Description
The OpenAB Helm chart currently covers the minimal install path well, but lacks several common deployment controls that operators expect from a production-ready chart, including imagePullSecrets, health probes, initContainers, extra containers, extra volumes, pod annotations/labels, and serviceAccountName.
This forces users to either fork the chart, patch rendered manifests post-helm template, or rebuild custom images for relatively minor deployment-specific needs.
Use Case
- Private registry deployments require imagePullSecrets
- Health check integration with orchestrators requires livenessProbe / readinessProbe / startupProbe
- Startup bootstrap (e.g. pulling config, preparing workspace) requires initContainers
- Log collectors, monitoring agents require extra containers
- Injecting downward API fields (e.g. metadata.name) or external secrets requires polymorphic env with valueFrom support
- Service mesh and observability integrations require pod annotations/labels
Proposed Solution
Pod/deployment extensibility (Deployment.spec.template scope only):
- imagePullSecrets (global + per-agent, with explicit opt-out)
- Per-agent imagePullPolicy, serviceAccountName
- livenessProbe, readinessProbe, startupProbe, lifecycle
- initContainers, extraContainers
- extraVolumes, extraVolumeMounts
- podAnnotations, podLabels (global + per-agent, merged with reserved-key protection)
- Polymorphic env rendering (string values + valueFrom maps)
- PodDisruptionBudget
- Chart-managed ServiceAccount with RBAC
- Generic extra objects (extraDeploy)
Implementation: #380
Description
The OpenAB Helm chart currently covers the minimal install path well, but lacks several common deployment controls that operators expect from a production-ready chart, including imagePullSecrets, health probes, initContainers, extra containers, extra volumes, pod annotations/labels, and serviceAccountName.
This forces users to either fork the chart, patch rendered manifests post-helm template, or rebuild custom images for relatively minor deployment-specific needs.
Use Case
Proposed Solution
Pod/deployment extensibility (Deployment.spec.template scope only):
Implementation: #380