From 95637bfce8bde81c8b78a50517a28dc3f4b2a394 Mon Sep 17 00:00:00 2001
From: Volodymyr Stoiko <me@volodymyrstoiko.com>
Date: Tue, 10 Sep 2024 00:38:36 +0300
Subject: [PATCH] Use major version as containers tag (#1594)

* Respect tagLocked version

* generate proper values

* fix helper

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
---
 config/configStructs/tapConfig.go              |  1 +
 helm-chart/README.md                           |  1 +
 helm-chart/templates/04-hub-deployment.yaml    |  2 +-
 helm-chart/templates/06-front-deployment.yaml  |  2 +-
 helm-chart/templates/09-worker-daemon-set.yaml |  4 ++--
 helm-chart/templates/_helpers.tpl              | 11 +++++++++++
 helm-chart/values.yaml                         |  2 ++
 7 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go
index 034d2b920..28500a662 100644
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -89,6 +89,7 @@ type OverrideTagConfig struct {
 type DockerConfig struct {
 	Registry         string            `yaml:"registry" json:"registry" default:"docker.io/kubeshark"`
 	Tag              string            `yaml:"tag" json:"tag" default:""`
+	TagLocked        bool              `yaml:"tagLocked" json:"tagLocked" default:"true"`
 	ImagePullPolicy  string            `yaml:"imagePullPolicy" json:"imagePullPolicy" default:"Always"`
 	ImagePullSecrets []string          `yaml:"imagePullSecrets" json:"imagePullSecrets"`
 	OverrideTag      OverrideTagConfig `yaml:"overrideTag" json:"overrideTag"`
diff --git a/helm-chart/README.md b/helm-chart/README.md
index 67b1a4fa1..90d283f5c 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -117,6 +117,7 @@ Please refer to [metrics](./metrics.md) documentation for details.
 |-------------------------------------------|-----------------------------------------------|---------------------------------------------------------|
 | `tap.docker.registry`                     | Docker registry to pull from                           | `docker.io/kubeshark`                                   |
 | `tap.docker.tag`                          | Tag of the Docker images                              | `latest`                                                |
+| `tap.docker.tagLocked`                    | If `false` - use latest minor tag             | `true`                                                  |
 | `tap.docker.imagePullPolicy`              | Kubernetes image pull policy                  | `Always`                                                |
 | `tap.docker.imagePullSecrets`             | Kubernetes secrets to pull the images      | `[]`                                                    |
 | `tap.proxy.worker.srvPort`                | Worker server port                           | `30001`                                                  |
diff --git a/helm-chart/templates/04-hub-deployment.yaml b/helm-chart/templates/04-hub-deployment.yaml
index 6a000b0d0..6a421589f 100644
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@@ -50,7 +50,7 @@ spec:
         {{- if .Values.tap.docker.overrideTag.hub }}
           image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.overrideTag.hub }}'
         {{ else }}
-          image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+          image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
         {{- end }}
           imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
           readinessProbe:
diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml
index 8d1d1a36f..31f3e9472 100644
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -65,7 +65,7 @@ spec:
         {{- if .Values.tap.docker.overrideTag.front }}
           image: '{{ .Values.tap.docker.registry }}/front:{{ .Values.tap.docker.overrideTag.front }}'
         {{ else }}
-          image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+          image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
         {{- end }}
           imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
           name: kubeshark-front
diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml
index ac19384e0..5a407d95e 100644
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -73,7 +73,7 @@ spec:
         {{- if .Values.tap.docker.overrideTag.worker }}
           image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
         {{ else }}
-          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
         {{- end }}
           imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
           name: sniffer
@@ -176,7 +176,7 @@ spec:
         {{- if .Values.tap.docker.overrideTag.worker }}
           image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
         {{ else }}
-          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
         {{- end }}
           imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
           name: tracer
diff --git a/helm-chart/templates/_helpers.tpl b/helm-chart/templates/_helpers.tpl
index fcd9d5fff..ec8c40947 100644
--- a/helm-chart/templates/_helpers.tpl
+++ b/helm-chart/templates/_helpers.tpl
@@ -62,3 +62,14 @@ Define debug docker tag suffix
 {{- define "kubeshark.dockerTagDebugVersion" -}}
 {{- .Values.tap.misc.profile | ternary "-debug" "" }}
 {{- end -}}
+
+{{/*
+Create docker tag default version
+*/}}
+{{- define "kubeshark.defaultVersion" -}}
+{{- $defaultVersion := (printf "v%s" .Chart.Version) -}}
+{{- if not .Values.tap.docker.tagLocked }}
+  {{- $defaultVersion = regexReplaceAll "^([^.]+\\.[^.]+).*" $defaultVersion "$1" -}}
+{{- end }}
+{{- $defaultVersion }}
+{{- end -}}
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 9970a5c9a..be4b89005 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -2,6 +2,7 @@ tap:
   docker:
     registry: docker.io/kubeshark
     tag: ""
+    tagLocked: true
     imagePullPolicy: Always
     imagePullSecrets: []
     overrideTag:
@@ -55,6 +56,7 @@ tap:
         memory: 50Mi
   serviceMesh: true
   tls: true
+  disableTlsLog: false
   packetCapture: best
   ignoreTainted: false
   labels: {}