OPSWAT · Kronk74 · Dec 4, 2024
diff --git a/helm_charts/icap/templates/deployment-template-pg.yml b/helm_charts/icap/templates/deployment-template-pg.yml
@@ -1,4 +1,9 @@
 {{- if .Values.postgres_mdicapsrv.enabled }}
+
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := "postgres-mdicapsrv" }}
+{{- end }}
+
 {{- if (eq .Values.icap_components.md_icapsrv.database.db_mode "4")}}
 {{ $component := .Values.postgres_mdicapsrv }}
 apiVersion: apps/v1
@@ -19,7 +24,15 @@ spec:
         - envFrom:
             - configMapRef:
                 name: mdicapsrv-env
-          image: {{ $component.image | quote }}
+          {{- if $component.custom_repo }}
+          image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image $component.image_tag | quote }}
+          {{ else }}
+          image: {{ printf "%s:%s" $component.image $component.image_tag | quote }}
+          {{- end }}
+          {{- if $.Values.imagePullSecrets }}
+          imagePullSecrets:
+            {{- toYaml $.Values.imagePullSecrets | nindent 12 }}
+          {{- end }}
           env:
             {{- toYaml $component.env | nindent 12 }}
           name: "postgres-mdicapsrv"

diff --git a/helm_charts/icap/templates/deployments-template.yml b/helm_charts/icap/templates/deployments-template.yml
@@ -1,5 +1,11 @@
 # Create a deployment for each component in MD ICAP Server if it's enabled
 {{ $component := .Values.icap_components.md_icapsrv }}
+
+# If the image tag is not defined, set it to the chart version
+{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }}
+{{ $component.image_tag = .Chart.AppVersion }}
+{{ end }}
+
 {{ $ENV := $component.env }}
 {{ if $component.import_configuration.enabled }}
 {{ $importTargets := dict "name" "IMPORT_CONF_FILE_TARGET" "value" (toJson $component.import_configuration.targets) }}
@@ -17,7 +23,7 @@ kind: Deployment
 metadata:
   name: {{ $component.name | quote }}
 spec:
-  replicas: {{ $component.replicas }}
+  replicas: {{ $component.replicas | default 1 }}
   selector:
     matchLabels:
       app: {{ $component.name | quote }}
@@ -43,9 +49,9 @@ spec:
             - configMapRef:
                 name: mdicapsrv-env
           {{- if $component.custom_repo }}
-          image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image | quote }}
+          image: {{ printf "%s/%s:%s" $.Values.icap_docker_repo $component.image $component.image_tag | quote }}
           {{ else }}
-          image: {{ $component.image | quote }}
+          image: {{ printf "%s:%s" $component.image $component.image_tag | quote }}
           {{- end }}
           {{- if $ENV }}
           env:

diff --git a/helm_charts/icap/templates/services-template-pg.yml b/helm_charts/icap/templates/services-template-pg.yml
@@ -1,6 +1,11 @@
 
 # Create a service for each component in MD ICAP Server it has exposed ports
 {{ $component := .Values.postgres_mdicapsrv }}
+
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := "postgres-mdicapsrv" }}
+{{- end }}
+
 ---
 apiVersion: v1
 kind: Service

diff --git a/helm_charts/icap/templates/services-template.yml b/helm_charts/icap/templates/services-template.yml
@@ -1,6 +1,12 @@
 
 # Create a service for each component in MD ICAP Server it has exposed ports
 {{ range $component_name, $component := .Values.icap_components }}
+
+# If the component name is not defined, set it to the component name
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := $component_name }}
+{{- end }}
+
 {{ if $component.ports }}
 ---
 apiVersion: v1

diff --git a/helm_charts/icap/values.yaml b/helm_charts/icap/values.yaml
@@ -137,8 +137,12 @@ icap_components:
             memory: "128Mi"   # Maximum memory limit
             cpu: "100m"       # Maximum cpu limit
     name: md-icapsrv
+
     # Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server
-    image: opswat/metadefendericapsrv-debian:5.6.0
+    image: opswat/metadefendericapsrv-debian
+    # Default is appVersion of the helm Chart
+    # image_tag: ""
+
     # Warning: When to use this feature!
     # Sets the number of replicas if you want to have multiple MD ICAP Server instances
     replicas: 1

diff --git a/helm_charts/mdcore-README.md b/helm_charts/mdcore-README.md
@@ -147,7 +147,8 @@ The following table lists the configurable parameters of the Metadefender core c
 | `core_components.postgres-core.is_db` |  | `true` |
 | `core_components.postgres-core.persistentDir` |  | `"/var/lib/postgresql/data"` |
 | `core_components.md-core.name` |  | `"md-core"` |
-| `core_components.md-core.image` | Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core | `"opswat/metadefendercore-debian:5.0.1"` |
+| `core_components.md-core.image` | Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core | `"opswat/metadefendercore-debian"` |
+| `core_components.md-core.image_tag` | Overrides the default docker image tag for the MD Core service, this value can be changed if you want to set a different version of MD Core | Helm Chart version. Ex : `5.0.1` |
 | `core_components.md-core.replicas` | Sets the number of replicas if you want to have multiple MD Core instances | `1` |
 | `core_components.md-core.env` |  | `[{"name": "MD_USER", "valueFrom": {"secretKeyRef": {"name": "mdcore-cred", "key": "user"}}}, {"name": "MD_PWD", "valueFrom": {"secretKeyRef": {"name": "mdcore-cred", "key": "password"}}}, {"name": "MD_INSTANCE_NAME", "valueFrom": {"fieldRef": {"fieldPath": "metadata.name"}}}, {"name": "APIKEY", "valueFrom": {"secretKeyRef": {"name": "mdcore-api-key", "key": "value"}}}, {"name": "LICENSE_KEY", "valueFrom": {"secretKeyRef": {"name": "mdcore-license-key", "key": "value"}}}, {"name": "DB_USER", "valueFrom": {"secretKeyRef": {"name": "mdcore-postgres-cred", "key": "user"}}}, {"name": "DB_PWD", "valueFrom": {"secretKeyRef": {"name": "mdcore-postgres-cred", "key": "password"}}}]` |
 | `core_components.md-core.ports` |  | `[{"port": 8008}]` |

diff --git a/helm_charts/mdcore/templates/deployments-template.yml b/helm_charts/mdcore/templates/deployments-template.yml
@@ -1,7 +1,16 @@
 # Create a deployment for each component in MD Core if it's enabled
-
 {{ range $component_name, $component := .Values.core_components }}
 {{ if and (or $.Values.deploy_with_core_db (not $component.is_db)) ( or (not $component.module_name) (contains (print $component.module_name) $.Values.ENABLED_MODULES)) }}
+
+# If the image tag is not defined, set it to the chart version
+{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }}
+{{ $component.image_tag = .Chart.AppVersion }}
+{{ end }}
+
+# If the component name is not defined, set it to the component name
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := $component_name }}
+{{- end }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -33,9 +42,9 @@ spec:
                 name: {{ printf "%s-config" $.Release.Name }}
             {{- end }}
           {{ if $component.custom_repo -}}
-          image: {{ printf "%s/%s:%s" $.Values.core_docker_repo $component.image $.Values.BRANCH | quote }}
+          image: {{ printf "%s/%s:%s" $.Values.core_docker_repo $component.image $component.image_tag | quote }}
           {{- else -}}
-          image: {{ $component.image | quote }}
+          image: {{ printf "%s:%s" $component.image $component.image_tag | quote }}
           {{- end }}
           imagePullPolicy: {{ $.Values.imagePullPolicy }}
           {{- if $component.env }}

diff --git a/helm_charts/mdcore/templates/services-template.yml b/helm_charts/mdcore/templates/services-template.yml
@@ -2,6 +2,12 @@
 # Create a service for each component in MD Core it has exposed ports
 {{ range $component_name, $component := .Values.core_components }}
 {{ if and $component.ports ( or (not $component.module_name) (contains (print $component.module_name) $.Values.ENABLED_MODULES)) }}
+
+# If the component name is not defined, set it to the component name
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := $component_name }}
+{{- end }}
+
 {{ if and (not $.Values.deploy_with_core_db) $component.is_db }}
 
 {{ else }}

diff --git a/helm_charts/mdcore/values.yaml b/helm_charts/mdcore/values.yaml
@@ -86,10 +86,10 @@ hostPathPrefix: mdcore-storage-<APP_NAMESPACE>      # The absolute path on the n
 
 # Ingress setting for md core (md core setting are ignored if deploy_with_core is false)
 core_ingress:
+  enabled: false                    # Enable or disable the ingress creation
   host: <APP_NAMESPACE>-mdcore.k8s       # Hostname for the publicly accessible ingress, the `<APP_NAMESPACE>` string will be replaced with the namespace where the chart is deployed
   service: md-core                  # Service name where the ingress should route to, this should be left unchanged
   port: 8008                        # Port where the ingress should route to
-  enabled: false                    # Enable or disable the ingress creation
   spec_className: true              # true -> for adding class as spec || false -> for adding class as annotation. false for GKE as it needs to be as annotation.
   class: ngnix                      # Sets the ingress class (For AWS alb, for GKE gce)
   tls: false                        # Flag for set up tls section in ingress
@@ -131,16 +131,17 @@ env:                                                            # Set additional
   MDCORE_LICENSE_COMMENT: ""
 
 hpa:
-  deployment: md-core
   enabled: false
+  deployment: md-core
   minReplicas: 1
   maxReplicas: 3
   cpuTargetUtilization: 85
 
 core_components:
   postgres-core:
     name: postgres-core
-    image: postgres:14.8
+    image: postgres
+    image_tag: "14.8"
     env:
       - name: POSTGRES_PASSWORD
         valueFrom:
@@ -161,7 +162,9 @@ core_components:
 
   md-core:
     name: md-core
-    image: opswat/metadefendercore-debian:5.12.1        # Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core
+    image: opswat/metadefendercore-debian        # Overrides the default docker image for the MD Core service, this value can be changed if you want to set a different version of MD Core
+    # Default image is Chart helm version
+    # image_tag: ""
     replicas: 1                                         # Sets the number of replicas if you want to have multiple MD Core instances
     env:
       - name: MD_USER

diff --git a/helm_charts/mdicapsrv-README.md b/helm_charts/mdicapsrv-README.md
@@ -62,7 +62,8 @@ The following table lists the configurable parameters of the Metadefender ICAP c
 | `icap_ingress.class` | Sets the ingress class | `"nginx"` |
 | `postgres_mdicapsrv.enabled` | Set to false to not create postgresql server  | `true` |
 | `postgres_mdicapsrv.name` | Name of the Postgres instance | `"postgres-mdicapsrv"` |
-| `postgres_mdicapsrv.image` | Default image repository for postgres instance | `"postgres:12.12"` |
+| `postgres_mdicapsrv.image` | Default image repository for postgres instance | `"postgres"` |
+| `postgres_mdicapsrv.image_tag` | Default image tag for postgres instance | `"12.12"` |
 | `postgres_mdicapsrv.env.name` | List of envs <ul><li>`POSTGRES_PASSWORD: ` This environment variable is required for you to use the PostgreSQL image. It must not be empty or undefined. This environment variable sets the superuser password for PostgreSQL</li><li>`POSTGRES_USER: ` This variable will create the specified user with superuser power and a database with the same name. If it is not specified, then the default user of postgres will be used</li></ul>  | `"postgres"` |
 | `icap_docker_repo` | Name of MD ICAP Server image repository | `"opswat"` |
 | `storage_configs.enabled` | Enable or disable for storage data Postgresql | `"false"` |
@@ -79,7 +80,9 @@ The following table lists the configurable parameters of the Metadefender ICAP c
 | `icap_components.md_icapsrv.initContainers.envFrom.configMapRef.name` | The name of the config map reference with MD ICAP Server | `"mdicapsrv-env"` |
 | `icap_components.md_icapsrv.initContainers.command` | The command line for check postgresql server ready for connection | `['sh', '-c', 'until pg_isready -h $DB_HOST -p $DB_PORT; do echo waiting for database; sleep 2; done;']` |
 | `icap_components.md_icapsrv.name` | Name of MD ICAP Server image | `"md-icapsrv"` |
-| `icap_components.md_icapsrv.image` | This value always get the image latest in the repository. Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: opswat/metadefendericapsrv-debian:4.13.0). | `"opswat/metadefendericapsrv-debian"` |
+| `icap_components.md_icapsrv.custom_repo` | Overrides default docker repository to use for downloading the image. It will use `icap_docker_repo` value. | `false` |
+| `icap_components.md_icapsrv.image` | Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: opswat/metadefendericapsrv-debian). | `"opswat/metadefendericapsrv-debian"` |
+| `icap_components.md_icapsrv.image_tag` | This value always get the image tag in the repository. Overrides the default docker image for the MD ICAP Server service, this value can be changed if you want to set a different version of MD ICAP Server (ex: 4.13.0). | `Helm Chart appVersion` |
 | `icap_components.md_icapsrv.env` | The system environments for MD ICAP Server | `[{"name":"MD_USER","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-cred","key":"user"}}},{"name":"MD_PWD","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-cred","key":"password"}}},{"name":"APIKEY","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-api-key","key":"value"}}},{"name":"LICENSE_KEY","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-license-key","key":"value"}}},{"name":"POSTGRES_PASSWORD","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-postgres-cred","key":"password"}}},{"name":"POSTGRES_USER","valueFrom":{"secretKeyRef":{"name":"mdicapsrv-postgres-cred","key":"user"}}}]` |
 | `icap_components.md_icapsrv.data_retention.config_history` | Set the time of the data retention config history | `"168"` |
 | `icap_components.md_icapsrv.data_retention.processing_history` | Set the time of the data retention processing history | `"168"` |

diff --git a/helm_charts/mdss/templates/deployments-template.yml b/helm_charts/mdss/templates/deployments-template.yml
@@ -2,14 +2,24 @@
 # Create a deployment for each component in MDSS
 {{ range $component_name, $component := .Values.mdss_components }}
 
+# If the component name is not defined, set it to the component name
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := $component_name }}
+{{- end }}
+
+# If the image tag is not defined, set it to latest
+{{ if or (ne defined $component.image_tag) (eq $component.image_tag "") }}
+{{ $component.image_tag = "latest" }}
+{{ end }}
+
 {{ if and (or $.Values.deploy_with_mdss_db (not $component.is_db)) ( or (not $component.module_name) (contains (print $component.module_name) (index $.Values "mdss-common-environment").ENABLED_MODULES))  }}
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ $component.name | quote }}
 spec:
-  replicas: {{ $component.replicas }}
+  replicas: {{ $component.replicas | default 1}}
   selector:
     matchLabels:
       app: {{ $component.name | quote }}
@@ -30,9 +40,9 @@ spec:
             - configMapRef:
                 name: {{ $.Values.mdss_config_map_env_name | quote }}
           {{ if $component.custom_repo -}}
-          image: {{ printf "%s/%s:%s" $.Values.mdss_docker_repo $component.image (index $.Values "mdss-common-environment").BRANCH | quote }}
+          image: {{ printf "%s/%s:%s" $.Values.mdss_docker_repo $component.image $component.image_tag | quote }}
           {{- else -}}
-          image: {{ $component.image | quote }}
+          image: {{ printf "%s:%s" $component.image $component.image_tag | quote }}
           {{- end }}
           imagePullPolicy: {{ $.Values.imagePullPolicy }}
           {{- if $component.env }}

diff --git a/helm_charts/mdss/templates/services-template.yml b/helm_charts/mdss/templates/services-template.yml
@@ -2,6 +2,11 @@
 {{ range $component_name, $component := .Values.mdss_components }}
 {{ if and $component.ports ( or (not $component.module_name) (contains (print $component.module_name) (index $.Values "mdss-common-environment").ENABLED_MODULES)) }}
 
+# If the component name is not defined, set it to the component name
+{{- if or (ne defined $component.name) (eq $component.name "") }}
+{{- $component.name := $component_name }}
+{{- end }}
+
 {{ if and (not $.Values.deploy_with_mdss_db) $component.is_db }}
 
 {{ else }}