feat(helm): Add API server deployment.

[junhaoliao]

Description

Note

This PR is part of the ongoing work for #1309. More PRs will be submitted until the Helm chart is complete and fully functional.

Add the API server deployment to the CLP Helm chart. The API server provides a REST API for querying compressed logs and is a key component for programmatic access to CLP.

New Files

• api-server-deployment.yaml - Deployment manifest for the API server
• api-server-logs-pv.yaml - PersistentVolume for API server logs
• api-server-logs-pvc.yaml - PersistentVolumeClaim for API server logs
• api-server-service.yaml - NodePort service exposing the API server on port 30301

Configuration

Added api_server configuration in values.yaml:

api_server:
  port: 30301
  default_max_num_query_results: 1000
  query_job_polling:
    initial_backoff_ms: 100
    max_backoff_ms: 5000

The API server deployment is conditional - it is only created when api_server is set (not null).

Features

• Waits for db-table-creator and results-cache-indices-creator jobs to complete before starting
• Mounts the shared streams volume for serving stream files
• Includes health check endpoints for readiness and liveness probes
• Uses database credentials from secrets for secure authentication

Checklist

• The PR satisfies the contribution guidelines.
• This is a breaking change and that has been indicated in the PR title, OR this isn't a
  breaking change.
• Necessary docs have been updated, OR no docs need to be updated.

Validation performed

1. Helm chart deployment

cd tools/deployment/package-helm
./test.sh

# observed "All jobs completed and services are ready."

2. Log ingestion

Ingested sample logs at /tmp/clp/samples using the WebUI at http://localhost:30000/ingest .

3. API server logs

Observed that logs are generated at /tmp/clp/var/log/api_server:

junhao@ASUS-X870E:/tmp/clp/var/log/api_server$ ll
total 12
drwxrwsr-x  2 junhao junhao 4096 Dec 18 23:32 ./
drwxrwxr-x 13 junhao junhao 4096 Dec 18 23:31 ../
-rw-r--r--  1 junhao junhao  188 Dec 18 23:32 api_server.log.2025-12-19-04
junhao@ASUS-X870E:/tmp/clp/var/log/api_server$ cat *
{"timestamp":"2025-12-19T04:32:23.725077Z","level":"INFO","fields":{"message":"Server started at 0.0.0.0:3001"},"filename":"components/api-server/src/bin/api_server.rs","line_number":101}

4. API endpoint validation

Health check endpoint

$ curl -s http://localhost:30301/health
API server is running

Submit a search query

$ curl -s -X POST http://localhost:30301/query \
    -H "Content-Type: application/json" \
    -d '{
       "query_string": "*",
       "dataset": "default",
       "ignore_case": false,
       "max_num_results": 10,
       "write_to_file": false
    }'
{"query_results_uri":"/query_results/3"}

Retrieve search results (SSE stream)

$ curl -s -N http://localhost:30301/query_results/3 | head -3
data: {"timestamp":"2023-03-27 00:32:15.929","pid":7890,"session_id":"64211b34.1ed2","line_num":124474,"session_start":"2023-03-27 00:27:32 EDT","txid":63071,"error_severity":"LOG","message":"duration: 0.082 ms","query_id":0,"backend_type":"client backend","vxid":"6/7780","remote_host":"[local]","ps":"UPDATE","user":"postgres","dbname":"example","application_name":"pgbench"}

data: {"timestamp":"2023-03-27 00:32:15.929","pid":7894,"session_id":"64211b34.1ed6","line_num":124606,"session_start":"2023-03-27 00:27:32 EDT","txid":63073,"error_severity":"LOG","message":"duration: 0.112 ms","query_id":0,"backend_type":"client backend","vxid":"10/7788","remote_host":"[local]","ps":"UPDATE","user":"postgres","dbname":"example","application_name":"pgbench"}

data: {"timestamp":"2023-03-27 00:32:15.929","pid":7888,"session_id":"64211b34.1ed0","line_num":124738,"session_start":"2023-03-27 00:27:32 EDT","txid":63075,"error_severity":"LOG","message":"duration: 0.144 ms","query_id":0,"backend_type":"client backend","vxid":"5/7797","remote_host":"[local]","ps":"SELECT","user":"postgres","dbname":"example","application_name":"pgbench"}

Summary by CodeRabbit

• New Features

  • Optional API server can be enabled with configurable node port, default max query results (1,000), and query-job polling backoff timings.
  • When enabled, an API server deployment is created with init checks, health probes, service exposure, and conditional persistent log storage and mounts.

• Chores

  • Test/deployment tooling updated to create API-server log directory, expose API port in local clusters, and bump chart version.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Conditionally adds an optional API server to the Helm chart: new clpConfig.api_server values, conditional rendering of api_server in the ConfigMap, and gated templates for Deployment, Service, PV, and PVC; test harness and chart version updated accordingly. (≤50 words)

Changes

Cohort / File(s)	Summary
Values tools/deployment/package-helm/values.yaml	Adds clpConfig.api_server defaults: port: 30301, default_max_num_query_results: 1000, and query_job_polling (initial_backoff_ms: 100, max_backoff_ms: 5000).
ConfigMap template tools/deployment/package-helm/templates/configmap.yaml	Makes the api_server stanza in clp-config.yaml conditional: when .Values.clpConfig.api_server is set, renders a populated api_server block (coercing numeric fields to ints); otherwise emits api_server: null. archive_output unchanged.
API server manifests tools/deployment/package-helm/templates/api-server-deployment.yaml, tools/deployment/package-helm/templates/api-server-service.yaml, tools/deployment/package-helm/templates/api-server-logs-pv.yaml, tools/deployment/package-helm/templates/api-server-logs-pvc.yaml	Adds conditional Helm templates for the API server gated by .Values.clpConfig.api_server: Deployment (serviceAccount, securityContext, two initContainers waiting for Jobs, env from DB secret, probes, volumes), Service (NodePort using clpConfig.api_server.port), local PV creation for logs, and PVC for logs.
Test harness / Kind config tools/deployment/package-helm/test.sh	Adds creation of $CLP_HOME/var/log/api_server and includes port mapping 30301 (containerPort/hostPort TCP) in the Kind extraPortMappings used by tests.
Chart metadata tools/deployment/package-helm/Chart.yaml	Bumps chart version from 0.1.2-dev.10 to 0.1.2-dev.12.

Sequence Diagram(s)

mermaid
sequenceDiagram
autonumber
participant Helm as Helm (render)
participant K8s as Kubernetes API
participant PV as PV/PVC controller
participant Jobs as Job resources
participant Init as Pod initContainers
participant API as API server container
participant Service as Service (NodePort)

note over Helm: .Values.clpConfig.api_server enabled
Helm->>K8s: Render & apply ConfigMap, Deployment, Service, PV, PVC
Helm->>PV: Create PV / PVC for api_server logs
K8s->>Jobs: Ensure db-table-creator & results-cache-indices Jobs exist
K8s->>Init: Start pod with initContainers that poll Jobs
Init-->>Jobs: Poll for completion (wait loop)
Jobs-->>Init: Job completes
Init->>API: Init finished → start main container
API->>Service: Pod matches Service selector
Service->>API: Expose port via NodePort (nodePort = clpConfig.api_server.port)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(helm): Add API server deployment.' directly and accurately summarizes the main change in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 26b5055 and a9a342b.

📒 Files selected for processing (1)

• tools/deployment/package-helm/templates/api-server-deployment.yaml

🧰 Additional context used

🧠 Learnings (4)

📓 Common learnings

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:42.629Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

📚 Learning: 2025-12-19T05:03:42.629Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:42.629Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

📚 Learning: 2025-11-03T16:17:40.223Z

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

📚 Learning: 2025-12-04T03:31:55.239Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1690
File: tools/deployment/package/docker-compose-all.yaml:424-427
Timestamp: 2025-12-04T03:31:55.239Z
Learning: In tools/deployment/package/docker-compose-all.yaml, the query-worker service writes to /var/data/streams (CLP_STREAM_OUTPUT_DIR_HOST mount), so this directory must remain read-write and should not be mounted with :ro flag.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

🪛 YAMLlint (1.37.1)

tools/deployment/package-helm/templates/api-server-deployment.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 7-7: too many spaces inside braces

(braces)

---

[error] 13-13: too many spaces inside braces

(braces)

---

[error] 18-18: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 32-32: too many spaces inside braces

(braces)

---

[error] 37-37: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 61-61: too many spaces inside braces

(braces)

---

[error] 64-64: too many spaces inside braces

(braces)

---

[error] 70-70: too many spaces inside braces

(braces)

---

[error] 73-73: too many spaces inside braces

(braces)

---

[error] 82-82: too many spaces inside braces

(braces)

---

[error] 87-87: too many spaces inside braces

(braces)

---

[error] 94-94: too many spaces inside braces

(braces)

---

[error] 99-99: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: package-image
• GitHub Check: check-generated
• GitHub Check: lint-check (macos-15)
• GitHub Check: lint-check (ubuntu-24.04)

🔇 Additional comments (8)

tools/deployment/package-helm/templates/api-server-deployment.yaml (8)

1-1: Conditional rendering looks good.

The deployment is correctly gated by .Values.clpConfig.api_server, ensuring the API server is only created when explicitly configured.

---

2-8: Metadata and labels are correctly configured.

The naming convention and label patterns follow standard Helm practices and are consistent with the rest of the chart.

---

9-14: Deployment spec looks appropriate.

Single replica configuration is reasonable for the initial deployment. The selector correctly matches the pod template labels.

---

15-26: Pod template configuration is sound.

The service account, termination grace period, and security context are all appropriately configured and consistent with other components in the chart.

---

27-37: Init container dependencies are correctly specified.

The API server appropriately waits for both database table creation and results cache indices creation to complete before starting, ensuring proper initialization order.

---

38-80: Container configuration is functional.

The image, environment variables, port, volume mounts, and command are all correctly configured. Database credentials are properly sourced from secrets, and the config file is mounted as read-only.

Note: Past review comments regarding resource requests/limits and making RUST_LOG configurable remain valid considerations for production readiness.

---

81-88: Health probes are properly configured.

Both readiness and liveness probes correctly target the /health endpoint with timing configured via chart helpers. The YAML anchor efficiently reuses the health check configuration.

---

89-103: Volume definitions are correct.

The volumes section properly defines the logs PVC, streams PVC, and config ConfigMap. The ordering (template-generated volumes before static ConfigMap) follows the convention established by the commit message.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[junhaoliao]

@hoophalab / @LinZhihao-723 could you see if there's any missing coverage in the "Validation performed" section and help test it a bit more?

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a61596d and 7636aee.

📒 Files selected for processing (3)

• tools/deployment/package-helm/templates/configmap.yaml (1 hunks)
• tools/deployment/package-helm/test.sh (2 hunks)
• tools/deployment/package-helm/values.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-05-06T10:07:04.654Z

Learnt from: kirkrodrigues
Repo: y-scope/clp PR: 881
File: components/core/tools/scripts/lib_install/macos/install-all.sh:11-12
Timestamp: 2025-05-06T10:07:04.654Z
Learning: In CLP installation scripts, temporary directories with downloaded files should not be automatically cleaned up on failure (e.g., with EXIT traps) to preserve artifacts for debugging purposes.

Applied to files:

• tools/deployment/package-helm/test.sh

📚 Learning: 2025-12-04T03:31:55.239Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1690
File: tools/deployment/package/docker-compose-all.yaml:424-427
Timestamp: 2025-12-04T03:31:55.239Z
Learning: In tools/deployment/package/docker-compose-all.yaml, the query-worker service writes to /var/data/streams (CLP_STREAM_OUTPUT_DIR_HOST mount), so this directory must remain read-write and should not be mounted with :ro flag.

Applied to files:

• tools/deployment/package-helm/test.sh

📚 Learning: 2025-11-03T16:17:40.223Z

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

Applied to files:

• tools/deployment/package-helm/templates/configmap.yaml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: package-image

🔇 Additional comments (3)

tools/deployment/package-helm/values.yaml (1)

77-84: LGTM! API server configuration looks well-structured.

The configuration block follows existing patterns in the file and provides sensible defaults. The port 30301 correctly aligns with the port mapping added in test.sh.

tools/deployment/package-helm/test.sh (2)

62-62: LGTM! Log directory addition is consistent.

The API server log directory follows the same pattern as other service log directories in the script.

---

91-93: LGTM! Port mapping correctly configured.

The port mapping for 30301 is properly structured and aligns with the API server port defined in values.yaml.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7636aee and e5088bf.

📒 Files selected for processing (6)

• tools/deployment/package-helm/templates/api-server-deployment.yaml (1 hunks)
• tools/deployment/package-helm/templates/api-server-logs-pv.yaml (1 hunks)
• tools/deployment/package-helm/templates/api-server-logs-pvc.yaml (1 hunks)
• tools/deployment/package-helm/templates/api-server-service.yaml (1 hunks)
• tools/deployment/package-helm/templates/configmap.yaml (1 hunks)
• tools/deployment/package-helm/values.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (4)

📓 Common learnings

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:32.320Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

📚 Learning: 2025-12-19T05:03:32.320Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:32.320Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Applied to files:

• tools/deployment/package-helm/values.yaml
• tools/deployment/package-helm/templates/api-server-service.yaml
• tools/deployment/package-helm/templates/api-server-logs-pvc.yaml
• tools/deployment/package-helm/templates/api-server-logs-pv.yaml
• tools/deployment/package-helm/templates/api-server-deployment.yaml
• tools/deployment/package-helm/templates/configmap.yaml

📚 Learning: 2025-11-03T16:17:40.223Z

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

Applied to files:

• tools/deployment/package-helm/templates/api-server-service.yaml
• tools/deployment/package-helm/templates/api-server-deployment.yaml
• tools/deployment/package-helm/templates/configmap.yaml

📚 Learning: 2025-11-10T05:19:56.600Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1575
File: components/clp-py-utils/clp_py_utils/clp_config.py:602-607
Timestamp: 2025-11-10T05:19:56.600Z
Learning: In the y-scope/clp repository, the `ApiServer` class in `components/clp-py-utils/clp_py_utils/clp_config.py` does not need a `transform_for_container()` method because no other containerized service depends on the API server - it's only accessed from the host, so no docker-network communication is expected.

Applied to files:

• tools/deployment/package-helm/templates/configmap.yaml

🪛 YAMLlint (1.37.1)

tools/deployment/package-helm/templates/api-server-service.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 7-7: too many spaces inside braces

(braces)

---

[error] 12-12: too many spaces inside braces

(braces)

---

[error] 17-17: too many spaces inside braces

(braces)

---

[error] 17-17: too many spaces inside braces

(braces)

tools/deployment/package-helm/templates/api-server-logs-pvc.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 8-8: too many spaces inside braces

(braces)

---

[error] 9-9: too many spaces inside braces

(braces)

tools/deployment/package-helm/templates/api-server-logs-pv.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 10-10: too many spaces inside braces

(braces)

---

[error] 11-11: too many spaces inside braces

(braces)

tools/deployment/package-helm/templates/api-server-deployment.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 7-7: too many spaces inside braces

(braces)

---

[error] 13-13: too many spaces inside braces

(braces)

---

[error] 18-18: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 32-32: too many spaces inside braces

(braces)

---

[error] 37-37: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 61-61: too many spaces inside braces

(braces)

---

[error] 64-64: too many spaces inside braces

(braces)

---

[error] 70-70: too many spaces inside braces

(braces)

---

[error] 73-73: too many spaces inside braces

(braces)

---

[error] 82-82: too many spaces inside braces

(braces)

---

[error] 87-87: too many spaces inside braces

(braces)

---

[error] 94-94: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: package-image
• GitHub Check: check-generated
• GitHub Check: lint-check (ubuntu-24.04)

🔇 Additional comments (7)

tools/deployment/package-helm/templates/api-server-logs-pvc.yaml (1)

1-9: LGTM! PVC configuration is appropriate.

The conditional PVC creation aligns well with other API server resources. The 5Gi capacity is reasonable for log storage, and ReadWriteOnce access mode is appropriate for the single-replica deployment.

Note: The YAMLlint errors reported by static analysis are false positives—this is a Helm template using Go templating syntax, not pure YAML.

tools/deployment/package-helm/templates/configmap.yaml (1)

9-19: LGTM! API server configuration is internally consistent.

The conditional rendering correctly templates the API server configuration when enabled. The hardcoded port: 3001 matches the internal container port used throughout the deployment (container port, command-line argument, health probe), maintaining consistency across all manifests.

Based on learnings, the host field is unused as no internal Kubernetes services need to communicate with the API server.

tools/deployment/package-helm/templates/api-server-logs-pv.yaml (1)

1-11: LGTM! Local PV configuration is appropriate for development deployments.

The conditional PV creation correctly uses a hostPath derived from the configured logs directory, with appropriate capacity (5Gi) matching the PVC. The nodeRole: control-plane selector ensures proper scheduling in single-node test environments.

Note: YAMLlint syntax errors are false positives (Helm template syntax).

tools/deployment/package-helm/templates/api-server-service.yaml (1)

1-18: LGTM! Service configuration correctly exposes the API server externally.

The NodePort service properly maps the external port (30301 from values) to the internal container port (3001), with correct selector labels targeting the api-server component. This aligns with the architecture where the API server is accessed only from outside the cluster.

Note: YAMLlint errors are false positives (Helm template syntax).

tools/deployment/package-helm/templates/api-server-deployment.yaml (3)

27-37: LGTM! Init containers properly ensure dependencies are ready.

The init containers correctly wait for both the database table creator and results cache indices creator jobs to complete before starting the API server, preventing startup failures due to missing database schema or indices.

---

38-88: LGTM! API server container is well-configured with proper security and observability.

The container configuration follows best practices:

• Database credentials properly sourced from Kubernetes secrets
• Security context with non-root user (UID/GID from values)
• Explicit command-line arguments (including --port 3001) for clarity
• Both readiness and liveness probes configured on the /health endpoint
• Appropriate volume mounts for logs, configuration (read-only), and shared streams

---

89-102: LGTM! Volume configuration properly supports API server operations.

The volumes correctly provide:

• Persistent log storage via PVC
• Configuration access via ConfigMap
• Shared streams data for serving query results

[hoophalab]

Validation:

1. the following query works

curl -s -X POST http://localhost:30301/query \
    -H "Content-Type: application/json" \
    -d '{
       "query_string": "*",
       "write_to_file": true
    }'

2. write to file works

curl -s -X POST http://localhost:30301/query \
    -H "Content-Type: application/json" \
    -d '{
       "query_string": "*",
       "write_to_file": false
    }'

3. Modifying configuration in values works.
4. Logs are correct.
5. stdout captures correctly
6. extract query results to s3 doesn't work, but I guess it's in an upcoming PR

I feel coderabbit is valid in part, but let's prioritize the release and discuss k8s config after the release.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8d0a9af and 9e2639e.

📒 Files selected for processing (1)

• tools/deployment/package-helm/templates/api-server-deployment.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:32.320Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

📚 Learning: 2025-12-19T05:03:32.320Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:32.320Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

📚 Learning: 2025-11-03T16:17:40.223Z

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

🪛 YAMLlint (1.37.1)

tools/deployment/package-helm/templates/api-server-deployment.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 7-7: too many spaces inside braces

(braces)

---

[error] 13-13: too many spaces inside braces

(braces)

---

[error] 18-18: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 32-32: too many spaces inside braces

(braces)

---

[error] 37-37: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 61-61: too many spaces inside braces

(braces)

---

[error] 64-64: too many spaces inside braces

(braces)

---

[error] 70-70: too many spaces inside braces

(braces)

---

[error] 73-73: too many spaces inside braces

(braces)

---

[error] 82-82: too many spaces inside braces

(braces)

---

[error] 87-87: too many spaces inside braces

(braces)

---

[error] 94-94: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

🔇 Additional comments (5)

tools/deployment/package-helm/templates/api-server-deployment.yaml (5)

1-103: Static analysis errors are false positives for Helm templates.

The YAMLlint errors flagged (syntax error on line 1, "too many spaces inside braces" throughout) are expected false positives. YAMLlint does not understand Go/Helm template syntax ({{- ... }}), so it incorrectly flags the templating constructs as YAML syntax violations. These can be safely ignored.

---

1-14: LGTM!

Conditional rendering and metadata structure follow Helm best practices. The selector labels properly match the pod template labels, ensuring correct pod selection.

---

20-37: LGTM!

The init container pattern correctly ensures the API server waits for database table creation and results cache index creation before starting. The security context is properly configured with configurable UID/GID values.

---

60-80: LGTM!

Volume mounts are well-structured: config is mounted read-only, logs directory matches CLP_LOGS_DIR, and the streams volume enables serving stream files. The command correctly binds to 0.0.0.0 for container accessibility.

---

81-102: LGTM!

Good use of YAML anchors (&api-server-health-check / *api-server-health-check) to avoid duplicating the health check configuration between readiness and liveness probes. Volume definitions properly reference the PVC and ConfigMap resources.

[hoophalab]

Thinking about this again: this volume mount probably won't work on a true cluster (not minikube/kind) right? They need to be PVs on a nfs?

And even if the user specifies s3 in archive output, the pod would probably fail to start because this mount is unconditional?

[junhaoliao]

good points. those are valid concerns and we do plan to address them:

1. streams ... need to be PVs on a nfs

   If everything is running on a single node (i.e., the same host), this isn't an issue because all pods can access the same files via the local filesystem. However, once we scale query workers across multiple nodes, or place query workers on different nodes from the API server (and similarly the Web UI), each node gets its own PV backed by the same hostPath. If that hostPath is not on shared storage, files created by a pod on one node will not be accessible to pods on other nodes. I believe this is what you mean by "won't work". While we recommend S3 in a distributed compute environment, if users insist to use "fs" storage, we plan to ask users to set up distributed storage and create (FUSE) mounts at those host locations, so files can be shared. For example, SeadweedFs can be used. (I plan to submit those user guides to docs(helm): Add Kubernetes Helm user guides and dev guides; Restructure user documentation. #1827 but haven't pushed all of them. will try to get them all polished and pushed tonight. sorry)

2. even if the user specifies s3 in archive output, the pod would probably fail to start because this mount is unconditional

   You're right to question this. The plan is to add the conditional template in feat(helm): Add S3 storage support for archives, streams, and log inputs. #1825 . We will review feat(helm): Add S3 storage support for archives, streams, and log inputs. #1825 once feat(helm): Add garbage collector deployment with retention period configuration. #1817 and feat(helm): Add API server deployment. #1818 are merged.

[hoophalab]

xD It's probably almost impossible to configure seaweedfs on every node in a serious use case, but we could always ask them to use s3

[junhaoliao]

The concerns of the ability to deploy on a multi-node cluster are fairly valid. Some changes will be made in #1829 to address such concerns

[kirkrodrigues]

If we're going with 10s, maybe we should make the same change in Docker Compose?

[junhaoliao]

Sorry, that was a typo. Let' use 60 for consistency with Docker Compose

[kirkrodrigues]

For consistency with other helm files, can we move this below the config mount?

[junhaoliao]

i suppose you mean listing the (non-templated) config mount as the last item, for consistency with other Helm files, and i made the change accordingly

[coderabbitai]

Actionable comments posted: 3

Fix all issues with AI Agents 🤖

In @tools/deployment/package-helm/templates/api-server-deployment.yaml:
- Around line 89-102: Reorder the volume entries so the config volume comes
before the logs PVC to match chart conventions: move the block defining name:
"config" / configMap: name: {{ include "clp.fullname" . }}-config so it appears
above the clp.pvcVolume call that creates the "logs" volume (the clp.pvcVolume
invocation with component_category "api-server" and name "logs"), leaving the
shared-data "streams" PVC last.
- Around line 38-59: Add configurable resource requests/limits to the api-server
container spec: update the container with a templated resources block that reads
values from values.yaml keys like resources.apiServer.requests and
resources.apiServer.limits so the "api-server" container can receive CPU/memory
requests and limits; expose these keys in values.yaml
(resources.apiServer.requests and resources.apiServer.limits) with sensible
defaults and reference them in the template using the Helm templating helpers
(e.g., using .Values.resources.apiServer.* and include defaulting via default or
required functions) so the scheduler can make placement decisions and avoid
unbounded resource use.
- Around line 42-56: Make RUST_LOG configurable by adding an
api_server.log_level entry in values.yaml (default "INFO") and update the
deployment template to replace the hardcoded RUST_LOG value with a Helm value
lookup that uses api_server.log_level with a fallback to "INFO" when unset;
reference the RUST_LOG env var in the template change and ensure chart
documentation/README notes the new api_server.log_level option.

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9e2639e and 26b5055.

📒 Files selected for processing (1)

• tools/deployment/package-helm/templates/api-server-deployment.yaml

🧰 Additional context used

🧠 Learnings (4)

📓 Common learnings

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:42.629Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

📚 Learning: 2025-12-19T05:03:42.629Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1818
File: tools/deployment/package-helm/templates/configmap.yaml:12-12
Timestamp: 2025-12-19T05:03:42.629Z
Learning: In the y-scope/clp Helm chart, the `api_server.host` configuration field in the ConfigMap (tools/deployment/package-helm/templates/configmap.yaml) is unused because no other k8s internal services need to reach the API server—it's only accessed from outside the cluster via NodePort.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

📚 Learning: 2025-11-03T16:17:40.223Z

Learnt from: hoophalab
Repo: y-scope/clp PR: 1535
File: components/clp-rust-utils/src/clp_config/package/config.rs:47-61
Timestamp: 2025-11-03T16:17:40.223Z
Learning: In the y-scope/clp repository, the `ApiServer` struct in `components/clp-rust-utils/src/clp_config/package/config.rs` is a Rust-native configuration type and does not mirror any Python code, unlike other structs in the same file (Config, Database, ResultsCache, Package) which are mirrors of Python definitions.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

📚 Learning: 2025-12-04T03:31:55.239Z

Learnt from: junhaoliao
Repo: y-scope/clp PR: 1690
File: tools/deployment/package/docker-compose-all.yaml:424-427
Timestamp: 2025-12-04T03:31:55.239Z
Learning: In tools/deployment/package/docker-compose-all.yaml, the query-worker service writes to /var/data/streams (CLP_STREAM_OUTPUT_DIR_HOST mount), so this directory must remain read-write and should not be mounted with :ro flag.

Applied to files:

• tools/deployment/package-helm/templates/api-server-deployment.yaml

🪛 YAMLlint (1.37.1)

tools/deployment/package-helm/templates/api-server-deployment.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 5-5: too many spaces inside braces

(braces)

---

[error] 7-7: too many spaces inside braces

(braces)

---

[error] 13-13: too many spaces inside braces

(braces)

---

[error] 18-18: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 21-21: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 24-24: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 25-25: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 26-26: too many spaces inside braces

(braces)

---

[error] 32-32: too many spaces inside braces

(braces)

---

[error] 37-37: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 61-61: too many spaces inside braces

(braces)

---

[error] 64-64: too many spaces inside braces

(braces)

---

[error] 70-70: too many spaces inside braces

(braces)

---

[error] 73-73: too many spaces inside braces

(braces)

---

[error] 82-82: too many spaces inside braces

(braces)

---

[error] 87-87: too many spaces inside braces

(braces)

---

[error] 94-94: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: package-image
• GitHub Check: lint-check (ubuntu-24.04)
• GitHub Check: lint-check (macos-15)
• GitHub Check: check-generated

🔇 Additional comments (8)

tools/deployment/package-helm/templates/api-server-deployment.yaml (8)

1-1: LGTM: Conditional deployment gate.

The deployment is properly gated, ensuring the API server resources are only created when explicitly enabled in values.

---

4-14: LGTM: Metadata and labels follow Helm conventions.

The use of helper templates ensures consistent naming and labeling across the chart.

---

21-26: LGTM: Service account and security context properly configured.

The job-watcher service account enables the pod to monitor job completion, and the security context is appropriately templated from values.

---

27-37: LGTM: Init containers ensure proper startup ordering.

The API server correctly waits for database schema and cache indices to be ready before starting.

---

60-74: Volume mounts are correctly configured.

The mounts for logs, config, and streams are properly structured with appropriate paths and options (e.g., readOnly for config).

Note: As discussed in past reviews, the streams volume mount may not work in multi-node clusters without shared storage (e.g., NFS or S3). The team has acknowledged this limitation and plans to address it in issue #1829.

---

75-80: LGTM: Command configuration is correct.

The API server command properly binds to 0.0.0.0 (required for Kubernetes networking) and uses the correct container port and config path.

---

81-88: LGTM: Health probes are well-configured.

Both readiness and liveness probes correctly target the /health endpoint, and the use of a YAML anchor avoids duplication. Templated timings ensure consistency across the chart.

---

103-103: LGTM: Conditional block properly closed.

The template syntax is correct.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Resource limits and requests remain unaddressed.

The past review comment about adding resource requests and limits is still valid. Without these, the scheduler cannot make optimal placement decisions, and the pod could consume excessive cluster resources.

Consider exposing resource configuration in values.yaml (e.g., resources.apiServer.requests and resources.apiServer.limits) and templating them here for production readiness.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

🤖 Prompt for AI Agents

In @tools/deployment/package-helm/templates/api-server-deployment.yaml around
lines 38-59, Add configurable resource requests/limits to the api-server
container spec: update the container with a templated resources block that reads
values from values.yaml keys like resources.apiServer.requests and
resources.apiServer.limits so the "api-server" container can receive CPU/memory
requests and limits; expose these keys in values.yaml
(resources.apiServer.requests and resources.apiServer.limits) with sensible
defaults and reference them in the template using the Helm templating helpers
(e.g., using .Values.resources.apiServer.* and include defaulting via default or
required functions) so the scheduler can make placement decisions and avoid
unbounded resource use.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider making RUST_LOG configurable.

The RUST_LOG environment variable is hardcoded to "INFO". For debugging or troubleshooting, operators may need to adjust the log level without modifying the chart.

🔎 Suggested enhancement

In values.yaml, add:

api_server:
  log_level: "INFO"

Then update the template:

           - name: "RUST_LOG"
-            value: "INFO"
+            value: {{ .Values.clpConfig.api_server.log_level | quote }}

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 46-46: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

---

[error] 51-51: too many spaces inside braces

(braces)

🤖 Prompt for AI Agents

In @tools/deployment/package-helm/templates/api-server-deployment.yaml around
lines 42-56, Make RUST_LOG configurable by adding an api_server.log_level entry
in values.yaml (default "INFO") and update the deployment template to replace
the hardcoded RUST_LOG value with a Helm value lookup that uses
api_server.log_level with a fallback to "INFO" when unset; reference the
RUST_LOG env var in the template change and ensure chart documentation/README
notes the new api_server.log_level option.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider reordering volumes for consistency.

A past review suggested moving the logs volume definition below the config volume for consistency with other Helm files in the chart. Current order: logs, config, streams. Suggested order: config, logs, streams.

This is a minor stylistic preference and does not affect functionality.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 94-94: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 97-97: too many spaces inside braces

(braces)

---

[error] 102-102: too many spaces inside braces

(braces)

🤖 Prompt for AI Agents

In @tools/deployment/package-helm/templates/api-server-deployment.yaml around
lines 89-102, Reorder the volume entries so the config volume comes before the
logs PVC to match chart conventions: move the block defining name: "config" /
configMap: name: {{ include "clp.fullname" . }}-config so it appears above the
clp.pvcVolume call that creates the "logs" volume (the clp.pvcVolume invocation
with component_category "api-server" and name "logs"), leaving the shared-data
"streams" PVC last.