updating aisqared version of helm chart

[AngeloB-AIS]

Summary by CodeRabbit

Release Notes

• New Features

  • Added Horizontal Pod Autoscaler (HPA) support for automatic scaling of server, UI, worker, and solid-worker components
  • Added centralized application configuration management

• Changes

  • Updated Helm chart branding and configuration from multiwoven to aisquared
  • Updated service endpoints, database connections, and environment configuration for aisquared deployment
  • Improved secrets management with AIS-specific credential handling

[coderabbitai]

📝 Walkthrough

Walkthrough

The charts/aisquared Helm chart is fully rebranded from multiwoven to aisquared: Chart.yaml metadata, values.yaml config keys/image repositories, and all template value references are renamed. Four new HPA templates and a ConfigMap template are added to the aisquared chart; the equivalent templates are deleted from the multiwoven chart.

Changes

AISquared Helm Chart Rebrand

Layer / File(s)	Summary
Chart metadata and values.yaml rebrand charts/aisquared/Chart.yaml, charts/aisquared/values.yaml	Chart.yaml switches name/description to aisquared and removes home; values.yaml renames kubernetesNamespace, all top-level config blocks (multiwovenConfig→aisquaredConfig), HPA subtrees, workload subtrees, multipleDbHosts fields, secrets-store keys, and all image repositories to aisquared equivalents.
ConfigMap template: add aisquared, remove multiwoven charts/aisquared/templates/aisquared-config.yaml, charts/multiwoven/templates/multiwoven-config.yaml	Adds a 136-line ConfigMap template to the aisquared chart with all app env-var-like keys and a secretsStore-gated password block; the equivalent template is deleted from the multiwoven chart.
SecretProviderClass AIS credentials charts/aisquared/templates/aisquared-secret-provider-class-ais.yaml	Switches the CSI SecretProviderClass to use the -secret-provider-class-ais suffix, AISCredsSecretName, aisCredsSecretAlias, and AIS_DB_USERNAME/AIS_DB_PASSWORD aliases, replacing all MW variants.
Server deployment, service, and HPA charts/aisquared/templates/aisquared-server-deployment.yaml, charts/aisquared/templates/aisquared-server-service.yaml, charts/aisquared/templates/aisquared-server-hpa.yaml, charts/multiwoven/templates/multiwoven-server-hpa.yaml	Server deployment value refs (annotations, replicas, security contexts, DB env vars, probe ports, secrets-store volume names, imagePullSecrets) all switch to aisquaredServer/aisquaredConfig; service type/ports updated; new HPA template added and multiwoven HPA deleted.
UI deployment, service, and HPA charts/aisquared/templates/aisquared-ui-deployment.yaml, charts/aisquared/templates/aisquared-ui-service.yaml, charts/aisquared/templates/aisquared-ui-hpa.yaml, charts/multiwoven/templates/multiwoven-ui-hpa.yaml	UI deployment annotations, replicas, security contexts, image, port/probe wiring, and imagePullSecrets switch to aisquaredUI/aisquaredConfig; service type/ports updated; new HPA added and multiwoven HPA deleted.
Worker and solid-worker deployments, services, and HPAs charts/aisquared/templates/aisquared-worker-*.yaml, charts/aisquared/templates/aisquared-solid-worker-*.yaml, charts/multiwoven/templates/multiwoven-*-hpa.yaml	Both worker deployments switch annotations, replicas, security contexts, container args/env/image, AIS DB credentials, multipleDbHosts vars, probe ports, secrets-store volume names, and imagePullSecrets to aisquared values; both services update type/ports; four new HPA templates added and two multiwoven HPAs deleted.
PostgreSQL deployment, PVC, and service charts/aisquared/templates/aisquared-postgresql-*.yaml	All three PostgreSQL templates switch their conditional gate and value references (image, resources, service type/ports) from multiwovenPostgresql to aisquaredPostgresql.
Ingress, TLS issuers, and cluster autoscaler charts/aisquared/templates/aisquared-ingress.yaml, charts/aisquared/templates/production-issuer.yaml, charts/aisquared/templates/staging-issuer.yaml, charts/aisquared/templates/cluster-autoscaler-priority-expander.yaml	Ingress switches external-dns hostnames, NGINX annotations, TLS secret name (mw-tls-cert→ais-tls-cert), and all HTTP rule hosts/backend ports to aisquared values; both cert-manager issuers switch ACME email to aisquaredConfig.tlsAdminEmail; cluster-autoscaler gate switches to aisquaredConfig.azureSpot.
Temporal, temporal-UI, lightning, and box deployments charts/aisquared/templates/temporal-deployment.yaml, charts/aisquared/templates/temporal-ui-deployment.yaml, charts/aisquared/templates/lightning-deployment.yaml, charts/aisquared/templates/box-deployment.yaml, charts/aisquared/templates/box-service-account.yaml, charts/aisquared/templates/box-service.yaml	Network labels updated to aisquared-server-default; Temporal Postgres/TLS env var conditionals switch to aisquaredConfig; all imagePullSecrets blocks switch to aisquaredConfig.privateRepo/registrySecretName; box and service-account comments updated.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Multiwoven/helm-charts#107: Introduces Lightning Deployment/HPA/Service templates under the Multiwoven chart, which are the equivalent resources being rebranded to aisquared naming in this PR.

Suggested labels

deploy-to-staging

Suggested reviewers

• hassimnaseef
• subintp

Poem

🐰 Hop hop, the chart has changed its name,
From multiwoven to a new aisquared fame!
ConfigMaps, HPAs, secrets — all reborn,
mw-tls-cert gone, ais-tls-cert worn.
The rabbit checks each value key with care,
A fresh new namespace floating in the air! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The PR title is vague and does not clearly describe the main change; 'updating aisqared version' suggests a version bump, but the changeset is primarily a comprehensive namespace/configuration migration from multiwoven to aisquared across all Helm charts.	Consider a more specific title like 'Migrate Helm charts from multiwoven to aisquared configuration' or 'Replace multiwoven namespace with aisquared across all chart templates and values' to better reflect the extensive refactoring involved.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch replace-multiwoven-w-aisquared

⚔️ Resolve merge conflicts

• Resolve merge conflict in branch replace-multiwoven-w-aisquared

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@charts/aisquared/Chart.yaml`:
- Line 4: In the chart description for AISquared in Chart.yaml, correct the typo
by changing "qHightouch" to "Hightouch" on line 4 of the file. The description
currently reads "...offering an alternative to qHightouch, Census, and similar
platforms..." and should read "...offering an alternative to Hightouch, Census,
and similar platforms..." to properly reference the Hightouch brand.

In `@charts/aisquared/templates/aisquared-config.yaml`:
- Around line 98-99: Quote the values for STORAGE_ACCESS_KEY and
STORAGE_ACCOUNT_NAME in the aisquared-config.yaml file to ensure consistency
with other environment variable entries and maintain type safety. Wrap both {{
.Values.aisquaredConfig.storageAccessKey }} and {{
.Values.aisquaredConfig.storageAccountName }} with double quotes so that empty
values render as empty strings instead of null, preventing inconsistent runtime
parsing behavior.
- Around line 33-37: Credentials and sensitive data should not be stored in a
ConfigMap. Move all secret values (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and
other sensitive configuration keys) from the ConfigMap.data section to a
Kubernetes Secret resource. Then update the pod/container specification to
reference these secrets using envFrom with secretRef or individual secretKeyRef
entries instead of consuming them directly from ConfigMap. Ensure all credential
material is migrated to the Secret primitive while maintaining the same
environment variable names for the application.

In `@charts/aisquared/templates/aisquared-server-service.yaml`:
- Line 19: Replace the leading tab character with spaces on line 19 in both YAML
template files. In charts/aisquared/templates/aisquared-server-service.yaml at
line 19 and charts/aisquared/templates/aisquared-ui-service.yaml at line 19,
remove the tab indentation before the `{{- .Values.aisquaredServer.ports |
toYaml | nindent 2 -}}` and `{{- .Values.aisquaredUI.ports | toYaml | nindent 2
-}}` template expressions respectively, and replace it with the appropriate
number of spaces to maintain proper YAML indentation alignment with surrounding
content.

In `@charts/aisquared/values.yaml`:
- Line 223: The configuration key in values.yaml is named aisSecretAlias but the
template consumers in aisquared-secret-provider-class-ais.yaml and worker env
refs expect aisCredsSecretAlias, causing a mismatch that breaks secret wiring.
Rename the key from aisSecretAlias to aisCredsSecretAlias in the values.yaml
file to align with what the templates are consuming.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: edfcd249-419d-429f-9352-48f7ea8a8792

📥 Commits

Reviewing files that changed from the base of the PR and between 22eb698 and 18b1e7e.

📒 Files selected for processing (51)

• charts/aisquared/Chart.yaml
• charts/aisquared/templates/_helpers.tpl
• charts/aisquared/templates/aisquared-cluster-role.yaml
• charts/aisquared/templates/aisquared-config.yaml
• charts/aisquared/templates/aisquared-ingress.yaml
• charts/aisquared/templates/aisquared-namespace.yaml
• charts/aisquared/templates/aisquared-postgresql-deployment.yaml
• charts/aisquared/templates/aisquared-postgresql-pvc.yaml
• charts/aisquared/templates/aisquared-postgresql-service.yaml
• charts/aisquared/templates/aisquared-secret-provider-class-ais.yaml
• charts/aisquared/templates/aisquared-secret-provider-class-temp-store.yaml
• charts/aisquared/templates/aisquared-secret-provider-class-temporal-visibility.yaml
• charts/aisquared/templates/aisquared-secret-provider-class-temporal.yaml
• charts/aisquared/templates/aisquared-server-deployment.yaml
• charts/aisquared/templates/aisquared-server-hpa.yaml
• charts/aisquared/templates/aisquared-server-service.yaml
• charts/aisquared/templates/aisquared-service-account.yaml
• charts/aisquared/templates/aisquared-solid-worker-deployment.yaml
• charts/aisquared/templates/aisquared-solid-worker-hpa.yaml
• charts/aisquared/templates/aisquared-solid-worker-service.yaml
• charts/aisquared/templates/aisquared-ui-deployment.yaml
• charts/aisquared/templates/aisquared-ui-hpa.yaml
• charts/aisquared/templates/aisquared-ui-service.yaml
• charts/aisquared/templates/aisquared-worker-deployment.yaml
• charts/aisquared/templates/aisquared-worker-hpa.yaml
• charts/aisquared/templates/aisquared-worker-service.yaml
• charts/aisquared/templates/box-config.yaml
• charts/aisquared/templates/box-deployment.yaml
• charts/aisquared/templates/box-hpa.yaml
• charts/aisquared/templates/box-namespaces.yaml
• charts/aisquared/templates/box-rbac.yaml
• charts/aisquared/templates/box-service-account.yaml
• charts/aisquared/templates/box-service.yaml
• charts/aisquared/templates/cluster-autoscaler-priority-expander.yaml
• charts/aisquared/templates/lightning-config.yaml
• charts/aisquared/templates/lightning-deployment.yaml
• charts/aisquared/templates/lightning-hpa.yaml
• charts/aisquared/templates/lightning-service.yaml
• charts/aisquared/templates/production-issuer.yaml
• charts/aisquared/templates/staging-issuer.yaml
• charts/aisquared/templates/temporal-config-map.yaml
• charts/aisquared/templates/temporal-deployment.yaml
• charts/aisquared/templates/temporal-service.yaml
• charts/aisquared/templates/temporal-ui-deployment.yaml
• charts/aisquared/templates/temporal-ui-service.yaml
• charts/aisquared/values.yaml
• charts/multiwoven/templates/multiwoven-config.yaml
• charts/multiwoven/templates/multiwoven-server-hpa.yaml
• charts/multiwoven/templates/multiwoven-solid-worker-hpa.yaml
• charts/multiwoven/templates/multiwoven-ui-hpa.yaml
• charts/multiwoven/templates/multiwoven-worker-hpa.yaml

💤 Files with no reviewable changes (5)

• charts/multiwoven/templates/multiwoven-ui-hpa.yaml
• charts/multiwoven/templates/multiwoven-config.yaml
• charts/multiwoven/templates/multiwoven-server-hpa.yaml
• charts/multiwoven/templates/multiwoven-solid-worker-hpa.yaml
• charts/multiwoven/templates/multiwoven-worker-hpa.yaml

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Fix typo in chart description branding text.

Line 4 says qHightouch, which looks like a typo and should be Hightouch.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/aisquared/Chart.yaml` at line 4, In the chart description for
AISquared in Chart.yaml, correct the typo by changing "qHightouch" to
"Hightouch" on line 4 of the file. The description currently reads "...offering
an alternative to qHightouch, Census, and similar platforms..." and should read
"...offering an alternative to Hightouch, Census, and similar platforms..." to
properly reference the Hightouch brand.

[coderabbitai]

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Do not store credentials/secrets in a ConfigMap.

These lines place credential material in ConfigMap.data (also flagged by Trivy KSV-0109). ConfigMaps are not the right primitive for sensitive values; move secret keys to a Kubernetes Secret (or external secret sync) and consume via envFrom.secretRef / secretKeyRef.

Also applies to: 41-44, 50-52, 55-55, 60-60, 63-63, 69-69, 88-88, 93-93, 112-112, 124-124

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/aisquared/templates/aisquared-config.yaml` around lines 33 - 37,
Credentials and sensitive data should not be stored in a ConfigMap. Move all
secret values (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and other sensitive
configuration keys) from the ConfigMap.data section to a Kubernetes Secret
resource. Then update the pod/container specification to reference these secrets
using envFrom with secretRef or individual secretKeyRef entries instead of
consuming them directly from ConfigMap. Ensure all credential material is
migrated to the Secret primitive while maintaining the same environment variable
names for the application.

Source: Linters/SAST tools

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Quote STORAGE_ACCESS_KEY and STORAGE_ACCOUNT_NAME for consistency and type safety.

Line 98 and Line 99 are unquoted while almost all other env-like entries are quoted. Empty values here can render as null instead of "" and lead to inconsistent runtime parsing.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/aisquared/templates/aisquared-config.yaml` around lines 98 - 99, Quote
the values for STORAGE_ACCESS_KEY and STORAGE_ACCOUNT_NAME in the
aisquared-config.yaml file to ensure consistency with other environment variable
entries and maintain type safety. Wrap both {{
.Values.aisquaredConfig.storageAccessKey }} and {{
.Values.aisquaredConfig.storageAccountName }} with double quotes so that empty
values render as empty strings instead of null, preventing inconsistent runtime
parsing behavior.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Replace tab indentation with spaces in ports template lines.

Line 19 in both files contains a tab before {{- ... }}. Tabs in YAML templates are brittle and can break YAML tooling/lint pipelines; use spaces only.

• charts/aisquared/templates/aisquared-server-service.yaml#L19-L19: replace leading tab with spaces before the ports templating expression.
• charts/aisquared/templates/aisquared-ui-service.yaml#L19-L19: replace leading tab with spaces before the ports templating expression.

📍 Affects 2 files

• charts/aisquared/templates/aisquared-server-service.yaml#L19-L19 (this comment)
• charts/aisquared/templates/aisquared-ui-service.yaml#L19-L19

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/aisquared/templates/aisquared-server-service.yaml` at line 19, Replace
the leading tab character with spaces on line 19 in both YAML template files. In
charts/aisquared/templates/aisquared-server-service.yaml at line 19 and
charts/aisquared/templates/aisquared-ui-service.yaml at line 19, remove the tab
indentation before the `{{- .Values.aisquaredServer.ports | toYaml | nindent 2
-}}` and `{{- .Values.aisquaredUI.ports | toYaml | nindent 2 -}}` template
expressions respectively, and replace it with the appropriate number of spaces
to maintain proper YAML indentation alignment with surrounding content.

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Align secret alias key name with template consumers.

Line 223 defines secretsStore.aisSecretAlias, but both charts/aisquared/templates/aisquared-secret-provider-class-ais.yaml (Line 23) and worker env refs consume secretsStore.aisCredsSecretAlias. This mismatch will break secret wiring when secretsStore.enabled=true.

Suggested fix

secretsStore:
  enabled: false
-  aisSecretAlias: aisquared-f01dd256e712
+  aisCredsSecretAlias: aisquared-f01dd256e712

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	aisSecretAlias: aisquared-f01dd256e712
	secretsStore:
	enabled: false
	aisCredsSecretAlias: aisquared-f01dd256e712

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/aisquared/values.yaml` at line 223, The configuration key in
values.yaml is named aisSecretAlias but the template consumers in
aisquared-secret-provider-class-ais.yaml and worker env refs expect
aisCredsSecretAlias, causing a mismatch that breaks secret wiring. Rename the
key from aisSecretAlias to aisCredsSecretAlias in the values.yaml file to align
with what the templates are consuming.