From ca1b56038dcb49713158389f2b0a4d3f17e01345 Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Wed, 7 May 2025 19:53:23 +0200 Subject: [PATCH 01/12] fix: separate SSL certificates (#101) --- compose/nginx/nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/compose/nginx/nginx.conf b/compose/nginx/nginx.conf index c2f1f24..b5a33eb 100644 --- a/compose/nginx/nginx.conf +++ b/compose/nginx/nginx.conf @@ -11,8 +11,8 @@ http { server_name ; proxy_buffer_size 128k; proxy_buffers 4 256k; - ssl_certificate ; - ssl_certificate_key ; + ssl_certificate ; + ssl_certificate_key ; ssl_dhparam ; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; @@ -55,8 +55,8 @@ http { proxy_buffers 4 256k; # setup the SSL certificate - ssl_certificate ; - ssl_certificate_key ; + ssl_certificate ; + ssl_certificate_key ; ssl_dhparam ; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; From b64df4601010e38f1f9e9f64b24889bfdf411b43 Mon Sep 17 00:00:00 2001 From: Ignacio Moreno Date: Thu, 8 May 2025 14:02:03 -0600 Subject: [PATCH 02/12] fix: Set environment variables via .env file. (#99) * Set environment variables via .env file. * Missing change * Change how hostnames and secret are set. * changes for env template * add env variable resolver on sso redirect value --- compose/.env-template | 22 ++++++++++++++++++++++ compose/compose.yaml | 9 ++++----- compose/cthq.properties | 13 +++++++------ 3 files changed, 33 insertions(+), 11 deletions(-) create mode 100644 compose/.env-template diff --git a/compose/.env-template b/compose/.env-template new file mode 100644 index 0000000..64d7d60 --- /dev/null +++ b/compose/.env-template @@ -0,0 +1,22 @@ +############################################################################### +# CodeTogether – Environment Template +# ----------------------------------------------------------------------------- +# 1. Copy this file to `.env` in the same directory as `compose.yaml`. +# 2. Replace the placeholders on the right‑hand side with your real values. +# +# Variables +# --------- +# COLLAB_FQDN Public hostname (FQDN) that end‑users hit to reach the Collab +# service (e.g. collab.example.com). +# +# INTEL_FQDN Public hostname (FQDN) for the Intel service +# (e.g. intel.example.com). +# +# INTEL_SECRET Shared secret Collab uses to authenticate when authenticating +# communication with the intel service. +# Use a strong, private value. +############################################################################### + +COLLAB_FQDN=collab.example.com +INTEL_FQDN=intel.example.com +INTEL_SECRET=super-secret-string \ No newline at end of file diff --git a/compose/compose.yaml b/compose/compose.yaml index 8d3b95b..cd52345 100644 --- a/compose/compose.yaml +++ b/compose/compose.yaml @@ -1,12 +1,13 @@ +# 👇 Rename `.env-template` to `.env` before running this file +# Set the appropriate values once renamed services: codetogether-collab: image: hub.edge.codetogether.com/releases/codetogether-collab:latest container_name: codetogether-collab environment: - # your collab/pair programming server URL - - CT_SERVER_URL=https://your-collab-server-fqdn + - CT_SERVER_URL=https://${COLLAB_FQDN} - CT_INTEL_URL=http://codetogether-intel:1080 - - CT_INTEL_SECRET=your-collab-intel-secret + - CT_INTEL_SECRET=${INTEL_SECRET} - CT_AV_ENABLED=false - CT_AV_LAN_IP=auto networks: @@ -31,8 +32,6 @@ services: codetogether-intel: image: hub.edge.codetogether.com/releases/codetogether-intel:latest container_name: codetogether-intel - environment: - - CT_HQ_BASE_URL=https://your-intel-server-fqdn networks: - codetogethernet volumes: diff --git a/compose/cthq.properties b/compose/cthq.properties index 1afe6b6..5c6e13c 100644 --- a/compose/cthq.properties +++ b/compose/cthq.properties @@ -1,8 +1,9 @@ -# Fill in values specific to your deployment -hq.base.url=https:// -hq.collab.url=https://your-collab-server-fqdn -hq.collab.secret= +# Variables below are injected from the `.env` file +hq.base.url=https://${INTEL_FQDN} +hq.collab.url=https://${COLLAB_FQDN} +hq.collab.secret=${INTEL_SECRET} +# Fill in values specific to your deployment # THE LINE BELOW IS NOT NEEDED WITH SINGLE TENANT #hq.sso.tenants=github,gitlab # GitHub SSO @@ -10,7 +11,7 @@ hq.sso.github.provider=github hq.sso.github.label=GitHub hq.sso.github.client.id= hq.sso.github.client.secret= -hq.sso.github.redirect.uri=https:///api/v1/auth/sso/success/insights +hq.sso.github.redirect.uri=https://${INTEL_FQDN}/api/v1/auth/sso/success/insights hq.sso.github.auth.uri=https://github.com/login/oauth/authorize hq.sso.github.token.uri=https://github.com/login/oauth/access_token hq.sso.github.info.uri=https://api.github.com/user @@ -22,7 +23,7 @@ hq.sso.github.logout.uri=https://github.com/logout # hq.sso.gitlab.client.id= # hq.sso.gitlab.client.secret= # hq.sso.gitlab.client.issuer.url=https://gitlab.com -# hq.sso.gitlab.azure.redirect.uri=https:///api/v1/auth/sso/success/insights +# hq.sso.gitlab.azure.redirect.uri=https://${INTEL_FQDN}/api/v1/auth/sso/success/insights # These values do not need to be changed, though secrets can be updated hq.db.type=CASSANDRA From 2c6b2878a0faddbb3a8b9c69388d691db883aa5a Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Sat, 10 May 2025 15:02:51 +0200 Subject: [PATCH 03/12] fix: add env_file to codetogether-intel (#105) --- compose/compose.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/compose/compose.yaml b/compose/compose.yaml index cd52345..ca9dba9 100644 --- a/compose/compose.yaml +++ b/compose/compose.yaml @@ -32,6 +32,8 @@ services: codetogether-intel: image: hub.edge.codetogether.com/releases/codetogether-intel:latest container_name: codetogether-intel + env_file: + - .env networks: - codetogethernet volumes: From 26058432b12b7550e3ba3f607708fa739cee4957 Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 10:57:26 +0200 Subject: [PATCH 04/12] fix: missing CT_HQ_BASE_URL env var (#107) --- compose/compose.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/compose/compose.yaml b/compose/compose.yaml index ca9dba9..27c3e94 100644 --- a/compose/compose.yaml +++ b/compose/compose.yaml @@ -34,6 +34,8 @@ services: container_name: codetogether-intel env_file: - .env + environment: + - CT_HQ_BASE_URL=https://${INTEL_FQDN} networks: - codetogethernet volumes: @@ -73,4 +75,4 @@ services: retries: 70 networks: codetogethernet: - driver: bridge \ No newline at end of file + driver: bridge From fb116eed6e85790ec73719237b91d108c0f1c81d Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 12:25:43 +0200 Subject: [PATCH 05/12] feat: nginx auto config (#109) --- compose/.env-template | 45 ++++++++++++++----- compose/compose.yaml | 6 ++- .../nginx/{nginx.conf => nginx.conf.template} | 19 ++++---- 3 files changed, 50 insertions(+), 20 deletions(-) rename compose/nginx/{nginx.conf => nginx.conf.template} (88%) diff --git a/compose/.env-template b/compose/.env-template index 64d7d60..9acc048 100644 --- a/compose/.env-template +++ b/compose/.env-template @@ -3,20 +3,45 @@ # ----------------------------------------------------------------------------- # 1. Copy this file to `.env` in the same directory as `compose.yaml`. # 2. Replace the placeholders on the right‑hand side with your real values. +# 3. Place all SSL certificates and Diffie‑Hellman parameters in the +# `nginx/ssl` directory. +# 4. Run `docker‑compose up -d` to start the containers. # -# Variables -# --------- -# COLLAB_FQDN Public hostname (FQDN) that end‑users hit to reach the Collab -# service (e.g. collab.example.com). +# Variables (all required unless stated otherwise) +# ---------------------------------------------- +# COLLAB_FQDN Public hostname (FQDN) that end‑users hit to reach the +# Collab service (e.g. collab.example.com). # -# INTEL_FQDN Public hostname (FQDN) for the Intel service -# (e.g. intel.example.com). +# INTEL_FQDN Public hostname (FQDN) for the Intel service +# (e.g. intel.example.com). # -# INTEL_SECRET Shared secret Collab uses to authenticate when authenticating -# communication with the intel service. -# Use a strong, private value. +# INTEL_SECRET Shared secret Collab uses to authenticate when +# communicating with the Intel service. Use a strong, +# private value. +# +# SSL_COLLAB_CERT Certificate filename that Nginx serves for the Collab +# virtual host (e.g. ssl-collab.crt). +# +# SSL_COLLAB_KEY Private key filename for the Collab certificate +# (e.g. ssl-collab.key). +# +# SSL_INTEL_CERT Certificate filename for the Intel virtual host +# (e.g. ssl-intel.crt). +# +# SSL_INTEL_KEY Private key filename for the Intel certificate +# (e.g. ssl-intel.key). +# +# DHPARAM_PATH Diffie‑Hellman parameters file (e.g. dhparam.pem). ############################################################################### COLLAB_FQDN=collab.example.com INTEL_FQDN=intel.example.com -INTEL_SECRET=super-secret-string \ No newline at end of file +INTEL_SECRET=super-secret-string + +SSL_COLLAB_CERT=ssl-collab.crt +SSL_COLLAB_KEY=ssl-collab.key + +SSL_INTEL_CERT=ssl-intel.crt +SSL_INTEL_KEY=ssl-intel.key + +DHPARAM_PATH=dhparam.pem \ No newline at end of file diff --git a/compose/compose.yaml b/compose/compose.yaml index 27c3e94..e5e96d2 100644 --- a/compose/compose.yaml +++ b/compose/compose.yaml @@ -18,10 +18,14 @@ services: nginx: image: nginx:latest container_name: codetogether-nginx + env_file: + - .env + environment: + - NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx ports: - "443:443" volumes: - - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/nginx.conf.template:/etc/nginx/templates/nginx.conf.template:ro - ./nginx/ssl:/etc/nginx/ssl - ./nginx/log:/var/log/nginx networks: diff --git a/compose/nginx/nginx.conf b/compose/nginx/nginx.conf.template similarity index 88% rename from compose/nginx/nginx.conf rename to compose/nginx/nginx.conf.template index b5a33eb..4418cd7 100644 --- a/compose/nginx/nginx.conf +++ b/compose/nginx/nginx.conf.template @@ -1,6 +1,7 @@ events { worker_connections 1024; } + http { include mime.types; default_type application/octet-stream; @@ -8,12 +9,12 @@ http { keepalive_timeout 65; server { listen 443 ssl http2; - server_name ; + server_name ${COLLAB_FQDN}; proxy_buffer_size 128k; proxy_buffers 4 256k; - ssl_certificate ; - ssl_certificate_key ; - ssl_dhparam ; + ssl_certificate /etc/nginx/ssl/${SSL_COLLAB_CERT}; + ssl_certificate_key /etc/nginx/ssl/${SSL_COLLAB_KEY}; + ssl_dhparam /etc/nginx/ssl/${DHPARAM_PATH}; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; @@ -47,7 +48,7 @@ http { } } server { - server_name ; + server_name ${INTEL_FQDN}; listen 443 ssl http2; # configure proxy buffer sizes @@ -55,9 +56,9 @@ http { proxy_buffers 4 256k; # setup the SSL certificate - ssl_certificate ; - ssl_certificate_key ; - ssl_dhparam ; + ssl_certificate /etc/nginx/ssl/${SSL_INTEL_CERT}; + ssl_certificate_key /etc/nginx/ssl/${SSL_INTEL_KEY}; + ssl_dhparam /etc/nginx/ssl/${DHPARAM_PATH}; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; @@ -91,4 +92,4 @@ http { proxy_send_timeout 360; } } -} +} \ No newline at end of file From 4d79a6db468b55abb0b244713ef3d29a73b2544c Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 13:05:36 +0200 Subject: [PATCH 06/12] fix: add step for sso provider (#110) --- compose/.env-template | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/compose/.env-template b/compose/.env-template index 9acc048..d0af82b 100644 --- a/compose/.env-template +++ b/compose/.env-template @@ -5,7 +5,8 @@ # 2. Replace the placeholders on the right‑hand side with your real values. # 3. Place all SSL certificates and Diffie‑Hellman parameters in the # `nginx/ssl` directory. -# 4. Run `docker‑compose up -d` to start the containers. +# 4. Configure your SSO provider in the `cthq.properties` file. +# 5. Run `docker‑compose up -d` to start the containers. # # Variables (all required unless stated otherwise) # ---------------------------------------------- From 063a4ebdcddb5d77eca760e5bfd7b8c5c4d41224 Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 14:23:51 +0200 Subject: [PATCH 07/12] fix: add client_max_body_size to intel (#112) --- compose/nginx/nginx.conf.template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compose/nginx/nginx.conf.template b/compose/nginx/nginx.conf.template index 4418cd7..2456c39 100644 --- a/compose/nginx/nginx.conf.template +++ b/compose/nginx/nginx.conf.template @@ -23,7 +23,6 @@ http { set $realIP $remote_addr; set $forwardTo $proxy_add_x_forwarded_for; set $reqHost $http_host; - client_max_body_size 32M; if ($http_x_real_ip != '') { set $realIP $http_x_real_ip; } @@ -70,6 +69,7 @@ http { set $realIP $remote_addr; set $forwardTo $proxy_add_x_forwarded_for; set $reqHost $http_host; + client_max_body_size 32M; if ($http_x_real_ip != '') { set $realIP $http_x_real_ip; } From d665be1f5137fbe47d6965b39a002c49fb6c25b4 Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 17:54:07 +0200 Subject: [PATCH 08/12] fix: tweak name of dhparam.pem env var (#113) * tweak name of dhparam.pem env var * fix env var name in nginx template * fix pam to pem --- compose/.env-template | 4 ++-- compose/nginx/nginx.conf.template | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/compose/.env-template b/compose/.env-template index d0af82b..c88f162 100644 --- a/compose/.env-template +++ b/compose/.env-template @@ -32,7 +32,7 @@ # SSL_INTEL_KEY Private key filename for the Intel certificate # (e.g. ssl-intel.key). # -# DHPARAM_PATH Diffie‑Hellman parameters file (e.g. dhparam.pem). +# DHPARAM_PEM Diffie‑Hellman parameters file (e.g. dhparam.pem). ############################################################################### COLLAB_FQDN=collab.example.com @@ -45,4 +45,4 @@ SSL_COLLAB_KEY=ssl-collab.key SSL_INTEL_CERT=ssl-intel.crt SSL_INTEL_KEY=ssl-intel.key -DHPARAM_PATH=dhparam.pem \ No newline at end of file +DHPARAM_PEM=dhparam.pem \ No newline at end of file diff --git a/compose/nginx/nginx.conf.template b/compose/nginx/nginx.conf.template index 2456c39..85f1068 100644 --- a/compose/nginx/nginx.conf.template +++ b/compose/nginx/nginx.conf.template @@ -14,7 +14,7 @@ http { proxy_buffers 4 256k; ssl_certificate /etc/nginx/ssl/${SSL_COLLAB_CERT}; ssl_certificate_key /etc/nginx/ssl/${SSL_COLLAB_KEY}; - ssl_dhparam /etc/nginx/ssl/${DHPARAM_PATH}; + ssl_dhparam /etc/nginx/ssl/${DHPARAM_PEM}; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; @@ -57,7 +57,7 @@ http { # setup the SSL certificate ssl_certificate /etc/nginx/ssl/${SSL_INTEL_CERT}; ssl_certificate_key /etc/nginx/ssl/${SSL_INTEL_KEY}; - ssl_dhparam /etc/nginx/ssl/${DHPARAM_PATH}; + ssl_dhparam /etc/nginx/ssl/${DHPARAM_PEM}; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; From 56d5eeefaf680b961f6569b4a48184aa629dee22 Mon Sep 17 00:00:00 2001 From: Ignacio Moreno Date: Mon, 12 May 2025 09:58:53 -0600 Subject: [PATCH 09/12] fix: missing env file on collab (#114) --- compose/compose.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/compose/compose.yaml b/compose/compose.yaml index e5e96d2..b443a7f 100644 --- a/compose/compose.yaml +++ b/compose/compose.yaml @@ -4,6 +4,8 @@ services: codetogether-collab: image: hub.edge.codetogether.com/releases/codetogether-collab:latest container_name: codetogether-collab + env_file: + - .env environment: - CT_SERVER_URL=https://${COLLAB_FQDN} - CT_INTEL_URL=http://codetogether-intel:1080 From f21332a7f248568b065840821ed81355c4b534c7 Mon Sep 17 00:00:00 2001 From: danc094codetogether Date: Mon, 12 May 2025 10:38:42 -0600 Subject: [PATCH 10/12] =?UTF-8?q?fix:=20handle=20nil=20ai.openai.api=5Fkey?= =?UTF-8?q?=20to=20prevent=20template=20er=E2=80=A6=20(#116)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(intel-chart): handle nil ai.openai.api_key to prevent template errors Adjusted the Helm chart template for ai-secrets to avoid referencing ai.openai.api_key and ai.external.api_key when undefined. This fixes a fatal error during `helm template` when AI mode is set to `bundled` and no OpenAI config is present. Ensures compatibility with bundled-only deployments. * Changes to fix workflow issues --- charts/intel/templates/secrets.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/charts/intel/templates/secrets.yaml b/charts/intel/templates/secrets.yaml index 5cdd56d..b5b85e7 100644 --- a/charts/intel/templates/secrets.yaml +++ b/charts/intel/templates/secrets.yaml @@ -4,5 +4,13 @@ metadata: name: ai-secrets type: Opaque data: + {{- if .Values.ai.openai }} + {{- if .Values.ai.openai.api_key }} openai-api-key: {{ .Values.ai.openai.api_key | b64enc }} + {{- end }} + {{- end }} + {{- if .Values.ai.external }} + {{- if .Values.ai.external.api_key }} external-ai-key: {{ .Values.ai.external.api_key | b64enc }} + {{- end }} + {{- end }} From 11960ddbcad980a2e131fce5e0733f5ccdf295e0 Mon Sep 17 00:00:00 2001 From: Wojciech Galanciak Date: Mon, 12 May 2025 20:30:56 +0200 Subject: [PATCH 11/12] fix: cleanup for sso tenants (#117) --- compose/cthq.properties | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/compose/cthq.properties b/compose/cthq.properties index 5c6e13c..8b8c254 100644 --- a/compose/cthq.properties +++ b/compose/cthq.properties @@ -4,8 +4,10 @@ hq.collab.url=https://${COLLAB_FQDN} hq.collab.secret=${INTEL_SECRET} # Fill in values specific to your deployment -# THE LINE BELOW IS NOT NEEDED WITH SINGLE TENANT -#hq.sso.tenants=github,gitlab + +# If you want to run with multiple SSO providers, add their names separated with commas +hq.sso.tenants=github + # GitHub SSO hq.sso.github.provider=github hq.sso.github.label=GitHub @@ -18,13 +20,6 @@ hq.sso.github.info.uri=https://api.github.com/user hq.sso.github.jwt.set.uri=https://token.actions.githubusercontent.com/.well-known/jwks hq.sso.github.logout.uri=https://github.com/logout -# hq.sso.gitlab.provider=gitlab -# hq.sso.gitlab.label=Gitlab test -# hq.sso.gitlab.client.id= -# hq.sso.gitlab.client.secret= -# hq.sso.gitlab.client.issuer.url=https://gitlab.com -# hq.sso.gitlab.azure.redirect.uri=https://${INTEL_FQDN}/api/v1/auth/sso/success/insights - # These values do not need to be changed, though secrets can be updated hq.db.type=CASSANDRA hq.cassandra.db.host=codetogether-cassandra From 9cd2f4841f0488085e592ae4038d4742c4eb1d30 Mon Sep 17 00:00:00 2001 From: danc094codetogether Date: Fri, 16 May 2025 11:38:20 -0600 Subject: [PATCH 12/12] feat(intel): add option to disable AI integration entirely (#120) Previously, the Helm chart required either 'bundled' or 'external' AI mode to be configured, making it mandatory to include AI integration. This commit introduces a new flag `ai.enabled` to allow disabling AI features entirely, enabling Intel to be deployed without any AI-related containers or resources. --- charts/intel/templates/deployment.yaml | 66 ++++++++++++++------------ charts/intel/values.yaml | 1 + 2 files changed, 36 insertions(+), 31 deletions(-) diff --git a/charts/intel/templates/deployment.yaml b/charts/intel/templates/deployment.yaml index 0615be8..9c0d7e0 100644 --- a/charts/intel/templates/deployment.yaml +++ b/charts/intel/templates/deployment.yaml @@ -28,21 +28,23 @@ spec: {{- end }} serviceAccountName: {{ include "codetogether.serviceAccountName" . }} containers: - {{- if eq .Values.ai.mode "bundled" }} - - name: codetogether-llm - image: "{{ .Values.ai.image.repository }}:{{ .Values.ai.image.tag }}" - imagePullPolicy: Always - ports: - - name: ai - containerPort: 8000 - protocol: TCP - resources: - requests: - cpu: {{ .Values.ai.resources.requests.cpu | quote }} - memory: {{ .Values.ai.resources.requests.memory | quote }} - limits: - cpu: {{ .Values.ai.resources.limits.cpu | quote }} - memory: {{ .Values.ai.resources.limits.memory | quote }} + {{- if .Values.ai.enabled }} + {{- if eq .Values.ai.mode "bundled" }} + - name: codetogether-llm + image: "{{ .Values.ai.image.repository }}:{{ .Values.ai.image.tag }}" + imagePullPolicy: Always + ports: + - name: ai + containerPort: 8000 + protocol: TCP + resources: + requests: + cpu: {{ .Values.ai.resources.requests.cpu | quote }} + memory: {{ .Values.ai.resources.requests.memory | quote }} + limits: + cpu: {{ .Values.ai.resources.limits.cpu | quote }} + memory: {{ .Values.ai.resources.limits.memory | quote }} + {{- end }} {{- end }} - name: {{ .Chart.Name }} securityContext: @@ -56,22 +58,24 @@ spec: - name: AI_BUNDLED_URL value: "http://codetogether-llm:8000" {{- end }} - {{- if eq .Values.ai.mode "external" }} - - name: AI_PROVIDER - valueFrom: - configMapKeyRef: - name: ai-config - key: ai_provider - - name: AI_EXTERNAL_URL - valueFrom: - configMapKeyRef: - name: ai-config - key: ai_url - - name: AI_EXTERNAL_API_KEY - valueFrom: - secretKeyRef: - name: ai-external-secret - key: api-key + {{- if .Values.ai.enabled }} + {{- if eq .Values.ai.mode "external" }} + - name: AI_PROVIDER + valueFrom: + configMapKeyRef: + name: ai-config + key: ai_provider + - name: AI_EXTERNAL_URL + valueFrom: + configMapKeyRef: + name: ai-config + key: ai_url + - name: AI_EXTERNAL_API_KEY + valueFrom: + secretKeyRef: + name: ai-external-secret + key: api-key + {{- end }} {{- end }} # # Set CodeTogether runtime configuration diff --git a/charts/intel/values.yaml b/charts/intel/values.yaml index ac9227e..04507b2 100644 --- a/charts/intel/values.yaml +++ b/charts/intel/values.yaml @@ -139,6 +139,7 @@ securityContext: {} # runAsUser: 1000 ai: + enabled: false mode: "bundled" # Options: bundled | external provider: "ollama" # No OpenAI dependency resources: