From aabe4aa434c4b1248596bf1b642fac450b1dc661 Mon Sep 17 00:00:00 2001 From: Taddeus <8607097+taddeusb90@users.noreply.github.com> Date: Mon, 28 Jul 2025 11:05:16 +0300 Subject: [PATCH] MLO-340: secret fixes (#11) * Updates LLM and embedding configurations to use OpenRouter and Gemini * Renames and significantly expands environment configuration template Renames the environment example file to a standard hidden env template to align with common conventions. Extensively updates and reorganizes configuration options, adding detailed setup for LLM, embedding, storage backends, PostgreSQL, and overall LightRAG processing parameters. Comments out some legacy and optional configuration lines to streamline initial setup and clarify default recommended values. Updates gitignore to exclude various env-related files to protect sensitive keys and improve environment management. * Updates default config with improved LLM and processing settings * Adds openai-compatible environment file to .gitignore * Adds new environment files to ignore list * Refactor API key handling and PostgreSQL host naming --- k8s-deploy/lightrag-minimal/templates/_helpers.tpl | 2 +- k8s-deploy/lightrag-minimal/templates/deployment.yaml | 6 ++++-- k8s-deploy/lightrag-minimal/templates/secret.yaml | 2 ++ k8s-deploy/lightrag-minimal/values.yaml | 7 +++++-- 4 files changed, 12 insertions(+), 5 deletions(-) diff --git a/k8s-deploy/lightrag-minimal/templates/_helpers.tpl b/k8s-deploy/lightrag-minimal/templates/_helpers.tpl index 711cb911..f7d213f8 100644 --- a/k8s-deploy/lightrag-minimal/templates/_helpers.tpl +++ b/k8s-deploy/lightrag-minimal/templates/_helpers.tpl @@ -73,7 +73,7 @@ PostgreSQL connection string */}} {{- define "lightrag-minimal.postgresqlHost" -}} {{- if .Values.postgresql.enabled }} -{{- printf "%s-postgresql" (include "lightrag-minimal.fullname" .) }} +{{- printf "%s-postgresql" .Release.Name }} {{- else }} {{- .Values.env.POSTGRES_HOST }} {{- end }} diff --git a/k8s-deploy/lightrag-minimal/templates/deployment.yaml b/k8s-deploy/lightrag-minimal/templates/deployment.yaml index 25efb089..b0ec5bfb 100644 --- a/k8s-deploy/lightrag-minimal/templates/deployment.yaml +++ b/k8s-deploy/lightrag-minimal/templates/deployment.yaml @@ -61,7 +61,7 @@ spec: valueFrom: secretKeyRef: name: {{ include "lightrag-minimal.secretName" . }} - key: openai-api-key + key: llm-api-key # Embedding configuration - name: EMBEDDING_BINDING @@ -70,11 +70,13 @@ spec: value: {{ .Values.env.EMBEDDING_MODEL | quote }} - name: EMBEDDING_DIM value: {{ .Values.env.EMBEDDING_DIM | quote }} + - name: EMBEDDING_BINDING_HOST + value: {{ .Values.env.EMBEDDING_BINDING_HOST | quote }} - name: EMBEDDING_BINDING_API_KEY valueFrom: secretKeyRef: name: {{ include "lightrag-minimal.secretName" . }} - key: openai-api-key + key: embedding-api-key # Storage configuration - name: LIGHTRAG_KV_STORAGE diff --git a/k8s-deploy/lightrag-minimal/templates/secret.yaml b/k8s-deploy/lightrag-minimal/templates/secret.yaml index f86c5eb8..a8349dd9 100644 --- a/k8s-deploy/lightrag-minimal/templates/secret.yaml +++ b/k8s-deploy/lightrag-minimal/templates/secret.yaml @@ -7,4 +7,6 @@ metadata: type: Opaque data: openai-api-key: {{ .Values.secrets.openaiApiKey | b64enc | quote }} + llm-api-key: {{ .Values.secrets.llmApiKey | b64enc | quote }} + embedding-api-key: {{ .Values.secrets.embeddingApiKey | b64enc | quote }} postgres-password: {{ .Values.postgresql.auth.password | b64enc | quote }} \ No newline at end of file diff --git a/k8s-deploy/lightrag-minimal/values.yaml b/k8s-deploy/lightrag-minimal/values.yaml index c50bd6b0..28b34c4e 100644 --- a/k8s-deploy/lightrag-minimal/values.yaml +++ b/k8s-deploy/lightrag-minimal/values.yaml @@ -128,8 +128,11 @@ env: # Secret configuration for API keys secrets: - # Create a secret with your OpenAI API key - openaiApiKey: "" # Set this or create manually + # Create a secret with your API keys + openaiApiKey: "" # Legacy field, kept for backward compatibility + llmApiKey: "" # API key for LLM service (e.g., OpenRouter) + embeddingApiKey: "" # API key for embedding service (e.g., Google Gemini) + # Node selector and affinity nodeSelector: {}