From 76841e8494bdcd878561fa6c4858ad00f42715c5 Mon Sep 17 00:00:00 2001 From: mesutoezdil Date: Wed, 6 May 2026 21:52:37 +0200 Subject: [PATCH] docs: add supervisor image Helm values to manage-gateways reference The supervisor init container was introduced in #1154 but the three `supervisor.image.*` values were missing from the Helm values reference table in the manage-gateways doc. Signed-off-by: mesutoezdil --- deploy/helm/openshell/README.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/deploy/helm/openshell/README.md b/deploy/helm/openshell/README.md index 3662b130a..f25674ccc 100644 --- a/deploy/helm/openshell/README.md +++ b/deploy/helm/openshell/README.md @@ -47,8 +47,25 @@ The `dev` tags are intended for testing changes ahead of a release. Production d ## Configuration -See [`values.yaml`](values.yaml) for configurable values. Selected overlays: +See [`values.yaml`](values.yaml) for the full list of configurable values. Selected overlays: - [`ci/values-gateway.yaml`](ci/values-gateway.yaml) — gateway-only configuration - [`ci/values-cert-manager.yaml`](ci/values-cert-manager.yaml) — cert-manager integration - [`ci/values-keycloak.yaml`](ci/values-keycloak.yaml) — Keycloak OIDC integration + +Commonly configured values: + +| Value | Purpose | +|---|---| +| `image.repository` / `image.tag` | Gateway image. Defaults to `ghcr.io/nvidia/openshell/gateway`. | +| `service.type` | Kubernetes service type. Use `ClusterIP`, `NodePort`, or your platform default. | +| `server.dbUrl` | Gateway database URL. Defaults to SQLite on the chart-managed persistent volume. | +| `server.sandboxNamespace` | Namespace where sandbox resources are created. | +| `server.sandboxImage` | Default sandbox image used when a sandbox does not specify one. | +| `server.grpcEndpoint` | Endpoint that sandbox supervisors use to call back to the gateway. | +| `server.sshGatewayHost` / `server.sshGatewayPort` | Public host and port returned to CLI clients for SSH proxy connections. | +| `server.disableTls` | Run the gateway over plaintext HTTP. Use only behind a trusted transport. | +| `server.tls.*` | Secret names for server and client mTLS materials. | +| `supervisor.image.repository` | Repository for the supervisor init container image. Defaults to `ghcr.io/nvidia/openshell/supervisor`. | +| `supervisor.image.tag` | Tag for the supervisor image. Defaults to the chart's `appVersion` so the supervisor and gateway stay in sync. | +| `supervisor.image.pullPolicy` | Pull policy for the supervisor image. Defaults to the Kubernetes cluster default when unset. |