RHEcosystemAppEng · luis5tb · Mar 11, 2026 · Mar 13, 2026 · Mar 27, 2026
@@ -0,0 +1,12 @@
+apiVersion: v2
+name: lightspeed-agent
+description: Red Hat Lightspeed Agent for OpenShift
+type: application
+version: 0.1.0
+appVersion: "latest"
+keywords:
+  - lightspeed
+  - agent
+  - a2a
+  - redhat
+  - gemini
@@ -0,0 +1,87 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "lightspeed-agent.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+*/}}
+{{- define "lightspeed-agent.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "lightspeed-agent.labels" -}}
+app.kubernetes.io/name: {{ include "lightspeed-agent.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ .Values.agent.image.tag | default .Chart.AppVersion | quote }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/part-of: lightspeed-agent
+helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Selector labels for the agent
+*/}}
+{{- define "lightspeed-agent.agentSelectorLabels" -}}
+app.kubernetes.io/name: {{ include "lightspeed-agent.fullname" . }}
+app.kubernetes.io/component: agent
+{{- end }}
+
+{{/*
+Selector labels for PostgreSQL
+*/}}
+{{- define "lightspeed-agent.postgresqlSelectorLabels" -}}
+app.kubernetes.io/name: {{ include "lightspeed-agent.fullname" . }}-postgresql
+app.kubernetes.io/component: database
+{{- end }}
+
+{{/*
+Selector labels for Redis
+*/}}
+{{- define "lightspeed-agent.redisSelectorLabels" -}}
+app.kubernetes.io/name: {{ include "lightspeed-agent.fullname" . }}-redis
+app.kubernetes.io/component: ratelimit
+{{- end }}
+
+{{/*
+PostgreSQL service name
+*/}}
+{{- define "lightspeed-agent.postgresqlServiceName" -}}
+{{- include "lightspeed-agent.fullname" . }}-postgresql
+{{- end }}
+
+{{/*
+Redis service name
+*/}}
+{{- define "lightspeed-agent.redisServiceName" -}}
+{{- include "lightspeed-agent.fullname" . }}-redis
+{{- end }}
+
+{{/*
+Selector labels for the marketplace handler
+*/}}
+{{- define "lightspeed-agent.handlerSelectorLabels" -}}
+app.kubernetes.io/name: {{ include "lightspeed-agent.fullname" . }}-handler
+app.kubernetes.io/component: handler
+{{- end }}
+
+{{/*
+Handler service name
+*/}}
+{{- define "lightspeed-agent.handlerServiceName" -}}
+{{- include "lightspeed-agent.fullname" . }}-handler
+{{- end }}
@@ -0,0 +1,109 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "lightspeed-agent.fullname" . }}
+  labels:
+    {{- include "lightspeed-agent.labels" . | nindent 4 }}
+    app.kubernetes.io/component: agent
+spec:
+  replicas: {{ .Values.agent.replicas }}
+  selector:
+    matchLabels:
+      {{- include "lightspeed-agent.agentSelectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "lightspeed-agent.agentSelectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        # ===================================================================
+        # Lightspeed Agent
+        # ===================================================================
+        - name: lightspeed-agent
+          image: {{ printf "%s:%s" .Values.agent.image.repository .Values.agent.image.tag }}
+          imagePullPolicy: {{ .Values.agent.image.pullPolicy }}
+          ports:
+            - containerPort: {{ .Values.agent.port }}
+              protocol: TCP
+              name: http
+          envFrom:
+            - configMapRef:
+                name: {{ include "lightspeed-agent.fullname" . }}-config
+          env:
+            - name: GOOGLE_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: GOOGLE_API_KEY
+            - name: GOOGLE_CLOUD_PROJECT
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: GOOGLE_CLOUD_PROJECT
+                  optional: true
+            - name: RED_HAT_SSO_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: RED_HAT_SSO_CLIENT_ID
+            - name: RED_HAT_SSO_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: RED_HAT_SSO_CLIENT_SECRET
+            - name: SESSION_DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: SESSION_DATABASE_URL
+                  optional: true
+            {{- if .Values.handler.enabled }}
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "lightspeed-agent.fullname" . }}-secrets
+                  key: DATABASE_URL
+            {{- end }}
+          resources:
+            {{- toYaml .Values.agent.resources | nindent 12 }}
+          startupProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.agent.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            failureThreshold: 6
+          readinessProbe:
+            httpGet:
+              path: /ready
+              port: {{ .Values.agent.port }}
+            periodSeconds: 10
+            failureThreshold: 3
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.agent.port }}
+            periodSeconds: 30
+            failureThreshold: 3
+
+        # ===================================================================
+        # Red Hat Lightspeed MCP Server (Sidecar)
+        # ===================================================================
+        - name: lightspeed-mcp
+          image: {{ printf "%s:%s" .Values.mcp.image.repository .Values.mcp.image.tag }}
+          imagePullPolicy: {{ .Values.mcp.image.pullPolicy }}
+          envFrom:
+            - configMapRef:
+                name: {{ include "lightspeed-agent.fullname" . }}-config
+          args:
+            - "--debug"
+            - "$(MCP_SERVER_MODE)"
+            - "--port"
+            - "$(MCP_SERVER_PORT)"
+            - "--host"
+            - "$(MCP_SERVER_HOST)"
+          ports:
+            - containerPort: {{ .Values.mcp.port }}
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.mcp.resources | nindent 12 }}
@@ -0,0 +1,20 @@
+{{- if .Values.route.enabled }}
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: {{ include "lightspeed-agent.fullname" . }}
+  labels:
+    {{- include "lightspeed-agent.labels" . | nindent 4 }}
+    app.kubernetes.io/component: agent
+spec:
+  to:
+    kind: Service
+    name: {{ include "lightspeed-agent.fullname" . }}
+    weight: 100
+  port:
+    targetPort: http
+  tls:
+    termination: {{ .Values.route.tls.termination }}
+    insecureEdgeTerminationPolicy: {{ .Values.route.tls.insecureEdgeTerminationPolicy }}
+  wildcardPolicy: None
+{{- end }}
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "lightspeed-agent.fullname" . }}
+  labels:
+    {{- include "lightspeed-agent.labels" . | nindent 4 }}
+    app.kubernetes.io/component: agent
+spec:
+  selector:
+    {{- include "lightspeed-agent.agentSelectorLabels" . | nindent 4 }}
+  ports:
+    - port: {{ .Values.agent.port }}
+      targetPort: {{ .Values.agent.port }}
+      protocol: TCP
+      name: http
+  type: ClusterIP
@@ -0,0 +1,71 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "lightspeed-agent.fullname" . }}-config
+  labels:
+    {{- include "lightspeed-agent.labels" . | nindent 4 }}
+data:
+  # Google AI Configuration
+  GOOGLE_GENAI_USE_VERTEXAI: {{ .Values.google.useVertexAI | ternary "TRUE" "FALSE" | quote }}
+  GOOGLE_CLOUD_LOCATION: {{ .Values.google.cloudLocation | quote }}
+  GEMINI_MODEL: {{ .Values.google.geminiModel | quote }}
+
+  # Red Hat SSO Configuration
+  RED_HAT_SSO_ISSUER: {{ .Values.sso.issuer | quote }}
+  AGENT_REQUIRED_SCOPE: {{ .Values.sso.requiredScope | quote }}
+
+  # MCP Server Configuration (agent -> MCP sidecar)
+  MCP_TRANSPORT_MODE: {{ .Values.mcp.transport | quote }}
+  MCP_SERVER_URL: {{ printf "http://localhost:%d" (int .Values.mcp.port) | quote }}
+  MCP_READ_ONLY: {{ .Values.mcp.readOnly | quote }}
+
+  # MCP Server Configuration (container startup args)
+  MCP_SERVER_MODE: {{ .Values.mcp.transport | quote }}
+  MCP_SERVER_PORT: {{ .Values.mcp.port | quote }}
+  MCP_SERVER_HOST: {{ .Values.mcp.host | quote }}
+
+  # Agent Configuration
+  AGENT_PROVIDER_URL: {{ .Values.agent.providerUrl | quote }}
+  AGENT_NAME: {{ .Values.agent.name | quote }}
+  AGENT_DESCRIPTION: {{ .Values.agent.description | quote }}
+  AGENT_HOST: {{ .Values.agent.host | quote }}
+  AGENT_PORT: {{ .Values.agent.port | quote }}
+
+  # Session PostgreSQL Configuration
+  SESSION_BACKEND: {{ .Values.postgresql.sessionBackend | quote }}
+  SESSION_DB_USER: {{ .Values.postgresql.user | quote }}
+  SESSION_DB_NAME: {{ .Values.postgresql.database | quote }}
+
+  # Rate Limiting Configuration
+  RATE_LIMIT_REDIS_URL: {{ printf "redis://%s-redis:6379/0" (include "lightspeed-agent.fullname" .) | quote }}
+  RATE_LIMIT_REDIS_TIMEOUT_MS: {{ .Values.rateLimit.redisTimeoutMs | quote }}
+  RATE_LIMIT_KEY_PREFIX: {{ .Values.rateLimit.keyPrefix | quote }}
+  RATE_LIMIT_REQUESTS_PER_MINUTE: {{ .Values.rateLimit.requestsPerMinute | quote }}
+  RATE_LIMIT_REQUESTS_PER_HOUR: {{ .Values.rateLimit.requestsPerHour | quote }}
+
+  # Google Cloud Service Control
+  SERVICE_CONTROL_ENABLED: {{ .Values.serviceControl.enabled | quote }}
+
+  # Marketplace Handler
+  HANDLER_HOST: {{ .Values.handler.host | quote }}
+  HANDLER_PORT: {{ .Values.handler.port | quote }}
+  DCR_ENABLED: {{ .Values.handler.dcr.enabled | quote }}
+  DCR_CLIENT_NAME_PREFIX: {{ .Values.handler.dcr.clientNamePrefix | quote }}
+  SERVICE_CONTROL_SERVICE_NAME: {{ .Values.handler.serviceControlServiceName | quote }}
+
+  # Authentication
+  SKIP_JWT_VALIDATION: {{ .Values.auth.skipJwtValidation | quote }}
+  SKIP_ORDER_VALIDATION: {{ .Values.auth.skipOrderValidation | quote }}
+
+  # Logging
+  LOG_LEVEL: {{ .Values.logging.level | quote }}
+  LOG_FORMAT: {{ .Values.logging.format | quote }}
+
+  # OpenTelemetry
+  OTEL_ENABLED: {{ .Values.otel.enabled | quote }}
+  OTEL_SERVICE_NAME: {{ .Values.otel.serviceName | quote }}
+  OTEL_EXPORTER_TYPE: {{ .Values.otel.exporterType | quote }}
+  OTEL_EXPORTER_OTLP_ENDPOINT: {{ .Values.otel.otlpEndpoint | quote }}
+  OTEL_EXPORTER_OTLP_HTTP_ENDPOINT: {{ .Values.otel.otlpHttpEndpoint | quote }}
+  OTEL_TRACES_SAMPLER: {{ .Values.otel.tracesSampler | quote }}
+  OTEL_TRACES_SAMPLER_ARG: {{ .Values.otel.tracesSamplerArg | quote }}
@@ -0,0 +1,11 @@
+{{- if .Values.handler.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "lightspeed-agent.fullname" . }}-gcp-sa-key
+  labels:
+    {{- include "lightspeed-agent.labels" . | nindent 4 }}
+type: Opaque
+data:
+  sa-key.json: {{ .Values.secrets.gcpServiceAccountKey }}
+{{- end }}