kubeflow · kunal-511 · Sep 8, 2025 · Sep 22, 2025 · Sep 24, 2025 · Sep 25, 2025
diff --git a/.github/workflows/helm-kustomize-comparison.yml b/.github/workflows/helm-kustomize-comparison.yml
@@ -38,6 +38,10 @@ jobs:
         rm get_helm.sh
     - name: Install Kustomize
       run: ./tests/kustomize_install.sh
+    - name: Build Helm dependencies for pipelines
+      run: |
+        cd experimental/helm/charts/pipelines
+        helm dependency build
     - name: Run all scenarios comparison
       env:
         VERBOSE: "true"

diff --git a/experimental/helm/charts/kserve-models-web-app/templates/configmap.yaml b/experimental/helm/charts/kserve-models-web-app/templates/configmap.yaml
@@ -21,6 +21,7 @@ data:
   {{- if .Values.kubeflow.enabled }}
   USERID_HEADER: {{ .Values.kubeflow.config.useridHeader | quote }}
   APP_PREFIX: {{ .Values.kubeflow.config.appPrefix | quote }}
+  USERID_PREFIX: {{ .Values.kubeflow.config.useridPrefix | quote }}
   {{- else }}
   APP_DISABLE_AUTH: "True"
   {{- end }}

diff --git a/experimental/helm/charts/kserve-models-web-app/values.yaml b/experimental/helm/charts/kserve-models-web-app/values.yaml
@@ -242,6 +242,7 @@ kubeflow:
     disableAuth: false
     useridHeader: "kubeflow-userid"
     appPrefix: "/kserve-endpoints"
+    useridPrefix: ""
 
 # Monitoring configuration
 monitoring:

diff --git a/experimental/helm/charts/pipelines/Chart.yaml b/experimental/helm/charts/pipelines/Chart.yaml
@@ -0,0 +1,29 @@
+apiVersion: v2
+
+name: kubeflow-pipelines
+
+description: A Helm chart for Kubeflow Pipelines - ML Workflows on Kubernetes
+
+version: 2.14.3
+
+appVersion: 2.14.3
+
+home: https://github.com/kubeflow/pipelines
+
+icon: https://github.com/kubeflow/website/blob/master/assets/icons/logo.svg
+
+sources:
+- https://github.com/kubeflow/pipelines
+- https://github.com/kubeflow/kubeflow
+dependencies:
+  - name: argo-workflows
+    version: "~0.40.0"
+    condition: thirdParty.argo.enabled
+    repository: "https://argoproj.github.io/argo-helm"
+  - name: mysql
+    version: "~14.0.0"
+    condition: mysql.enabled
+    repository: "https://charts.bitnami.com/bitnami"
+annotations:
+  category: Machine Learning
+  licenses: Apache-2.0
diff --git a/experimental/helm/charts/pipelines/README.md b/experimental/helm/charts/pipelines/README.md
@@ -0,0 +1,3 @@
+# Kubeflow Pipelines Helm Chart
+
+This Helm chart deploys Kubeflow Pipelines on a Kubernetes cluster using the Helm package manager.
diff --git a/experimental/helm/charts/pipelines/ci/values-platform-agnostic-multi-user-k8s-native.yaml b/experimental/helm/charts/pipelines/ci/values-platform-agnostic-multi-user-k8s-native.yaml
@@ -0,0 +1,124 @@
+# Values for platform-agnostic multi-user k8s-native mode
+# Pipeline definitions stored as Kubernetes Resources
+
+global:
+  namespace: kubeflow
+  imageTag: 2.15.0
+  security:
+    allowInsecureImages: true
+
+installMode:
+  type: multi-user
+  pipelineDefinition:
+    storage: k8s-native
+
+# API Server configuration for k8s-native mode
+apiServer:
+  # Use local image for k8s-native mode 
+  image:
+    repository: domain.local/apiserver
+    tag: local
+  # K8s-native specific configuration
+  k8sNative:
+    enabled: true
+    command:
+      - "/bin/apiserver"
+    args:
+      - "--config=/config"
+      - "--sampleconfig=/config/sample_config.json"
+      - "-logtostderr=true"
+      - "--webhookTLSCertPath=/etc/webhook/certs/tls.crt"
+      - "--webhookTLSKeyPath=/etc/webhook/certs/tls.key"
+      - "--pipelinesStoreKubernetes=true"
+    webhookPort: 8443
+    volumeMounts:
+      - name: webhook-certs
+        mountPath: /etc/webhook/certs
+        readOnly: true
+    volumes:
+      - name: webhook-certs
+        secret:
+          secretName: kfp-api-webhook-cert
+
+# CRDs
+crds:
+  install: true
+  webhook: true
+
+# Enable cert-manager integration
+certManager:
+  enabled: true
+
+# Enable metadata
+metadata:
+  enabled: true
+
+viewerCrd:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+  - name: MAX_NUM_VIEWERS
+    value: "50"
+
+scheduledWorkflow:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+  - name: LOG_LEVEL
+    value: "info"
+
+persistenceAgent:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+
+
+
+# Third-party components
+thirdParty:
+  argo:
+    enabled: true
+  mysql:
+    enabled: true
+  metacontroller:
+    enabled: true
+
+# MySQL configuration (disabled - using external MySQL like Kustomize)
+mysql:
+  enabled: false
+
+# External MySQL configuration 
+externalDatabase:
+  enabled: true
+  host: "mysql"
+  port: 3306
+  database: "mlpipeline"
+  username: "root"
+  password: ""
+
+# SeaweedFS configuration
+seaweedfs:
+  enabled: true
+  bucket: "mlpipeline"
+  s3EndpointUrl: "http://seaweedfs.kubeflow:8333"
+
+# Profile controller
+profileController:
+  enabled: true
+  disableIstioSidecar: "false"
+  artifactsProxyEnabled: "false"
+  artifactRetentionDays: "-1"
+
+# Networking
+networking:
+  istio:
+    enabled: true
+    gateway: "kubeflow-gateway"
+  virtualService:
+    enabled: true
+
+# Webhooks enabled for k8s-native mode
+webhooks:
+  enabled: true
+  failurePolicy: "Fail"
+
diff --git a/experimental/helm/charts/pipelines/ci/values-platform-agnostic-multi-user.yaml b/experimental/helm/charts/pipelines/ci/values-platform-agnostic-multi-user.yaml
@@ -0,0 +1,95 @@
+# Values for platform-agnostic multi-user mode
+# Pipeline definitions stored in the database
+
+global:
+  namespace: kubeflow
+  imageTag: 2.15.0
+  security:
+    allowInsecureImages: true
+
+installMode:
+  type: multi-user
+  pipelineDefinition:
+    storage: database
+
+# CRDs
+crds:
+  install: true
+  application: false
+  webhook: false
+
+# Enable cert-manager integration
+certManager:
+  enabled: true
+
+# Enable metadata
+metadata:
+  enabled: true
+
+viewerCrd:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+  - name: MAX_NUM_VIEWERS
+    value: "50"
+
+scheduledWorkflow:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+  - name: LOG_LEVEL
+    value: "info"
+
+persistenceAgent:
+  additionalEnv:
+  - name: NAMESPACE
+    value: ""
+
+# Third-party components
+thirdParty:
+  argo:
+    enabled: true
+  mysql:
+    enabled: true
+  metacontroller:
+    enabled: true
+
+
+# MySQL configuration (disabled - using external MySQL like Kustomize)
+mysql:
+  enabled: false
+
+# External MySQL configuration
+externalDatabase:
+  enabled: true
+  host: "mysql"
+  port: 3306
+  database: "mlpipeline"
+  username: "root"
+  password: ""
+
+# SeaweedFS configuration
+seaweedfs:
+  enabled: true
+  bucket: "mlpipeline"
+  s3EndpointUrl: "http://seaweedfs.kubeflow:8333"
+
+# Profile controller
+profileController:
+  enabled: true
+  disableIstioSidecar: "false"
+  artifactsProxyEnabled: "false"
+  artifactRetentionDays: "-1"
+
+# Networking
+networking:
+  istio:
+    enabled: true
+    gateway: "kubeflow-gateway"
+  virtualService:
+    enabled: true
+
+# Webhooks disabled for database mode
+webhooks:
+  enabled: false
+
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Kubeflow Pipelines Helm Chart

		This Helm chart deploys Kubeflow Pipelines on a Kubernetes cluster using the Helm package manager.