diff --git a/charts/langsmith/Chart.yaml b/charts/langsmith/Chart.yaml index ee57662..3969a97 100644 --- a/charts/langsmith/Chart.yaml +++ b/charts/langsmith/Chart.yaml @@ -5,5 +5,5 @@ maintainers: email: ankush@langchain.dev description: Helm chart to deploy the langsmith application and all services it depends on. type: application -version: 0.3.9 -appVersion: "0.1.19" +version: 0.4.0 +appVersion: "0.1.37" diff --git a/charts/langsmith/README.md b/charts/langsmith/README.md index c667ad6..0d2ae44 100644 --- a/charts/langsmith/README.md +++ b/charts/langsmith/README.md @@ -1,6 +1,6 @@ # langsmith -![Version: 0.3.9](https://img.shields.io/badge/Version-0.3.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.19](https://img.shields.io/badge/AppVersion-0.1.19-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.37](https://img.shields.io/badge/AppVersion-0.1.37-informational?style=flat-square) Helm chart to deploy the langsmith application and all services it depends on. @@ -8,12 +8,16 @@ Helm chart to deploy the langsmith application and all services it depends on. LangSmith 0.3.0 should be a drop-in replacement for LangSmith 0.2.0. You can follow the generic upgrade instructions [here](docs/UPGRADE.md). -There are a few important changes when migrating from 0.3.0 to 0.4.0: +There are a few important changes when migrating from 0.3.0 to 0.4.0. The majority of these will require no action on your part. However, there are a few things to note: - OAuth Flow now relies on using Access Tokens instead of OIDC ID tokens. This shouldn't impact any of your application functionality. +- A new asynchronous queue worker implementation has been added. This should improve the performance of the application trace ingestion. - Clickhouse persistence now uses 50Gi of storage by default. You can adjust this by changing the `clickhouse.statefulSet.persistence.size` value in your `values.yaml` file. - You may need to resize your existing storage class or set `clickhouse.statefulSet.persistence.size` to the old default value of `8Gi`. - Some our image repositories have been update. You can see the root repositories in our `values.yaml` file. You may need to update mirrors. +- We now expose an api key salt parameter. This previously defaulted to your LangSmith License Key. You should set this param to your license key to avoid invalidating old api keys. + +** Note: Using a new api key salt will invalidate all old api keys. ** ## Migrating from LangSmith 0.2.0 to 0.3.0 @@ -45,18 +49,24 @@ Ensure you have the following tools/items ready. 1. `brew install helm` 3. LangSmith License Key 1. You can get this from your Langchain representative. Contact us at support@langchain.dev for more information. -3. SSL(optional) +4. Api Key Salt + 1. This is a secret key that you can generate. It should be a random string of characters. + 2. You can generate this using the following command: + ```bash + openssl rand -base64 32 + ``` +5. SSL(optional) 1. This should be attachable to the load balancer that you will be provisioning. -4. OpenAI API Key(optional). +6. OpenAI API Key(optional). 1. Used for natural language search feature. Can specify OpenAI key in browser as well for the playground feature. -5. Oauth Configuration(optional). +7. Oauth Configuration(optional). 1. You can configure oauth using the `values.yaml` file. You will need to provide a `client_id` and `client_issuer_url` for your oauth provider. 2. Note, we do rely on the OIDC Authorization Code with PKCE flow. We currently support almost anything that is OIDC compliant however Google does not support this flow. -6. External Postgres(optional). +8. External Postgres(optional). 1. You can configure external postgres using the `values.yaml` file. You will need to provide connection parameters for your postgres instance. 2. If using a schema other than public, ensure that you do not have any other schemas with the pgcrypto extension enabled or you must include that in your search path. 3. Note: We do only officially support Postgres versions >= 14. -7. External Redis(optional). +9. External Redis(optional). 1. You can configure external redis using the `values.yaml` file. You will need to provide a connection url for your redis instance. 2. Currently, we do not support using Redis with TLS. We will be supporting this shortly. 3. We only official support Redis versions >= 6. @@ -77,7 +87,7 @@ Bare minimum config file `langsmith_config.yaml`: ```yaml config: langsmithLicenseKey: "" - + apiKeySalt: "foo" ``` Example `EKS` config file with certificates setup using ACM: @@ -85,6 +95,7 @@ Example `EKS` config file with certificates setup using ACM: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" frontend: service: @@ -99,6 +110,8 @@ Example config file with oauth setup: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" + oauth: enabled: true oauthClientId: "0oa805851lEvitA1i697" @@ -112,6 +125,8 @@ Example config file with external postgres and redis: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" + postgres: external: enabled: true @@ -263,7 +278,7 @@ We typically validate deployment using the following quickstart guide: | clickhouse.statefulSet.extraEnv | list | `[]` | | | clickhouse.statefulSet.labels | object | `{}` | | | clickhouse.statefulSet.nodeSelector | object | `{}` | | -| clickhouse.statefulSet.persistence.size | string | `"8Gi"` | | +| clickhouse.statefulSet.persistence.size | string | `"50Gi"` | | | clickhouse.statefulSet.persistence.storageClassName | string | `""` | | | clickhouse.statefulSet.podSecurityContext | object | `{}` | | | clickhouse.statefulSet.resources | object | `{}` | | @@ -277,20 +292,20 @@ We typically validate deployment using the following quickstart guide: | fullnameOverride | string | `""` | String to fully override `"langsmith.fullname"` | | images.backendImage.pullPolicy | string | `"IfNotPresent"` | | | images.backendImage.repository | string | `"docker.io/langchain/langsmith-backend"` | | -| images.backendImage.tag | string | `"0.1.19"` | | +| images.backendImage.tag | string | `"0.1.37"` | | | images.clickhouseImage.pullPolicy | string | `"Always"` | | | images.clickhouseImage.repository | string | `"docker.io/clickhouse/clickhouse-server"` | | | images.clickhouseImage.tag | string | `"23.9"` | | | images.frontendImage.pullPolicy | string | `"IfNotPresent"` | | | images.frontendImage.repository | string | `"docker.io/langchain/langsmith-frontend"` | | -| images.frontendImage.tag | string | `"0.1.19"` | | +| images.frontendImage.tag | string | `"0.1.37"` | | | images.hubBackendImage.pullPolicy | string | `"IfNotPresent"` | | | images.hubBackendImage.repository | string | `"docker.io/langchain/langhub-backend"` | | -| images.hubBackendImage.tag | string | `"0.1.19"` | | +| images.hubBackendImage.tag | string | `"0.1.37"` | | | images.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Specified as name: value. | | images.playgroundImage.pullPolicy | string | `"IfNotPresent"` | | | images.playgroundImage.repository | string | `"docker.io/langchain/langsmith-playground"` | | -| images.playgroundImage.tag | string | `"0.1.19"` | | +| images.playgroundImage.tag | string | `"0.1.37"` | | | images.postgresImage.pullPolicy | string | `"IfNotPresent"` | | | images.postgresImage.repository | string | `"docker.io/postgres"` | | | images.postgresImage.tag | string | `"14.7"` | | @@ -310,6 +325,7 @@ We typically validate deployment using the following quickstart guide: | Key | Type | Default | Description | |-----|------|---------|-------------| +| config.apiKeySalt | string | `""` | | | config.existingSecretName | string | `""` | | | config.langsmithLicenseKey | string | `""` | | | config.logLevel | string | `"info"` | | @@ -428,7 +444,7 @@ We typically validate deployment using the following quickstart guide: | clickhouse.statefulSet.extraEnv | list | `[]` | | | clickhouse.statefulSet.labels | object | `{}` | | | clickhouse.statefulSet.nodeSelector | object | `{}` | | -| clickhouse.statefulSet.persistence.size | string | `"8Gi"` | | +| clickhouse.statefulSet.persistence.size | string | `"50Gi"` | | | clickhouse.statefulSet.persistence.storageClassName | string | `""` | | | clickhouse.statefulSet.podSecurityContext | object | `{}` | | | clickhouse.statefulSet.resources | object | `{}` | | diff --git a/charts/langsmith/README.md.gotmpl b/charts/langsmith/README.md.gotmpl index 0792e5d..c2feb3c 100644 --- a/charts/langsmith/README.md.gotmpl +++ b/charts/langsmith/README.md.gotmpl @@ -8,12 +8,16 @@ LangSmith 0.3.0 should be a drop-in replacement for LangSmith 0.2.0. You can follow the generic upgrade instructions [here](docs/UPGRADE.md). -There are a few important changes when migrating from 0.3.0 to 0.4.0: +There are a few important changes when migrating from 0.3.0 to 0.4.0. The majority of these will require no action on your part. However, there are a few things to note: - OAuth Flow now relies on using Access Tokens instead of OIDC ID tokens. This shouldn't impact any of your application functionality. +- A new asynchronous queue worker implementation has been added. This should improve the performance of the application trace ingestion. - Clickhouse persistence now uses 50Gi of storage by default. You can adjust this by changing the `clickhouse.statefulSet.persistence.size` value in your `values.yaml` file. - You may need to resize your existing storage class or set `clickhouse.statefulSet.persistence.size` to the old default value of `8Gi`. - Some our image repositories have been update. You can see the root repositories in our `values.yaml` file. You may need to update mirrors. +- We now expose an api key salt parameter. This previously defaulted to your LangSmith License Key. You should set this param to your license key to avoid invalidating old api keys. + +** Note: Using a new api key salt will invalidate all old api keys. ** ## Migrating from LangSmith 0.2.0 to 0.3.0 @@ -45,18 +49,24 @@ Ensure you have the following tools/items ready. 1. `brew install helm` 3. LangSmith License Key 1. You can get this from your Langchain representative. Contact us at support@langchain.dev for more information. -3. SSL(optional) +4. Api Key Salt + 1. This is a secret key that you can generate. It should be a random string of characters. + 2. You can generate this using the following command: + ```bash + openssl rand -base64 32 + ``` +5. SSL(optional) 1. This should be attachable to the load balancer that you will be provisioning. -4. OpenAI API Key(optional). +6. OpenAI API Key(optional). 1. Used for natural language search feature. Can specify OpenAI key in browser as well for the playground feature. -5. Oauth Configuration(optional). +7. Oauth Configuration(optional). 1. You can configure oauth using the `values.yaml` file. You will need to provide a `client_id` and `client_issuer_url` for your oauth provider. 2. Note, we do rely on the OIDC Authorization Code with PKCE flow. We currently support almost anything that is OIDC compliant however Google does not support this flow. -6. External Postgres(optional). +8. External Postgres(optional). 1. You can configure external postgres using the `values.yaml` file. You will need to provide connection parameters for your postgres instance. 2. If using a schema other than public, ensure that you do not have any other schemas with the pgcrypto extension enabled or you must include that in your search path. 3. Note: We do only officially support Postgres versions >= 14. -7. External Redis(optional). +9. External Redis(optional). 1. You can configure external redis using the `values.yaml` file. You will need to provide a connection url for your redis instance. 2. Currently, we do not support using Redis with TLS. We will be supporting this shortly. 3. We only official support Redis versions >= 6. @@ -77,7 +87,7 @@ Bare minimum config file `langsmith_config.yaml`: ```yaml config: langsmithLicenseKey: "" - + apiKeySalt: "foo" ``` Example `EKS` config file with certificates setup using ACM: @@ -85,6 +95,7 @@ Example `EKS` config file with certificates setup using ACM: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" frontend: service: @@ -99,6 +110,8 @@ Example config file with oauth setup: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" + oauth: enabled: true oauthClientId: "0oa805851lEvitA1i697" @@ -112,6 +125,8 @@ Example config file with external postgres and redis: ```jsx config: langsmithLicenseKey: "" + apiKeySalt: "foo" + postgres: external: enabled: true diff --git a/charts/langsmith/examples/autoscaling_config.yaml b/charts/langsmith/examples/autoscaling_config.yaml index 53be424..706d7fb 100644 --- a/charts/langsmith/examples/autoscaling_config.yaml +++ b/charts/langsmith/examples/autoscaling_config.yaml @@ -1,5 +1,6 @@ config: langsmithLicenseKey: "YOUR_LICENSE_KEY" + apiKeySalt: "YOUR_API_KEY_SALT" # Note, you likely should tweak the values to match your needs backend: diff --git a/charts/langsmith/examples/basic_config.yaml b/charts/langsmith/examples/basic_config.yaml index 6cdf2a2..2652799 100644 --- a/charts/langsmith/examples/basic_config.yaml +++ b/charts/langsmith/examples/basic_config.yaml @@ -1,3 +1,4 @@ config: langsmithLicenseKey: "YOUR_LICENSE_KEY" + apiKeySalt: "YOUR_API_KEY_SALT" # existingSecretName: "langsmith-config" You can also put the above into a secret if you want to avoid putting the license key in the values file. diff --git a/charts/langsmith/examples/basic_external.yaml b/charts/langsmith/examples/basic_external.yaml index c35d95c..e96c4e3 100644 --- a/charts/langsmith/examples/basic_external.yaml +++ b/charts/langsmith/examples/basic_external.yaml @@ -1,5 +1,6 @@ config: langsmithLicenseKey: "YOUR_LICENSE_KEY" + apiKeySalt: "YOUR_API_KEY_SALT" postgres: external: diff --git a/charts/langsmith/examples/basic_oauth.yaml b/charts/langsmith/examples/basic_oauth.yaml index b3f403f..6315a8f 100644 --- a/charts/langsmith/examples/basic_oauth.yaml +++ b/charts/langsmith/examples/basic_oauth.yaml @@ -1,5 +1,6 @@ config: langsmithLicenseKey: "YOUR_LICENSE_KEY" + apiKeySalt: "YOUR_API_KEY_SALT" oauth: enabled: true oauthClientId: "YOUR_CLIENT_ID" diff --git a/charts/langsmith/examples/medium_size.yaml b/charts/langsmith/examples/medium_size.yaml index f2788e8..19ceca3 100644 --- a/charts/langsmith/examples/medium_size.yaml +++ b/charts/langsmith/examples/medium_size.yaml @@ -1,5 +1,6 @@ config: langsmithLicenseKey: "YOUR_LICENSE_KEY" + apiKeySalt: "YOUR_API_KEY_SALT" openaiApiKey: "YOUR OPENAI API KEY" oauth: enabled: true diff --git a/charts/langsmith/templates/backend/config-map.yaml b/charts/langsmith/templates/backend/config-map.yaml deleted file mode 100644 index 93521b6..0000000 --- a/charts/langsmith/templates/backend/config-map.yaml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "langsmith.fullname" . }}-{{ .Values.backend.name }} - labels: - {{- include "langsmith.labels" . | nindent 4 }} - annotations: - {{- include "langsmith.annotations" . | nindent 4 }} -data: - nginx-unit-config.json: | - { - "listeners": { - "*:{{ .Values.backend.containerPort }}": { - "pass": "routes/main" - } - }, - "routes": { - "main": [ - { - "match": { - "method": "OPTIONS" - }, - "action": { - "return": 200, - "response_headers": { - "Access-Control-Allow-Credentials": "true", - "Access-Control-Allow-Origin": "$header_origin", - "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD", - "Access-Control-Allow-Headers": "$header_access_control_request_headers", - "Access-Control-Max-Age": "86400" - } - } - }, - { - "action": { - "pass": "applications/fastapi", - "response_headers": { - "Cache-Control": "no-cache", - "Access-Control-Allow-Credentials": "true", - "Access-Control-Allow-Origin": "$header_origin" - } - } - } - ] - }, - "applications": { - "fastapi": { - "type": "python 3.11", - "path": "/code/smith-backend", - "module": "app.main", - "callable": "app" - } - }, - "settings": { - "http": { - "max_body_size": 26214400 - } - } - } diff --git a/charts/langsmith/templates/backend/deployment.yaml b/charts/langsmith/templates/backend/deployment.yaml index 1e5389f..3ac5b7e 100644 --- a/charts/langsmith/templates/backend/deployment.yaml +++ b/charts/langsmith/templates/backend/deployment.yaml @@ -88,12 +88,10 @@ spec: {{- toYaml .Values.backend.deployment.resources | nindent 12 }} securityContext: {{- toYaml .Values.backend.deployment.securityContext | nindent 12 }} + {{- with .Values.backend.deployment.volumeMounts }} volumeMounts: - {{- with .Values.backend.deployment.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - - mountPath: /docker-entrypoint.d - name: nginx-unit-conf + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.backend.deployment.extraContainerConfig }} {{- toYaml . | nindent 10 }} {{- end }} @@ -112,17 +110,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.backend.deployment.volumes }} volumes: - {{- with .Values.backend.deployment.volumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: nginx-unit-conf - configMap: - {{- if .Values.backend.existingConfigMapName }} - name: {{ .Values.backend.existingConfigMapName }} - {{- else }} - name: {{ include "langsmith.fullname" . }}-{{ .Values.backend.name }} - {{- end }} - items: - - key: nginx-unit-config.json - path: unit.json + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/langsmith/templates/secrets.yaml b/charts/langsmith/templates/secrets.yaml index 0487044..ed1c8e1 100644 --- a/charts/langsmith/templates/secrets.yaml +++ b/charts/langsmith/templates/secrets.yaml @@ -12,5 +12,5 @@ data: oauth_client_id: {{ .Values.config.oauth.oauthClientId | b64enc | quote }} oauth_issuer_url: {{ .Values.config.oauth.oauthIssuerUrl | b64enc | quote }} langsmith_license_key: {{ .Values.config.langsmithLicenseKey | b64enc | quote }} - api_key_salt: {{ .Values.config.langsmithLicenseKey | b64enc | quote }} + api_key_salt: {{ .Values.config.apiKeySalt | default .Values.config.langsmithLicenseKey | b64enc | quote }} {{- end }} diff --git a/charts/langsmith/values.yaml b/charts/langsmith/values.yaml index fa92744..db99024 100644 --- a/charts/langsmith/values.yaml +++ b/charts/langsmith/values.yaml @@ -15,19 +15,19 @@ images: backendImage: repository: "docker.io/langchain/langsmith-backend" pullPolicy: IfNotPresent - tag: "0.1.19" + tag: "0.1.37" frontendImage: repository: "docker.io/langchain/langsmith-frontend" pullPolicy: IfNotPresent - tag: "0.1.19" + tag: "0.1.37" hubBackendImage: repository: "docker.io/langchain/langhub-backend" pullPolicy: IfNotPresent - tag: "0.1.19" + tag: "0.1.37" playgroundImage: repository: "docker.io/langchain/langsmith-playground" pullPolicy: IfNotPresent - tag: "0.1.19" + tag: "0.1.37" postgresImage: repository: "docker.io/postgres" pullPolicy: IfNotPresent @@ -63,6 +63,7 @@ config: existingSecretName: "" openaiApiKey: "" langsmithLicenseKey: "" + apiKeySalt: "" logLevel: "info" oauth: enabled: false @@ -210,7 +211,7 @@ clickhouse: volumeMounts: [] # We recommend using a persistent volume and increasing the storage size to something like 50Gi when using in a production environment! persistence: - size: 8Gi + size: 50Gi storageClassName: "" service: type: ClusterIP