[RHIDP-12571] Add Developer Lightspeed

[Jdubrick]

Description of the change

• Adds Developer Lightspeed as a default component to the RHDH Helm chart
• Includes the necessary configuration files and secret setups needed for Lightspeed to function
  • These configs are sourced from our upstream --> Script for syncing added to /hack

Which issue(s) does this PR fix or relate to

https://redhat.atlassian.net/browse/RHIDP-12571

How to test changes / Special notes to the reviewer

You should be able to deploy this chart to a cluster and observe that Lightspeed and its components (sidecars) are included by default. This includes config maps and secrets. To enable Lightspeed you would edit the associated secret to enable LLMs and setup their API keys. If you edit the secret in cluster you will need to do a manual rollout of the deployment.

I worked with GPT 5.4 to create a .md file that outlines what you'd need to know to get it up and running with the plugin UI: https://github.com/Jdubrick/rhdh-chart/blob/doc-test/lightspeed.md

Checklist

• For each Chart updated, version bumped in the corresponding Chart.yaml according to Semantic Versioning.
• For each Chart updated, variables are documented in the values.yaml and added to the corresponding README.md. The pre-commit utility can be used to generate the necessary content. Run pre-commit run --all-files to run the hooks and then push any resulting changes. The pre-commit Workflow will enforce this and warn you if needed.
• JSON Schema template updated and re-generated the raw schema via the pre-commit hook.
• Tests pass using the Chart Testing tool and the ct lint command.
• If you updated the orchestrator-infra chart, make sure the versions of the Knative CRDs are aligned with the versions of the CRDs installed by the OpenShift Serverless operators declared in the values.yaml file. See Installing Knative Eventing and Knative Serving CRDs for more details.

[rhdh-qodo-merge]

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. Unauthenticated sidecar exposed 🐞 Bug ⛨ Security

Description

The vendored Lightspeed Core config binds the service to 0.0.0.0:8080 with auth_enabled: false
and authentication.module: 'noop', while the pod template exposes the sidecar port. This makes the
Lightspeed API reachable via the Backstage Pod IP from other in-cluster workloads without
authentication (unless blocked by NetworkPolicies).

Code

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml[R17-31]

+service:
+  host: 0.0.0.0
+  port: 8080
+  auth_enabled: false
+  workers: 1
+  color_log: true
+  access_log: true
+llama_stack:
+  use_as_library_client: true
+  library_client_config_path: /app-root/config.yaml
+user_data_collection:
+  feedback_enabled: true
+  feedback_storage: '/tmp/data/feedback'
+authentication:
+  module: 'noop'

Relevance

⭐⭐⭐ High

Team frequently accepts security hardening; unauthenticated in-cluster port exposure likely flagged
for NetworkPolicy/auth mitigation.

PR-#166
PR-#156
PR-#207

ⓘ Recommendations generated based on similar findings in past PRs

Evidence

Lightspeed is configured to listen on all interfaces and disables authentication at the application
layer, and the chart explicitly defines a container port for the sidecar, which is enough to make
the endpoint reachable over the pod network.

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml[16-31]
charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml[242-263]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The Lightspeed Core sidecar is configured to listen on `0.0.0.0` with authentication disabled (`auth_enabled: false` and `authentication.module: 'noop'`). Since the pod template also declares the container port, other pods can reach the Lightspeed API via the Backstage pod IP unless NetworkPolicies prevent it.

## Issue Context
This chart enables Lightspeed by default and injects the Lightspeed secret into the sidecar via `envFrom`, so unauthenticated access can enable unintended use (e.g., inference calls, resource consumption) whenever credentials are configured.

## Fix Focus Areas
- charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml[16-31]
- charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml[242-263]
- hack/sync-lightspeed-configs.sh[26-40]

## What to change
- Prefer a secure-by-default posture by making the sidecar bind to localhost (e.g., `service.host: 127.0.0.1`) so it is only reachable from within the pod.
- Alternatively (or additionally), enable authentication in the Lightspeed configuration and wire required credentials via the chart-managed Secret.
- Since this file is vendored from upstream, update `hack/sync-lightspeed-configs.sh` to apply the hardening transformation deterministically after fetching (so future syncs don’t reintroduce the insecure defaults).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. CI values don't disable Lightspeed 🐞 Bug ☼ Reliability

Description

The chart now enables Lightspeed by default, but existing chart-testing values files (e.g.
charts/backstage/ci/default-values.yaml) don’t override it, so CI installs will now schedule the
Lightspeed init container and sidecar by default. This is a behavior change for CI installs and can
cause install failures or increased flakiness/time in constrained CI clusters (extra image pulls +
extra containers).

Code

charts/backstage/values.yaml[R38-42]

+  # -- Built-in Lightspeed feature configuration.
+  lightspeed:
+    # -- Enable or disable the built-in Lightspeed feature.
+    enabled: true
+    # -- Lightspeed plugins and their configuration. Override package references for disconnected environments.

Evidence

global.lightspeed.enabled is set to true in the chart defaults, so any CI install that only
applies the existing ci/*.yaml overrides but does not set global.lightspeed.enabled: false will
still deploy Lightspeed. The existing ci/default-values.yaml only disables Route and Postgres
persistence, while the newly added CI values file shows the needed override but does not replace the
existing scenarios.

charts/backstage/values.yaml[38-42]
charts/backstage/ci/default-values.yaml[1-8]
charts/backstage/ci/with-lightspeed-disabled-values.yaml[1-13]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
Lightspeed is enabled by default in `charts/backstage/values.yaml`, but the existing chart-testing values files under `charts/backstage/ci/` (notably `default-values.yaml`) don't override it. As a result, CI installs that previously only disabled Route/Postgres persistence will now also deploy Lightspeed init/sidecar containers.

### Issue Context
A new CI values file `with-lightspeed-disabled-values.yaml` was added, but other CI scenarios still inherit the default `global.lightspeed.enabled: true` unless explicitly overridden.

### Fix Focus Areas
- charts/backstage/ci/default-values.yaml[1-8]
- charts/backstage/ci/with-orchestrator-values.yaml[1-80]
- charts/backstage/ci/with-orchestrator-and-dynamic-plugins-npmrc-values.yaml[1-120]
- charts/backstage/ci/with-custom-dynamic-pvc-claim-spec-values.yaml[1-120]

### Suggested change
Add:
```yaml
global:
 lightspeed:
   enabled: false
```
To CI values files that are intended to be "baseline" installs in kind/CI (at minimum `default-values.yaml`, and any other scenarios where Lightspeed is not under test). Alternatively, update the chart-testing configuration to only run install scenarios that explicitly disable Lightspeed (if that’s the intended CI posture).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. Lightspeed sync omits secret ☑ 🐞 Bug ⚙ Maintainability

Description

CONTRIBUTING.md states the vendored Lightspeed config files under files/lightspeed are synced via
hack/sync-lightspeed-configs.sh, but the script’s TARGETS list omits files/lightspeed/secret.yaml.
This allows the secret payload template to drift from upstream without being caught by the sync
script or its --check mode.

Code

hack/sync-lightspeed-configs.sh[R12-16]

+TARGETS=(
+  "lightspeed-core-configs/lightspeed-stack.yaml:${LIGHTSPEED_DIR}/lightspeed-stack.yaml"
+  "llama-stack-configs/config.yaml:${LIGHTSPEED_DIR}/config.yaml"
+  "lightspeed-core-configs/rhdh-profile.py:${LIGHTSPEED_DIR}/rhdh-profile.py"
+)

Evidence

The documentation points contributors to the sync script for keeping the whole files/lightspeed
directory in sync, but the script only fetches three files. The chart also vendors secret.yaml in
that directory (used to generate the Lightspeed Secret), and it is not covered by the sync targets.

CONTRIBUTING.md[41-65]
hack/sync-lightspeed-configs.sh[12-16]
charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml[1-16]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`hack/sync-lightspeed-configs.sh` is documented as the mechanism for syncing vendored Lightspeed config files in `charts/backstage/vendor/backstage/charts/backstage/files/lightspeed`, but it does not sync `secret.yaml`. This can cause the secret payload template to drift from upstream without detection.

### Issue Context
The Lightspeed Secret rendered by the chart is sourced from `files/lightspeed/secret.yaml`, which is currently a vendored file alongside the other synced configs.

### Fix Focus Areas
- hack/sync-lightspeed-configs.sh[12-16]
- CONTRIBUTING.md[41-65]
- charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml[1-16]

### Suggested change
Choose one:
1) **Preferred**: Add `secret.yaml` to `TARGETS` (with the correct upstream path), e.g.
```bash
"<upstream-path>/secret.yaml:${LIGHTSPEED_DIR}/secret.yaml"
```
so `--check` also validates it.

2) If `secret.yaml` is intentionally maintained downstream, update `CONTRIBUTING.md` to explicitly list which files are synced and note that `secret.yaml` is excluded by design.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[rhdh-qodo-merge]

Review Summary by Qodo

Add Developer Lightspeed as built-in Helm chart component

✨ Enhancement

Walkthroughs

Description

• Adds Developer Lightspeed as built-in default component to RHDH Helm chart
• Includes Lightspeed Core sidecar, RAG init container, and dynamic plugins
• Provides configuration files, secrets, and volume management for Lightspeed
• Adds sync script for upstream Lightspeed config file management
• Updates chart version from 5.7.0 to 5.8.0

Diagram

flowchart LR
  A["Helm Values"] -->|"global.lightspeed config"| B["Lightspeed Feature"]
  B -->|"enables"| C["Init Container<br/>RAG Bootstrap"]
  B -->|"enables"| D["Sidecar Container<br/>Lightspeed Core"]
  B -->|"enables"| E["Dynamic Plugins<br/>Frontend & Backend"]
  C -->|"mounts"| F["Runtime Volume<br/>emptyDir/PVC"]
  C -->|"mounts"| G["RAG Volume<br/>Vector DB"]
  D -->|"mounts"| F
  D -->|"mounts"| G
  D -->|"loads"| H["ConfigMaps<br/>stack/config/profile"]
  D -->|"loads"| I["Secret<br/>LLM Credentials"]
  J["Sync Script"] -->|"updates"| H

Loading

File Changes

1. hack/sync-lightspeed-configs.sh ✨ Enhancement +140/-0

Script to sync upstream Lightspeed configs

hack/sync-lightspeed-configs.sh

---

2. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/rhdh-profile.py ⚙️ Configuration changes +268/-0

Lightspeed prompt templates and system instructions

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/rhdh-profile.py

---

3. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/config.yaml ⚙️ Configuration changes +217/-0

Lightspeed Core configuration and provider setup

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/config.yaml

---

View more (15)

4. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml ⚙️ Configuration changes +37/-0

Lightspeed stack service and authentication config

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml

---

5. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml ⚙️ Configuration changes +16/-0

Placeholder environment variables for LLM providers

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml

---

6. CONTRIBUTING.md 📝 Documentation +25/-0

Documentation for syncing Lightspeed config files

CONTRIBUTING.md

---

7. charts/backstage/Chart.yaml ⚙️ Configuration changes +1/-1

Bump chart version to 5.8.0

charts/backstage/Chart.yaml

---

8. charts/backstage/README.md 📝 Documentation +24/-2

Add Lightspeed feature documentation and usage guide

charts/backstage/README.md

---

9. charts/backstage/README.md.gotmpl 📝 Documentation +12/-0

Template for Lightspeed documentation generation

charts/backstage/README.md.gotmpl

---

10. charts/backstage/values.yaml ⚙️ Configuration changes +55/-1

Add Lightspeed configuration values and defaults

charts/backstage/values.yaml

---

11. charts/backstage/values.schema.tmpl.json ⚙️ Configuration changes +119/-0

JSON schema template for Lightspeed values validation

charts/backstage/values.schema.tmpl.json

---

12. charts/backstage/values.schema.json ⚙️ Configuration changes +369/-1

Generated JSON schema for Lightspeed configuration

charts/backstage/values.schema.json

---

13. charts/backstage/templates/_helpers.tpl ✨ Enhancement +365/-0

Helper templates for Lightspeed rendering and validation

charts/backstage/templates/_helpers.tpl

---

14. charts/backstage/templates/dynamic-plugins-configmap.yaml ✨ Enhancement +7/-0

Include Lightspeed plugins in dynamic plugins config

charts/backstage/templates/dynamic-plugins-configmap.yaml

---

15. charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml ✨ Enhancement +99/-1

Add Lightspeed init container, sidecar, and volume mounts

charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml

---

16. charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml ✨ Enhancement +16/-0

Template to render Lightspeed configuration ConfigMaps

charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml

---

17. charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml ✨ Enhancement +15/-0

Template to render Lightspeed Secret with LLM credentials

charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml

---

18. charts/backstage/ci/with-lightspeed-disabled-values.yaml 🧪 Tests +13/-0

CI test values with Lightspeed feature disabled

charts/backstage/ci/with-lightspeed-disabled-values.yaml

---

[Jdubrick]

fyi @rm3l @gabemontero

[Jdubrick]

/hold still need to add the MCP plugins.. whoops

[gabemontero]

an initial pass @Jdubrick ; admittedly, some of my questions may be unwarranted, but let's have the discussion; and yeah, aside from the install team folks, let's get as many eyes on this as possible .... maybe start with @thepetk

also, the second review item from qodo might have some credence ... I did not parse through all the particulars, but my initial scan of it resonated with me

I 'll copy / paste / consolidate its particulars for reference ... curious how it resonates with you:

CONTRIBUTING.md states the vendored Lightspeed config files under files/lightspeed are synced via
hack/sync-lightspeed-configs.sh, but the script’s TARGETS list omits files/lightspeed/secret.yaml.
This allows the secret payload template to drift from upstream without being caught by the sync
script or its --check mode.

hack/sync-lightspeed-configs.sh[R12-16]

+TARGETS=(
+  "lightspeed-core-configs/lightspeed-stack.yaml:${LIGHTSPEED_DIR}/lightspeed-stack.yaml"
+  "llama-stack-configs/config.yaml:${LIGHTSPEED_DIR}/config.yaml"
+  "lightspeed-core-configs/rhdh-profile.py:${LIGHTSPEED_DIR}/rhdh-profile.py"
+)

The documentation points contributors to the sync script for keeping the whole files/lightspeed
directory in sync, but the script only fetches three files. The chart also vendors secret.yaml in
that directory (used to generate the Lightspeed Secret), and it is not covered by the sync targets.
CONTRIBUTING.md[41-65]
hack/sync-lightspeed-configs.sh[12-16]
charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml[1-16]

### Suggested change
Choose one:
1) **Preferred**: Add `secret.yaml` to `TARGETS` (with the correct upstream path), e.g.
```bash
"<upstream-path>/secret.yaml:${LIGHTSPEED_DIR}/secret.yaml"

so --check also validates it.

2. If secret.yaml is intentionally maintained downstream, update CONTRIBUTING.md to explicitly list which files are synced and note that secret.yaml is excluded by design.```

[thepetk]

Awesome work @Jdubrick ! Left some comments just to make sure we have those things covered!

[gabemontero]

LGTM @Jdubrick

of course we need to hear from @redhat-developer/rhdh-install on this

[rm3l]

/cc

[rhdh-qodo-merge]

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (0) 📎 Requirement gaps (1)

1. Unvalidated Lightspeed payload files ☑ 🐞 Bug ☼ Reliability

Description

rhdh.lightspeed.fileContent returns an empty string when the referenced Lightspeed payload file is
missing, and the ConfigMap/Secret templates render that content without a required() check even
when the defaults mark them optional: false. This can silently render empty Lightspeed
ConfigMaps/Secret and lead to Lightspeed sidecar runtime failures instead of failing fast during
helm template/install.

Code

charts/backstage/templates/_helpers.tpl[R210-216]

+{{- define "rhdh.lightspeed.fileContent" -}}
+{{- $path := include "rhdh.lightspeed.filePath" .file -}}
+{{- $content := .context.Files.Get $path -}}
+{{- if and (empty $content) .context.Subcharts (hasKey .context.Subcharts "upstream") -}}
+  {{- $content = .context.Subcharts.upstream.Files.Get $path -}}
+{{- end -}}
+{{- $content -}}

Relevance

⭐⭐⭐ High

Team favors fail-fast Helm validation (uses required/fail in helpers); missing non-optional payloads
should error.

PR-#291
PR-#173
PR-#280

ⓘ Recommendations generated based on similar findings in past PRs

Evidence

The helper reads a file via .Files.Get (with a subchart fallback) and returns $content as-is; if
the file isn’t found, the result is "" and no failure is triggered. The Lightspeed ConfigMap and
Secret templates embed this content directly, and defaults.yaml explicitly marks these resources as
non-optional, so missing payload files would be an error condition that currently isn’t enforced at
render time.

charts/backstage/templates/_helpers.tpl[210-217]
charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml[12-15]
charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml[2-14]
charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/defaults.yaml[61-85]
charts/backstage/templates/_helpers.tpl[63-67]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
Lightspeed payload files (ConfigMaps and Secret source YAMLs) are loaded via `rhdh.lightspeed.fileContent`, which returns an empty string if the file is missing. The templates then render ConfigMaps/Secret without enforcing `required()` even when defaults declare `optional: false`, so a missing/renamed/unpackaged payload file can lead to empty resources and runtime failure.

### Issue Context
- `defaults.yaml` is required, but the other referenced payload files (`lightspeed-stack.yaml`, `config.yaml`, `rhdh-profile.py`, `secret.yaml`) are not.
- This is a fail-fast vs fail-late reliability problem: Helm should error during render when a non-optional payload file is missing.

### Fix Focus Areas
- charts/backstage/templates/_helpers.tpl[210-217]
- charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml[1-16]
- charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml[1-15]
- charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/defaults.yaml[61-85]

### Suggested implementation direction
- Introduce a helper like `rhdh.lightspeed.requiredFileContent` that:
 - loads content via the existing fallback logic
 - applies `required()` when `optional` is false (or when used for Secret sourceFile)
- Update `lightspeed-configmaps.yaml` to call the required variant for entries where `.optional` is false.
- Update `lightspeed-secret.yaml` / `rhdh.lightspeed.secretStringData` to `required()` the secret `sourceFile` content when `secret.create=true` and `secret.optional=false`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Lightspeed config under global 📎 Requirement gap ⚙ Maintainability

Description

Lightspeed-specific configuration is placed under global.lightspeed.* and templates read from
.Values.global.lightspeed, rather than being grouped under lightspeed.* as required. This
scatters Lightspeed configuration into an unrelated scope and conflicts with the requested values
organization.

Code

charts/backstage/templates/_helpers.tpl[R101-107]

+{{- $global := default dict .Values.global -}}
+{{- if hasKey $global "lightspeed" -}}
+  {{- $raw := get $global "lightspeed" -}}
+  {{- if kindIs "bool" $raw -}}
+    {{- $_ := set $lightspeed "enabled" $raw -}}
+  {{- else if kindIs "map" $raw -}}
+    {{- $lightspeed = mergeOverwrite $lightspeed $raw -}}

Relevance

⭐ Low

Repo commonly places built-in feature config under global.*; precedent accepted (e.g.,
global.catalogIndex) over top-level keys.

PR-#280
PR-#109
PR-#291

ⓘ Recommendations generated based on similar findings in past PRs

Evidence

PR Compliance ID 4 requires all Lightspeed parameters to live under lightspeed.*. The helper
template explicitly pulls Lightspeed config from .Values.global ($global := ... .Values.global
and get $global "lightspeed"), confirming the config is organized under global.lightspeed
instead of lightspeed.

All additional Lightspeed configuration parameters live under the lightspeed values scope
charts/backstage/templates/_helpers.tpl[101-107]
charts/backstage/values.yaml[38-102]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Lightspeed-related settings are currently nested under `global.lightspeed.*` and consumed from `.Values.global.lightspeed`, but compliance requires all Lightspeed configuration to be under `lightspeed.*`.

## Issue Context
The checklist explicitly calls for grouping Lightspeed parameters under the Lightspeed scope for consistency/maintainability and to match the expected chart interface.

## Fix Focus Areas
- charts/backstage/values.yaml[38-102]
- charts/backstage/templates/_helpers.tpl[98-168]
- charts/backstage/values.schema.tmpl.json[136-271]
- charts/backstage/values.schema.json[120-504]
- charts/backstage/README.md[317-326]
- charts/backstage/README.md.gotmpl[239-247]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[rhdh-qodo-merge]

Review Summary by Qodo

Add Developer Lightspeed as built-in Helm chart component

✨ Enhancement

Walkthroughs

Description

• Adds Developer Lightspeed as built-in default component to RHDH Helm chart
• Includes Lightspeed Core sidecar, RAG init container, and dynamic plugins
• Provides configuration files, secrets, and resource defaults for Lightspeed
• Adds sync script for vendored Lightspeed configs from upstream repository

Diagram

flowchart LR
  A["Chart Values"] -->|"global.lightspeed config"| B["Lightspeed Defaults"]
  B -->|"merge & validate"| C["Lightspeed Configuration"]
  C -->|"enabled=true"| D["Init Container<br/>RAG Bootstrap"]
  C -->|"enabled=true"| E["Sidecar Container<br/>Lightspeed Core"]
  C -->|"enabled=true"| F["ConfigMaps<br/>stack/config/profile"]
  C -->|"enabled=true"| G["Secret<br/>LLM Configuration"]
  D -->|"mounts"| H["Runtime & RAG Volumes"]
  E -->|"mounts"| H
  F -->|"mounts"| H
  G -->|"env vars"| E
  I["Sync Script"] -->|"fetch from upstream"| J["Lightspeed Config Files"]
  J -->|"render & transform"| K["Vendored Files"]

Loading

File Changes

1. hack/sync-lightspeed-configs.sh ✨ Enhancement +194/-0

Script for syncing Lightspeed configs from upstream

hack/sync-lightspeed-configs.sh

---

2. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/rhdh-profile.py ⚙️ Configuration changes +268/-0

Lightspeed prompt templates and system instructions

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/rhdh-profile.py

---

3. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/config.yaml ⚙️ Configuration changes +217/-0

Lightspeed Core configuration with providers and storage

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/config.yaml

---

View more (18)

4. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml ⚙️ Configuration changes +43/-0

Lightspeed stack service and MCP server configuration

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/lightspeed-stack.yaml

---

5. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml ⚙️ Configuration changes +17/-0

Template for Lightspeed environment variables and secrets

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/secret.yaml

---

6. charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/defaults.yaml ⚙️ Configuration changes +138/-0

Default Lightspeed configuration with plugins and resources

charts/backstage/vendor/backstage/charts/backstage/files/lightspeed/defaults.yaml

---

7. charts/backstage/Chart.yaml ⚙️ Configuration changes +1/-1

Bump chart version from 5.7.1 to 5.8.0

charts/backstage/Chart.yaml

---

8. charts/backstage/values.yaml ⚙️ Configuration changes +67/-1

Add Lightspeed configuration to chart values with defaults

charts/backstage/values.yaml

---

9. charts/backstage/README.md 📝 Documentation +24/-2

Document Lightspeed feature configuration and usage

charts/backstage/README.md

---

10. charts/backstage/README.md.gotmpl 📝 Documentation +12/-0

Add Lightspeed documentation template for README generation

charts/backstage/README.md.gotmpl

---

11. CONTRIBUTING.md 📝 Documentation +26/-0

Add Lightspeed config sync script usage documentation

CONTRIBUTING.md

---

12. charts/backstage/templates/_helpers.tpl ✨ Enhancement +259/-0

Add Lightspeed helper templates for configuration and rendering

charts/backstage/templates/_helpers.tpl

---

13. charts/backstage/templates/dynamic-plugins-configmap.yaml ✨ Enhancement +7/-0

Include Lightspeed plugins in dynamic plugins configuration

charts/backstage/templates/dynamic-plugins-configmap.yaml

---

14. charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml ✨ Enhancement +16/-0

Template for rendering Lightspeed ConfigMaps from files

charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-configmaps.yaml

---

15. charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml ✨ Enhancement +15/-0

Template for rendering Lightspeed Secret with environment variables

charts/backstage/vendor/backstage/charts/backstage/templates/lightspeed-secret.yaml

---

16. charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml ✨ Enhancement +99/-1

Add Lightspeed init container, sidecar, volumes, and mounts

charts/backstage/vendor/backstage/charts/backstage/templates/backstage-deployment.yaml

---

17. charts/backstage/values.schema.json ⚙️ Configuration changes +387/-1

Add JSON schema validation for Lightspeed configuration

charts/backstage/values.schema.json

---

18. charts/backstage/values.schema.tmpl.json ⚙️ Configuration changes +137/-0

Add Lightspeed schema template with resource and volume definitions

charts/backstage/values.schema.tmpl.json

---

19. .github/CODEOWNERS ⚙️ Configuration changes +3/-0

Add RHDH AI team as codeowner for Lightspeed defaults

.github/CODEOWNERS

---

20. .github/actions/test-charts/action.yml ⚙️ Configuration changes +3/-0

Add pod security context for Kind cluster CI testing

.github/actions/test-charts/action.yml

---

21. charts/backstage/ci/with-lightspeed-disabled-values.yaml 🧪 Tests +13/-0

Add CI test values with Lightspeed disabled for Kind cluster

charts/backstage/ci/with-lightspeed-disabled-values.yaml

---

[sonarqubecloud]

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud