diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 594a7e4..ce4041a 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -65,7 +65,6 @@ jobs: helm repo add open-webui https://helm.openwebui.com/ helm repo add tika https://apache.jfrog.io/artifactory/tika/ helm repo add redis https://charts.bitnami.com/bitnami - helm repo add milvus https://zilliztech.github.io/milvus-helm - name: Run chart-releaser uses: helm/chart-releaser-action@v1.7.0 diff --git a/.github/workflows/helm-test-open-webui.yml b/.github/workflows/helm-test-open-webui.yml index 68d7708..0c4c29c 100644 --- a/.github/workflows/helm-test-open-webui.yml +++ b/.github/workflows/helm-test-open-webui.yml @@ -26,7 +26,6 @@ jobs: helm repo add open-webui https://helm.openwebui.com/ helm repo add tika https://apache.jfrog.io/artifactory/tika/ helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add milvus https://zilliztech.github.io/milvus-helm - name: Build open-webui Helm dependencies run: | @@ -60,7 +59,6 @@ jobs: helm repo add open-webui https://helm.openwebui.com/ helm repo add tika https://apache.jfrog.io/artifactory/tika/ helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add milvus https://zilliztech.github.io/milvus-helm - name: Build open-webui Helm dependencies run: | diff --git a/charts/open-webui/Chart.lock b/charts/open-webui/Chart.lock index 8140978..f5f3dbd 100644 --- a/charts/open-webui/Chart.lock +++ b/charts/open-webui/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: ollama repository: https://otwld.github.io/ollama-helm/ - version: 1.15.0 + version: 1.16.0 - name: pipelines repository: https://helm.openwebui.com version: 0.5.0 @@ -14,8 +14,5 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami version: 16.6.6 -- name: milvus - repository: https://zilliztech.github.io/milvus-helm - version: 4.2.48 -digest: sha256:2b9b6b33588c4c20ec06dc82186d9a3e78cf0f27c5ff0ef2120ecf8eacdd94d3 -generated: "2025-05-06T00:10:31.22+09:00" +digest: sha256:e997cdfe986786c1a53b8e5dfadb421c85b3c3ba2f8d37196976393667c613f8 +generated: "2025-05-06T08:08:25.994365-06:00" diff --git a/charts/open-webui/Chart.yaml b/charts/open-webui/Chart.yaml index 3fee9fe..078b572 100644 --- a/charts/open-webui/Chart.yaml +++ b/charts/open-webui/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: open-webui -version: 6.7.0 +version: 6.9.0 appVersion: 0.6.6 home: https://www.openwebui.com/ icon: >- @@ -48,7 +48,3 @@ dependencies: version: '>=15.5.38' alias: postgresql condition: postgresql.enabled - - name: milvus - repository: https://zilliztech.github.io/milvus-helm - version: '>=4.2.40' - condition: milvus.enabled diff --git a/charts/open-webui/README.md b/charts/open-webui/README.md index 095df8a..2a0019e 100644 --- a/charts/open-webui/README.md +++ b/charts/open-webui/README.md @@ -1,6 +1,6 @@ # open-webui -![Version: 6.7.0](https://img.shields.io/badge/Version-6.7.0-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) +![Version: 6.9.0](https://img.shields.io/badge/Version-6.9.0-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋 @@ -38,10 +38,41 @@ helm upgrade --install open-webui open-webui/open-webui | https://charts.bitnami.com/bitnami | redis-cluster(redis) | >=20.6.2 | | https://helm.openwebui.com | pipelines | >=0.0.1 | | https://otwld.github.io/ollama-helm/ | ollama | >=0.24.0 | -| https://zilliztech.github.io/milvus-helm | milvus | >=4.2.40 | ## Values +### Azure Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | +| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage | +| persistence.azure.key | string | `""` | Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | +| persistence.azure.keyExistingSecret | string | `""` | Set the access key for Azure Storage from existing secret | +| persistence.azure.keyExistingSecretKey | string | `""` | Set the access key for Azure Storage from existing secret key | + +### Google Cloud Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | +| persistence.gcs.appCredentialsJsonExistingSecret | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret | +| persistence.gcs.appCredentialsJsonExistingSecretKey | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key | +| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | + +### Amazon S3 Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | +| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | +| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | +| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | +| persistence.s3.region | string | `""` | Sets the region name for S3 storage | +| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) | +| persistence.s3.secretKeyExistingSecret | string | `""` | Set the secret access key for S3 storage from existing k8s secret | +| persistence.s3.secretKeyExistingSecretKey | string | `""` | Set the secret access key for S3 storage from existing k8s secret key | + ### SSO Configuration | Key | Type | Default | Description | @@ -143,11 +174,6 @@ helm upgrade --install open-webui open-webui/open-webui | managedCertificate.domains[0] | string | `"chat.example.com"` | | | managedCertificate.enabled | bool | `false` | | | managedCertificate.name | string | `"mydomain-chat-cert"` | | -| milvus.db | string | `"default"` | Active Milvus database for RAG with env `MILVUS_DB` ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_db | -| milvus.enabled | bool | `false` | Enable Milvus installation. Deploys a Milvus cluster/standalone with subchart 'milvus' from zilliztech ref: https://github.com/zilliztech/milvus-helm/tree/master/charts/milvus | -| milvus.fullnameOverride | string | `"open-webui-milvus"` | Milvus fullname override (recommended to be 'open-webui-milvus') - In this case, the Milvus uri will be 'http://[username:password@]open-webui-milvus:19530' | -| milvus.token | object | `{}` | Active Milvus token for RAG with env `MILVUS_TOKEN` ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_token | -| milvus.uri | string | `"http://open-webui-milvus:19530"` | Active Milvus URI for RAG with env `MILVUS_URI`. If there is credentials in the uri, it will be used to connect to the Milvus server. ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_uri | | nameOverride | string | `""` | | | namespaceOverride | string | `""` | | | nodeSelector | object | `{}` | Node labels for pod assignment. | @@ -159,20 +185,9 @@ helm upgrade --install open-webui open-webui/open-webui | openaiBaseApiUrls | list | `[]` | OpenAI base API URLs to use. Overwrites the value in openaiBaseApiUrl if set | | persistence.accessModes | list | `["ReadWriteOnce"]` | If using multiple replicas, you must update accessModes to ReadWriteMany | | persistence.annotations | object | `{}` | | -| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | -| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage | -| persistence.azure.key | string | `""` | Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | | persistence.enabled | bool | `true` | | | persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one | -| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | -| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | | persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` | -| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | -| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | -| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | -| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | -| persistence.s3.region | string | `""` | Sets the region name for S3 storage | -| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage | | persistence.selector | object | `{}` | | | persistence.size | string | `"2Gi"` | | | persistence.storageClass | string | `""` | | @@ -183,10 +198,6 @@ helm upgrade --install open-webui open-webui/open-webui | podLabels | object | `{}` | | | podSecurityContext | object | `{}` | Configure pod security context ref: | | postgresql | object | `{"architecture":"standalone","auth":{"database":"open-webui","password":"0p3n-w3bu!","postgresPassword":"0p3n-w3bu!","username":"open-webui"},"enabled":false,"fullnameOverride":"open-webui-postgres","primary":{"persistence":{"size":"1Gi"},"resources":{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"250m","memory":"256Mi"}}}}` | Postgresql configuration (see. https://artifacthub.io/packages/helm/bitnami/postgresql) | -| rag.embeddingEngine | string | `""` | Embedding engine to use for RAG with env `RAG_EMBEDDING_ENGINE`: ""(empty), "ollama", "openai" ref: https://docs.openwebui.com/getting-started/env-configuration#rag_embedding_engine | -| rag.embeddingModel | string | `""` | Embedding model to use for RAG with env `RAG_EMBEDDING_MODEL` ref: https://docs.openwebui.com/getting-started/env-configuration#rag_embedding_model | -| rag.enabled | bool | `false` | Enable RAG ref: https://docs.openwebui.com/getting-started/env-configuration#retrieval-augmented-generation-rag | -| rag.vectorDB | string | `""` | Vector database configuration ref: https://docs.openwebui.com/getting-started/env-configuration#vector_db | | readinessProbe | object | `{}` | Probe for readiness of the Open WebUI container ref: | | redis-cluster | object | `{"auth":{"enabled":false},"enabled":false,"fullnameOverride":"open-webui-redis","replica":{"replicaCount":3}}` | Deploys a Redis cluster with subchart 'redis' from bitnami | | redis-cluster.auth | object | `{"enabled":false}` | Redis Authentication | diff --git a/charts/open-webui/templates/workload-manager.yaml b/charts/open-webui/templates/workload-manager.yaml index 0bce866..4da3df2 100644 --- a/charts/open-webui/templates/workload-manager.yaml +++ b/charts/open-webui/templates/workload-manager.yaml @@ -159,7 +159,14 @@ spec: - name: "S3_ACCESS_KEY_ID" value: {{ .Values.persistence.s3.accessKey }} - name: "S3_SECRET_ACCESS_KEY" + {{- if .Values.persistence.s3.secretKeyExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.s3.secretKeyExistingSecret }} + key: {{ .Values.persistence.s3.secretKeyExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.s3.secretKey }} + {{- end }} - name: "S3_ENDPOINT_URL" value: {{ .Values.persistence.s3.endpointUrl }} - name: "S3_BUCKET_NAME" @@ -172,7 +179,14 @@ spec: - name: "STORAGE_PROVIDER" value: {{ .Values.persistence.provider }} - name: "GOOGLE_APPLICATION_CREDENTIALS_JSON" + {{- if .Values.persistence.gcs.appCredentialsJsonExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecret }} + key: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.gcs.appCredentialsJson }} + {{- end }} - name: "GCS_BUCKET_NAME" value: {{ .Values.persistence.gcs.bucket }} {{- else if eq .Values.persistence.provider "azure" }} @@ -183,8 +197,15 @@ spec: - name: "AZURE_STORAGE_CONTAINER_NAME" value: {{ .Values.persistence.azure.container }} - name: "AZURE_STORAGE_KEY" + {{- if .Values.persistence.azure.keyExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.azure.keyExistingSecret }} + key: {{ .Values.persistence.azure.keyExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.azure.key }} {{- end }} + {{- end }} {{- if .Values.websocket.enabled }} - name: "ENABLE_WEBSOCKET_SUPPORT" value: "True" @@ -299,28 +320,6 @@ spec: {{- end }} {{- end }} {{- end }} - {{- if .Values.rag.enabled }} - - name: "VECTOR_DB" - value: {{ .Values.rag.vectorDB | default "croma" | quote }} - {{- if and .Values.rag.enabled .Values.rag.embeddingEngine }} - - name: "RAG_EMBEDDING_ENGINE" - value: {{ .Values.rag.embeddingEngine | quote }} - {{- end }} - {{- if and .Values.rag.enabled .Values.rag.embeddingModel }} - - name: "RAG_EMBEDDING_MODEL" - value: {{ .Values.rag.embeddingModel | quote }} - {{- end }} - {{- end }} - {{- if .Values.milvus.enabled }} - - name: "MILVUS_URI" - value: {{ .Values.milvus.uri | default "${DATA_DIR}/vector_db/milvus.db" | quote }} - - name: "MILVUS_DB" - value: {{ .Values.milvus.db | default "default" | quote }} - {{- if and .Values.milvus.enabled .Values.milvus.token }} - - name: "MILVUS_TOKEN" - value: {{ .Values.milvus.token | quote }} - {{- end }} - {{- end }} {{- if .Values.extraEnvVars }} {{- toYaml .Values.extraEnvVars | nindent 8 }} {{- end }} diff --git a/charts/open-webui/values-rag-milvus.yaml b/charts/open-webui/values-rag-milvus.yaml deleted file mode 100644 index 64745c3..0000000 --- a/charts/open-webui/values-rag-milvus.yaml +++ /dev/null @@ -1,53 +0,0 @@ -rag: - # -- Enable RAG - # ref: https://docs.openwebui.com/getting-started/env-configuration#retrieval-augmented-generation-rag - enabled: true - vectorDB: milvus - embeddingEngine: "" - embeddingModel: "" - -milvus: - # -- Enable Milvus installation. Deploys a Milvus cluster/standalone with subchart 'milvus' from zilliztech - # ref: https://github.com/zilliztech/milvus-helm/tree/master/charts/milvus - enabled: true - uri: "http://open-webui-milvus:19530" - db: default - token: {} - cluster: - enabled: false # This means that the Milvus runs with standalone mode - minio: - enabled: true - resources: - requests: - memory: 50Mi - persistence: - enabled: true - size: 1Gi - etcd: - enabled: true - pulsar: - enabled: false - pulsarv3: - enabled: false - kafka: - enabled: false - externalS3: - enabled: false - externalEtcd: - enabled: false - -livenessProbe: - httpGet: - path: /health - port: http -readinessProbe: - httpGet: - path: /health/db - port: http -startupProbe: - httpGet: - path: /health - port: http - initialDelaySeconds: 30 # Adjust this value according to the startup time of the application - periodSeconds: 10 # Adjust this value according to the startup time of the application - failureThreshold: 20 # Adjust this value according to the startup time of the application diff --git a/charts/open-webui/values.yaml b/charts/open-webui/values.yaml index 0218bfb..80d6422 100644 --- a/charts/open-webui/values.yaml +++ b/charts/open-webui/values.yaml @@ -111,39 +111,6 @@ redis-cluster: # -- Number of Redis replica instances replicaCount: 3 -rag: - # -- Enable RAG - # ref: https://docs.openwebui.com/getting-started/env-configuration#retrieval-augmented-generation-rag - enabled: false - # -- Vector database configuration - # ref: https://docs.openwebui.com/getting-started/env-configuration#vector_db - vectorDB: "" - # -- Embedding engine to use for RAG with env `RAG_EMBEDDING_ENGINE`: ""(empty), "ollama", "openai" - # ref: https://docs.openwebui.com/getting-started/env-configuration#rag_embedding_engine - embeddingEngine: "" - # -- Embedding model to use for RAG with env `RAG_EMBEDDING_MODEL` - # ref: https://docs.openwebui.com/getting-started/env-configuration#rag_embedding_model - embeddingModel: "" - -milvus: - # -- Enable Milvus installation. Deploys a Milvus cluster/standalone with subchart 'milvus' from zilliztech - # ref: https://github.com/zilliztech/milvus-helm/tree/master/charts/milvus - enabled: false - # -- Milvus fullname override (recommended to be 'open-webui-milvus') - # - In this case, the Milvus uri will be 'http://[username:password@]open-webui-milvus:19530' - fullnameOverride: open-webui-milvus - # -- Active Milvus URI for RAG with env `MILVUS_URI`. If there is credentials in the uri, it will be used to connect to the Milvus server. - # ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_uri - uri: "http://open-webui-milvus:19530" - # -- Example `milvus.uri` with credentials (Not recommended for production. Use `env` with `secretKeyRef` instead) - # uri: "http://username:password@open-webui-milvus:19530" - # -- Active Milvus database for RAG with env `MILVUS_DB` - # ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_db - db: default - # -- Active Milvus token for RAG with env `MILVUS_TOKEN` - # ref: https://docs.openwebui.com/getting-started/env-configuration#milvus_token - token: {} - # -- Value of cluster domain clusterDomain: cluster.local @@ -248,29 +215,58 @@ persistence: provider: local s3: # -- Sets the access key ID for S3 storage + # @section -- Amazon S3 Storage configuration accessKey: "" - # -- Sets the secret access key for S3 storage + # -- Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) + # @section -- Amazon S3 Storage configuration secretKey: "" + # -- Set the secret access key for S3 storage from existing k8s secret + # @section -- Amazon S3 Storage configuration + secretKeyExistingSecret: "" + # -- Set the secret access key for S3 storage from existing k8s secret key + # @section -- Amazon S3 Storage configuration + secretKeyExistingSecretKey: "" # -- Sets the endpoint url for S3 storage + # @section -- Amazon S3 Storage configuration endpointUrl: "" # -- Sets the region name for S3 storage - region: "" + # @section -- Amazon S3 Storage configuration + region: "" # -- Sets the bucket name for S3 storage - bucket: "" + # @section -- Amazon S3 Storage configuration + bucket: "" # -- Sets the key prefix for a S3 object + # @section -- Amazon S3 Storage configuration keyPrefix: "" gcs: - # -- Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + # -- Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + # @section -- Google Cloud Storage configuration appCredentialsJson: "" + # -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret + # @section -- Google Cloud Storage configuration + appCredentialsJsonExistingSecret: "" + # -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key + # @section -- Google Cloud Storage configuration + appCredentialsJsonExistingSecretKey: "" # -- Sets the bucket name for Google Cloud Storage. Bucket must already exist + # @section -- Google Cloud Storage configuration bucket: "" azure: # -- Sets the endpoint URL for Azure Storage + # @section -- Azure Storage configuration endpointUrl: "" # -- Sets the container name for Azure Storage + # @section -- Azure Storage configuration container: "" - # -- Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + # -- Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + # @section -- Azure Storage configuration key: "" + # -- Set the access key for Azure Storage from existing secret + # @section -- Azure Storage configuration + keyExistingSecret: "" + # -- Set the access key for Azure Storage from existing secret key + # @section -- Azure Storage configuration + keyExistingSecretKey: "" # -- Node labels for pod assignment. nodeSelector: {}