Skip to content

Commit 49dd2d2

Browse files
chuckbutkusopenhands-agentaivong-openhands
authored
Sync runtime api chart (#304)
* Sync runtime-api helm chart with source repository - Update Chart.yaml, Chart.lock, and values.yaml - Update all template files to match source - Add monitoring.yaml for monitoring configuration - Add test-keys-cleanup-cronjob.yaml for test key cleanup - Remove obsolete ingress-base-configmap.yaml Co-authored-by: openhands <openhands@all-hands.dev> * Some merge fixes * More merge fixes * More merge fixes * More merge fixes * Merge fixes * Remove unnecessary values * Monitoring off by default * Update serviceaccount.yaml * Add wait-for-postgres hook job to ensure PostgreSQL is ready before migrations This adds a new Helm hook job that waits for PostgreSQL to be ready before the migrate-db job runs. The wait-for-postgres job has hook weight -10, which ensures it runs before migrate-db (weight -5). This guarantees PostgreSQL is accepting connections before database migrations are attempted. * Add wait-for-postgres hook job to runtime-api chart This adds a wait-for-postgres hook job to the runtime-api chart with hook weight -10, ensuring PostgreSQL is ready before the migrate-db job (weight -5) runs. The job only runs when: - postgresql.enabled or postgresql.postMigrate is true - externalDatabase.enabled is false * Fix postgres startup ordering for runtime-api migrate-db job Changes: 1. Add wait-for-postgres init container to runtime-api migrate-db job when postgresql.postMigrate is true (not just for externalDatabase) 2. Change openhands Chart.yaml to use local runtime-api chart (file://../runtime-api) instead of OCI registry 3. Remove separate wait-for-postgres hook job (using init container instead) This ensures the migrate-db job waits for PostgreSQL to be ready before attempting to run migrations, preventing the helm install from blocking. * Add postMigrate default value to runtime-api values.yaml The postMigrate value was not defined in the default values, which caused Helm to not properly merge the parent chart's override. This resulted in the migrate-db job running as a pre-install hook instead of post-install, creating a deadlock where the job waits for PostgreSQL but PostgreSQL can't be deployed until the hook completes. Adding postMigrate: false as a default allows Helm to properly merge the parent chart's runtime-api.postgresql.postMigrate: true setting. * Fix nil pointer errors when accessing hyphenated value keys Add nil checks before accessing nested keys in hyphenated value names (runtime-api, litellm-helm) to prevent 'index of nil pointer' errors when these values aren't defined in the merged values. * fix: Use separate ServiceAccount for migrate-db hook to prevent pod failures The ServiceAccount was configured with Helm hooks (pre-install,pre-upgrade) to ensure it exists before the migrate-db job runs. However, this caused the ServiceAccount to be recreated during helm upgrade, invalidating tokens for running pods and causing runtime-api pod failures until restart. Solution: - Keep the main ServiceAccount (runtime-api-sa) as a regular resource for the deployment and cronjobs - this persists across upgrades - Create a separate hook ServiceAccount (runtime-api-sa-hook) with the Helm hooks for the migrate-db job - this can safely be recreated This ensures: 1. The migrate-db job still has a ServiceAccount available during hooks 2. Running pods keep their valid tokens across upgrades * Fixes * Update chart versions * Update chart versions * Fix runtime-api repo * Fix runtime-api name and bump version * Bump * Update runtime-api tag * Fix tag * Fix value file * Update lock file * Update charts/runtime-api/templates/clusterrole.yaml Co-authored-by: aivong-openhands <ai.vong@openhands.dev> * Update runtime-api chart version --------- Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: aivong-openhands <ai.vong@openhands.dev>
1 parent 2b62fc0 commit 49dd2d2

19 files changed

Lines changed: 237 additions & 43 deletions

charts/openhands/Chart.lock

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,6 @@ dependencies:
2222
version: 20.3.0
2323
- name: runtime-api
2424
repository: oci://ghcr.io/all-hands-ai/helm-charts
25-
version: 0.1.20
26-
digest: sha256:993e079383b8356e71d7b12cdc0ae82ee0747f5ce72a9d7307471aa2c9be0da9
27-
generated: "2026-01-15T17:32:49.752308-05:00"
25+
version: 0.1.21-alpha.304
26+
digest: sha256:91de387fcf3da78462ebabb94fb05a5c04733362c9e70c87f3bf56ad583abd1b
27+
generated: "2026-03-03T15:22:05.190106883-05:00"

charts/openhands/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
description: OpenHands is an AI-driven autonomous software engineer
33
name: openhands
44
appVersion: 0.62.0
5-
version: 0.2.1
5+
version: 0.2.3
66
maintainers:
77
- name: rbren
88
- name: xingyao
@@ -38,5 +38,5 @@ dependencies:
3838
condition: redis.enabled
3939
- name: runtime-api
4040
repository: oci://ghcr.io/all-hands-ai/helm-charts
41-
version: 0.1.20
41+
version: 0.1.21
4242
condition: runtime-api.enabled

charts/openhands/templates/_env.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,10 @@
4949
- name: FILE_STORE
5050
value: {{ .Values.filestore.type }}
5151
{{- end }}
52+
{{- if .Values.filestore.provider }}
53+
- name: SHARED_EVENT_STORAGE_PROVIDER
54+
value: {{ .Values.filestore.provider }}
55+
{{- end }}
5256
{{- if .Values.runtime.runAsRoot }}
5357
- name: SANDBOX_USER_ID
5458
value: '0'
@@ -187,7 +191,7 @@
187191
- name: LITE_LLM_API_URL
188192
value: {{ .Values.litellm.url }}
189193
{{- end }}
190-
{{- if index .Values "litellm-helm" "enabled" }}
194+
{{- if and (index .Values "litellm-helm") (index .Values "litellm-helm" "enabled") }}
191195
- name: LITE_LLM_API_KEY
192196
valueFrom:
193197
secretKeyRef:

charts/openhands/templates/service.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ spec:
1313
selector:
1414
app: openhands
1515
type: ClusterIP
16-
{{- if index .Values "runtime-api" "enabled" }}
16+
{{- if and (index .Values "runtime-api") (index .Values "runtime-api" "enabled") }}
1717
---
1818
apiVersion: v1
1919
kind: Service
@@ -69,7 +69,7 @@ spec:
6969
app.kubernetes.io/name: redis
7070
app.kubernetes.io/component: master
7171
{{- end }}
72-
{{- if index .Values "litellm-helm" "enabled" }}
72+
{{- if and (index .Values "litellm-helm") (index .Values "litellm-helm" "enabled") }}
7373
---
7474
apiVersion: v1
7575
kind: Service
Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
{{- if and .Values.postgresql.enabled .Values.migrationJob.enabled (not .Values.externalDatabase.enabled) }}
2+
apiVersion: batch/v1
3+
kind: Job
4+
metadata:
5+
name: wait-for-postgres
6+
annotations:
7+
"helm.sh/hook": "post-install,post-upgrade"
8+
"helm.sh/hook-weight": "-10"
9+
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
10+
spec:
11+
ttlSecondsAfterFinished: 300
12+
backoffLimit: 30
13+
activeDeadlineSeconds: 300
14+
template:
15+
metadata:
16+
name: wait-for-postgres
17+
spec:
18+
serviceAccountName: {{ .Values.serviceAccount.name }}
19+
restartPolicy: OnFailure
20+
{{- with .Values.securityContext }}
21+
securityContext:
22+
{{- toYaml . | nindent 8 }}
23+
{{- end }}
24+
{{- with .Values.imagePullSecrets }}
25+
imagePullSecrets:
26+
{{- toYaml . | nindent 8 }}
27+
{{- end }}
28+
containers:
29+
- name: wait-for-postgres
30+
image: "bitnamilegacy/postgresql:latest"
31+
command: ['sh', '-c']
32+
args:
33+
- |
34+
DB_HOST="oh-main-postgresql"
35+
echo "Waiting for PostgreSQL at $DB_HOST to be ready..."
36+
until PGPASSWORD=$DB_PASS psql -h $DB_HOST -p 5432 -U postgres -c '\q' > /dev/null 2>&1; do
37+
echo "PostgreSQL is unavailable - sleeping for 2 seconds"
38+
sleep 2
39+
done
40+
echo "PostgreSQL is up and running!"
41+
env:
42+
{{- include "openhands.env" . | nindent 12 }}
43+
{{- end }}

charts/runtime-api/Chart.lock

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
dependencies:
22
- name: postgresql
33
repository: https://charts.bitnami.com/bitnami
4-
version: 15.5.38
4+
version: 15.5.32
55
- name: helm-release-pruner
66
repository: https://charts.fairwinds.com/stable
77
version: 3.3.0
8-
digest: sha256:9f911cd2f97b7cbaa03b13b538f1ee44e0fb589f40c797c71ccc032e3a669ba5
9-
generated: "2025-08-12T22:14:25.137674542-04:00"
8+
digest: sha256:2624e849f4565a8eb318f74efecedb84037f025f80796663db9c78f4bcdd80a8
9+
generated: "2024-09-18T17:44:55.142745222-04:00"

charts/runtime-api/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
apiVersion: v2
22
name: runtime-api
3-
description: A Helm chart for the Flask application
4-
version: 0.1.20 # Change this to trigger a new helm chart version being published
3+
description: A Helm chart for the FastAPI application
4+
version: 0.1.21 # Change this to trigger a new helm chart version being published
55
appVersion: "1.0.0"
66
dependencies:
77
- name: postgresql

charts/runtime-api/templates/cleanup-cronjob.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,11 @@ metadata:
77
spec:
88
schedule: {{ .Values.cleanup.schedule | quote }}
99
concurrencyPolicy: Forbid
10+
successfulJobsHistoryLimit: {{ .Values.jobSettings.successfulJobsHistoryLimit }}
11+
failedJobsHistoryLimit: {{ .Values.jobSettings.failedJobsHistoryLimit }}
1012
jobTemplate:
1113
spec:
14+
activeDeadlineSeconds: {{ .Values.jobSettings.activeDeadlineSeconds }}
1215
template:
1316
spec:
1417
{{- with .Values.securityContext }}
@@ -43,5 +46,7 @@ spec:
4346
- name: ingress-base-config
4447
mountPath: /ingress-base
4548
{{- end }}
49+
resources:
50+
{{- toYaml .Values.jobSettings.resources | nindent 14 }}
4651
restartPolicy: OnFailure
4752
{{- end }}

charts/runtime-api/templates/create-db-user-job.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ metadata:
77
"helm.sh/hook": "pre-install,pre-upgrade"
88
"helm.sh/hook-weight": "-10"
99
spec:
10+
activeDeadlineSeconds: {{ .Values.jobSettings.activeDeadlineSeconds }}
1011
template:
1112
spec:
1213
{{- with .Values.securityContext }}
@@ -27,6 +28,8 @@ spec:
2728
secretKeyRef:
2829
name: postgres-password
2930
key: password
31+
resources:
32+
{{- toYaml .Values.jobSettings.resources | nindent 10 }}
3033
command:
3134
- sh
3235
- -c

charts/runtime-api/templates/db-cleanup-cronjob.yaml

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,10 +8,11 @@ metadata:
88
spec:
99
schedule: {{ .Values.dbCleanup.schedule | quote }}
1010
concurrencyPolicy: Forbid
11-
successfulJobsHistoryLimit: {{ .Values.dbCleanup.successfulJobsHistoryLimit }}
12-
failedJobsHistoryLimit: {{ .Values.dbCleanup.failedJobsHistoryLimit }}
11+
successfulJobsHistoryLimit: {{ .Values.jobSettings.successfulJobsHistoryLimit }}
12+
failedJobsHistoryLimit: {{ .Values.jobSettings.failedJobsHistoryLimit }}
1313
jobTemplate:
1414
spec:
15+
activeDeadlineSeconds: {{ .Values.jobSettings.activeDeadlineSeconds }}
1516
template:
1617
spec:
1718
{{- with .Values.securityContext }}
@@ -47,5 +48,7 @@ spec:
4748
- name: ingress-base-config
4849
mountPath: /ingress-base
4950
{{- end }}
51+
resources:
52+
{{- toYaml .Values.jobSettings.resources | nindent 14 }}
5053
restartPolicy: OnFailure
5154
{{- end }}

0 commit comments

Comments
 (0)