diff --git a/stable/xray/CHANGELOG.md b/stable/xray/CHANGELOG.md
index 4c6025cfc..5facfef52 100644
--- a/stable/xray/CHANGELOG.md
+++ b/stable/xray/CHANGELOG.md
@@ -1,7 +1,11 @@
 # JFrog Xray Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [103.101.5] - June 18, 2024
+## [103.102.3] - July 17, 2024
+* Added support of specifying resources constraints for RabbitMQ's pre-upgrade-hook job
+* Fixed formatting error associated to the `volumeMounts` for the `panoramic` microservice [GH-1895](https://github.com/jfrog/charts/issues/1895)
+
+## [103.99.0] - June 18, 2024
 * Fixed #adding colon in image registry breaks deployment with meta label error. [GH-1892](https://github.com/jfrog/charts/pull/1892)
 
 ## [103.97.0] - May 27, 2024
diff --git a/stable/xray/Chart.yaml b/stable/xray/Chart.yaml
index 35bb51c76..dd0421ef3 100644
--- a/stable/xray/Chart.yaml
+++ b/stable/xray/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 3.101.5
+appVersion: 3.102.3
 dependencies:
 - condition: postgresql.enabled
   name: postgresql
@@ -24,4 +24,4 @@ name: xray
 sources:
 - https://github.com/jfrog/charts
 type: application
-version: 103.101.5
+version: 103.102.3
diff --git a/stable/xray/README.md b/stable/xray/README.md
index d91648c6b..fb953b032 100644
--- a/stable/xray/README.md
+++ b/stable/xray/README.md
@@ -52,7 +52,7 @@ helm upgrade --install xray --set xray.joinKey=<YOUR_PREVIOUSLY_RETIREVED_JOIN_K
 To apply the chart with recommended sizing configurations :
 For small configurations :
 ```bash
-helm upgrade --install xray jfrog/xray -f sizing/xray-small.yaml --namespace xray --create-namespace
+helm upgrade --install xray jfrog/xray -f sizing/xray-sizing-small.yaml --namespace xray --create-namespace
 ```
 
 ## Uninstalling Xray
diff --git a/stable/xray/ci/default-values.yaml b/stable/xray/ci/default-values.yaml
index c111946a8..1be1f56ae 100644
--- a/stable/xray/ci/default-values.yaml
+++ b/stable/xray/ci/default-values.yaml
@@ -67,6 +67,17 @@ sbom:
       cpu: "3"
 
 panoramic:
+  enabled: false
+  resources:
+    requests:
+      memory: "300Mi"
+      cpu: "50m"
+    limits:
+      memory: "4Gi"
+      cpu: "3"
+
+
+policyenforcer:
   enabled: false
   resources:
     requests:
diff --git a/stable/xray/files/system.yaml b/stable/xray/files/system.yaml
index bf9d13f0c..c11372548 100644
--- a/stable/xray/files/system.yaml
+++ b/stable/xray/files/system.yaml
@@ -67,6 +67,10 @@ server:
     migrate_msgs_from_other_rabbitmq: {{ toYaml .Values.global.xray.rabbitmq.migrateMessagesFromOtherRabbitMq | nindent 6 }}
   {{- end }}
 {{- end }}
+{{- if .Values.policyenforcer.enabled }}
+policyenforcer:
+  enabled: true
+{{- end }}
 {{- if (include "xray.imagePullSecretsStrList" .) }}
 executionService:
   pullSecret:
diff --git a/stable/xray/templates/_helpers.tpl b/stable/xray/templates/_helpers.tpl
index 8a27fc05c..3b4ae9023 100644
--- a/stable/xray/templates/_helpers.tpl
+++ b/stable/xray/templates/_helpers.tpl
@@ -27,6 +27,13 @@ The xray-panoramic name
 {{- default .Chart.Name .Values.panoramic.name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{/*
+The xray-policyenforcer name
+*/}}
+{{- define "xray-policyenforcer.name" -}}
+{{- default .Chart.Name .Values.panoramic.name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
 {{/*
 The xray-indexer name
 */}}
diff --git a/stable/xray/templates/migration-hook.yaml b/stable/xray/templates/migration-hook.yaml
index 9f49e9354..908fd71a0 100644
--- a/stable/xray/templates/migration-hook.yaml
+++ b/stable/xray/templates/migration-hook.yaml
@@ -102,6 +102,10 @@ spec:
         - name: pre-upgrade-container
           image: "{{ include "xray.getRegistryByService" (list . "migrationHook") }}/{{ .Values.rabbitmq.migration.image.repository }}:{{ .Values.rabbitmq.migration.image.tag }}"
           imagePullPolicy: IfNotPresent
+          {{- if .Values.rabbitmq.resources }}
+          resources:
+            {{- toYaml .Values.rabbitmq.resources | nindent 12 }}
+          {{- end }}
           {{- if .Values.rabbitmq.containerSecurityContext.enabled }}
           securityContext: {{- omit .Values.rabbitmq.containerSecurityContext "enabled" | toYaml | nindent 12 }}
           {{- end }}
diff --git a/stable/xray/templates/xray-ipa-deployment.yaml b/stable/xray/templates/xray-ipa-deployment.yaml
index b3344032c..c7c011ae5 100644
--- a/stable/xray/templates/xray-ipa-deployment.yaml
+++ b/stable/xray/templates/xray-ipa-deployment.yaml
@@ -27,10 +27,10 @@ spec:
 {{- if not .Values.autoscalingIpa.enabled }}
   replicas: {{ .Values.replicaCount }}
 {{- end }}
+{{- with .Values.deployment.strategy }}
   strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
+{{ toYaml . | indent 4 }}
+{{- end }}
   selector:
     matchLabels:
       app: {{ template "xray.name" . }}
@@ -889,8 +889,8 @@ spec:
           - containerPort: {{ .Values.panoramic.internalPort }}
             name: http-panoramic
         volumeMounts:
-          - name: data-volume
-            mountPath: "{{ .Values.xray.persistence.mountPath }}"
+        - name: data-volume
+          mountPath: "{{ .Values.xray.persistence.mountPath }}"
 {{- if or .Values.common.customVolumeMounts .Values.global.customVolumeMounts }}
 {{ tpl (include "xray.customVolumeMounts" .) . | indent 8 }}
 {{- end }}
@@ -907,6 +907,176 @@ spec:
         livenessProbe:
 {{ tpl .Values.panoramic.livenessProbe.config . | indent 10 }}
 {{- end }}
+{{- end }}
+{{- if .Values.policyenforcer.enabled }}
+      - name: {{ .Values.policyenforcer.name }}
+        image: {{ include "xray.getImageInfoByValue" (list . "policyenforcer") }}
+        imagePullPolicy: {{ .Values.imagePullPolicy }}
+        {{- if .Values.containerSecurityContext.enabled }}
+        securityContext: {{- tpl (omit .Values.containerSecurityContext "enabled" | toYaml) . | nindent 10 }}
+        {{- end }}
+        command:
+          - '/bin/bash'
+          - '-c'
+          - >
+          {{- with .Values.common.preStartCommand }}
+            echo "Running custom common preStartCommand command";
+            {{ tpl . $ }};
+          {{- end }}
+          {{- with .Values.policyenforcer.preStartCommand }}
+            echo "Running custom policyenforcer preStartCommand command";
+            {{ tpl . $ }};
+          {{- end }}
+            exec /opt/jfrog/xray/app/bin/wrapper.sh;
+        {{- with .Values.policyenforcer.lifecycle }}
+        lifecycle:
+{{ toYaml . | indent 10 }}
+        {{- end }}
+        env:
+        - name: JF_SKIPENTLICCHECKFORCLOUD
+          value: "true"
+    {{ include "xray.envVariables" . | indent 8 }}
+    {{ include "xray.rabbitmqTlsEnvVariables" . | indent 8 }}
+    {{- if and .Values.rabbitmq.external.secrets (not .Values.common.rabbitmq.connectionConfigFromEnvironment) }}
+        - name: JF_SHARED_RABBITMQ_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: {{ tpl .Values.rabbitmq.external.secrets.username.name . }}
+              key: {{ tpl .Values.rabbitmq.external.secrets.username.key . }}
+        - name: JF_SHARED_RABBITMQ_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ tpl .Values.rabbitmq.external.secrets.password.name . }}
+              key: {{ tpl .Values.rabbitmq.external.secrets.password.key . }}
+        - name: JF_SHARED_RABBITMQ_URL
+          valueFrom:
+            secretKeyRef:
+              name: {{ tpl .Values.rabbitmq.external.secrets.url.name . }}
+              key: {{ tpl .Values.rabbitmq.external.secrets.url.key . }}
+    {{- end }}
+    {{- if or .Values.database.secrets.user .Values.database.user }}
+        - name: JF_SHARED_DATABASE_USERNAME
+          valueFrom:
+            secretKeyRef:
+      {{- if .Values.database.secrets.user }}
+              name: {{ tpl .Values.database.secrets.user.name . }}
+              key: {{ tpl .Values.database.secrets.user.key . }}
+      {{- else if .Values.database.user }}
+            {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+            {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+            {{- end }}
+              key: db-user
+      {{- end }}
+    {{- end }}
+    {{- if or .Values.database.secrets.actualUsername .Values.database.actualUsername }}
+        - name: JF_SHARED_DATABASE_ACTUALUSERNAME
+          valueFrom:
+            secretKeyRef:
+      {{- if .Values.database.secrets.actualUsername }}
+              name: {{ tpl .Values.database.secrets.actualUsername.name . }}
+              key: {{ tpl .Values.database.secrets.actualUsername.key . }}
+      {{- else if .Values.database.actualUsername }}
+            {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+            {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+            {{- end }}
+              key: db-actualUsername
+      {{- end }}
+    {{- end }}
+    {{ if or .Values.database.secrets.password .Values.database.password .Values.postgresql.enabled }}
+        - name: JF_SHARED_DATABASE_PASSWORD
+          valueFrom:
+            secretKeyRef:
+      {{- if .Values.database.secrets.password }}
+              name: {{ tpl .Values.database.secrets.password.name . }}
+              key: {{ tpl .Values.database.secrets.password.key . }}
+      {{- else if .Values.database.password }}
+            {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+            {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+            {{- end }}
+              key: db-password
+      {{- else if .Values.postgresql.enabled }}
+              name: {{ .Release.Name }}-postgresql
+              key: postgresql-password
+      {{- end }}
+    {{- end }}
+    {{- if or .Values.database.secrets.url .Values.database.url }}
+        - name: JF_SHARED_DATABASE_URL
+          valueFrom:
+            secretKeyRef:
+      {{- if .Values.database.secrets.url }}
+              name: {{ tpl .Values.database.secrets.url.name . }}
+              key: {{ tpl .Values.database.secrets.url.key . }}
+      {{- else if .Values.database.url }}
+            {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+            {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+            {{- end }}
+              key: db-url
+      {{- end }}
+    {{- end }}
+    {{- if .Values.common.rabbitmq.connectionConfigFromEnvironment }}
+        - name: JF_SHARED_RABBITMQ_USERNAME
+          value: {{ include "rabbitmq.user" .}}
+        - name: JF_SHARED_RABBITMQ_URL
+          value: {{ include "rabbitmq.url" .}}
+        - name: JF_SHARED_RABBITMQ_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ include "rabbitmq.passwordSecretName" .}}
+              key: rabbitmq-password
+    {{- end }}
+        - name: XRAY_HA_NODE_ID
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: XRAY_K8S_ENV
+          value: "true"
+        - name: EXECUTION_JOB_AES_KEY
+          valueFrom:
+            secretKeyRef:
+            {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.executionServiceAesKeySecretName" . }}
+            {{- else if and .Values.xray.unifiedSecretInstallation (or .Values.xray.executionServiceAesKeySecretName .Values.global.executionServiceAesKeySecretName) }}
+              name: {{ template "xray.executionServiceAesKeySecretName" . }}
+            {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+            {{- end }}
+              key: execution-service-aes-key
+      {{- if .Values.common.extraEnvVars }}
+      {{- tpl .Values.common.extraEnvVars . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.policyenforcer.extraEnvVars }}
+      {{- tpl .Values.policyenforcer.extraEnvVars . | nindent 8 }}
+      {{- end }}
+        ports:
+        - containerPort: {{ .Values.policyenforcer.internalPort }}
+          name: http-polenf
+        volumeMounts:
+        - name: data-volume
+          mountPath: "{{ .Values.xray.persistence.mountPath }}"
+{{- if or .Values.common.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "xray.customVolumeMounts" .) . | indent 8 }}
+{{- end }}
+{{- with .Values.policyenforcer.customVolumeMounts }}
+{{ tpl . $ | indent 8 }}
+{{- end }}
+        resources:
+{{ toYaml .Values.policyenforcer.resources | indent 10 }}
+{{- if .Values.policyenforcer.startupProbe.enabled }}
+        startupProbe:
+{{ tpl .Values.policyenforcer.startupProbe.config . | indent 10 }}
+{{- end }}
+{{- if .Values.policyenforcer.livenessProbe.enabled }}
+        livenessProbe:
+{{ tpl .Values.policyenforcer.livenessProbe.config . | indent 10 }}
+{{- end }}
 {{- end }}
       - name: {{ .Values.indexer.name }}
         image: {{ include "xray.getImageInfoByValue" (list . "indexer") }}
diff --git a/stable/xray/templates/xray-ipa-svc.yaml b/stable/xray/templates/xray-ipa-svc.yaml
index a26de9860..529f2571e 100644
--- a/stable/xray/templates/xray-ipa-svc.yaml
+++ b/stable/xray/templates/xray-ipa-svc.yaml
@@ -47,6 +47,12 @@ spec:
     port: {{ .Values.panoramic.externalPort }}
     protocol: TCP
     targetPort: {{ .Values.panoramic.internalPort }}
+{{- end }}
+{{- if .Values.policyenforcer.enabled }}
+  - name: http-polenf
+    port: {{ .Values.policyenforcer.externalPort }}
+    protocol: TCP
+    targetPort: {{ .Values.policyenforcer.internalPort }}
 {{- end }}
   selector:
     app: {{ template "xray.name" . }}
diff --git a/stable/xray/templates/xray-server-deployment.yaml b/stable/xray/templates/xray-server-deployment.yaml
index e6e3a0762..a481b4fe5 100644
--- a/stable/xray/templates/xray-server-deployment.yaml
+++ b/stable/xray/templates/xray-server-deployment.yaml
@@ -27,10 +27,10 @@ spec:
 {{- if not .Values.autoscalingServer.enabled }}
   replicas: {{ .Values.replicaCountServer }}
 {{- end }}
+{{- with .Values.deployment.strategy }}
   strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
+{{ toYaml . | indent 4 }}
+{{- end }}
   selector:
     matchLabels:
       app: {{ template "xray.name" . }}
diff --git a/stable/xray/templates/xray-statefulset.yaml b/stable/xray/templates/xray-statefulset.yaml
index d17e4b97e..0e0914b8a 100644
--- a/stable/xray/templates/xray-statefulset.yaml
+++ b/stable/xray/templates/xray-statefulset.yaml
@@ -296,7 +296,7 @@ spec:
               key: rabbitmq-password
       {{- end }}
         - name: JF_SHARED_RABBITMQ_REPLICASCOUNT
-      {{- if .Values.rabbitmq.enabled }}  
+      {{- if .Values.rabbitmq.enabled }}
           value: "{{ .Values.rabbitmq.replicaCount }}"
       {{- else }}
           value: "{{ .Values.global.xray.rabbitmq.replicaCount }}"
@@ -1056,6 +1056,167 @@ spec:
         livenessProbe:
 {{ tpl .Values.panoramic.livenessProbe.config . | indent 10 }}
 {{- end }}
+{{- end }}
+{{- if .Values.policyenforcer.enabled }}
+      - name: {{ .Values.policyenforcer.name }}
+        image: {{ include "xray.getImageInfoByValue" (list . "policyenforcer") }}
+        imagePullPolicy: {{ .Values.imagePullPolicy }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: {{ .Values.common.xrayUserId }}
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+              - NET_RAW
+        command:
+          - '/bin/bash'
+          - '-c'
+          - >
+          {{- with .Values.common.preStartCommand }}
+            echo "Running custom common preStartCommand command";
+            {{ tpl . $ }};
+          {{- end }}
+          {{- with .Values.policyenforcer.preStartCommand }}
+            echo "Running custom policyenforcer preStartCommand command";
+            {{ tpl . $ }};
+          {{- end }}
+            exec /opt/jfrog/xray/app/bin/wrapper.sh;
+        {{- with .Values.policyenforcer.lifecycle }}
+        lifecycle:
+{{ toYaml . | indent 10 }}
+        {{- end }}
+        env:
+      {{ include "xray.envVariables" . | indent 8 }}
+      {{ include "xray.rabbitmqTlsEnvVariables" . | indent 8 }}
+      {{- if and .Values.rabbitmq.external.secrets (not .Values.common.rabbitmq.connectionConfigFromEnvironment) }}
+          - name: JF_SHARED_RABBITMQ_USERNAME
+            valueFrom:
+              secretKeyRef:
+                name: {{ tpl .Values.rabbitmq.external.secrets.username.name . }}
+                key: {{ tpl .Values.rabbitmq.external.secrets.username.key . }}
+          - name: JF_SHARED_RABBITMQ_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ tpl .Values.rabbitmq.external.secrets.password.name . }}
+                key: {{ tpl .Values.rabbitmq.external.secrets.password.key . }}
+          - name: JF_SHARED_RABBITMQ_URL
+            valueFrom:
+              secretKeyRef:
+                name: {{ tpl .Values.rabbitmq.external.secrets.url.name . }}
+                key: {{ tpl .Values.rabbitmq.external.secrets.url.key . }}
+      {{- end }}
+      {{- if or .Values.database.secrets.user .Values.database.user }}
+        - name: JF_SHARED_DATABASE_USERNAME
+          valueFrom:
+            secretKeyRef:
+        {{- if .Values.database.secrets.user }}
+              name: {{ tpl .Values.database.secrets.user.name . }}
+              key: {{ tpl .Values.database.secrets.user.key . }}
+        {{- else if .Values.database.user }}
+              {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+              {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+              {{- end }}
+              key: db-user
+        {{- end }}
+      {{- end }}
+      {{- if or .Values.database.secrets.actualUsername .Values.database.actualUsername }}
+        - name: JF_SHARED_DATABASE_ACTUALUSERNAME
+          valueFrom:
+            secretKeyRef:
+        {{- if .Values.database.secrets.actualUsername }}
+              name: {{ tpl .Values.database.secrets.actualUsername.name . }}
+              key: {{ tpl .Values.database.secrets.actualUsername.key . }}
+        {{- else if .Values.database.actualUsername }}
+              {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+              {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+              {{- end }}
+              key: db-actualUsername
+        {{- end }}
+      {{- end }}
+      {{ if or .Values.database.secrets.password .Values.database.password .Values.postgresql.enabled }}
+        - name: JF_SHARED_DATABASE_PASSWORD
+          valueFrom:
+            secretKeyRef:
+        {{- if .Values.database.secrets.password }}
+              name: {{ tpl .Values.database.secrets.password.name . }}
+              key: {{ tpl .Values.database.secrets.password.key . }}
+        {{- else if .Values.database.password }}
+              {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+              {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+              {{- end }}
+              key: db-password
+        {{- else if .Values.postgresql.enabled }}
+              name: {{ .Release.Name }}-postgresql
+              key: postgresql-password
+        {{- end }}
+      {{- end }}
+      {{- if or .Values.database.secrets.url .Values.database.url }}
+        - name: JF_SHARED_DATABASE_URL
+          valueFrom:
+            secretKeyRef:
+        {{- if .Values.database.secrets.url }}
+              name: {{ tpl .Values.database.secrets.url.name . }}
+              key: {{ tpl .Values.database.secrets.url.key . }}
+        {{- else if .Values.database.url }}
+              {{- if not .Values.xray.unifiedSecretInstallation }}
+              name: {{ template "xray.fullname" . }}-database-creds
+              {{- else }}
+              name: "{{ template "xray.name" . }}-unified-secret"
+              {{- end }}
+              key: db-url
+        {{- end }}
+      {{- end }}
+      {{- if .Values.common.rabbitmq.connectionConfigFromEnvironment }}
+        - name: JF_SHARED_RABBITMQ_USERNAME
+          value: {{ include "rabbitmq.user" .}}
+        - name: JF_SHARED_RABBITMQ_URL
+          value: {{ include "rabbitmq.url" .}}
+        - name: JF_SHARED_RABBITMQ_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ include "rabbitmq.passwordSecretName" .}}
+              key: rabbitmq-password
+      {{- end }}
+        - name: XRAY_HA_NODE_ID
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: XRAY_K8S_ENV
+          value: "true"
+        {{- if .Values.common.extraEnvVars }}
+        {{- tpl .Values.common.extraEnvVars . | nindent 8 }}
+        {{- end }}
+        {{- if .Values.indexer.extraEnvVars }}
+        {{- tpl .Values.indexer.extraEnvVars . | nindent 8 }}
+        {{- end }}
+        ports:
+          - containerPort: {{ .Values.policyenforcer.internalPort }}
+            name: http-polenf
+        volumeMounts:
+          - name: data-volume
+            mountPath: "{{ .Values.xray.persistence.mountPath }}"
+{{- if or .Values.common.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "xray.customVolumeMounts" .) . | indent 8 }}
+{{- end }}
+{{- with .Values.sbom.customVolumeMounts }}
+{{ tpl . $ | indent 8 }}
+{{- end }}
+        resources:
+{{ toYaml .Values.policyenforcer.resources | indent 10 }}
+{{- if .Values.policyenforcer.startupProbe.enabled }}
+        startupProbe:
+{{ tpl .Values.policyenforcer.startupProbe.config . | indent 10 }}
+{{- end }}
+{{- if .Values.policyenforcer.livenessProbe.enabled }}
+        livenessProbe:
+{{ tpl .Values.policyenforcer.livenessProbe.config . | indent 10 }}
+{{- end }}
 {{- end }}
       - name: {{ .Values.indexer.name }}
         image: {{ include "xray.getImageInfoByValue" (list . "indexer") }}
diff --git a/stable/xray/values.yaml b/stable/xray/values.yaml
index 7864eee8f..c280ecc71 100644
--- a/stable/xray/values.yaml
+++ b/stable/xray/values.yaml
@@ -54,6 +54,12 @@ global:
         waitForPreviousPodsOnInitialStartup: true
         vhost: xray_haq
 
+deployment:
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+
 ## String to partially override xray.fullname template (will maintain the release name)
 ##
 # nameOverride:
@@ -337,7 +343,7 @@ autoscaling:
         value: "100"
       - name: persist
         value: "100"
-      - name: alert
+      - name: policyEnforcer
         value: "100"
       - name: impactAnalysis
         value: "100"
@@ -1091,6 +1097,70 @@ panoramic:
   #    memory: "2Gi"
   #    cpu: "1"
 
+policyenforcer:
+  enabled: false
+  name: xray-policyenforcer
+  ## Note that by default we use appVersion to get image tag/version
+  image:
+    registry: releases-docker.jfrog.io
+    repository: jfrog/xray-policyenforcer
+  internalPort: 7009
+  externalPort: 7009
+  annotations: {}
+  extraEnvVars:
+
+  # Add lifecycle hooks for the indexer pod
+  lifecycle: {}
+    # postStart:
+    #   exec:
+    #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
+    # preStop:
+    #   exec:
+  #     command: ["/bin/sh", "-c", "echo Hello from the preStart handler > /usr/share/message"]
+
+  ## Add custom volumesMounts
+  customVolumeMounts: |
+  #  - name: custom-script
+  #    mountPath: /scripts/script.sh
+  #    subPath: script.sh
+
+  livenessProbe:
+    enabled: true
+    config: |
+      exec:
+        command:
+          - sh
+          - -c
+          - curl -s -k --fail --max-time {{ .Values.probes.timeoutSeconds }} http://localhost:{{ .Values.policyenforcer.internalPort }}/api/v1/system/liveness
+      initialDelaySeconds: {{ if semverCompare "<v1.20.0-0" .Capabilities.KubeVersion.Version }}90{{ else }}0{{ end }}
+      periodSeconds: 10
+      timeoutSeconds: {{ .Values.probes.timeoutSeconds }}
+      failureThreshold: 3
+      successThreshold: 1
+
+  startupProbe:
+    enabled: true
+    config: |
+      exec:
+        command:
+          - sh
+          - -c
+          - curl -s -k --fail --max-time {{ .Values.probes.timeoutSeconds }} http://localhost:{{ .Values.policyenforcer.internalPort }}/api/v1/system/readiness
+      initialDelaySeconds: 30
+      failureThreshold: 30
+      periodSeconds: 5
+      timeoutSeconds: {{ .Values.probes.timeoutSeconds }}
+  ## Custom command to run before Xray Indexer startup. Runs AFTER the common.preStartCommand
+  preStartCommand:
+
+  resources: {}
+  #  requests:
+  #    memory: "1Gi"
+  #    cpu: "100m"
+  #  limits:
+  #    memory: "2Gi"
+  #    cpu: "1" 
+
 
 indexer:
   name: xray-indexer
@@ -1306,7 +1376,7 @@ router:
   image:
     registry: releases-docker.jfrog.io
     repository: jfrog/router
-    tag: 7.118.0
+    tag: 7.124.0
     imagePullPolicy: IfNotPresent
   serviceRegistry:
     ## Service registry (Access) TLS verification skipped if enabled.
@@ -1572,7 +1642,7 @@ autoscalingServer:
    pollingInterval: 10
    cooldownPeriod: 10
    queues:
-     - name: alert
+     - name: policyEnforcer
        value: "100"
 ## Apply horizontal pod auto scaling on Xray ipa pods
 ## Only applicable when (splitXraytoSeparateDeployments.enabled) is set to true
@@ -1611,4 +1681,6 @@ autoscalingIpa:
        value: "100"
      - name: impactAnalysis
        value: "100"
+     - name: policyEnforcer
+       value: "100"
 ###################################################################################