diff --git a/packages/neuvector/generated-changes/overlay/questions.yaml b/packages/neuvector/generated-changes/overlay/questions.yaml
index 61e2803b9..45a15c2ca 100644
--- a/packages/neuvector/generated-changes/overlay/questions.yaml
+++ b/packages/neuvector/generated-changes/overlay/questions.yaml
@@ -1,11 +1,5 @@
 questions:
 #image configurations
-- variable: registry
-  default: "docker.io"
-  description: image registry
-  type: string
-  label: Image Registry
-  group: "Container Images"
 - variable: controller.image.repository
   default: "neuvector/controller"
   description: controller image repository
diff --git a/packages/neuvector/generated-changes/patch/Chart.yaml.patch b/packages/neuvector/generated-changes/patch/Chart.yaml.patch
index 40a81b0d7..455411247 100644
--- a/packages/neuvector/generated-changes/patch/Chart.yaml.patch
+++ b/packages/neuvector/generated-changes/patch/Chart.yaml.patch
@@ -10,13 +10,13 @@
 +  catalog.cattle.io/os: linux
 +  catalog.cattle.io/permit-os: linux
 +  catalog.cattle.io/provides-gvr: neuvector.com/v1
-+  catalog.cattle.io/rancher-version: '>= 2.7.0.0 < 2.8.0-0'
++  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
 +  catalog.cattle.io/release-name: neuvector
 +  catalog.cattle.io/type: cluster-tool
 +  catalog.cattle.io/ui-component: neuvector
-+  catalog.cattle.io/upstream-version: 2.2.3
++  catalog.cattle.io/upstream-version: 2.2.4
  apiVersion: v1
- appVersion: 5.0.3
+ appVersion: 5.0.4
 -description: Helm chart for NeuVector's core services
 +description: Helm feature chart for NeuVector's core services
  home: https://neuvector.com
@@ -30,4 +30,4 @@
 +name: neuvector
 +sources:
 +- https://github.com/neuvector/neuvector
- version: 2.2.3
+ version: 2.2.4
diff --git a/packages/neuvector/generated-changes/patch/README.md.patch b/packages/neuvector/generated-changes/patch/README.md.patch
index 6423d11af..0b8b67b35 100644
--- a/packages/neuvector/generated-changes/patch/README.md.patch
+++ b/packages/neuvector/generated-changes/patch/README.md.patch
@@ -5,7 +5,7 @@
  `controller.affinity` | controller affinity rules  | ... | spread controllers to different nodes |
  `controller.tolerations` | List of node taints to tolerate | `nil` |
 -`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](values.yaml)
-+`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `controller.nodeSelector` | Enable and specify nodeSelector labels | `{}` |
  `controller.disruptionbudget` | controller PodDisruptionBudget. 0 to disable. Recommended value: 2. | `0` |
  `controller.priorityClassName` | controller priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` |
@@ -14,7 +14,7 @@
  `controller.federation.mastersvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
  `controller.federation.mastersvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
 -`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
-+`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `controller.federation.managedsvc.type` | Multi-cluster managed cluster service type. If specified, the deployment will be managed by the managed clsuter. Possible values include NodePort, LoadBalancer and ClusterIP. | `nil` |
  `controller.federation.managedsvc.annotations` | Add annotations to Multi-cluster managed cluster REST API service | `{}` |
  `controller.federation.managedsvc.route.enabled` | If true, create a OpenShift route to expose the Multi-cluster managed cluster service | `false` |
@@ -23,7 +23,7 @@
  `controller.federation.managedsvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
  `controller.federation.managedsvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
 -`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
-+`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `controller.ingress.enabled` | If true, create ingress for rest api, must also set ingress host value | `false` | enable this if ingress controller is installed
  `controller.ingress.tls` | If true, TLS is enabled for controller rest api ingress service |`false` | If set, the tls-host used is the one set with `controller.ingress.host`.
  `controller.ingress.host` | Must set this host value if ingress is enabled | `nil` |
@@ -31,7 +31,7 @@
  `controller.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
  `controller.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
 -`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
-+`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `controller.configmap.enabled` | If true, configure NeuVector global settings using a ConfigMap | `false`
  `controller.configmap.data` | NeuVector configuration in YAML format | `{}`
  `controller.secret.enabled` | If true, configure NeuVector global settings using secrets | `false`
@@ -40,7 +40,7 @@
  `enforcer.priorityClassName` | enforcer priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` |
  `enforcer.tolerations` | List of node taints to tolerate | `- effect: NoSchedule`<br>`key: node-role.kubernetes.io/master` | other taints can be added after the default
 -`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](values.yaml)
-+`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `manager.enabled` | If true, create manager | `true` |
  `manager.image.repository` | manager image repository | `neuvector/manager` |
  `manager.image.hash` | manager image hash in the format of sha256:xxxx. If present it overwrites the image tag value. | |
@@ -49,7 +49,7 @@
  `manager.svc.type` | set manager service type for native Kubernetes | `NodePort`;<br>if it is OpenShift platform or ingress is enabled, then default is `ClusterIP` | set to LoadBalancer if using cloud providers, such as Azure, Amazon, Google
  `manager.svc.loadBalancerIP` | if manager service type is LoadBalancer, this is used to specify the load balancer's IP | `nil` |
 -`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](values.yaml)
-+`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `manager.route.enabled` | If true, create a OpenShift route to expose the management console service | `true` |
  `manager.route.host` | Set OpenShift route host for management console service | `nil` |
  `manager.route.termination` | Specify TLS termination for OpenShift route for management console service. Possible passthrough, edge, reencrypt | `passthrough` |
@@ -58,11 +58,11 @@
  `manager.ingress.ingressClassName` | To be used instead of the ingress.class annotation if an IngressClass is provisioned | `""` |
  `manager.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. Currently only supports `/`
 -`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
-+`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `manager.ingress.tls` | If true, TLS is enabled for manager ingress service |`false` | If set, the tls-host used is the one set with `manager.ingress.host`.
  `manager.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
 -`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](values.yaml)
-+`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml)
++`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
  `manager.affinity` | manager affinity rules  | `{}` |
  `manager.tolerations` | List of node taints to tolerate | `nil` |
  `manager.nodeSelector` | Enable and specify nodeSelector labels | `{}` |
@@ -71,7 +71,7 @@
  `cve.scanner.replicas` | external scanner replicas | `3` |
  `cve.scanner.dockerPath` | the remote docker socket if CI/CD integration need scan images before they are pushed to the registry | `nil` |
 -`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](values.yaml) |
-+`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) |
++`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml) |
  `cve.scanner.affinity` | scanner affinity rules  | `{}` |
  `cve.scanner.tolerations` | List of node taints to tolerate | `nil` |
  `cve.scanner.nodeSelector` | Enable and specify nodeSelector labels | `{}` |
diff --git a/packages/neuvector/generated-changes/patch/values.yaml.patch b/packages/neuvector/generated-changes/patch/values.yaml.patch
index 0c85ac520..a6feeebd7 100644
--- a/packages/neuvector/generated-changes/patch/values.yaml.patch
+++ b/packages/neuvector/generated-changes/patch/values.yaml.patch
@@ -1,10 +1,17 @@
 --- charts-original/values.yaml
 +++ charts/values.yaml
-@@ -5,12 +5,10 @@
+@@ -2,15 +2,17 @@
+ # This is a YAML-formatted file.
+ # Declare variables to be passed into the templates.
+ 
++global:
++  cattle:
++    systemDefaultRegistry: ""
++
  openshift: false
  
  registry: docker.io
--tag: 5.0.3
+-tag: 5.0.4
  oem:
 -imagePullSecrets:
  psp: false
@@ -14,17 +21,17 @@
  
  controller:
    # If false, controller will not be installed
-@@ -22,7 +20,8 @@
+@@ -22,7 +24,8 @@
        maxSurge: 1
        maxUnavailable: 0
    image:
 -    repository: neuvector/controller
 +    repository: rancher/mirrored-neuvector-controller
-+    tag: 5.0.3
++    tag: 5.0.4
      hash:
    replicas: 3
    disruptionbudget: 0
-@@ -68,7 +67,7 @@
+@@ -68,7 +71,7 @@
          #  -----BEGIN PRIVATE KEY-----
          #  -----END PRIVATE KEY-----
    ranchersso:
@@ -33,27 +40,27 @@
    pvc:
      enabled: false
      accessModes:
-@@ -206,7 +205,8 @@
+@@ -206,7 +209,8 @@
    # If false, enforcer will not be installed
    enabled: true
    image:
 -    repository: neuvector/enforcer
 +    repository: rancher/mirrored-neuvector-enforcer
-+    tag: 5.0.3
++    tag: 5.0.4
      hash:
    priorityClassName:
    tolerations:
-@@ -224,7 +224,8 @@
+@@ -224,7 +228,8 @@
    # If false, manager will not be installed
    enabled: true
    image:
 -    repository: neuvector/manager
 +    repository: rancher/mirrored-neuvector-manager
-+    tag: 5.0.3
++    tag: 5.0.4
      hash:
    priorityClassName:
    env:
-@@ -292,7 +293,7 @@
+@@ -292,7 +297,7 @@
      enabled: true
      secure: false
      image:
@@ -62,7 +69,7 @@
        tag: latest
        hash:
      schedule: "0 0 * * *"
-@@ -308,7 +309,7 @@
+@@ -308,7 +313,7 @@
          maxSurge: 1
          maxUnavailable: 0
      image:
diff --git a/packages/neuvector/package.yaml b/packages/neuvector/package.yaml
index eb2afa97e..de39edba6 100644
--- a/packages/neuvector/package.yaml
+++ b/packages/neuvector/package.yaml
@@ -1,5 +1,5 @@
-url: https://neuvector.github.io/neuvector-helm/core-2.2.3.tgz
-version: 101.0.0
+url: https://neuvector.github.io/neuvector-helm/core-2.2.4.tgz
+version: 101.0.1
 additionalCharts:
 - workingDir: charts-crd
   crdOptions:
diff --git a/packages/neuvector/templates/crd-template/Chart.yaml b/packages/neuvector/templates/crd-template/Chart.yaml
index edebd5032..8ea47ef14 100644
--- a/packages/neuvector/templates/crd-template/Chart.yaml
+++ b/packages/neuvector/templates/crd-template/Chart.yaml
@@ -4,7 +4,7 @@ annotations:
   catalog.cattle.io/certified: rancher
   catalog.cattle.io/hidden: true
 apiVersion: v1
-appVersion: 5.0.3
+appVersion: 5.0.4
 description: Helm chart for NeuVector's CRD services
 home: https://neuvector.com
 icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4
@@ -12,5 +12,5 @@ maintainers:
 - email: support@neuvector.com
   name: becitsthere
 name: neuvector-crd
-version: 2.2.3
+version: 2.2.4
 type: application
diff --git a/release.yaml b/release.yaml
index 71f4cdc1d..2213f37d7 100644
--- a/release.yaml
+++ b/release.yaml
@@ -18,8 +18,10 @@ longhorn-crd:
 - 100.2.3+up1.3.2
 neuvector:
 - 101.0.0+up2.2.3
+- 101.0.1+up2.2.4
 neuvector-crd:
 - 101.0.0+up2.2.3
+- 101.0.1+up2.2.4
 prometheus-federator:
 - 1.0.0+up0.1.1
 rancher-aks-operator: