Use correct Helm chart version in hook images

J12934 · J12934 · commit 7d9426b2a1e0 · 2020-09-18T15:28:57.000+02:00
diff --git a/hooks/declarative-subsequent-scans/Chart.yaml b/hooks/declarative-subsequent-scans/Chart.yaml
@@ -5,6 +5,6 @@ description: Starts possible subsequent security scans based on findings (e.g. o
 type: application
 
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
-version: 0.1.0
+version: latest
 
 dependencies: []
diff --git a/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml b/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml
@@ -4,17 +4,5 @@ metadata:
   name: {{ include "declarative-subsequent-scans.fullname" . }}
 spec:
   type: ReadOnly
-  {{- if .Values.image.registry }}
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
-  {{- else }}
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
-  {{- end }}
+  image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
   serviceAccountName: declarative-combined-scans
diff --git a/hooks/declarative-subsequent-scans/values.yaml b/hooks/declarative-subsequent-scans/values.yaml
@@ -3,7 +3,6 @@
 # Declare variables to be passed into your templates.
 
 image:
-  registry: docker.io
-  repository: scbexperimental/hook-declarative-subsequent-scans
-  tag: latest
-  digest: null
+  repository: docker.io/scbexperimental/hook-declarative-subsequent-scans
+  # image.tag - defaults to the charts version
+  tag: null
diff --git a/hooks/generic-webhook/Chart.yaml b/hooks/generic-webhook/Chart.yaml
@@ -5,6 +5,6 @@ description: Lets you send http webhooks after scans are completed
 type: application
 
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
-version: 0.1.0
+version: latest
 
 dependencies: []
diff --git a/hooks/generic-webhook/templates/webhook-hook.yaml b/hooks/generic-webhook/templates/webhook-hook.yaml
@@ -4,11 +4,7 @@ metadata:
   name: {{ include "generic-webhook.fullname" . }}
 spec:
   type: ReadOnly
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
+  image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
   env:
     - name: WEBHOOK_URL
       value: {{ .Values.webhookUrl | quote }}
diff --git a/hooks/generic-webhook/values.yaml b/hooks/generic-webhook/values.yaml
@@ -5,7 +5,6 @@
 webhookUrl: "http://example.com"
 
 image:
-  registry: docker.io
-  repository: scbexperimental/generic-webhook
-  tag: latest
-  digest: null
+  repository: docker.io/scbexperimental/generic-webhook
+  # image.tag - defaults to the charts version
+  tag: null
diff --git a/hooks/imperative-subsequent-scans/Chart.yaml b/hooks/imperative-subsequent-scans/Chart.yaml
@@ -5,6 +5,6 @@ description: Starts possible subsequent security scans based on findings (e.g. o
 type: application
 
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
-version: 0.1.0
+version: latest
 
 dependencies: []
diff --git a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml
@@ -4,19 +4,7 @@ metadata:
   name: {{ .Release.Name }}
 spec:
   type: ReadOnly
-  {{- if .Values.image.registry }}
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
-  {{- else }}
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
-  {{- end }}
+  image: "{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag | default .Chart.Version }}"
   serviceAccountName: imperative-combined-scans
   env:
     - name: CASCADE_AMASS_NMAP
diff --git a/hooks/imperative-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml
@@ -17,7 +17,6 @@ cascade:
   nmapZapBaseline: false
 
 image:
-  registry: docker.io
-  repository: scbexperimental/hook-imperative-subsequent-scans
-  tag: latest
-  digest: null
+  repository: docker.io/scbexperimental/hook-imperative-subsequent-scans
+  # image.tag - defaults to the charts version
+  tag: null
diff --git a/hooks/persistence-elastic/Chart.yaml b/hooks/persistence-elastic/Chart.yaml
@@ -5,7 +5,7 @@ description: The elastic persistence provider persists secureCodeBox findings in
 type: application
 
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
-version: 0.1.0
+version: latest
 
 appVersion: 7.6.1
 
diff --git a/hooks/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml
@@ -6,12 +6,7 @@ metadata:
     type: Structured
 spec:
   type: ReadOnly
-  image: "scbexperimental/persistence-elastic:latest"
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
+  image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
   env:
     - name: ELASTICSEARCH_INDEX_PREFIX
       value: {{ .Values.indexPrefix | quote }}
diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml
@@ -3,10 +3,9 @@
 # Declare variables to be passed into your templates.
 
 image:
-  registry: docker.io
-  repository: scbexperimental/persistence-elastic
-  tag: latest
-  digest: null
+  repository: docker.io/scbexperimental/persistence-elastic
+  # image.tag - defaults to the charts version
+  tag: null
 
 # Define a specific index prefix
 indexPrefix: "scbv2"
diff --git a/hooks/update-field/Chart.yaml b/hooks/update-field/Chart.yaml
@@ -5,6 +5,6 @@ description: Lets you add or override a field to every finding
 type: application
 
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
-version: 0.1.0
+version: latest
 
 dependencies: []
diff --git a/hooks/update-field/templates/update-field-hook.yaml b/hooks/update-field/templates/update-field-hook.yaml
@@ -4,11 +4,7 @@ metadata:
   name: {{ .Release.Name }}
 spec:
   type: ReadAndWrite
-  {{- if .Values.image.digest }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}"
-  {{- else }}
-  image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-  {{- end }}
+  image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
   env:
     - name: ATTRIBUTE_NAME
       value: {{ .Values.attribute.name | quote }}
diff --git a/hooks/update-field/values.yaml b/hooks/update-field/values.yaml
@@ -7,7 +7,6 @@ attribute:
   value: my-own-category
 
 image:
-  registry: docker.io
-  repository: scbexperimental/update-field
-  tag: latest
-  digest: null
+  repository: docker.io/scbexperimental/update-field
+  # image.tag - defaults to the charts version
+  tag: null
