Improve Helm Chart

.github/workflows/helmcharts.yml

@@ -29,5 +29,8 @@ jobs:
 
       - name: Run chart-releaser
         uses: helm/[email protected]
+        with:
+          charts_dir: helm
+          skip_existing: true
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.gitignore

@@ -105,4 +105,9 @@ auth.json
 uploads/
 
 # owner
-release/
+release/
+
+# Helm
+helm/librechat/Chart.lock
+helm/**/charts/
+helm/**/.values.yaml

helm/librechat-rag-api/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 15.5.38
+digest: sha256:6dbed6171e0b736f43c92dadf97cfc4014555bfc0a4a2a760c4207b8b1b3095e
+generated: "2025-01-08T04:41:40.830230791+01:00"

helm/librechat-rag-api/Chart.yaml

@@ -0,0 +1,33 @@
+apiVersion: v2
+name: librechat-rag-api
+description: A Helm chart for LibreChat
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.5
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+
+# renovate: image=ghcr.io/danny-avila/librechat-rag-api-dev
+appVersion: "v0.3.0"
+
+home: https://www.librechat.ai
+
+dependencies:
+  - name: postgresql
+    version: "15.5.38"
+    condition: postgresql.enabled
+    repository: "https://charts.bitnami.com/bitnami"

helm/librechat-rag-api/readme.md

@@ -0,0 +1,4 @@
+# Librechat RAG API Helm CHart
+
+> [!WARNING]  
+> This Helm-Chart is needed for LibreChat and Deployment information is documented in (the librechat chart)[../librechat/readme.md]

helm/librechat-rag-api/templates/_helpers.tpl

@@ -0,0 +1,65 @@
+
+
+
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "rag.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+
+{{- define "rag.fullname" -}}
+{{- if $.Values.fullnameOverride }}
+{{- $.Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "rag.labels" -}}
+helm.sh/chart: {{ include "rag.chart" . }}
+{{ include "rag.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+
+{{/*
+RAG Selector labels
+*/}}
+{{- define "rag.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "rag.fullname" . }}-rag
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "rag.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "rag.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+
+{{- define "rag.dbsecretValue" -}}
+{{- $secret :=  .Values.postgresql.auth.existingSecret -}}
+{{- $key := "password" -}}
+{{- printf "%s" (include "exec" (dict "command" "kubectl" "args" (list "get" "secret" $secret "-o=jsonpath={.data." $key "}"))) | b64enc -}}
+{{- end -}}

helm/librechat-rag-api/templates/configmap.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "rag.fullname" $ | lower}}-config
+data:
+  POSTGRES_DB: {{ .Values.postgresql.auth.database }}
+  POSTGRES_USER: {{ .Values.postgresql.auth.username }}
+  DB_HOST: {{ .Release.Name }}-postgresql.{{ .Release.Namespace | lower }}.svc.cluster.local
+  {{- toYaml .Values.rag.configEnv | nindent 2 }} 

helm/librechat-rag-api/templates/rag-deployment.yaml

@@ -0,0 +1,94 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "rag.fullname" $ }}
+  labels:
+    {{- include "rag.labels" . | nindent 4 }}
+    rag-component: rag
+spec:
+  replicas: {{ .Values.rag.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "rag.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      annotations:
+        {{- with .Values.rag.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      labels:
+        {{- include "rag.selectorLabels" . | nindent 8 }}
+        {{- with .Values.rag.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ include "rag.fullname" $ }}-rag
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            {{- toYaml .Values.livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .Values.readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          envFrom:
+          - configMapRef:
+              name: {{ include "rag.fullname" $ }}-config
+          {{- if .Values.rag.existingSecret }}
+          - secretRef:
+              name: {{ .Values.rag.existingSecret }}
+          {{- end }}
+          env:
+          {{- if .Values.postgresql.auth.existingSecret }}
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.postgresql.auth.existingSecret }}
+                key: {{ .Values.postgresql.auth.existingSecretKey }}
+          {{- end }}
+          {{- if .Values.global.librechat.existingSecretName }}
+          - name: OPENAI_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.global.librechat.existingSecretName }}
+                key: {{ .Values.global.librechat.existingSecretApiKey }}
+                optional: true
+          {{- end }}
+          {{- with .Values.volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+        {{- with .Values.extraContainers }}
+        {{ toYaml . | nindent 8 }}
+        {{- end }}
+
+
+      volumes:
+      {{- with .Values.volumes }}
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

helm/librechat-rag-api/templates/service.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "rag.fullname" . }}
+  labels:
+    {{- include "rag.labels" . | nindent 4 }}
+  annotations:
+  {{- toYaml .Values.service.annotations | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "rag.selectorLabels" . | nindent 4 }}

helm/librechat-rag-api/templates/tests/test-connection.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "rag.fullname" . }}-test-connection"
+  labels:
+    {{- include "rag.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "rag.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never

helm/librechat-rag-api/templates/vectordb-secret.yaml

@@ -0,0 +1,12 @@
+{{ if not .Values.postgresql.auth.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: librechat-vectordb
+type: Opaque
+data:
+  # generate 32 chars long random string, base64 encode it and then double-quote the result string.
+  postgres-password: {{ randAlphaNum 32 | b64enc | quote }}
+  password: {{ randAlphaNum 32 | b64enc | quote }}
+  replication-password: {{ randAlphaNum 32 | b64enc | quote }}
+{{ end }}

helm/librechat-rag-api/values.yaml

@@ -0,0 +1,95 @@
+# Required as vectorDB for RAG
+# provide context-aware responses based on user-uploaded files
+rag:
+  enabled: true
+  existingSecret: ''
+  configEnv:
+    DB_PORT: '5432'
+    EMBEDDINGS_PROVIDER: openai
+
+image:
+  repository: danny-avila/librechat-rag-api-dev-lite # there is rag-api-dev and rag-api-dev-lite. currently only lite is docuimented
+  registry: ghcr.io
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: latest
+
+postgresql:
+  enabled: true
+  # nameOverride: vectordb
+  image:
+    registry: ghcr.io
+    repository: bat-bs/bitnami-pgvector
+    tag: pg16
+  auth:
+    database: librechat-vectordb
+    username: postgres
+    # define a secret with values for "postgres-password", "password" (user Password)  and "replication-password" or add values directly
+    existingSecret: librechat-vectordb
+    # postgres-password is needed to enable pgvector extension. If you enable it manually you can use "password" and user "librechat"
+    existingSecretKey: postgres-password
+
+imagePullSecrets: []
+nameOverride: ''
+fullnameOverride: ''
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {} # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 8000
+  annotations: {}
+
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+# livenessProbe:
+#   httpGet:
+#     path: /
+#     port: http
+# readinessProbe:
+#   httpGet:
+#     path: /
+#     port: http
+
+# Additional volumes on the output Deployment definition.
+volumes: []
+# - name: foo
+#   secret:
+#     secretName: mysecret
+#     optional: false
+
+# Additional volumeMounts on the output Deployment definition.
+volumeMounts: []
+# - name: foo
+#   mountPath: "/etc/foo"
+#   readOnly: true
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+extraContainers: {}