added helm chart support #1762
added helm chart support #1762
Conversation
WalkthroughThis change introduces a complete Helm chart for deploying the Wren AI Service and its components on Kubernetes. It adds chart metadata, default values, deployment and service templates, configuration and secret management, ingress setup, persistent storage configuration, and extensive documentation for installation and usage. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Helm
participant Kubernetes
participant WrenAI Components
User->>Helm: helm install wren ./helm-chart
Helm->>Kubernetes: Apply manifests (Deployments, Services, ConfigMaps, Secrets, PVC, Ingress)
Kubernetes->>WrenAI Components: Schedule pods for engine, ai-service, ui, ibis-server
Kubernetes->>WrenAI Components: Inject ConfigMaps and Secrets as env/config
User->>Kubernetes: Access services (via Ingress, NodePort, or port-forward)
WrenAI Components->>Kubernetes: Use persistent storage, secrets, and service endpoints
Suggested labels
Suggested reviewers
Poem
✨ Finishing Touches🧪 Generate Unit Tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
🧹 Nitpick comments (15)
deployment/helm-chart/templates/_helpers.tpl (1)
4-6: Naming consistency: consider aligning helper prefixes with chart name.Helpers are defined under
"wren-ai", whileChart.yamlusesname: wren. To avoid confusion, align the helper prefix with the actual chart name (e.g., use"wren").deployment/helm-chart/values.yaml (1)
368-368: Add newline at end of file.YAML requires a trailing newline at EOF. Please append a blank line to comply with POSIX and YAML specifications.
deployment/helm-chart/templates/ingress.yaml (1)
1-28: Suppress blank manifests: use template whitespace control.Wrap conditionals with
{{- if ... }}and{{- end }}(note the leading/trailing hyphens) to trim unwanted newlines and prevent empty YAML documents when.Values.ui.ingress.enabledis false.deployment/helm-chart/templates/pvc.yaml (1)
21-21: Add newline at end-of-file.
Ensure a trailing newline for POSIX compliance and to prevent lint warnings.deployment/helm-chart/templates/secrets.yaml (1)
40-40: Add newline at end-of-file.
Append a trailing newline to satisfy POSIX and avoid lint warnings.deployment/helm-chart/templates/ibis-deployment.yaml (1)
54-54: Add newline at end-of-file.
Include a trailing newline to satisfy POSIX and avoid lint issues.deployment/helm-chart/templates/engine-deployment.yaml (1)
77-77: Add newline at end-of-file.
Include a trailing newline to satisfy POSIX and avoid lint issues.deployment/helm-chart/templates/ai-service-deployment.yaml (1)
117-117: Add newline character at end of file.
Ensure the file ends with a newline to comply with POSIX standards and avoid lint errors.deployment/helm-chart/templates/ui-deployment.yaml (2)
99-99: Remove trailing whitespace.
Trim the extra spaces on these lines to clean up unnecessary whitespace.- - name: TELEMETRY_ENABLED + - name: TELEMETRY_ENABLED- valueFrom: + valueFrom:Also applies to: 116-116
133-133: Add newline character at end of file.
Ensure the file ends with a newline to satisfy POSIX conventions and avoid lint errors.deployment/helm-chart/README.md (3)
7-7: Remove trailing punctuation in headings.
Avoid ending Markdown headings with a colon for cleaner style. E.g., change## Steps to deploy:→## Steps to deploy.Also applies to: 14-14, 69-69
16-16: Fix loose punctuation and spacing.
Clean up extra spaces and stray backticks in this line. E.g.,- `Suggestion`: Before deploying, check out the Helm values in the `deployment/helm ` file... + `Suggestion`: Before deploying, check out the Helm values in the `deployment/helm` folder...
72-72: Correct “its” to “it’s”.
Use the contraction “it’s” (it is) for clarity:- its less likely you need to modify them + it’s less likely you need to modify themdeployment/helm-chart/templates/configmap.yaml (2)
20-20: Align spacing after colon.
Remove the extra space so there’s exactly one space after the colon:- IBIS_SERVER_VERSION: {{ .Values.global.versions.ibisServer | quote }} + IBIS_SERVER_VERSION: {{ .Values.global.versions.ibisServer | quote }}
214-214: Add newline character at end of file.
Ensure the file ends with a newline to comply with POSIX standards.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (14)
deployment/helm-chart/Chart.yaml(1 hunks)deployment/helm-chart/NOTES.txt(1 hunks)deployment/helm-chart/README.md(1 hunks)deployment/helm-chart/templates/_helpers.tpl(1 hunks)deployment/helm-chart/templates/ai-service-deployment.yaml(1 hunks)deployment/helm-chart/templates/configmap.yaml(1 hunks)deployment/helm-chart/templates/engine-deployment.yaml(1 hunks)deployment/helm-chart/templates/ibis-deployment.yaml(1 hunks)deployment/helm-chart/templates/ingress.yaml(1 hunks)deployment/helm-chart/templates/pvc.yaml(1 hunks)deployment/helm-chart/templates/secrets.yaml(1 hunks)deployment/helm-chart/templates/service.yaml(1 hunks)deployment/helm-chart/templates/ui-deployment.yaml(1 hunks)deployment/helm-chart/values.yaml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.37.1)
deployment/helm-chart/templates/pvc.yaml
[error] 1-1: syntax error: expected the node content, but found '-'
(syntax)
deployment/helm-chart/templates/ingress.yaml
[error] 2-2: syntax error: expected '', but found ''
(syntax)
[warning] 20-20: wrong indentation: expected 8 but found 10
(indentation)
deployment/helm-chart/templates/ibis-deployment.yaml
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 13-13: wrong indentation: expected 4 but found 6
(indentation)
[warning] 18-18: wrong indentation: expected 6 but found 8
(indentation)
[warning] 21-21: wrong indentation: expected 4 but found 6
(indentation)
[error] 54-54: no new line character at the end of file
(new-line-at-end-of-file)
[error] 4-4: syntax error: expected , but found ''
(syntax)
deployment/helm-chart/templates/engine-deployment.yaml
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 13-13: wrong indentation: expected 4 but found 6
(indentation)
[warning] 18-18: wrong indentation: expected 6 but found 8
(indentation)
[warning] 21-21: wrong indentation: expected 4 but found 6
(indentation)
[error] 77-77: no new line character at the end of file
(new-line-at-end-of-file)
[error] 4-4: syntax error: expected , but found ''
(syntax)
deployment/helm-chart/templates/service.yaml
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 17-17: wrong indentation: expected 2 but found 4
(indentation)
[warning] 25-25: wrong indentation: expected 2 but found 4
(indentation)
[warning] 39-39: wrong indentation: expected 2 but found 4
(indentation)
[warning] 47-47: wrong indentation: expected 2 but found 4
(indentation)
[warning] 57-57: wrong indentation: expected 2 but found 4
(indentation)
[warning] 65-65: wrong indentation: expected 2 but found 4
(indentation)
[warning] 75-75: wrong indentation: expected 2 but found 4
(indentation)
[error] 4-4: syntax error: expected , but found ''
(syntax)
deployment/helm-chart/templates/secrets.yaml
[error] 1-1: syntax error: expected the node content, but found '-'
(syntax)
[error] 40-40: no new line character at the end of file
(new-line-at-end-of-file)
deployment/helm-chart/templates/ai-service-deployment.yaml
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 13-13: wrong indentation: expected 4 but found 6
(indentation)
[warning] 18-18: wrong indentation: expected 6 but found 8
(indentation)
[warning] 21-21: wrong indentation: expected 4 but found 6
(indentation)
[error] 117-117: no new line character at the end of file
(new-line-at-end-of-file)
[error] 4-4: syntax error: expected , but found ''
(syntax)
deployment/helm-chart/values.yaml
[error] 19-19: trailing spaces
(trailing-spaces)
[error] 27-27: trailing spaces
(trailing-spaces)
[error] 34-34: trailing spaces
(trailing-spaces)
[error] 38-38: trailing spaces
(trailing-spaces)
[error] 52-52: trailing spaces
(trailing-spaces)
[error] 84-84: trailing spaces
(trailing-spaces)
[error] 135-135: trailing spaces
(trailing-spaces)
[error] 145-145: trailing spaces
(trailing-spaces)
[error] 162-162: trailing spaces
(trailing-spaces)
[error] 176-176: trailing spaces
(trailing-spaces)
[error] 247-247: trailing spaces
(trailing-spaces)
[error] 248-248: trailing spaces
(trailing-spaces)
[error] 287-287: trailing spaces
(trailing-spaces)
[error] 294-294: trailing spaces
(trailing-spaces)
[error] 302-302: trailing spaces
(trailing-spaces)
[warning] 347-347: wrong indentation: expected 10 but found 9
(indentation)
[error] 368-368: no new line character at the end of file
(new-line-at-end-of-file)
deployment/helm-chart/templates/configmap.yaml
[warning] 20-20: too many spaces after colon
(colons)
[error] 4-4: syntax error: expected , but found ''
(syntax)
deployment/helm-chart/templates/ui-deployment.yaml
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 13-13: wrong indentation: expected 4 but found 6
(indentation)
[warning] 18-18: wrong indentation: expected 6 but found 8
(indentation)
[warning] 21-21: wrong indentation: expected 4 but found 6
(indentation)
[error] 99-99: trailing spaces
(trailing-spaces)
[error] 116-116: trailing spaces
(trailing-spaces)
[error] 133-133: no new line character at the end of file
(new-line-at-end-of-file)
[error] 4-4: syntax error: expected , but found ''
(syntax)
🪛 LanguageTool
deployment/helm-chart/NOTES.txt
[uncategorized] ~3-~3: Loose punctuation mark.
Context: ...ervices {{ include "wren-ai.fullname" . }}-ui-svc) export NODE_IP=$(kubectl get...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~8-~8: Loose punctuation mark.
Context: ... svc -w {{ include "wren-ai.fullname" . }}-ui-svc' export SERVICE_IP=$(kubectl ...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~9-~9: Loose punctuation mark.
Context: ...pace }} {{ include "wren-ai.fullname" . }}-ui-svc --template "{{"{{ range (index ...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~12-~12: Loose punctuation mark.
Context: ...tes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance1. Get the a...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~14-~14: Loose punctuation mark.
Context: ...ervices {{ include "wren-ai.fullname" . }}-ai-service-svc) export NODE_IP=$(kub...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~19-~19: Loose punctuation mark.
Context: ... svc -w {{ include "wren-ai.fullname" . }}-ai-service-svc' export SERVICE_IP=$(...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~20-~20: Loose punctuation mark.
Context: ...pace }} {{ include "wren-ai.fullname" . }}-ai-service-svc --template "{{"{{ range...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~23-~23: Loose punctuation mark.
Context: ...tes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance={{ .Release...
(UNLIKELY_OPENING_PUNCTUATION)
deployment/helm-chart/README.md
[uncategorized] ~16-~16: Loose punctuation mark.
Context: ...helm ## Steps to deploy: Suggestion: Before deploying, check out the Helm va...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~71-~71: “its” (belonging to it) seems less likely than “it’s” (it is)
Context: ...ns the core Wren AI manifest templates, its less likely you need to modify them, bu...
(AI_HYDRA_LEO_CPT_ITS_ITIS)
[grammar] ~72-~72: In the grammatical structure ‘pronoun + be/get + used + to + verb’, the verb ‘used’ is used with the gerund.
Context: ...ing helm dependency add, and they are used to deploy third-party services alongside Wren AI....
(ADMIT_ENJOY_VB)
[uncategorized] ~77-~77: Loose punctuation mark.
Context: ... same namespace as wren-ai. - postgres: Database that will be installed in the ...
(UNLIKELY_OPENING_PUNCTUATION)
[uncategorized] ~81-~81: Possible missing comma found.
Context: ...ame(first) and password(second) for the database respectively, separated by a colon. In ...
(AI_HYDRA_LEO_MISSING_COMMA)
[uncategorized] ~82-~82: Use a comma before ‘and’ if it connects two independent clauses (unless they are closely connected and short).
Context: ...erver is running in a Kubernetes cluster and it is named "wren-postgresql" in the *s...
(COMMA_COMPOUND_SENTENCE)
[uncategorized] ~122-~122: “you” seems less likely than “your” (belonging to you).
Context: ...mize some values. It can be usefull for you GitOps workflow and can be used in conj...
(AI_HYDRA_LEO_CP_YOU_YOUR)
[style] ~122-~122: ‘in conjunction with’ might be wordy. Consider a shorter alternative.
Context: ...for you GitOps workflow and can be used in conjunction with FluxCD or ArgoCD.
(EN_WORDINESS_PREMIUM_IN_CONJUNCTION_WITH)
🪛 Checkov (3.2.334)
deployment/helm-chart/values.yaml
[MEDIUM] 33-34: Basic Auth Credentials
(CKV_SECRET_4)
🪛 Gitleaks (8.26.0)
deployment/helm-chart/README.md
35-35: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🪛 markdownlint-cli2 (0.17.2)
deployment/helm-chart/README.md
7-7: Trailing punctuation in heading
Punctuation: ':'
(MD026, no-trailing-punctuation)
14-14: Trailing punctuation in heading
Punctuation: ':'
(MD026, no-trailing-punctuation)
16-16: Spaces inside code span elements
null
(MD038, no-space-in-code)
69-69: Trailing punctuation in heading
Punctuation: ':'
(MD026, no-trailing-punctuation)
🔇 Additional comments (28)
deployment/helm-chart/Chart.yaml (1)
1-27: Helm chart metadata review: Approve.The
Chart.yamlcorrectly definesapiVersion: v2, chart name, version, dependencies, and maintainers. Ensure the file ends with a newline to satisfy POSIX and tooling requirements.deployment/helm-chart/templates/_helpers.tpl (1)
29-31: Label version templating: approve.The
"wren-ai.chart"helper formats the chart name and version correctly, replacing+characters and enforcing DNS length limits.deployment/helm-chart/templates/ingress.yaml (1)
2-5: Ingress spec: approve.The
apiVersion,kind,metadata, and naming conventions integrate correctly with the Helm helper templates and user values.deployment/helm-chart/templates/pvc.yaml (2)
1-3: Conditional PVC creation is clear and concise.
Using.Values.engine.persistence.enabledto guard PVC creation aligns with best practices for optional persistence.
14-20: NestedifforstorageClassNamehandles the"-"sentinel well.
The logic to set an emptystorageClassNamewhen the value is"-"and quote non-empty values is precise.deployment/helm-chart/templates/secrets.yaml (1)
1-1: Ignore YAMLlint false positive on templating.
The{{- if ... }}syntax at file start is valid Helm template syntax; static YAML linters misinterpret it.deployment/helm-chart/templates/ibis-deployment.yaml (5)
4-4: Ignore YAMLlint indentation and block-end warnings.
Helm templating constructs commonly trigger false-positive syntax and indentation issues in pure YAML linters.Also applies to: 7-7, 13-13, 18-18, 21-21
1-9: Deployment metadata and replica configuration are consistent.
Theibis-serverdeployment uses correct naming, labels, and a default replica fallback, aligning with other component deployments.
10-18: Selector and Pod template labels are accurate.
Usinginclude "wren-ai.selectorLabels"and component-specific labelling ensures correct service selection and observability.
20-31: Node scheduling configuration is flexible.
ParameterizingnodeSelector,affinity, andtolerationsviawithblocks offers robust cluster placement control.
32-40: Container spec forwren-ibisis comprehensive.
Image configuration, ports, and environment variable sourcing from ConfigMaps follow chart conventions.deployment/helm-chart/templates/engine-deployment.yaml (7)
4-4: Ignore YAMLlint false positives.
Helm Go templating triggers syntax and indentation warnings in pure YAML linters; these can be safely ignored.Also applies to: 7-7, 13-13, 18-18, 21-21
1-9: Engine Deployment metadata and replica config look good.
Naming, labels, and default replica fallback align with chart standards.
10-18: Selector and template labels are correctly parameterized.
Using sharedselectorLabelsand component labelling ensures pod-service binding consistency.
20-31: Node scheduling parameters are properly exposed.
The inclusion ofnodeSelector,affinity, andtolerationsviawithblocks offers flexibility for complex cluster topologies.
32-35: Persistent volume claim volume is correctly referenced.
Volume name (wren-data) andclaimNamematch the PVC template, ensuring reliable mounts.
36-59: Init container setup is thorough.
The bootstrap container correctly sources ConfigMap and secret values for database credentials and mounts the data volume.
60-77: Main container config aligns with other components.
Image, ports, volume mounts, and resource blocks mirror established patterns across the chart.deployment/helm-chart/NOTES.txt (7)
3-3: Ignore LanguageTool spurious warnings.
Loose punctuation warnings are caused by Helm templating and do not affect functionality.Also applies to: 8-8, 9-9, 12-12, 14-14, 19-19, 20-20, 23-23
2-6: UI NodePort instructions are clear.
ExtractingNODE_PORTandNODE_IPand echoing the URL matches Helm post-install guidance.
7-10: UI LoadBalancer instructions are accurate.
Advising on external IP readiness and using JSONPath for extraction is correct.
13-17: AI Service NodePort instructions are correct.
Commands mirror the UI pattern and reference the proper service suffix.
17-21: AI Service LoadBalancer block is fine.
It correctly notes potential delays and uses theloadBalancer.ingresspath extraction.
21-27: AI Service ClusterIP instructions align with standards.
Pattern matches UI's fixed block and provides a consistent port-forward workflow.
29-33: Verify AI Service port reference.
Ensure.Values.config.ports.aiServicematches the port defined in the AI Service templates. If the port lives under a different key, update accordingly.deployment/helm-chart/templates/ai-service-deployment.yaml (1)
4-4: Ignore static-analysis indentation/syntax warnings.
These YAMLlint and syntax errors are false positives due to Helm templating and intentional indentation fornindent. No change needed.Also applies to: 7-7, 13-13, 18-18, 21-21
deployment/helm-chart/templates/ui-deployment.yaml (1)
4-4: Ignore static-analysis indentation/syntax warnings.
The reported indentation and syntax errors stem from Helm templating and do not reflect actual YAML issues.Also applies to: 7-7, 13-13, 18-18, 21-21
deployment/helm-chart/templates/configmap.yaml (1)
4-4: Ignore static-analysis syntax/spacing warnings.
These errors are false positives due to Helm templating; the syntax and spacing are valid.Also applies to: 20-20
| paths: | ||
| - path: / | ||
| pathType: Prefix | ||
| servicePort: 6333 | ||
| tls: | ||
| - hosts: | ||
| - qdrant-ai.myhost.net | ||
| secretName: qdrant-ai.myhost.net-tls |
There was a problem hiding this comment.
Fix indentation in Qdrant TLS hosts.
The list under tls.hosts is misaligned (one fewer space than expected), causing YAML parse failures. Align the dash (- qdrant-ai.myhost.net) correctly at 10 spaces under its parent mapping.
🧰 Tools
🪛 YAMLlint (1.37.1)
[warning] 347-347: wrong indentation: expected 10 but found 9
(indentation)
🤖 Prompt for AI Agents
In deployment/helm-chart/values.yaml around lines 341 to 348, the dash before
the TLS host under tls.hosts is incorrectly indented by one space less, causing
YAML parsing errors. Fix this by indenting the dash to align properly with the
expected 10 spaces under the tls mapping, ensuring consistent YAML structure.
| secrets: | ||
| # Option 1: Use existing secret (recommended for production) | ||
| useExistingSecret: false | ||
| existingSecretName: "wren-secret" | ||
|
|
||
| # Option 2: Create secret from values (for development/testing) | ||
| # Set useExistingSecret to false and provide values below | ||
| createFromValues: true | ||
| values: | ||
| # Required for Postgres and AI Service - Provide Either OpenAI API Key or Gemini API Key | ||
| #OPENAI_API_KEY: "dummy" | ||
| GEMINI_API_KEY: "dummy" | ||
|
|
There was a problem hiding this comment.
Remove trailing whitespace to pass YAML lint.
Several lines in the secrets block (e.g., existingSecretName, createFromValues, key definitions) contain trailing spaces flagged by YAMLlint. Strip trailing whitespace throughout to resolve lint errors.
🧰 Tools
🪛 YAMLlint (1.37.1)
[error] 19-19: trailing spaces
(trailing-spaces)
[error] 27-27: trailing spaces
(trailing-spaces)
🤖 Prompt for AI Agents
In deployment/helm-chart/values.yaml lines 15 to 27, remove all trailing
whitespace characters at the end of lines within the secrets block, including
lines like existingSecretName, createFromValues, and key definitions, to ensure
the YAML file passes linting checks.
| secrets: | ||
| # Option 1: Use existing secret (recommended for production) | ||
| useExistingSecret: false | ||
| existingSecretName: "wren-secret" | ||
|
|
||
| # Option 2: Create secret from values (for development/testing) | ||
| # Set useExistingSecret to false and provide values below | ||
| createFromValues: true | ||
| values: | ||
| # Required for Postgres and AI Service - Provide Either OpenAI API Key or Gemini API Key | ||
| #OPENAI_API_KEY: "dummy" | ||
| GEMINI_API_KEY: "dummy" | ||
|
|
||
| # Required for Postgres | ||
| PG_USERNAME: "dummy" | ||
| PG_PASSWORD: "dummy" | ||
| PG_ADMIN_PASSWORD: "dummy" | ||
| # postgres://<username>:<password>@host:5432/<database-name> if postgresql.enabled is true, host will be Release.Name-postgresql | ||
| PG_URL: "postgres://dummy:dummy@wren-postgresql:5432/dummy" |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Secure default secret management.
Defaulting to createFromValues: true with dummy credentials introduces risk. Consider defaulting useExistingSecret: true or omitting placeholder values to enforce proper secret provisioning in production.
🧰 Tools
🪛 YAMLlint (1.37.1)
[error] 19-19: trailing spaces
(trailing-spaces)
[error] 27-27: trailing spaces
(trailing-spaces)
🤖 Prompt for AI Agents
In deployment/helm-chart/values.yaml around lines 15 to 33, the default setting
for secret management uses createFromValues: true with dummy credentials, which
is insecure for production. Change the default to useExistingSecret: true and
either remove or comment out the dummy credential values to ensure that proper
secrets are provided explicitly in production environments.
| metadata: | ||
| name: {{ include "wren-ai.fullname" . }}-ui-svc | ||
| labels: | ||
| {{- include "wren-ai.labels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ui | ||
| spec: | ||
| type: {{ .Values.ui.service.type }} | ||
| ports: | ||
| - port: {{ .Values.ui.service.port }} | ||
| targetPort: http | ||
| protocol: TCP | ||
| name: http-ui | ||
| selector: | ||
| {{- include "wren-ai.selectorLabels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ui | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: {{ include "wren-ai.fullname" . }}-engine-svc | ||
| labels: | ||
| {{- include "wren-ai.labels" . | nindent 4 }} | ||
| app.kubernetes.io/component: engine | ||
| spec: | ||
| type: {{ .Values.engine.service.type }} | ||
| ports: | ||
| - port: {{ .Values.engine.service.ports.engine }} | ||
| targetPort: http | ||
| protocol: TCP | ||
| name: wren-engine | ||
| - port: {{ .Values.engine.service.ports.sql }} | ||
| targetPort: sql | ||
| protocol: TCP | ||
| name: wren-engine-sql | ||
| selector: | ||
| {{- include "wren-ai.selectorLabels" . | nindent 4 }} | ||
| app.kubernetes.io/component: engine | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: {{ include "wren-ai.fullname" . }}-ai-service-svc | ||
| labels: | ||
| {{- include "wren-ai.labels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ai-service | ||
| spec: | ||
| type: {{ .Values.aiService.service.type }} | ||
| ports: | ||
| - port: {{ .Values.aiService.service.port }} | ||
| targetPort: http | ||
| protocol: TCP | ||
| name: http | ||
| selector: | ||
| {{- include "wren-ai.selectorLabels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ai-service | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: {{ include "wren-ai.fullname" . }}-ibis-server-svc | ||
| labels: | ||
| {{- include "wren-ai.labels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ibis-server | ||
| spec: | ||
| type: {{ .Values.ibisServer.service.type }} | ||
| ports: | ||
| - port: {{ .Values.ibisServer.service.port }} | ||
| targetPort: http | ||
| protocol: TCP | ||
| name: wren-ibis | ||
| selector: | ||
| {{- include "wren-ai.selectorLabels" . | nindent 4 }} | ||
| app.kubernetes.io/component: ibis-server |
There was a problem hiding this comment.
Fix indentation across all Service definitions.
Multiple blocks (metadata, spec, ports, selector) are misaligned by 2 spaces. Nested keys should be indented by 2 spaces per level (e.g., under metadata:, name: and labels: need an extra 2-space indent). Address these misalignments to ensure valid YAML parsing.
🧰 Tools
🪛 YAMLlint (1.37.1)
[warning] 7-7: wrong indentation: expected 2 but found 4
(indentation)
[warning] 17-17: wrong indentation: expected 2 but found 4
(indentation)
[warning] 25-25: wrong indentation: expected 2 but found 4
(indentation)
[warning] 39-39: wrong indentation: expected 2 but found 4
(indentation)
[warning] 47-47: wrong indentation: expected 2 but found 4
(indentation)
[warning] 57-57: wrong indentation: expected 2 but found 4
(indentation)
[warning] 65-65: wrong indentation: expected 2 but found 4
(indentation)
[warning] 75-75: wrong indentation: expected 2 but found 4
(indentation)
[error] 4-4: syntax error: expected , but found ''
(syntax)
🤖 Prompt for AI Agents
In deployment/helm-chart/templates/service.yaml from lines 3 to 75, the
indentation of keys under metadata, spec, ports, and selector is incorrect by 2
spaces. Fix this by ensuring each nested key is indented exactly 2 spaces more
than its parent key, for example, indent name and labels 2 spaces under
metadata, and similarly adjust all nested blocks consistently to maintain valid
YAML structure.
| {{- else if contains "ClusterIP" .Values.ui.service.type }} | ||
| export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance1. Get the application URL by running these commands: | ||
| {{- if contains "NodePort" .Values.aiService.service.type }} |
There was a problem hiding this comment.
Fix malformed UI ClusterIP port-forward block.
The current clusterIP branch is broken and merges with header text. Apply this diff:
-{{- else if contains "ClusterIP" .Values.ui.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance1. Get the application URL by running these commands:
+{{- else if contains "ClusterIP" .Values.ui.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=ui" -o jsonpath="{.items[0].metadata.name}")
+ export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+ echo "Visit http://127.0.0.1:8080 to access the UI"
+ kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| {{- else if contains "ClusterIP" .Values.ui.service.type }} | |
| export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance1. Get the application URL by running these commands: | |
| {{- if contains "NodePort" .Values.aiService.service.type }} | |
| {{- else if contains "ClusterIP" .Values.ui.service.type }} | |
| export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} \ | |
| -l "app.kubernetes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=ui" \ | |
| -o jsonpath="{.items[0].metadata.name}") | |
| export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME \ | |
| -o jsonpath="{.spec.containers[0].ports[0].containerPort}") | |
| echo "Visit http://127.0.0.1:8080 to access the UI" | |
| kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT | |
| {{- if contains "NodePort" .Values.aiService.service.type }} |
🧰 Tools
🪛 LanguageTool
[uncategorized] ~12-~12: Loose punctuation mark.
Context: ...tes.io/name={{ include "wren-ai.name" . }},app.kubernetes.io/instance1. Get the a...
(UNLIKELY_OPENING_PUNCTUATION)
🤖 Prompt for AI Agents
In deployment/helm-chart/NOTES.txt around lines 11 to 13, the ClusterIP
port-forward block is malformed and merges with the header text. Fix this by
properly closing the command substitution and separating the port-forward
instructions from the header text, ensuring the YAML template syntax is correct
and the instructions are clearly formatted.
| OPENAI_API_KEY=UkVRVUlSRUQ6IHNrLXByb2otYWxsLWFjY2Vzcy1wbGFjZWhvbGRlci00LXdyZW4tYWktc2VydmljZS1kZXBsb3ltZW50 | ||
| PG_USERNAME=wrenai | ||
| PG_PASSWORD=$(openssl rand -base64 32) | ||
| PG_ADMIN_PASSWORD=$(openssl rand -base64 32) | ||
| PG_URL=postgres://wrenai-user:wrenai-pass@wren-postgresql:5432/wrenai | ||
| LANGFUSE_PUBLIC_KEY=VUlSYWxsLWFjRUQ6IHNrLtdmljZS1kZXBYWxsLWFktc2VydmljZS13ltZW50 | ||
| LANGFUSE_SECRET_KEY=UQ6IHNrLsLWFjtYWxsLWFdmljZS1kZXBktVUlSRUQ6IHNrLXByHNYWxsLWFj | ||
| POSTHOG_API_KEY=YWxsLWZS1kZXBYWxsLWFkHNrLXByb2oYWxsLWFjtc2VydmljZS1kZXHNrLXByb2o | ||
| USER_UUID=$(openssl rand -base64 32) |
There was a problem hiding this comment.
Remove or obfuscate placeholder API keys.
The README includes real-looking API keys; committing them risks security. Replace these with clear placeholders or instructions to insert user-specific keys.
- OPENAI_API_KEY=UkVRVUlSRUQ6IHNrLXByb2otYWxsLWFjY2Vzcy1wbGFjZWhvbGRlci00LXdyZW4tYWktc2VydmljZS1kZXBsb3ltZW50
+ OPENAI_API_KEY=<YOUR_OPENAI_API_KEY>
- LANGFUSE_PUBLIC_KEY=VUlSYWxsLWFjRUQ6IHNrLtdmljZS1kZXBYWxsLWFktc2VydmljZS13ltZW50
+ LANGFUSE_PUBLIC_KEY=<YOUR_LANGFUSE_PUBLIC_KEY>
- LANGFUSE_SECRET_KEY=UQ6IHNrLsLWFjtYWxsLWFdmljZS1kZXBktVUlSRUQ6IHNrLXByHNYWxsLWFj
+ LANGFUSE_SECRET_KEY=<YOUR_LANGFUSE_SECRET_KEY>
- POSTHOG_API_KEY=YWxsLWZS1kZXBYWxsLWFkHNrLXByb2oYWxsLWFjtc2VydmljZS1kZXHNrLXByb2o
+ POSTHOG_API_KEY=<YOUR_POSTHOG_API_KEY>📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| OPENAI_API_KEY=UkVRVUlSRUQ6IHNrLXByb2otYWxsLWFjY2Vzcy1wbGFjZWhvbGRlci00LXdyZW4tYWktc2VydmljZS1kZXBsb3ltZW50 | |
| PG_USERNAME=wrenai | |
| PG_PASSWORD=$(openssl rand -base64 32) | |
| PG_ADMIN_PASSWORD=$(openssl rand -base64 32) | |
| PG_URL=postgres://wrenai-user:wrenai-pass@wren-postgresql:5432/wrenai | |
| LANGFUSE_PUBLIC_KEY=VUlSYWxsLWFjRUQ6IHNrLtdmljZS1kZXBYWxsLWFktc2VydmljZS13ltZW50 | |
| LANGFUSE_SECRET_KEY=UQ6IHNrLsLWFjtYWxsLWFdmljZS1kZXBktVUlSRUQ6IHNrLXByHNYWxsLWFj | |
| POSTHOG_API_KEY=YWxsLWZS1kZXBYWxsLWFkHNrLXByb2oYWxsLWFjtc2VydmljZS1kZXHNrLXByb2o | |
| USER_UUID=$(openssl rand -base64 32) | |
| OPENAI_API_KEY=<YOUR_OPENAI_API_KEY> | |
| PG_USERNAME=wrenai | |
| PG_PASSWORD=$(openssl rand -base64 32) | |
| PG_ADMIN_PASSWORD=$(openssl rand -base64 32) | |
| PG_URL=postgres://wrenai-user:wrenai-pass@wren-postgresql:5432/wrenai | |
| LANGFUSE_PUBLIC_KEY=<YOUR_LANGFUSE_PUBLIC_KEY> | |
| LANGFUSE_SECRET_KEY=<YOUR_LANGFUSE_SECRET_KEY> | |
| POSTHOG_API_KEY=<YOUR_POSTHOG_API_KEY> | |
| USER_UUID=$(openssl rand -base64 32) |
🧰 Tools
🪛 Gitleaks (8.26.0)
35-35: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In deployment/helm-chart/README.md around lines 35 to 43, the file contains
real-looking API keys which pose a security risk if committed. Replace all
actual or realistic API keys with generic placeholder text or instructions
indicating where users should insert their own keys, ensuring no sensitive or
potentially valid keys are exposed in the repository.
Summary by CodeRabbit
New Features
Documentation
Chores