neuvector · esther-suse · Dec 4, 2025 · Nov 20, 2025 · Nov 21, 2025 · Nov 21, 2025
@@ -15,7 +15,7 @@ jobs:
           go-version: '1.23'
       - name: Run chart-testing (lint)
         id: lint
-        uses: helm/chart-testing-action@main
+        uses: helm/chart-testing-action@b0c06062b7b8cb6f3bf1473a0c117ba2a86f3442
         with:
           command: lint
           config: ct.yaml

@@ -90,6 +90,7 @@ Parameter | Description | Default | Notes
 `controller.azureFileShare.enabled` | If true, enable the usage of an existing or statically provisioned Azure File Share | `false` |
 `controller.azureFileShare.secretName` | The name of the secret containing the Azure file share storage account name and key | `nil` |
 `controller.azureFileShare.shareName` | The name of the Azure file share to use | `nil` |
+`controller.apisvc.ctrlServerPort` | Controller REST API service port | `10443` |
 `controller.apisvc.type` | Controller REST API service type | `nil` |
 `controller.apisvc.nodePort` | Controller REST API service NodePort number | `nil` |
 `controller.apisvc.annotations` | Add annotations to controller REST API service | `{}` |
@@ -199,6 +200,7 @@ Parameter | Description | Default | Notes
 `        CUSTOM_PAGE_HEADER_COLOR`        | use color name (yellow) or value (#ffff00) | 
 `        CUSTOM_PAGE_FOOTER_CONTENT`      | max. 120 characters, base64 encoded. | 
 `        CUSTOM_PAGE_FOOTER_COLOR`        | use color name (yellow) or value (#ffff00) | 
+`manager.svc.mgrServerPort` | set manager service port number |  `8443` |
 `manager.svc.type` | set manager service type for native Kubernetes | `NodePort`;<br>if it is OpenShift platform or ingress is enabled, then default is `ClusterIP` | set to LoadBalancer if using cloud providers, such as Azure, Amazon, Google
 `manager.svc.nodePort` | set manager service NodePort number |  `nil` |
 `manager.svc.loadBalancerIP` | if manager service type is LoadBalancer, this is used to specify the load balancer's IP | `nil` |

@@ -12,13 +12,15 @@ Get the NeuVector URL by running these commands:
   echo https://$NODE_IP:$NODE_PORT
 {{- else if contains "ClusterIP" .Values.manager.svc.type }}
   CLUSTER_IP=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.clusterIP}" services neuvector-service-webui)
-  echo https://$CLUSTER_IP:8443
+  TARGET_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].targetPort}" services neuvector-service-webui)
+  echo https://$CLUSTER_IP:$TARGET_PORT
 {{- else if contains "LoadBalancer" .Values.manager.svc.type }}
   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
         Watch the status by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w neuvector-service-webui'
 
   SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} neuvector-service-webui -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
-  echo https://$SERVICE_IP:8443
+  TARGET_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} neuvector-service-webui -o jsonpath="{.spec.ports[0].targetPort}")
+  echo https://$SERVICE_IP:$TARGET_PORT
 {{- end }}
 {{- end }}
 

@@ -142,6 +142,8 @@ spec:
             initialDelaySeconds: 5
             periodSeconds: 5
           env:
+            - name: CTRL_SERVER_PORT
+              value: "{{ .Values.controller.apisvc.ctrlServerPort}}"
             - name: CLUSTER_JOIN_ADDR
               value: neuvector-svc-controller.{{ .Release.Namespace }}
             - name: CLUSTER_ADVERTISED_ADDR

@@ -35,7 +35,7 @@ spec:
           service:
             name: neuvector-svc-controller-api
             port:
-              number: 10443
+              number: {{ .Values.controller.apisvc.ctrlServerPort}}
 {{- else }}
 apiVersion: extensions/v1beta1
 kind: Ingress
@@ -65,7 +65,7 @@ spec:
       - path: {{ .Values.controller.ingress.path }}
         backend:
           serviceName: neuvector-svc-controller-api
-          servicePort: 10443
+          servicePort: {{ .Values.controller.apisvc.ctrlServerPort}}
 {{- end }}
 {{- end }}
 {{- if .Values.controller.federation.mastersvc.ingress.enabled }}
@@ -176,7 +176,7 @@ spec:
           service:
             name: neuvector-svc-controller-fed-managed
             port:
-              number: 10443
+              number: {{ .Values.controller.apisvc.ctrlServerPort}}
 {{- else }}
 ---
 apiVersion: extensions/v1beta1
@@ -207,7 +207,7 @@ spec:
       - path: {{ .Values.controller.federation.managedsvc.ingress.path }}
         backend:
           serviceName: neuvector-svc-controller-fed-managed
-          servicePort: 10443
+          servicePort: {{ .Values.controller.apisvc.ctrlServerPort}}
 {{- end }}
 {{- end }}
 {{- end -}}
@@ -38,7 +38,7 @@ metadata:
 spec:
   type: {{ .Values.controller.apisvc.type }}
   ports:
-    - port: 10443
+    - port: {{ .Values.controller.apisvc.ctrlServerPort}}
       protocol: "TCP"
 {{- if .Values.controller.apisvc.nodePort }} 
       nodePort: {{ .Values.controller.apisvc.nodePort }}
@@ -116,7 +116,7 @@ spec:
   internalTrafficPolicy: {{ .Values.controller.federation.managedsvc.internalTrafficPolicy }}
 {{- end }}
   ports:
-  - port: 10443
+  - port: {{ .Values.controller.apisvc.ctrlServerPort}}
     name: fed
     protocol: TCP
     appProtocol: HTTPS

@@ -88,9 +88,13 @@ spec:
           imagePullPolicy: {{ .Values.manager.image.imagePullPolicy }}
           ports:
             - name: http
-              containerPort: 8443
+              containerPort: {{ .Values.manager.svc.mgrServerPort}}
               protocol: TCP
           env:
+            - name: CTRL_SERVER_PORT
+              value: "{{ .Values.controller.apisvc.ctrlServerPort}}"
+            - name: MANAGER_SERVER_PORT
+              value: "{{ .Values.manager.svc.mgrServerPort}}"
             - name: CTRL_SERVER_IP
               value: neuvector-svc-controller.{{ .Release.Namespace }}
             {{- if not .Values.manager.env.ssl }}
@@ -124,7 +128,7 @@ spec:
           startupProbe:
             httpGet:
               path: /
-              port: 8443
+              port: {{ .Values.manager.svc.mgrServerPort}}
               {{- if .Values.manager.env.ssl }}
               scheme: HTTPS
               {{- else }}
@@ -137,7 +141,7 @@ spec:
           livenessProbe:
             httpGet:
               path: /
-              port: 8443
+              port: {{ .Values.manager.svc.mgrServerPort}}
               {{- if .Values.manager.env.ssl }}
               scheme: HTTPS
               {{- else }}
@@ -150,7 +154,7 @@ spec:
           readinessProbe:
             httpGet:
               path: /
-              port: 8443
+              port: {{ .Values.manager.svc.mgrServerPort}}
               {{- if .Values.manager.env.ssl }}
               scheme: HTTPS
               {{- else }}

@@ -34,7 +34,7 @@ spec:
           service:
             name: neuvector-service-webui
             port:
-              number: 8443
+              number: {{ .Values.manager.svc.mgrServerPort}}
 {{- else }}
 apiVersion: extensions/v1beta1
 kind: Ingress
@@ -64,6 +64,6 @@ spec:
       - path: {{ .Values.manager.ingress.path }}
         backend:
           serviceName: neuvector-service-webui
-          servicePort: 8443
+          servicePort: {{ .Values.manager.svc.mgrServerPort}}
 {{- end }}
-{{- end -}}
+{{- end -}}
@@ -17,7 +17,7 @@ spec:
   loadBalancerIP: {{ .Values.manager.svc.loadBalancerIP }}
 {{- end }}
   ports:
-    - port: 8443
+    - port: {{ .Values.manager.svc.mgrServerPort}}
       name: manager
       protocol: TCP
 {{- if .Values.manager.svc.nodePort }}

@@ -111,6 +111,7 @@ controller:
     # key1: value1
     # key2: value2
   apisvc:
+    ctrlServerPort: 10443
     type:
     annotations: {}
     nodePort:  
@@ -382,6 +383,7 @@ manager:
   #      - name: CUSTOM_PAGE_FOOTER_COLOR
   #        value: "#FFFFFF"
   svc:
+    mgrServerPort: 8443
     type: ClusterIP
     nodePort:  
     loadBalancerIP: