_icapsrv.database.db_mode "4")}} {{ $component := .Values.postgres_mdicapsrv }} apiVersion: apps/v1 @@ -19,7 +24,15 @@ spec: - envFrom: - configMapRef: name: mdicapsrv-env - image: {{ $component.image | quote }} + {{- if $component.custom_repo }} + image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image $component.image_tag | quote }} + {{ else }} + image: {{ printf "%s:%s" $component.image $component.image_tag | quote }} + {{- end }} + {{- if $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml $.Values.imagePullSecrets | nindent 12 }} + {{- end }} env: {{- toYaml $component.env | nindent 12 }} name: "postgres-mdicapsrv" diff --git a/helm_charts/icap/templates/deployments-template.yml b/helm_charts/icap/templates/deployments-template.yml index 5b32371..47deea8 100644 --- a/helm_charts/icap/templates/deployments-template.yml +++ b/helm_charts/icap/templates/deployments-template.yml @@ -1,5 +1,11 @@ # Create a deployment for each component in MD ICAP Server if it's enabled {{ $component := .Values.icap_components.md_icapsrv }} + +# If the image tag is not defined, set it to the chart version +{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }} +{{ $component.image_tag = .Chart.AppVersion }} +{{ end }} + {{ $ENV := $component.env }} {{ if $component.import_configuration.enabled }} {{ $importTargets := dict "name" "IMPORT_CONF_FILE_TARGET" "value" (toJson $component.import_configuration.targets) }} @@ -17,7 +23,7 @@ kind: Deployment metadata: name: {{ $component.name | quote }} spec: - replicas: {{ $component.replicas }} + replicas: {{ $component.replicas | default 1 }} selector: matchLabels: app: {{ $component.name | quote }} @@ -43,9 +49,9 @@ spec: - configMapRef: name: mdicapsrv-env {{- if $component.custom_repo }} - image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image | quote }} + image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image $component.image_tag | quote }} {{ else }} - image: {{ $component.image | quote }} + image: {{ printf "%s:%s" $component.image $component.image_tag | quote }} {{- end }} {{- if $ENV }} env: diff --git a/helm_charts/icap/templates/services-template-pg.yml b/helm_charts/icap/templates/services-template-pg.yml index e0dd505..6788751 100644 --- a/helm_charts/icap/templates/services-template-pg.yml +++ b/helm_charts/icap/templates/services-template-pg.yml @@ -1,6 +1,11 @@ # Create a service for each component in MD ICAP Server it has exposed ports {{ $component := .Values.postgres_mdicapsrv }} + +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := "postgres-mdicapsrv" }} +{{- end }} + --- apiVersion: v1 kind: Service diff --git a/helm_charts/icap/templates/services-template.yml b/helm_charts/icap/templates/services-template.yml index 8f0d626..185f882 100644 --- a/helm_charts/icap/templates/services-template.yml +++ b/helm_charts/icap/templates/services-template.yml @@ -1,6 +1,12 @@ # Create a service for each component in MD ICAP Server it has exposed ports {{ range $component_name, $component := .Values.icap_components }} + +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + {{ if $component.ports }} --- apiVersion: v1 diff --git a/helm_charts/icap/values.yaml b/helm_charts/icap/values.yaml index eb5c89d..e165465 100644 --- a/helm_charts/icap/values.yaml +++ b/helm_charts/icap/values.yaml @@ -137,8 +137,12 @@ icap_components: memory: "128Mi" # Maximum memory limit cpu: "100m" # Maximum cpu limit name: md-icapsrv + # Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server - image: opswat/metadefendericapsrv-debian:5.6.0 + image: opswat/metadefendericapsrv-debian + # Default is appVersion of the helm Chart + # image_tag: "" + # Warning: When to use this feature! # Sets the number of replicas if you want to have multiple MD ICAP Server instances replicas: 1 diff --git a/helm_charts/mdcore-README.md b/helm_charts/mdcore-README.md index ca0cc4f..42b7105 100644 --- a/helm_charts/mdcore-README.md +++ b/helm_charts/mdcore-README.md @@ -147,7 +147,8 @@ The following table lists the configurable parameters of the Metadefender core c | `core_components.postgres-core.is_db` | | `true` | | `core_components.postgres-core.persistentDir` | | `"/var/lib/postgresql/data"` | | `core_components.md-core.name` | | `"md-core"` | -| `core_components.md-core.image` | Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core | `"opswat/metadefendercore-debian:5.0.1"` | +| `core_components.md-core.image` | Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core | `"opswat/metadefendercore-debian"` | +| `core_components.md-core.image_tag` | Overrides the default docker image tag for the MD Core service, this value can be changed if you want to set a different version of MD Core | Helm Chart version. Ex : `5.0.1` | | `core_components.md-core.replicas` | Sets the number of replicas if you want to have multiple MD Core instances | `1` | | `core_components.md-core.env` | | `[{"name": "MD_USER", "valueFrom": {"secretKeyRef": {"name": "mdcore-cred", "key": "user"}}}, {"name": "MD_PWD", "valueFrom": {"secretKeyRef": {"name": "mdcore-cred", "key": "password"}}}, {"name": "MD_INSTANCE_NAME", "valueFrom": {"fieldRef": {"fieldPath": "metadata.name"}}}, {"name": "APIKEY", "valueFrom": {"secretKeyRef": {"name": "mdcore-api-key", "key": "value"}}}, {"name": "LICENSE_KEY", "valueFrom": {"secretKeyRef": {"name": "mdcore-license-key", "key": "value"}}}, {"name": "DB_USER", "valueFrom": {"secretKeyRef": {"name": "mdcore-postgres-cred", "key": "user"}}}, {"name": "DB_PWD", "valueFrom": {"secretKeyRef": {"name": "mdcore-postgres-cred", "key": "password"}}}]` | | `core_components.md-core.ports` | | `[{"port": 8008}]` | diff --git a/helm_charts/mdcore/templates/deployments-template.yml b/helm_charts/mdcore/templates/deployments-template.yml index dc678d1..9b21fa3 100644 --- a/helm_charts/mdcore/templates/deployments-template.yml +++ b/helm_charts/mdcore/templates/deployments-template.yml @@ -1,7 +1,16 @@ # Create a deployment for each component in MD Core if it's enabled - {{ range $component_name, $component := .Values.core_components }} {{ if and (or $.Values.deploy_with_core_db (not $component.is_db)) ( or (not $component.module_name) (contains (print $component.module_name) $.Values.ENABLED_MODULES)) }} + +# If the image tag is not defined, set it to the chart version +{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }} +{{ $component.image_tag = .Chart.AppVersion }} +{{ end }} + +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} --- apiVersion: apps/v1 kind: Deployment @@ -33,9 +42,9 @@ spec: name: {{ printf "%s-config" $.Release.Name }} {{- end }} {{ if $component.custom_repo -}} - image: {{ printf "%s/%s:%s" $.Values.core_docker_repo $component.image $.Values.BRANCH | quote }} + image: {{ printf "%s/%s:%s" $.Values.core_docker_repo $component.image $component.image_tag | quote }} {{- else -}} - image: {{ $component.image | quote }} + image: {{ printf "%s:%s" $component.image $component.image_tag | quote }} {{- end }} imagePullPolicy: {{ $.Values.imagePullPolicy }} {{- if $component.env }} diff --git a/helm_charts/mdcore/templates/services-template.yml b/helm_charts/mdcore/templates/services-template.yml index e27da67..ffde6ee 100644 --- a/helm_charts/mdcore/templates/services-template.yml +++ b/helm_charts/mdcore/templates/services-template.yml @@ -2,6 +2,12 @@ # Create a service for each component in MD Core it has exposed ports {{ range $component_name, $component := .Values.core_components }} {{ if and $component.ports ( or (not $component.module_name) (contains (print $component.module_name) $.Values.ENABLED_MODULES)) }} + +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + {{ if and (not $.Values.deploy_with_core_db) $component.is_db }} {{ else }} diff --git a/helm_charts/mdcore/values.yaml b/helm_charts/mdcore/values.yaml index 340ddf1..58e10b4 100644 --- a/helm_charts/mdcore/values.yaml +++ b/helm_charts/mdcore/values.yaml @@ -86,10 +86,10 @@ hostPathPrefix: mdcore-storage- # The absolute path on the n # Ingress setting for md core (md core setting are ignored if deploy_with_core is false) core_ingress: + enabled: false # Enable or disable the ingress creation host: -mdcore.k8s # Hostname for the publicly accessible ingress, the `` string will be replaced with the namespace where the chart is deployed service: md-core # Service name where the ingress should route to, this should be left unchanged port: 8008 # Port where the ingress should route to - enabled: false # Enable or disable the ingress creation spec_className: true # true -> for adding class as spec || false -> for adding class as annotation. false for GKE as it needs to be as annotation. class: ngnix # Sets the ingress class (For AWS alb, for GKE gce) tls: false # Flag for set up tls section in ingress @@ -131,8 +131,8 @@ env: # Set additional MDCORE_LICENSE_COMMENT: "" hpa: - deployment: md-core enabled: false + deployment: md-core minReplicas: 1 maxReplicas: 3 cpuTargetUtilization: 85 @@ -140,7 +140,8 @@ hpa: core_components: postgres-core: name: postgres-core - image: postgres:14.8 + image: postgres + image_tag: "14.8" env: - name: POSTGRES_PASSWORD valueFrom: @@ -161,7 +162,9 @@ core_components: md-core: name: md-core - image: opswat/metadefendercore-debian:5.12.1 # Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core + image: opswat/metadefendercore-debian # Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core + # Default image is Chart helm version + # image_tag: "" replicas: 1 # Sets the number of replicas if you want to have multiple MD Core instances env: - name: MD_USER diff --git a/helm_charts/mdicapsrv-README.md b/helm_charts/mdicapsrv-README.md index eef5f3d..89f21c5 100644 --- a/helm_charts/mdicapsrv-README.md +++ b/helm_charts/mdicapsrv-README.md @@ -62,7 +62,8 @@ The following table lists the configurable parameters of the Metadefender ICAP c | `icap_ingress.class` | Sets the ingress class | `"nginx"` | | `postgres_mdicapsrv.enabled` | Set to false to not create postgresql server | `true` | | `postgres_mdicapsrv.name` | Name of the Postgres instance | `"postgres-mdicapsrv"` | -| `postgres_mdicapsrv.image` | Default image repository for postgres instance | `"postgres:12.12"` | +| `postgres_mdicapsrv.image` | Default image repository for postgres instance | `"postgres"` | +| `postgres_mdicapsrv.image_tag` | Default image tag for postgres instance | `"12.12"` | | `postgres_mdicapsrv.env.name` | List of envs
  • `POSTGRES_PASSWORD: ` This environment variable is required for you to use the PostgreSQL image. It must not be empty or undefined. This environment variable sets the superuser password for PostgreSQL
  • `POSTGRES_USER: ` This variable will create the specified user with superuser power and a database with the same name. If it is not specified, then the default user of postgres will be used
| `"postgres"` | | `icap_docker_repo` | Name of MD ICAP Server image repository | `"opswat"` | | `storage_configs.enabled` | Enable or disable for storage data Postgresql | `"false"` | @@ -79,7 +80,9 @@ The following table lists the configurable parameters of the Metadefender ICAP c | `icap_components.md_icapsrv.initContainers.envFrom.configMapRef.name` | The name of the config map reference with MD ICAP Server | `"mdicapsrv-env"` | | `icap_components.md_icapsrv.initContainers.command` | The command line for check postgresql server ready for connection | `['sh', '-c', 'until pg_isready -h $DB_HOST -p $DB_PORT; do echo waiting for database; sleep 2; done;']` | | `icap_components.md_icapsrv.name` | Name of MD ICAP Server image | `"md-icapsrv"` | -| `icap_components.md_icapsrv.image` | This value always get the image latest in the repository. Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: opswat/metadefendericapsrv-debian:4.13.0). | `"opswat/metadefendericapsrv-debian"` | +| `icap_components.md_icapsrv.custom_repo` | Overrides default docker repository to use for downloading the image. It will use `icap_docker_repo` value. | `false` | +| `icap_components.md_icapsrv.image` | Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: opswat/metadefendericapsrv-debian). | `"opswat/metadefendericapsrv-debian"` | +| `icap_components.md_icapsrv.image_tag` | This value always get the image tag in the repository. Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: 4.13.0). | `Helm Chart appVersion` | | `icap_components.md_icapsrv.env` | The system environments for MD ICAP Server | `[{"name":"MD_USER","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-cred","key":"user"}}},{"name":"MD_PWD","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-cred","key":"password"}}},{"name":"APIKEY","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-api-key","key":"value"}}},{"name":"LICENSE_KEY","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-license-key","key":"value"}}},{"name":"POSTGRES_PASSWORD","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-postgres-cred","key":"password"}}},{"name":"POSTGRES_USER","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-postgres-cred","key":"user"}}}]` | | `icap_components.md_icapsrv.data_retention.config_history` | Set the time of the data retention config history | `"168"` | | `icap_components.md_icapsrv.data_retention.processing_history` | Set the time of the data retention processing history | `"168"` | diff --git a/helm_charts/mdss/templates/deployments-template.yml b/helm_charts/mdss/templates/deployments-template.yml index 64bf684..8343153 100644 --- a/helm_charts/mdss/templates/deployments-template.yml +++ b/helm_charts/mdss/templates/deployments-template.yml @@ -2,6 +2,16 @@ # Create a deployment for each component in MDSS {{ range $component_name, $component := .Values.mdss_components }} +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + +# If the image tag is not defined, set it to latest +{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }} +{{ $component.image_tag = "latest" }} +{{ end }} + {{ if and (or $.Values.deploy_with_mdss_db (not $component.is_db)) ( or (not $component.module_name) (contains (print $component.module_name) (index $.Values "mdss-common-environment").ENABLED_MODULES)) }} --- apiVersion: apps/v1 @@ -9,7 +19,7 @@ kind: Deployment metadata: name: {{ $component.name | quote }} spec: - replicas: {{ $component.replicas }} + replicas: {{ $component.replicas | default 1}} selector: matchLabels: app: {{ $component.name | quote }} @@ -30,9 +40,9 @@ spec: - configMapRef: name: {{ $.Values.mdss_config_map_env_name | quote }} {{ if $component.custom_repo -}} - image: {{ printf "%s/%s:%s" $.Values.mdss_docker_repo $component.image (index $.Values "mdss-common-environment").BRANCH | quote }} + image: {{ printf "%s/%s:%s" $.Values.mdss_docker_repo $component.image $component.image_tag | quote }} {{- else -}} - image: {{ $component.image | quote }} + image: {{ printf "%s:%s" $component.image $component.image_tag | quote }} {{- end }} imagePullPolicy: {{ $.Values.imagePullPolicy }} {{- if $component.env }} diff --git a/helm_charts/mdss/templates/services-template.yml b/helm_charts/mdss/templates/services-template.yml index 95c9ec3..213000e 100644 --- a/helm_charts/mdss/templates/services-template.yml +++ b/helm_charts/mdss/templates/services-template.yml @@ -2,6 +2,11 @@ {{ range $component_name, $component := .Values.mdss_components }} {{ if and $component.ports ( or (not $component.module_name) (contains (print $component.module_name) (index $.Values "mdss-common-environment").ENABLED_MODULES)) }} +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + {{ if and (not $.Values.deploy_with_mdss_db) $component.is_db }} {{ else }} diff --git a/helm_charts/mdss/values.yaml b/helm_charts/mdss/values.yaml index 06e7c84..049dc0e 100644 --- a/helm_charts/mdss/values.yaml +++ b/helm_charts/mdss/values.yaml @@ -185,10 +185,10 @@ hostPathPrefix: mdss-storage- # This is the absolute path # Ingress settings for mdss mdss_ingress: + enabled: false # Enable or disable the ingress creation host: -mdss.k8s # Hostname for the publicly accessible ingress, the `` string will be replaced with the current namespace service: webclient # Service name where the ingress should route to, this should be left unchanged port: 80 # Port where the ingress should route to - enabled: false # Enable or disable the ingress creation class: public # Sets the ingress class, it can be "public" or "nginx" or some other value depending on the ingress controller in the cluster spec_className: false # true -> for adding class as spec || false -> for adding class as annotation. false for GKE as it needs to be as annotation. tls: false # Flag for set up tls section in ingress @@ -222,8 +222,8 @@ mdssHostAliases: # Custom hosts entries mdss_components: mongodb: - name: mongodb - image: mongo:6.0 + image: mongo + image_tag: "6.0" ports: - port: 27017 persistentDir: /data/db @@ -234,7 +234,6 @@ mdss_components: cpu: "0.5" mongomigrations: - name: mongomigrations custom_repo: true image: mdcloudservices_mongo-migrations ports: @@ -246,8 +245,8 @@ mdss_components: cpu: "0.010" rabbitmq: - name: rabbitmq - image: rabbitmq:3.11.4-management + image: rabbitmq + image_tag: "3.11.4-management" ports: - port: 5672 - port: 15672 @@ -266,8 +265,8 @@ mdss_components: cpu: "0.5" redis: - name: redis - image: redis:7.0 + image: redis + image_tag: "7.0" ports: - port: 6379 extra_labels: @@ -278,7 +277,6 @@ mdss_components: cpu: "0.100" licensingservice: - name: licensingservice custom_repo: true image: mdcloudservices_licensing ports: @@ -291,7 +289,6 @@ mdss_components: cpu: "0.010" discoveryservice: - name: discoveryservice custom_repo: true image: mdcloudservices_discovery extra_labels: @@ -302,7 +299,6 @@ mdss_components: cpu: "1.000" scanningservice: - name: scanningservice custom_repo: true image: mdcloudservices_scanning extra_labels: @@ -313,7 +309,6 @@ mdss_components: cpu: "0.500" notificationservice: - name: notificationservice custom_repo: true image: mdcloudservices_notification extra_labels: @@ -324,7 +319,6 @@ mdss_components: cpu: "0.010" jobdispatcher: - name: jobdispatcher custom_repo: true image: mdcloudservices_job-dispatcher extra_labels: @@ -335,7 +329,6 @@ mdss_components: cpu: "0.050" securitychecklistservice: - name: securitychecklistservice custom_repo: true image: "mdcloudservices_security-checklist" extra_labels: @@ -346,7 +339,6 @@ mdss_components: cpu: "0.010" loadbalancerservice: - name: loadbalancerservice custom_repo: true image: "mdcloudservices_load-balancer" extra_labels: @@ -357,7 +349,6 @@ mdss_components: cpu: "0.100" loggingservice: - name: loggingservice custom_repo: true image: "mdcloudservices_logging" extra_labels: @@ -368,7 +359,6 @@ mdss_components: cpu: "0.050" remediationsservice: - name: remediationsservice custom_repo: true image: mdcloudservices_remediations extra_labels: @@ -379,7 +369,6 @@ mdss_components: cpu: "0.100" storagesservice: - name: storagesservice custom_repo: true image: mdcloudservices_storages extra_labels: @@ -390,7 +379,6 @@ mdss_components: cpu: "0.010" workflowmanagerservice: - name: workflowmanagerservice custom_repo: true image: mdcloudservices_workflowmanager extra_labels: @@ -401,7 +389,6 @@ mdss_components: cpu: "0.100" apigateway: - name: apigateway custom_repo: true image: mdcloudservices_api env: @@ -418,7 +405,6 @@ mdss_components: cpu: "0.100" webclient: - name: webclient custom_repo: true image: mdcloudservices_web ports: @@ -436,7 +422,6 @@ mdss_components: cpu: "0.100" usermanagementservice: - name: usermanagementservice custom_repo: true image: mdcloudservices_usermanagement extra_labels: @@ -448,7 +433,6 @@ mdss_components: # ======================================= AMAZONSDK MODULE ================================================ discoveryamazonsdkservice: - name: discoveryamazonsdkservice module_name: amazonsdk custom_repo: true image: mdcloudservices_discoveryamazonsdk @@ -460,7 +444,6 @@ mdss_components: cpu: "1.000" remediationsservice-amazonsdk: - name: remediationsservice-amazonsdk module_name: amazonsdk custom_repo: true image: mdcloudservices_remediationsamazonsdk @@ -472,7 +455,6 @@ mdss_components: cpu: "0.100" storagesservice-amazonsdk: - name: storagesservice-amazonsdk module_name: amazonsdk custom_repo: true image: mdcloudservices_storagesamazonsdk @@ -484,7 +466,6 @@ mdss_components: cpu: "0.010" # ======================================= AZUREBLOB MODULE ================================================ discoveryazureblobservice: - name: discoveryazureblobservice module_name: azureblob custom_repo: true image: mdcloudservices_discoveryazureblob @@ -496,7 +477,6 @@ mdss_components: cpu: "1.000" remediationsservice-azureblob: - name: remediationsservice-azureblob module_name: azureblob custom_repo: true image: mdcloudservices_remediationsazureblob @@ -508,7 +488,6 @@ mdss_components: cpu: "0.100" storagesservice-azureblob: - name: storagesservice-azureblob module_name: azureblob custom_repo: true image: mdcloudservices_storagesazureblob @@ -520,7 +499,6 @@ mdss_components: cpu: "0.010" # ======================================= ALIBABACLOUD MODULE ================================================ discoveryalibabacloudservice: - name: discoveryalibabacloudservice module_name: alibabacloud custom_repo: true image: mdcloudservices_discoveryalibabacloud @@ -532,7 +510,6 @@ mdss_components: cpu: "1.000" remediationsservice-alibabacloud: - name: remediationsservice-alibabacloud module_name: alibabacloud custom_repo: true image: mdcloudservices_remediationsalibabacloud @@ -544,7 +521,6 @@ mdss_components: cpu: "0.100" storagesservice-alibabacloud: - name: storagesservice-alibabacloud module_name: alibabacloud custom_repo: true image: mdcloudservices_storagesalibabacloud @@ -556,7 +532,6 @@ mdss_components: cpu: "0.010" # ======================================= GOOGLECLOUD MODULE ================================================ discoverygooglecloudservice: - name: discoverygooglecloudservice module_name: googlecloud custom_repo: true image: mdcloudservices_discoverygooglecloud @@ -568,7 +543,6 @@ mdss_components: cpu: "1.000" remediationsservice-googlecloud: - name: remediationsservice-googlecloud module_name: googlecloud custom_repo: true image: mdcloudservices_remediationsgooglecloud @@ -580,7 +554,6 @@ mdss_components: cpu: "0.100" storagesservice-googlecloud: - name: storagesservice-googlecloud module_name: googlecloud custom_repo: true image: mdcloudservices_storagesgooglecloud @@ -592,7 +565,6 @@ mdss_components: cpu: "0.010" # ======================================= BOX MODULE ================================================ discoveryboxservice: - name: discoveryboxservice module_name: box custom_repo: true image: mdcloudservices_discoverybox @@ -604,7 +576,6 @@ mdss_components: cpu: "1.000" remediationsservice-box: - name: remediationsservice-box module_name: box custom_repo: true image: mdcloudservices_remediationsbox @@ -616,7 +587,6 @@ mdss_components: cpu: "0.100" storagesservice-box: - name: storagesservice-box module_name: box custom_repo: true image: mdcloudservices_storagesbox @@ -628,7 +598,6 @@ mdss_components: cpu: "0.010" # ======================================= AZUREFILES MODULE ================================================ discoveryazurefilesservice: - name: discoveryazurefilesservice module_name: azurefiles custom_repo: true image: mdcloudservices_discoveryazurefiles @@ -640,7 +609,6 @@ mdss_components: cpu: "1.000" remediationsservice-azurefiles: - name: remediationsservice-azurefiles module_name: azurefiles custom_repo: true image: mdcloudservices_remediationsazurefiles @@ -652,7 +620,6 @@ mdss_components: cpu: "0.100" storagesservice-azurefiles: - name: storagesservice-azurefiles module_name: azurefiles custom_repo: true image: mdcloudservices_storagesazurefiles @@ -664,7 +631,6 @@ mdss_components: cpu: "0.010" # ======================================= SMB MODULE ================================================ discoverysmbservice: - name: discoverysmbservice module_name: smb custom_repo: true image: mdcloudservices_discoverysmb @@ -676,7 +642,6 @@ mdss_components: cpu: "1.000" remediationsservice-smb: - name: remediationsservice-smb module_name: smb custom_repo: true image: mdcloudservices_remediationssmb @@ -688,7 +653,6 @@ mdss_components: cpu: "0.100" storagesservice-smb: - name: storagesservice-smb module_name: smb custom_repo: true image: mdcloudservices_storagessmb @@ -700,7 +664,6 @@ mdss_components: cpu: "0.010" smbservice: - name: smbservice module_name: smb custom_repo: true image: mdcloudservices_smbservice @@ -714,7 +677,6 @@ mdss_components: cpu: "0.500" # ======================================= ONEDRIVE MODULE ================================================ discoveryonedriveservice: - name: discoveryonedriveservice module_name: onedrive custom_repo: true image: mdcloudservices_discoveryonedrive @@ -726,7 +688,6 @@ mdss_components: cpu: "1.000" remediationsservice-onedrive: - name: remediationsservice-onedrive module_name: onedrive custom_repo: true image: mdcloudservices_remediationsonedrive @@ -738,7 +699,6 @@ mdss_components: cpu: "0.100" storagesservice-onedrive: - name: storagesservice-onedrive module_name: onedrive custom_repo: true image: mdcloudservices_storagesonedrive @@ -751,7 +711,6 @@ mdss_components: # ======================================= SFTP MODULE ================================================ discoverysftpservice: - name: discoverysftpservice module_name: sftp custom_repo: true image: mdcloudservices_discoverysftp @@ -763,7 +722,6 @@ mdss_components: cpu: "1.000" remediationsservice-sftp: - name: remediationsservice-sftp module_name: sftp custom_repo: true image: mdcloudservices_remediationssftp @@ -775,7 +733,6 @@ mdss_components: cpu: "0.100" storagesservice-sftp: - name: storagesservice-sftp module_name: sftp custom_repo: true image: mdcloudservices_storagessftp @@ -787,7 +744,6 @@ mdss_components: cpu: "0.010" sftpservice: - name: sftpservice module_name: sftp custom_repo: true image: mdcloudservices_sftpservice @@ -805,7 +761,6 @@ mdss_components: # ======================================= NFS MODULE ================================================ discoverynfsservice: - name: discoverynfsservice module_name: nfs custom_repo: true image: mdcloudservices_discoverynfs @@ -817,7 +772,6 @@ mdss_components: cpu: "1.000" remediationsservice-nfs: - name: remediationsservice-nfs module_name: nfs custom_repo: true image: mdcloudservices_remediationsnfs @@ -829,7 +783,6 @@ mdss_components: cpu: "0.100" storagesservice-nfs: - name: storagesservice-nfs module_name: nfs custom_repo: true image: mdcloudservices_storagesnfs @@ -841,7 +794,6 @@ mdss_components: cpu: "0.010" nfsservice: - name: nfsservice module_name: nfs custom_repo: true image: mdcloudservices_nfsservice @@ -856,7 +808,6 @@ mdss_components: # ======================================= MFT MODULE ================================================ discoverymftservice: - name: discoverymftservice module_name: mft custom_repo: true image: mdcloudservices_discoverymft @@ -868,7 +819,6 @@ mdss_components: cpu: "1.000" remediationsservice-mft: - name: remediationsservice-mft module_name: mft custom_repo: true image: mdcloudservices_remediationsmft @@ -880,7 +830,6 @@ mdss_components: cpu: "0.100" storagesservice-mft: - name: storagesservice-mft module_name: mft custom_repo: true image: mdcloudservices_storagesmft diff --git a/helm_charts/mdssc/templates/deployments-template.yml b/helm_charts/mdssc/templates/deployments-template.yml index 563226b..421f838 100644 --- a/helm_charts/mdssc/templates/deployments-template.yml +++ b/helm_charts/mdssc/templates/deployments-template.yml @@ -2,6 +2,20 @@ # Create a deployment for each component in MDSSC {{ range $component_name, $component := .Values.mdssc_components }} +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + +# If the image tag is not defined, set it to latest +{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }} + {{ if eq $component.is_mdssc true -}} + {{ $component.image_tag := .Chart.AppVersion }} + {{ else }} + {{ $component.image_tag := "latest" }} + {{ end }} +{{ end }} + {{ if and (or $.Values.deploy_with_mdssc_db (not $component.is_db)) }} --- apiVersion: apps/v1 @@ -9,7 +23,7 @@ kind: Deployment metadata: name: {{ $component.name | quote }} spec: - replicas: {{ $component.replicas }} + replicas: {{ $component.replicas | default 1 }} selector: matchLabels: app: {{ $component.name | quote }} @@ -30,13 +44,9 @@ spec: - configMapRef: name: {{ $.Values.mdssc_config_map_env_name | quote }} {{ if $component.custom_repo -}} - {{ if eq $component.is_mdssc true -}} - image: {{ printf "%s/%s:%s" $.Values.mdssc_docker_repo $component.image (index $.Values "mdssc-common-environment").MDSSC_BRANCH | quote }} - {{ else -}} - image: {{ printf "%s/%s:%s" $.Values.mdssc_docker_repo $component.image (index $.Values "mdssc-common-environment").BRANCH | quote }} - {{ end -}} + image: {{ printf "%s/%s:%s" $.Values.mdssc_docker_repo $component.image $component.image_tag | quote }} {{- else -}} - image: {{ $component.image | quote }} + image: {{ printf "%s:%s" $component.image $component.image_tag | quote }} {{- end }} imagePullPolicy: {{ $.Values.imagePullPolicy }} {{- if $component.env }} diff --git a/helm_charts/mdssc/templates/services-template.yml b/helm_charts/mdssc/templates/services-template.yml index 97b0120..a003a31 100644 --- a/helm_charts/mdssc/templates/services-template.yml +++ b/helm_charts/mdssc/templates/services-template.yml @@ -2,6 +2,11 @@ {{ range $component_name, $component := .Values.mdssc_components }} {{ if and $component.ports ( or (not $component.module_name) (contains (print $component.module_name) (index $.Values "mdssc-common-environment").ENABLED_MODULES)) }} +# If the component name is not defined, set it to the component name +{{- if or (ne defined $component.name) (eq $component.name "") }} +{{- $component.name := $component_name }} +{{- end }} + {{ if and (not $.Values.deploy_with_mdssc_db) $component.is_db }} {{ else }} diff --git a/helm_charts/mdssc/values.yaml b/helm_charts/mdssc/values.yaml index 11a14d2..a0088ea 100644 --- a/helm_charts/mdssc/values.yaml +++ b/helm_charts/mdssc/values.yaml @@ -214,8 +214,8 @@ mdsscHostAliases: # Custom hosts entries mdssc_components: mongodb: - name: mongodb - image: mongo:3.6 + image: mongo + image_tag: "3.6" ports: - port: 27017 persistentDir: /data/db @@ -226,7 +226,6 @@ mdssc_components: cpu: "0.5" mongomigrations: - name: mongomigrations custom_repo: true image: mdcloudservices_mongo-migrations ports: @@ -238,8 +237,8 @@ mdssc_components: cpu: "0.010" rabbitmq: - name: rabbitmq - image: rabbitmq:3.11.4-management + image: rabbitmq + image_tag: "3.11.4-management" ports: - port: 5672 - port: 15672 @@ -258,8 +257,8 @@ mdssc_components: cpu: "0.5" redis: - name: redis - image: redis:7.0 + image: redis + image_tag: "7.0" ports: - port: 6379 extra_labels: @@ -270,7 +269,6 @@ mdssc_components: cpu: "0.100" licensingservice: - name: licensingservice custom_repo: true image: mdcloudservices_licensing ports: @@ -285,7 +283,6 @@ mdssc_components: # ======================================= MDSSC MODULE ================================================ # frontend: - name: frontend is_mdssc: true custom_repo: true image: mdssc_frontend @@ -304,7 +301,6 @@ mdssc_components: cpu: "0.100" api: - name: api is_mdssc: true custom_repo: true image: mdssc_api @@ -321,7 +317,6 @@ mdssc_components: memory: "0.5Gi" cpu: "0.100" github: - name: github is_mdssc: true custom_repo: true image: "mdssc_github" @@ -332,7 +327,6 @@ mdssc_components: memory: "0.125Gi" cpu: "0.010" binaries: - name: binaries is_mdssc: true custom_repo: true image: "mdssc_binaries" @@ -343,7 +337,6 @@ mdssc_components: memory: "0.125Gi" cpu: "0.010" dockerhub: - name: dockerhub is_mdssc: true custom_repo: true image: "mdssc_dockerhub" @@ -354,7 +347,6 @@ mdssc_components: memory: "0.125Gi" cpu: "0.010" ecr: - name: ecr is_mdssc: true custom_repo: true image: "mdssc_ecr" @@ -365,32 +357,29 @@ mdssc_components: memory: "0.125Gi" cpu: "0.010" quay: - name: quay - is_mdssc: true - custom_repo: true - image: "mdssc_quay" - extra_labels: - aws-type: fargate - resources: - requests: - memory: "0.125Gi" - cpu: "0.010" + is_mdssc: true + custom_repo: true + image: "mdssc_quay" + extra_labels: + aws-type: fargate + resources: + requests: + memory: "0.125Gi" + cpu: "0.010" containers: - name: containers - is_mdssc: true - custom_repo: true - image: "mdssc_containers" - extra_labels: - aws-type: fargate - resources: - requests: - memory: "0.125Gi" - cpu: "0.010" + is_mdssc: true + custom_repo: true + image: "mdssc_containers" + extra_labels: + aws-type: fargate + resources: + requests: + memory: "0.125Gi" + cpu: "0.010" # ======================================= MDSS COMMON MODULE ================================================ # workflowmanagerservice: - name: workflowmanagerservice custom_repo: true image: mdcloudservices_workflowmanager extra_labels: @@ -401,7 +390,6 @@ mdssc_components: cpu: "0.100" loggingservice: - name: loggingservice custom_repo: true image: "mdcloudservices_logging" extra_labels: @@ -412,7 +400,6 @@ mdssc_components: cpu: "0.050" remediationsservice: - name: remediationsservice custom_repo: true image: mdcloudservices_remediations extra_labels: @@ -423,7 +410,6 @@ mdssc_components: cpu: "0.100" storagesservice: - name: storagesservice custom_repo: true image: mdcloudservices_storages extra_labels: @@ -434,7 +420,6 @@ mdssc_components: cpu: "0.010" discoveryservice: - name: discoveryservice custom_repo: true image: mdcloudservices_discovery extra_labels: @@ -445,7 +430,6 @@ mdssc_components: cpu: "1.000" scanningservice: - name: scanningservice custom_repo: true image: mdcloudservices_scanning extra_labels: @@ -456,7 +440,6 @@ mdssc_components: cpu: "0.500" jobdispatcher: - name: jobdispatcher custom_repo: true image: mdcloudservices_job-dispatcher extra_labels: @@ -467,7 +450,6 @@ mdssc_components: cpu: "0.050" loadbalancerservice: - name: loadbalancerservice custom_repo: true image: "mdcloudservices_load-balancer" extra_labels: @@ -478,7 +460,6 @@ mdssc_components: cpu: "0.100" usermanagementservice: - name: usermanagementservice custom_repo: true image: mdcloudservices_usermanagement extra_labels: