obot

A Helm chart for Obot

Installation

To install the chart with the release name obot:

helm repo add obot https://charts.obot.ai
helm install obot obot/obot

Note

This chart defaults to the open source version of Obot. If you want to use the enterprise version of Obot instead, set image.repository to ghcr.io/obot-platform/obot-enterprise. To install this version, you must create an imagePullSecret and configure that in the chart.

Values

Key	Type	Default	Description
config.AWS_ACCESS_KEY_ID	string	""	An AWS access key with permissions for AWS KMS, used for encryption
config.AWS_REGION	string	""	An AWS region, used to access AWS KMS
config.AWS_SECRET_ACCESS_KEY	string	""	An AWS secret access key with permissions for AWS KMS, used for encryption
config.GITHUB_AUTH_TOKEN	string	""	A github PAT, used to authenticate tool pulls to avoid github ratelimiting
config.KINM_DB_CONNECTIONS	string	"5"	Advanced - the number of connections in the database pool for kinm
config.NAH_THREADINESS	string	"10000"	Advanced - sets the number of concurrent threads that can run in the Obot controller
config.OBOT_BOOTSTRAP_TOKEN	string	""	Sets a bootstrap token. If authentication is enabled, one will be autogenerated for you if this is not set.
config.OBOT_GCP_KMS_KEY_URI	string	""	The URI of a Google Cloud KMS key, used for encryption
config.OBOT_SERVER_AUDIT_LOGS_COMPRESS_FILE	bool	true	Whether to compress audit log files
config.OBOT_SERVER_AUDIT_LOGS_MODE	string	"off"	Configures the storage backend for audit logs in Obot. Can be 'off', 'disk', or 's3'
config.OBOT_SERVER_AUDIT_LOGS_STORE_S3BUCKET	string	""	The name of the S3 bucket to store audit logs in. Only used if config.OBOT_SERVER_AUDIT_LOGS_MODE is 's3'
config.OBOT_SERVER_AUDIT_LOGS_STORE_S3ENDPOINT	string	""	If config.OBOT_SERVER_AUDIT_LOGS_MODE is 's3' and you are not using AWS S3, this needs to be set to the S3 api endpoint of your provider.
config.OBOT_SERVER_AUDIT_LOGS_USE_PATH_STYLE	bool	false	Whether to use path style for S3
config.OBOT_SERVER_AUTH_ADMIN_EMAILS	string	""	A comma separated list of email addresses that will have the Admin role in Obot.
config.OBOT_SERVER_DISALLOW_LOCALHOST_MCP	string	""	disallow MCP servers that try to connect to localhost. Defaults to false.
config.OBOT_SERVER_DSN	string	""	The DSN for your database. For example: postgres://:@/<db_name>
config.OBOT_SERVER_ENABLE_AUTHENTICATION	bool	false	Enables authentication for Obot
config.OBOT_SERVER_ENCRYPTION_CONFIG_FILE	string	""	The path to a file containing the encryption configuration. Only used if config.OBOT_SERVER_ENCRYPTION_PROVIDER is 'custom'
config.OBOT_SERVER_ENCRYPTION_KEY	string	""	The key to use for encryption. Only used if config.OBOT_SERVER_ENCRYPTION_PROVIDER is 'custom'. A key can be generated with openssl rand -base64 32
config.OBOT_SERVER_ENCRYPTION_PROVIDER	string	""	Configures an encryption provider for credentials in Obot
config.OBOT_SERVER_HOSTNAME	string	""	The hostname of your Obot instance, including protocol
config.OBOT_SERVER_KNOWLEDGE_FILE_WORKERS	string	"5"	Advanced - sets the number of workers for knowledge
config.OBOT_SERVER_MCPBASE_IMAGE	string	"ghcr.io/obot-platform/mcp-images-phat:main"	Deploy MCP servers in the cluster using this base image. Setting this value will also create the necessary service account, role and rolebinding.
config.OBOT_SERVER_MCPCLUSTER_DOMAIN	string	""	The cluster domain to use for MCP services. Defaults to cluster.local. Only matters if the above image is set.
config.OBOT_SERVER_OTEL_BASE_EXPORT_ENDPOINT	string	""	The base export endpoint for OpenTelemetry
config.OBOT_SERVER_OTEL_BEARER_TOKEN	string	""	The bearer token for authentication with OpenTelemetry
config.OBOT_SERVER_OTEL_SAMPLE_PROB	string	""	The sampling probability for OpenTelemetry
config.OBOT_SERVER_RETENTION_POLICY_HOURS	string	""	The retention policy for the system. Set to 0 to disable retention. Default is 2160 (90 days) if left blank. This field should just be a number in a string, no h suffix.
config.OPENAI_API_KEY	string	""	An OpenAI API Key used to configure access to OpenAI models, which are the default in Obot.
config.existingSecret	string	""	The name of an existing secret to use for config instead of creating a new one. Must contain keys in env format, just like below. OBOT_SERVER_MCPNAMESPACE is automatically added to the secret if config.OBOT_SERVER_MCPBASE_IMAGE is set.
extraEnv	object	{}	A map of additional environment variables to set
extraEnvFrom	list	[]	A list of additional environment variables to set from a secret
extraVolumeMounts	list	[]	A list of additional volume mounts to create
extraVolumes	list	[]	A list of additional volumes to create
image.pullPolicy	string	"IfNotPresent"	Kubernetes image pullPolicy to use for Obot
image.repository	string	"ghcr.io/obot-platform/obot"	The name of the docker repository for Obot. ghcr.io/obot-platform/obot for open-source or ghcr.io/obot-platform/obot-enterprise for enterprise. Please note that for enterprise you will need to set an imagePullSecret
image.tag	string	""	The docker tag to pull for obot. If blank, will default to the chart appVersion
imagePullSecrets	list	[]	Configures kubernetes secrets to use for pulling private images. Expects a list of objects. imagePullSecrets:[{"name": "fooBar"}]
ingress.annotations	object	{}	Configure annotations to add to the ingress object
ingress.className	string	nil	Configures a preexisting ingress class to use.
ingress.enabled	bool	false	Enables ingress creation for Obot.
ingress.extraPaths	list	[]	Define complete path objects, will be inserted before regular paths. Can be useful for things like ALB Ingress Controller actions
ingress.hosts	list	[]	List of hostnames to configure the ingress with
ingress.paths[0].path	string	"/"
ingress.paths[0].pathType	string	"Prefix"
ingress.tls	list	[]	List of secrets used to configure TLS for the ingress.
mcpNamespace.annotations."argocd.argoproj.io/sync-wave"	string	"-1"
mcpNamespace.name	string	""	The namespace in which to deploy the MCP servers. Will only be created if config.OBOT_SERVER_MCPBASE_IMAGE image is set. Defaults to {{ .Release.Name }}-mcp
persistence.accessModes	list	["ReadWriteOnce"]	Persistent Volume access modes
persistence.enabled	bool	true	Enables persistence using a PVC
persistence.existingClaim	string	""
persistence.path	string	"/data"	The path the volume will be mounted
persistence.size	string	"8Gi"	e Persistent Volume size
persistence.storageClass	string	""	Persistent Volume storage class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
replicaCount	int	1	The number of Obot server instances to run
resources	object	{}	Resource requests and limits to use for Obot
service.annotations	object	{}	Extra annotations to add to service object
service.port	int	80	Port for the Kubernetes service to expose
service.spec	object	{}	Any extra fields to add to the service object spec
service.type	string	"ClusterIP"	Type of Kubernetes service to create
serviceAccount.annotations	object	{}
serviceAccount.create	bool	true
serviceAccount.name	string	""
updateStrategy	string	"RollingUpdate"	Configures what update strategy to use for the deployment (Recreate or RollingUpdate)

Updating this repo

This repo will be updated automatically whenever there is a release of Obot (and by extension, the helm chart). The GitHub Actions that control this can be found here.

You can manually update the documentation in this readme using helm-docs. If you have both the charts and obot repos checked out in the same folder, you can use this command:

helm-docs -c ../obot/chart -o '../../charts/README.md' --template-files '../../charts/README.md.gotmpl'

The template for the readme is ./README.md.gotmpl