Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.8 (when published)
Previous release: 0.5.4
0.5.8 continues enterprise RBAC work: skill team shares reconcile through the shared OpenFGA shareable-resource module, catalog API keys can be minted from the CAIPE UI BFF without the supervisor, and admin ReBAC migrations cover agent/skill FGA backfills. See the upgrade guide below for the catalog API key hash change before upgrading production.
/api/catalog-api-keys without proxying to the supervisor (see breaking change if you already minted keys).reconcileShareableResource path; admin migration agent_skill_openfga_reconcile_v1 backfills owner and team tuples from Mongo.user:* wildcard — visibility changes correctly add/remove org-wide grants on dynamic agents.Stored catalog API key digests changed algorithm:
| Before | After (0.5.8) | |
|---|---|---|
| Algorithm | SHA-256 of pepper + ":" + secret | HMAC-SHA256 with CAIPE_CATALOG_API_KEY_PEPPER (or SKILLS_API_KEY_PEPPER) as the HMAC key |
| BFF | N/A or legacy proxy | ui/src/lib/catalog-api-keys.ts |
| Python | skills_middleware/api_keys_store.py | Same HMAC format as BFF |
Impact: Any row in the catalog_api_keys collection created before this change will fail verification after upgrade. Clients must receive a newly minted key.
Not affected: Key format on the wire is unchanged ({key_id}.{secret}). Pepper env vars are unchanged; only how the secret is hashed at rest changed.
randomInt for secret generation (CodeQL-hardened).CAIPE_CATALOG_API_KEY_PEPPER to a long random value in production (see ui/env.example).None documented for this pre-release note.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.8 \
-f your-values.yaml
Most deployments can upgrade the chart first, then run admin ReBAC migrations from Admin → ReBAC migrations. If you use catalog API keys (Skills Gateway / X-Caipe-Catalog-Key), plan a short key rotation window — see Catalog API key hash below.
Required when: the catalog_api_keys MongoDB collection contains keys minted before 0.5.8 (BFF or supervisor).
Skip when: the collection is empty or you do not use catalog API keys.
Use the same pepper on the CAIPE UI (BFF) and any Python path that validates keys (supervisor / skills middleware):
# ui deployment / secret
CAIPE_CATALOG_API_KEY_PEPPER=<openssl rand -hex 32>
# skills middleware / supervisor (if applicable)
SKILLS_API_KEY_PEPPER=<same value>
Do not change the pepper during rotation unless you intend to invalidate all keys.
For each active key:
key_id.{key_id}.{secret} to clients (CI, local CAIPE_CATALOG_KEY, install scripts, etc.).Optional (dev/test only): drop the collection and re-mint from scratch:
// MongoDB — destructive; production use revoke + mint instead
db.catalog_api_keys.deleteMany({})
curl -sS -H "X-Caipe-Catalog-Key: <new-key>" \
"https://<your-ui>/api/skills/catalog" | head
Expect 200 (or your normal catalog response), not 401.
Document full values.yaml diff when the 0.5.8 chart is published. Set catalog pepper via existing UI/skills env wiring (see ui/env.example).
Run pending migrations from Admin → ReBAC migrations, including when applicable:
agent_skill_openfga_reconcile_v1 — backfill skill owner/team FGA tuplesagent_shared_team_grants_backfill_v1 — agent shared_with_teams → OpenFGAComplete Catalog API key hash before or immediately after deploy so clients are not left with invalid keys.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.8 \
-f your-values.yaml
Use the admin migrations UI with the confirmation strings shown per migration.
Released: 2026-05-29
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.2
Previous release: 0.5.1
0.5.2 completes the OpenFGA relationship-based access model for RAG and Knowledge Bases — knowledge bases can now be shared with teams, every Knowledge sidebar tab is gated on a real OpenFGA capability, and the RAG server and BFF enforce deny-by-default. AgentGateway gains an MCP route bridge so platform MCP endpoints (including the built-in Knowledge Base server) can be rendered straight from Helm, and the default now routes all gateway-managed MCP servers through the gateway. Keycloak adds strict client-secret reconciliation for production installs and a migration-health panel in the admin UI, while a RAG ingestor SSRF fix and pinned TLS dependencies harden the web loader.
data_source and mcp_tool universal OpenFGA types and a BFF list filter; the Graph tab is gated on any-KB-readable and Knowledge sidebar tabs render per-tab gates with empty states (#1591)knowledgeBaseTarget and arbitrary extraMcpTargets (one AgentgatewayBackend + HTTPRoute per entry, /mcp/<id> → static host:port) (#1595)agentgateway.extraEnv / extraEnvFrom let the standalone AgentGateway config resolve backend-auth placeholders (e.g. GITHUB_PERSONAL_ACCESS_TOKEN, GITLAB_PERSONAL_ACCESS_TOKEN) from Kubernetes secrets (#1595)global.agentgateway.routingMode defaults to static, which renders the standalone proxy's config (one /mcp/<id> route/backend per target) instead of Gateway API/AgentGateway custom resources. Enabling AgentGateway therefore no longer requires the gateway.networking.k8s.io/agentgateway.dev CRDs or a controller, keeping helm diff/helm upgrade clean on clusters you do not own; MCP endpoints stay discoverable via the proxy admin /config endpoint consumed by the UI discover/sync flow. Set routingMode: gateway-api to opt back into the controller-managed Gateway data plane (#1629)CAIPE_UNSAFE_RBAC_BYPASS checks that were scattered across the API middleware, RAG proxy, OpenFGA helpers, and admin/UI gates; the bypass admin principal is returned only when SSO_ENABLED=false, ALLOW_DEV_ADMIN_WHEN_SSO_DISABLED=true, and CAIPE_UNSAFE_RBAC_BYPASS=true are all set outside production (#1613)ENABLE_INGRESS=false and ENABLE_METALLB=false are now set when the user answers "No", instead of always installing both (#1587)-v1:0 Bedrock inference-profile suffix was rejected by the native Anthropic API (#1542)No breaking changes. Drop-in upgrade from 0.5.1.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.2 \
-f your-values.yaml
0.5.2 is a drop-in upgrade — no values.yaml edits are required. The chart adds new optional AgentGateway routing keys (all with working defaults) and changes one default: gateway-managed MCP servers now route through AgentGateway by default. The bulk of the release is RAG/Knowledge Base OpenFGA access control and Keycloak hardening, none of which require values changes for existing deployments.
No breaking Helm values changes between 0.5.1 and 0.5.2. The diff is limited to new optional AgentGateway keys and one changed default.
| Key | Default | Description |
|---|---|---|
global.agentgateway.knowledgeBaseTarget.enabled | true | Render a built-in Knowledge Base MCP route aligned with the RAG server MCP backend |
global.agentgateway.knowledgeBaseTarget.host | rag-server.{{ .Release.Namespace }}.svc.cluster.local | Upstream host for the Knowledge Base MCP route |
global.agentgateway.knowledgeBaseTarget.port | 9446 | Upstream port |
global.agentgateway.knowledgeBaseTarget.protocol | StreamableHTTP | MCP transport protocol |
global.agentgateway.knowledgeBaseTarget.pathPrefix | /mcp/knowledge-base | Route path prefix |
global.agentgateway.extraMcpTargets | [] | Additional MCP routes not rendered from agent-* subcharts; one AgentgatewayBackend + HTTPRoute per entry |
agentgateway.extraEnv | [] | Secret-backed env for backend-auth placeholders in the standalone AgentGateway config |
agentgateway.extraEnvFrom | [] | envFrom sources for the AgentGateway container |
These default to safe values; no action is required unless you want to route additional platform MCP endpoints or wire backend-auth secrets (e.g. GITHUB_PERSONAL_ACCESS_TOKEN).
Affected key: dynamic-agents config AGENT_GATEWAY_MCP_SERVER_IDS
Before (0.5.1):
AGENT_GATEWAY_MCP_SERVER_IDS: "jira"
After (0.5.2):
AGENT_GATEWAY_MCP_SERVER_IDS: "all"
Action: None required. "all" only applies to gateway-managed MCP rows; manual/direct MCP rows keep their stored endpoint so tool names still reflect their real upstreams. If you previously relied on only Jira being routed through the shared AgentGateway backend, pin this back to "jira" (or your explicit list) in your dynamic-agents config.
No MongoDB schema or data migrations required. The RAG OpenFGA access model and route capabilities are reconciled by the chart; deny-by-default behavior applies once the canonical model is loaded.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.2 \
-f your-values.yaml
If you do not want all gateway-managed MCP servers routed through AgentGateway, set AGENT_GATEWAY_MCP_SERVER_IDS back to an explicit list in your dynamic-agents config. To route extra platform MCP endpoints, populate global.agentgateway.extraMcpTargets.
kubectl get pods -n <namespace>
# Confirm the Knowledge Base MCP route / AgentGateway backend is healthy
kubectl get httproute -n <namespace> | grep mcp
Check that OpenFGA-gated Knowledge sidebar tabs and Graph access resolve as expected for your teams — KBs now require explicit sharing under deny-by-default.
--- /tmp/vf-0.5.2.yaml 2026-05-29 09:12:26
+++ /tmp/vt-0.5.2.yaml 2026-05-29 09:12:28
@@ -132,6 +132,28 @@
serviceName: "ai-platform-engineering-openfga-authz-bridge"
serviceNamespace: ""
port: 9100
+ # Built-in Knowledge Base MCP route. This keeps the Dynamic Agents
+ # `knowledge-base` MCP server ID aligned with the RAG server MCP backend
+ # when AgentGateway is enabled in the umbrella chart.
+ knowledgeBaseTarget:
+ enabled: true
+ host: "rag-server.{{ .Release.Namespace }}.svc.cluster.local"
+ port: 9446
+ protocol: StreamableHTTP
+ pathPrefix: /mcp/knowledge-base
+ # Additional MCP routes that are not rendered from `agent-*` subcharts.
+ # Use this for platform MCP endpoints such as RAG/Knowledge Base.
+ # Each item renders one AgentgatewayBackend and one HTTPRoute:
+ # /mcp/<id> -> static host:port using the requested MCP protocol.
+ #
+ # Example:
+ # extraMcpTargets:
+ # - id: knowledge-base
+ # host: "{{ .Release.Name }}-rag-server.{{ .Release.Namespace }}.svc.cluster.local"
+ # port: 9446
+ # protocol: StreamableHTTP
+ # pathPrefix: /mcp/knowledge-base
+ extraMcpTargets: []
# OpenFGA service discovery defaults for CAIPE components that perform
# relationship-based authorization or reconciliation.
@@ -145,6 +167,23 @@
repository: cr.agentgateway.dev/agentgateway
tag: v1.1.0
pullPolicy: IfNotPresent
+ # Secret-backed environment for backend auth placeholders used by the
+ # standalone AgentGateway config, for example:
+ # backendAuth:
+ # key: "$GITHUB_PERSONAL_ACCESS_TOKEN"
+ # key: "$GITLAB_PERSONAL_ACCESS_TOKEN"
+ extraEnv: []
+ # - name: GITHUB_PERSONAL_ACCESS_TOKEN
+ # valueFrom:
+ # secretKeyRef:
+ # name: github-mcp-secret
+ # key: GITHUB_PERSONAL_ACCESS_TOKEN
+ # - name: GITLAB_PERSONAL_ACCESS_TOKEN
+ # valueFrom:
+ # secretKeyRef:
+ # name: gitlab-mcp-secret
+ # key: GITLAB_PERSONAL_ACCESS_TOKEN
+ extraEnvFrom: []
# LangGraph Redis for checkpoint and cross-thread store persistence.
# Two deployment options:
@@ -1056,9 +1095,9 @@
CREDENTIAL_API_URL: "http://ai-platform-engineering-caipe-ui:3000/api/credentials"
CREDENTIAL_SERVICE_AUDIENCE: "caipe-credential-service"
USE_IMPERSONATION_TOKENS: "false"
- # MCP server IDs routed through the shared AgentGateway backend.
- # Other MCP servers keep direct endpoints so tool names reflect real upstreams.
- AGENT_GATEWAY_MCP_SERVER_IDS: "jira"
+ # MCP server IDs routed through AgentGateway. "all" only applies to
+ # gateway-managed MCP rows; manual/direct MCP rows keep their stored endpoint.
+ AGENT_GATEWAY_MCP_SERVER_IDS: "all"
# LLM configuration (override if needed)
# LLM_PROVIDER: "openai"
# LLM_MODEL: "gpt-4o"
Released: 2026-05-29
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.3
Previous release: 0.5.2
0.5.3 makes AgentGateway CRD-free by default. The new global.agentgateway.routingMode defaults to static, so enabling the gateway renders the standalone proxy's own config instead of Gateway API / AgentGateway custom resources — no cluster-scoped CRDs and no controller install required, which keeps helm diff and helm upgrade clean on clusters you do not own. The chart also stops hardcoding ai-platform-engineering-* service URLs: in-cluster defaults are now computed from the Helm release name in the deployment templates, so installs under a custom release name resolve their supervisor, Keycloak, OpenFGA, skill-scanner, and bot URLs correctly without manual overrides. Rounding out the release, every agent gains proper Kubernetes startup/liveness/readiness probe semantics, and a Twisted bump closes a DNS-compression DoS in the RAG web loader.
global.agentgateway.routingMode now defaults to static, which writes MCP routes into the standalone AgentGateway proxy's static config (one /mcp/<id> route/backend per target) instead of rendering Gateway, HTTPRoute, AgentgatewayBackend, and AgentgatewayPolicy custom resources. Enabling AgentGateway therefore no longer depends on the gateway.networking.k8s.io / agentgateway.dev CRDs or a Gateway controller; MCP endpoints stay discoverable through the proxy admin /config endpoint that the CAIPE UI discover/sync flow reads. A new global.agentgateway.static.jwtAuth block adds optional listener-level JWT validation for the standalone proxy, and the UI recovers each MCP route path from the live pathPrefix shape. Set routingMode: gateway-api to opt back into the controller-managed Gateway data plane (#1629)ai-platform-engineering-* (or a literal {{ .Release.Name }} string) are now left empty and computed from the actual Helm release name inside the deployment templates. This covers the supervisor (A2A_BASE_URL), Keycloak (KEYCLOAK_URL), OpenFGA (httpUrl / OPENFGA_HTTP), skill-scanner (SKILL_SCANNER_URL), the Slack and Webex bot admin APIs, the credential service, the SLIM endpoint, and the OpenFGA authz-bridge JWKS URL — so a helm install foo … resolves to foo-keycloak, foo-openfga, and so on instead of silently pointing at the wrong service. Realm URL defaults also honor KEYCLOAK_REALM instead of a hardcoded caipe (#1612)/health and /ready routes on the A2A app, dynamic-agents and rag-server get corrected liveness semantics, skill-scanner and langgraph-redis get startup probes, and readiness endpoints now return HTTP 503 when their dependencies are unavailable so traffic is held off until a pod is genuinely ready (#1468)versioned_docs/ trees, and the RBAC reference's broken anchor and unreadable draw.io SVGs are repairedpathPrefix shape so discovered routes match the proxy config (#1629)uuid >= 11.1.1 via overrides in the UI and docs buildsAgentGateway routing defaults to static (CRD-free). If you run with global.agentgateway.enabled: true and rely on the chart rendering Gateway API / AgentGateway custom resources (the controller-managed data plane), you must now set global.agentgateway.routingMode: gateway-api explicitly. With the default global.agentgateway.enabled: false, there is no impact.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.3 \
-f your-values.yaml
For a stock deployment — default release name ai-platform-engineering, AgentGateway disabled — 0.5.3 is a drop-in upgrade. Two things are worth knowing before you upgrade: the AgentGateway routingMode default flipped to static, and many in-cluster service URL defaults are now computed from the Helm release name instead of being hardcoded. Neither changes behavior for the default release name, but both matter if you enable AgentGateway or run under a custom release name.
routingModeAffected key: global.agentgateway.routingMode (new key, defaults to static)
Before (0.5.2): enabling AgentGateway rendered Gateway API / AgentGateway custom resources (required the CRDs + a controller).
After (0.5.3):
global:
agentgateway:
enabled: true
routingMode: static # NEW default — no CRDs, no controller
Action: If you depend on the controller-managed Gateway data plane (Gateway API CRs), set routingMode: gateway-api explicitly. Otherwise no action — static requires no CRDs and keeps helm upgrade clean.
A set of service URL keys changed their default from a literal ai-platform-engineering-* / {{ .Release.Name }} string to an empty string (""), because the value is now rendered from .Release.Name in the deployment templates. Affected keys include global.slim.endpoint, global.openfga.httpUrl, CAIPE UI A2A_BASE_URL / SKILL_SCANNER_URL / SLACK_BOT_ADMIN_URL / WEBEX_BOT_ADMIN_URL, dynamic-agents KEYCLOAK_URL / OPENFGA_HTTP / CREDENTIAL_API_URL, the Slack/Webex bot CAIPE_API_URL, the Webex admin issuer/JWKS URLs, and the OpenFGA authz-bridge httpUrl / tokenValidation.jwksUrl.
Action:
ai-platform-engineering): none — the rendered value is identical to the old hardcoded default.<release>-…; the empty default resolves correctly on its own.| Key | Default | Description |
|---|---|---|
global.agentgateway.static.jwtAuth.enabled | false | Listener-level JWT validation for the standalone proxy (static routing mode) |
global.agentgateway.static.jwtAuth.issuer / jwksUrl / audiences | "" / "" / [] | JWT issuer, JWKS URL, and audiences for the static listener policy |
dynamic-agents OPENFGA_HTTP | "" (release-name default) | OpenFGA HTTP endpoint for dynamic-agents authorization |
dynamic-agents OPENFGA_STORE_NAME | caipe-openfga | OpenFGA store name for dynamic-agents |
No MongoDB schema or data migrations are required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.3 \
-f your-values.yaml
global:
agentgateway:
enabled: true
routingMode: gateway-api
kubectl get pods -n <namespace>
# Probes are stricter now — confirm pods reach Ready and stay there
kubectl get pods -n <namespace> -o wide
If AgentGateway is enabled in static mode, confirm MCP routes resolve through the proxy admin /config endpoint (the UI discover/sync flow reads from there) rather than expecting HTTPRoute objects.
@@ global.slim @@
- endpoint: "http://ai-platform-engineering-slim:46357"
+ endpoint: ""
@@ global.agentgateway @@
+ routingMode: static
+ static:
+ jwtAuth:
+ enabled: false
+ issuer: ""
+ jwksUrl: ""
+ audiences: []
extAuth:
enabled: false
- serviceName: "ai-platform-engineering-openfga-authz-bridge"
+ serviceName: ""
@@ global.openfga @@
- httpUrl: "http://{{ .Release.Name }}-openfga:8080"
+ httpUrl: ""
@@ caipe-ui.config @@
- A2A_BASE_URL: "http://ai-platform-engineering-supervisor-agent:8000"
+ A2A_BASE_URL: ""
- SKILL_SCANNER_URL: "http://{{ .Release.Name }}-skill-scanner:8000"
+ SKILL_SCANNER_URL: ""
- SLACK_BOT_ADMIN_URL: "http://ai-platform-engineering-slack-bot:3001"
+ SLACK_BOT_ADMIN_URL: ""
- WEBEX_BOT_ADMIN_URL: "http://ai-platform-engineering-webex-bot:3002"
+ WEBEX_BOT_ADMIN_URL: ""
@@ dynamic-agents.config @@
- KEYCLOAK_URL: "http://ai-platform-engineering-keycloak:8080"
+ KEYCLOAK_URL: ""
+ OPENFGA_HTTP: ""
+ OPENFGA_STORE_NAME: "caipe-openfga"
- CREDENTIAL_API_URL: "http://ai-platform-engineering-caipe-ui:3000/api/credentials"
+ CREDENTIAL_API_URL: ""
@@ slack-bot.config / webex-bot.config @@
- CAIPE_API_URL: "http://ai-platform-engineering-caipe-ui:3000"
+ CAIPE_API_URL: ""
- WEBEX_ADMIN_JWT_ISSUER: "http://ai-platform-engineering-keycloak:8080/realms/caipe"
- WEBEX_ADMIN_JWKS_URL: "http://ai-platform-engineering-keycloak:8080/realms/caipe/protocol/openid-connect/certs"
+ WEBEX_ADMIN_JWT_ISSUER: ""
+ WEBEX_ADMIN_JWKS_URL: ""
@@ openfga-authz-bridge @@
- httpUrl: "http://{{ .Release.Name }}-openfga:8080"
+ httpUrl: ""
- jwksUrl: "http://{{ .Release.Name }}-keycloak:8080/realms/caipe/protocol/openid-connect/certs"
+ jwksUrl: ""
Released: 2026-05-29
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.4
Previous release: 0.5.3
0.5.4 is a small maintenance release focused on admin UI consistency and a Keycloak fix. Native agent and team <select> controls are replaced with the shared searchable picker components, and the Slack and Webex admin panels are consolidated into a single ConnectorAdminPanel, so connector management looks and behaves the same everywhere. Team cards now surface knowledge-base, agent, and tool counts at a glance, the team Knowledge tab's create links point at the correct /knowledge-bases route, and Keycloak renders the configured realm name instead of assuming caipe. There are no values.yaml changes — this is a drop-in upgrade from 0.5.3.
<select> elements are replaced with the shared searchable picker components, and the Slack (SlackChannelRebacPanel) and Webex (WebexSpaceRebacPanel) admin panels are DRYed up into one shared ConnectorAdminPanel, giving both connectors identical ReBAC management UX (#1632)/knowledge-bases instead of a stale route (#1643)caipe default (#1657)volumes key in the openfga-init service that broke docker compose parsing (#1638)No security-specific changes in this release.
No breaking changes. Drop-in upgrade from 0.5.3.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.4 \
-f your-values.yaml
0.5.4 is a drop-in upgrade — no values.yaml edits are required. The release is limited to UI refactors, two admin fixes, a Keycloak realm-name fix, and a Docker Compose parsing fix. There are no chart value changes.
No Helm values changes between 0.5.3 and 0.5.4. The helm show values output is byte-for-byte identical.
No MongoDB schema or data migrations are required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.4 \
-f your-values.yaml
kubectl get pods -n <namespace>
If you run Keycloak under a non-caipe realm name, confirm the admin UI and bot integrations now reflect the configured realm.
No Helm values changes between 0.5.3 and 0.5.4 — drop-in upgrade.
]]>Released: 2026-05-27
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.1
Previous release: 0.5.0
0.5.1 makes OpenFGA the source of truth for human access to the RAG knowledge base surfaces — Search, Data Sources, Graph, and MCP Tools — and lets admins share individual knowledge bases with teams through relationship-based grants. Under the hood, team membership is consolidated into a single canonical store so every reader and writer agrees on who belongs to a team, eliminating the drift that caused authorized users to fall back to the Default CAIPE Supervisor instead of their configured agent. The release also adds a searchable team picker across admin panels, a friendlier first-run experience that seeds a working Hello-World agent, and an intentionally noisy emergency flag to bypass UI RBAC while repairing an OpenFGA/Keycloak stack.
data_source and mcp_tool resource types — added as first-class OpenFGA types with BFF list filtering, so users only see the data sources and tools they can actually use (#1584)teams.members[] array is retired in favor of the canonical team_membership_sources collection; every auth gate, API consumer, and admin view now reads from it, and GET /api/admin/teams returns a canonical member_count (#1583)TeamPicker and TeamMultiPicker components replace native <select> dropdowns across admin panels for team selection and "Share with Teams" (#1583)IDENTITY_SYNC_LOGIN_AUTO_CREATE_TEAMS (#1583)CAIPE_UNSAFE_RBAC_BYPASS escape hatch — an intentionally noisy dev/emergency flag that allows UI RBAC checks without consulting OpenFGA/Keycloak, for recovering a 0.5.x install while the RBAC stack is being repaired; defaults to false and emits a one-time server warning when enabled (#1581)ingestor on shared knowledge bases so team members can re-ingest (#1584)/api/admin/* GET to an admin-only gate before the route's own system_config#read check ran (#1583)CAIPE_UNSAFE_RBAC_BYPASS flag is a deliberate escape hatch: it defaults to false, logs a loud one-time warning when enabled, and is documented as unsafe for staging or production.No breaking changes. Drop-in upgrade from 0.5.0.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.1 \
-f your-values.yaml
Drop-in upgrade — no values.yaml edits are required. 0.5.1 adds a small set of new optional RBAC environment variables on caipe-ui and rag-server, all with working defaults. The only behavior worth noting is that the RAG server now ships with team-scoped RBAC enabled by default (RBAC_TEAM_SCOPE_ENABLED: "true"); if your OpenFGA model is already initialized (as expected on 0.5.x), this aligns RAG access with the UI with no action needed.
No keys were renamed, removed, or changed type between 0.5.0 and 0.5.1. The diff only adds new optional fields.
caipe-ui config — adds the emergency RBAC bypass flag:
| Key | Default | Description |
|---|---|---|
CAIPE_UNSAFE_RBAC_BYPASS | "false" | When true, UI RBAC checks allow all requests without consulting OpenFGA. Dev/emergency only — never enable in staging or production. |
rag-stack.rag-server.env — a new env block wires the RAG server to OpenFGA:
| Key | Default | Description |
|---|---|---|
RBAC_TEAM_SCOPE_ENABLED | "true" | Enforce team-scoped RBAC on RAG server requests via OpenFGA. |
OPENFGA_HTTP | "http://ai-platform-engineering-openfga:8080" | OpenFGA endpoint the RAG server queries for KB/team relationships. |
OPENFGA_STORE_NAME | "caipe-openfga" | OpenFGA store name. |
CAIPE_UNSAFE_RBAC_BYPASS | "false" | Same emergency escape hatch as the UI, applied to RAG server RBAC. |
If you override rag-server.env in your own values, merge these keys in rather than replacing the block. Operators on an air-gapped or renamed OpenFGA service should point OPENFGA_HTTP at their endpoint.
None.
No MongoDB schema or data migrations are required to upgrade. The canonical team-membership refactor reads from the team_membership_sources collection; a migration script (make target) is available to clear the legacy teams.members[] array, but it is optional cleanup and not required for the upgrade.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.1 \
-f your-values.yaml
If your OpenFGA service is not the in-release default, set the new env keys under rag-stack.rag-server.env in your values.yaml:
rag-stack:
rag-server:
env:
RBAC_TEAM_SCOPE_ENABLED: "true"
OPENFGA_HTTP: "http://your-openfga:8080"
OPENFGA_STORE_NAME: "caipe-openfga"
kubectl get pods -n <namespace>
Then confirm a team member can open the Knowledge tabs they have access to, and that the configured default agent loads for non-admin users instead of falling back to the Default CAIPE Supervisor.
--- values-0.5.0.yaml
+++ values-0.5.1.yaml
@@ -836,6 +836,9 @@
OPENFGA_HTTP: ""
OPENFGA_STORE_NAME: "caipe-openfga"
OPENFGA_RECONCILE_ENABLED: "false"
+ # Unsafe dev/emergency escape hatch: when true, UI RBAC checks allow all
+ # requests without consulting OpenFGA. Do not enable in staging or prod.
+ CAIPE_UNSAFE_RBAC_BYPASS: "false"
# Keycloak Admin API integration for resource/scope synchronization.
KEYCLOAK_URL: ""
KEYCLOAK_REALM: "caipe"
@@ -1412,6 +1415,11 @@
# tag defaults to .Chart.AppVersion when not specified
tag: ""
pullPolicy: "IfNotPresent"
+ env:
+ RBAC_TEAM_SCOPE_ENABLED: "true"
+ OPENFGA_HTTP: "http://ai-platform-engineering-openfga:8080"
+ OPENFGA_STORE_NAME: "caipe-openfga"
+ CAIPE_UNSAFE_RBAC_BYPASS: "false"
agent-rag:
enabled: true
Released: 2026-05-26
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.5.0
Previous release: 0.4.18
0.5.0 is a headline minor release that lands CAIPE's enterprise authorization foundation: a full cutover from legacy role-based access control to relationship-based access control (ReBAC) backed by OpenFGA, with Keycloak as the identity provider and an AgentGateway ext_authz bridge enforcing per-call MCP decisions. The release introduces a new Webex bot alongside ReBAC-aware Slack routing, an envelope-encrypted credential store and OAuth connector platform, and a hardened secrets bootstrap that fails loudly on dev placeholders instead of silently shipping insecure defaults. The entire authorization stack is opt-in and disabled by default — for a stock 0.4.18 deployment this is a drop-in upgrade with no values.yaml edits required. Operators who adopt RBAC get team-based access control, per-document RAG ACLs, channel-derived team binding for bots, and a redesigned admin UI for managing teams, identity-group sync, and onboarding defaults.
ui/src/lib/rbac library (OpenFGA client, tuple builder, store, PDP, decision cache, role-mapping, group-sync, team/agent resolvers, Keycloak Admin REST helpers), the full admin BFF API surface, and admin UI components for teams and authorization management (#1526)keycloak, openfga, openfga-authz-bridge, and agentgateway subcharts, including Keycloak realm init, token-exchange and auth-reconcile jobs, the OpenFGA authorization model bootstrap, and the Python ext_authz bridge (#1496)mcp-agent-auth package (JWT validation, caller-key derivation, OBO exchange, in-process JWKS cache, downstream token forwarder, PDP) wired uniformly into 13 agent MCP servers via MCPAuthMiddleware (Spec 101) (#1524)admin implies member + auto-provisioned Super Admins team — OpenFGA model bump so anyone with the admin relation on a team satisfies team#member checks, removing the need to dual-write tuples; a Super Admins team is auto-provisioned for platform defaults (#1555)platform_config and editable from the admin UI/BFF (#1558)webex_bot integration (a2a client, app, identity linking, audit, hardening, Prometheus metrics) plus a webex-bot Helm subchart, Dockerfile, and CI workflow (#1523)active_team JWT claim with a model that derives the authorizing team from the channel/context (Slack channel, Webex space, DM), correct for multi-team users by construction; adds personal DM commands across both bots (#1562)CAIPE_CREDENTIALS_ENABLED feature flag and disabled by default (#1497)/mcp suffix, scheme inference), forwards request tokens via OBO, resolves credential refs, and adds probe + self-heal diagnostics (#1499)get_file_line_count tool — new tool the agent is prompted to call before read_file, so it reads large files in bounded ranges instead of pulling entire files into context (#1565)ENABLE_USER_INFO_TOOL captures user identity from the JWT (enabling the user_info tool and JWT context middleware); FORWARD_JWT_TO_MCP forwards the user JWT as a Bearer token to HTTP/streamable-HTTP MCP connections. Both default to false (#1524)setup-caipe.sh now offers all 7 EmbeddingsFactory providers, including AWS Bedrock, Cohere, and Voyage AI (the recommended embeddings provider for Anthropic Claude users) (#1538)users.conversations for Slack channel discovery to dodge Slack API rate limits (#1536)workflow_configs in the app configmap so self-service workflows render correctly (#1549)This release is security-heavy by design — it ships the authorization stack and hardens the secrets bootstrap.
caipe-platform, caipe-slack-bot, caipe-webex-bot) on every install/upgrade, a strict-mode gate (keycloak.strictClientSecrets, default off) that fails the install if any known dev placeholder still mints a token, ExternalSecrets support for caipe-platform.OIDC_CLIENT_SECRET, and removal of 5 demo users with hardcoded passwords from the bundled realm config (#1518)admin/admin fallback + strict-mode gates — the BFF Keycloak Admin client no longer falls back to admin/admin against /realms/master; production requires the client_credentials path against a confidential client and fails loudly otherwise. Adds MongoDB and NextAuth strict-mode gates, and auto-wires KEYCLOAK_ADMIN_CLIENT_ID/SECRET from the same Secret the Keycloak chart writes (R1/R3/R4 of the May 2026 secrets audit) (#1519)aws-kms (the local-cmk provider is for non-production testing only) (#1497)mongodb.auth.strictPasswords (default off) makes helm install/upgrade fail-fast when auth.rootPassword is left at a known placeholder such as changemeaiohttp, websockets, and @aws-sdk/client-kms to exact versions; bump fastmcp to 3.3.1 and regenerate lock files; refresh stale MCP uv.lock files; remove fixable grype findings from container images; bump protobuf and qsThere are no breaking Helm values changes — every key in the chart diff is additive, and the entire RBAC/OpenFGA/Keycloak/Webex stack ships disabled by default (tags.keycloak, tags.webex-bot, openfga.enabled, global.agentgateway.enabled, CAIPE_CREDENTIALS_ENABLED all default to false). For a stock 0.4.18 deployment, 0.5.0 is a drop-in upgrade.
One behavioral breaking change applies only if you were tracking pre-release 0.5.x builds or had a custom integration that read the active_team JWT claim:
active_team JWT claim removed (#1562) — the single-team-per-token active_team claim and all of its supporting code (heal routes, scope matrices, diagnostic invariants, env passthrough, cleanup script, team-scope Keycloak helpers) have been demolished and replaced with channel-derived team binding. Consequence if not updated: any external code that inspected active_team on a CAIPE-issued JWT will no longer find the claim. Authorization is now derived from the channel/space/DM context of the request. No action is required for operators upgrading from 0.4.18, since that release never issued the claim through this stack.None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.0 \
-f your-values.yaml
0.5.0 introduces the enterprise authorization foundation — OpenFGA ReBAC, Keycloak identity, AgentGateway ext_authz, a Webex bot, and an envelope-encrypted credential store. Despite the size of the release (112 commits), the upgrade is drop-in for existing 0.4.18 deployments: every new Helm value is additive with a working default, and all of the new authorization machinery is gated behind feature flags that default to disabled. You only need to edit values.yaml if you are opting into RBAC, the Webex bot, or the credential store.
No keys were renamed, removed, or type-changed between 0.4.18 and 0.5.0. The only modified line is a comment reformat of the unchanged mongodb.auth.rootPassword: "changeme" default. Everything else is new optional configuration.
None. No breaking Helm values changes.
| Key | Default | Description |
|---|---|---|
tags.webex-bot | false | Enable the new Webex bot subchart |
tags.keycloak | false | Enable the bundled Keycloak identity provider |
openfga.enabled | false | Enable the OpenFGA relationship PDP |
openfgaAuthzBridge.enabled | false | Enable the AgentGateway ext_authz bridge |
global.image.channel | "" (auto) | Force the image repo channel (pre-release or release); empty auto-selects by appVersion |
global.agentgateway.enabled | false | Route MCP traffic through the AgentGateway proxy |
global.agentgateway.installIstioCrds | false | Install Istio CRDs (leave false if Istio is already present) |
global.agentgateway.proxyPort | 8080 | AgentGateway proxy listener port |
global.agentgateway.extAuth.* | disabled | ext_authz service name/namespace/port for OpenFGA decisions |
global.openfga.httpUrl | http://{{ .Release.Name }}-openfga:8080 | OpenFGA discovery URL for CAIPE components |
global.openfga.storeName | caipe-openfga | OpenFGA store name |
agentgateway.* (top level) | enabled: false | AgentGateway proxy image/config |
<agent>.mcp.agentgateway.enabled | false | Per-agent: route MCP calls through AgentGateway (with protocol: StreamableHTTP) |
global.config)| Env Var | Default | Description |
|---|---|---|
ENABLE_USER_INFO_TOOL | false | Capture user identity from the JWT; enables the user_info tool and JWT context middleware |
FORWARD_JWT_TO_MCP | false | Forward the user JWT as a Bearer token to HTTP/streamable-HTTP MCP connections (requires ENABLE_USER_INFO_TOOL=true) |
caipe-ui.config / caipe-ui.keycloakAdminClient)| Key | Default | Description |
|---|---|---|
keycloakAdminClient.secretName | caipe-platform-secret | Secret holding the Keycloak Admin REST client secret |
keycloakAdminClient.secretKey | OIDC_CLIENT_SECRET | Key within that Secret |
keycloakAdminClient.clientId | caipe-platform | Keycloak Admin REST client ID |
CAIPE_CREDENTIALS_ENABLED | false | Enable the Connections & Secrets credential store |
CREDENTIAL_STORE_BACKEND | mongodb-envelope | Credential storage backend |
CREDENTIAL_KEY_PROVIDER | local-cmk | Data-key provider (local-cmk for test, aws-kms for prod) |
CREDENTIAL_KMS_CMK_ID / CREDENTIAL_KMS_REGION | "" | AWS KMS CMK id/region when using aws-kms |
CREDENTIAL_BOOTSTRAP_OAUTH_CONNECTORS | false | Bootstrap global OAuth connectors from server env at startup |
OPENFGA_HTTP | "" | OpenFGA URL for relationship authorization (set after OpenFGA is installed) |
OPENFGA_STORE_NAME | caipe-openfga | OpenFGA store name |
OPENFGA_RECONCILE_ENABLED | false | Enable OpenFGA reconciliation |
KEYCLOAK_URL / KEYCLOAK_REALM | "" / caipe | Keycloak Admin API integration |
KEYCLOAK_RESOURCE_SERVER_ID | caipe-platform | Keycloak resource server id for resource/scope sync |
SLACK_WORKSPACE_ALIAS | CAIPE | Canonical Slack workspace namespace for ReBAC/routes |
SLACK_BOT_ADMIN_URL / SLACK_BOT_ADMIN_AUDIENCE | slack-bot URL / caipe-slack-bot-admin | Slack bot internal admin API used by the BFF |
WEBEX_BOT_ADMIN_URL / WEBEX_BOT_ADMIN_AUDIENCE | webex-bot URL / caipe-webex-bot-admin | Webex bot internal admin API |
WEBEX_THREAD_CONTEXT_* | true / 10 / 4000 | Webex thread-context window settings |
CAIPE_ORG_KEY / CAIPE_ORG_DISPLAY_NAME | caipe / CAIPE | Org namespace + display name |
dynamic-agents.config)| Env Var | Default | Description |
|---|---|---|
KEYCLOAK_URL | http://ai-platform-engineering-keycloak:8080 | In-cluster Keycloak service URL for JWKS fetch (override for external IdP) |
OIDC_ISSUER | "" | Browser-facing issuer baked into JWTs; falls back to deriving from KEYCLOAK_URL in dev |
CAIPE_CREDENTIALS_ENABLED | false | Enable the credential-exchange client |
CREDENTIAL_API_URL | caipe-ui /api/credentials | Credential exchange API endpoint |
USE_IMPERSONATION_TOKENS | false | Use impersonation tokens for downstream calls |
AGENT_GATEWAY_MCP_SERVER_IDS | jira | MCP server IDs routed through the AgentGateway backend |
slack-bot.config)| Env Var | Default | Description |
|---|---|---|
SLACK_WORKSPACE_ALIAS | CAIPE | Canonical workspace namespace for ReBAC/routes |
SLACK_AGENT_ROUTES_MODE | db_prefer | Prefer UI-managed Slack routes, fall back to static config |
SLACK_AUTO_ASSIGN_UNMAPPED_CHANNELS | false | Opt-in first-message channel onboarding |
SLACK_DEFAULT_TEAM_SLUG / SLACK_DEFAULT_AGENT_ID | "" | Required when auto-assignment is enabled |
SLACK_ADMIN_API_ENABLED | false | Internal admin API for route status/reload/config sync |
SLACK_ADMIN_JWT_ISSUER / SLACK_ADMIN_JWT_AUDIENCE | "" / caipe-slack-bot-admin | OIDC issuer/audience for the admin API |
SLACK_ADMIN_ALLOWED_CLIENT_IDS | caipe-ui | Client IDs allowed to call the admin API |
| Block | Enabled by | Purpose |
|---|---|---|
webex-bot | tags.webex-bot=true | Webex spaces, identity linking, OpenFGA ReBAC |
keycloak | tags.keycloak=true | Identity provider, federation broker, RFC 8693 token exchange |
openfga | openfga.enabled=true | Relationship PDP (team/resource tuples) |
openfga-authz-bridge | openfgaAuthzBridge.enabled=true | Envoy ext_authz → OpenFGA Check bridge for AgentGateway |
None. No keys were deprecated or removed in 0.5.0.
scripts/init-credential-mongo-indexes.ts. These are created lazily/on-demand and only when the corresponding feature is enabled.authorization-model.json) and creates the caipe-openfga store. Existing deployments have nothing to migrate — there was no prior OpenFGA store.caipe realm, token-exchange clients, and (optionally) the upstream IdP broker. No migration from a prior CAIPE-managed Keycloak is required for 0.4.18 upgraders.active_team JWT claim: no data migration — the claim is simply no longer issued, and authorization is derived from channel context at request time.helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.5.0 \
-f your-values.yaml
This alone is sufficient for a stock upgrade — the new authorization stack stays disabled.
No breaking changes require edits. If you want to opt into RBAC, enable the foundation subcharts and point CAIPE UI at them:
tags:
keycloak: true
openfga:
enabled: true
caipe-ui:
config:
OPENFGA_HTTP: "http://ai-platform-engineering-openfga:8080"
OPENFGA_RECONCILE_ENABLED: "true"
KEYCLOAK_URL: "http://ai-platform-engineering-keycloak:8080"
To opt into the Webex bot:
tags:
webex-bot: true
To opt into the credential store (use aws-kms in production):
caipe-ui:
config:
CAIPE_CREDENTIALS_ENABLED: "true"
CREDENTIAL_KEY_PROVIDER: "aws-kms"
CREDENTIAL_KMS_CMK_ID: "<your-cmk-id>"
CREDENTIAL_KMS_REGION: "<your-region>"
For production secrets hygiene, consider turning on the new strict-mode gates once you have wired real secrets:
mongodb:
auth:
strictPasswords: true # fail-fast on placeholder rootPassword
kubectl get pods -n <namespace>
# If you enabled RBAC, confirm the auth foundation pods are healthy
kubectl get pods -n <namespace> | grep -E 'keycloak|openfga'
# If you enabled the Webex bot
kubectl get deploy -n <namespace> | grep webex-bot
For a stock upgrade, confirm all existing pods roll cleanly — no new admission constraints are introduced.
--- /tmp/vf-0.5.0.yaml 2026-05-29 09:11:41
+++ /tmp/vt-0.5.0.yaml 2026-05-29 09:11:42
@@ -22,6 +22,8 @@
agent-petstore: false
rag-stack: false
slack-bot: false
+ webex-bot: false
+ keycloak: false
# Global configuration shared across all subcharts
global:
@@ -30,6 +32,11 @@
# Individual subchart `image.tag` values still take highest precedence.
image:
tag: ""
+ # -- Image repository channel for maintained CAIPE images.
+ # Empty means auto: rc/hotfix/dev chart appVersions use `pre-release/`,
+ # final release appVersions use the root published image repositories.
+ # Set to `pre-release` or `release` to force either repository channel.
+ channel: ""
# Deployment mode: "single-node" (all agents in-process) or "multi-node" (each agent as a separate pod)
deploymentMode: "multi-node"
@@ -115,7 +122,30 @@
agentgateway:
enabled: false
+ # Set to true only if Istio CRDs are NOT already present in the cluster.
+ # If Istio is already installed (any version), leave this false to avoid conflicts.
+ installIstioCrds: false
+ # Port for the agentgateway proxy listener (Gateway resource)
+ proxyPort: 8080
+ extAuth:
+ enabled: false
+ serviceName: "ai-platform-engineering-openfga-authz-bridge"
+ serviceNamespace: ""
+ port: 9100
+ # OpenFGA service discovery defaults for CAIPE components that perform
+ # relationship-based authorization or reconciliation.
+ openfga:
+ httpUrl: "http://{{ .Release.Name }}-openfga:8080"
+ storeName: "caipe-openfga"
+
+agentgateway:
+ enabled: false
+ image:
+ repository: cr.agentgateway.dev/agentgateway
+ tag: v1.1.0
+ pullPolicy: IfNotPresent
+
# LangGraph Redis for checkpoint and cross-thread store persistence.
# Two deployment options:
# 1. Dedicated Redis Stack (recommended): set enabled=true to deploy langgraph-redis subchart
@@ -276,6 +306,8 @@
USE_STRUCTURED_RESPONSE: "true" # Set to "true" to enforce agent to always use structured response format as the final output
TASK_CONFIG_PATH: "/app/task_config.yaml"
POLICY_FILE_PATH: "/app/policy.lp"
+ ENABLE_USER_INFO_TOOL: "false" # Capture user identity from JWT; enables user_info tool and JWT context middleware
+ FORWARD_JWT_TO_MCP: "false" # Forward the user JWT as Bearer token to HTTP/streamable-HTTP MCP connections (requires ENABLE_USER_INFO_TOOL=true). Also used by sub-agents via base_langgraph_agent.
# Self-service workflow env vars — referenced as ${VAR_NAME} in task_config.yaml prompts.
# Set these per environment so system workflows can resolve repo references at runtime.
# JARVIS_WORKFLOWS_REPO: "org/jarvis-workflows" # Templates repo (safe-settings, terraform, etc.)
@@ -377,6 +409,12 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ # Route MCP traffic through agentgateway proxy (requires global.agentgateway.enabled).
+ # When enabled, subagent MCP calls go through the agentgateway proxy which can
+ # enforce JWT validation and ext_authz decisions backed by OpenFGA.
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP # SSE or StreamableHTTP
agent-backstage:
nameOverride: "agent-backstage"
@@ -391,6 +429,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-confluence:
nameOverride: "agent-confluence"
@@ -404,6 +445,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
env:
TRANSPORT: "streamable-http"
@@ -478,6 +522,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-pagerduty:
nameOverride: "agent-pagerduty"
@@ -492,6 +539,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-slack:
nameOverride: "agent-slack"
@@ -505,6 +555,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 3001
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
command: ["--transport", "http"]
env:
SLACK_MCP_HOST: "0.0.0.0"
@@ -526,6 +579,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
env:
# -- Block kubectl get/describe secret(s) and redact Secret data from output. Defaults to true (on).
RESTRICT_KUBECTL_SECRETS: "true"
@@ -553,6 +609,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-victorops:
nameOverride: "agent-victorops"
@@ -566,6 +625,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-webex:
nameOverride: "agent-webex"
@@ -580,6 +642,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-weather:
nameOverride: "agent-weather"
@@ -608,6 +673,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-netutils:
nameOverride: "agent-netutils"
@@ -624,6 +692,9 @@
pullPolicy: "IfNotPresent"
mode: "http" # Options: stdio, http
port: 8000
+ agentgateway:
+ enabled: false
+ protocol: StreamableHTTP
agent-weather:
nameOverride: "agent-weather"
@@ -650,6 +721,25 @@
skills:
enabled: true
nameOverride: "caipe-ui"
+ # R1 upstream fix (May 2026): default the Keycloak Admin REST client
+ # secret name to "caipe-platform-secret" — the conventional name an
+ # operator passes via `keycloak.platformClient.secretRef` AND the
+ # default target of the keycloak chart's ExternalSecret (see below
+ # where we also default `keycloak.platformClient.secretRef` itself).
+ #
+ # Helm does not support cross-subchart value substitution at template
+ # time, so we have to hardcode the conventional name in both places.
+ # Operators using a non-default Secret name must override BOTH:
+ # keycloak.platformClient.secretRef: my-custom-platform-secret
+ # caipe-ui.keycloakAdminClient.secretName: my-custom-platform-secret
+ #
+ # See docs/docs/security/rbac/secrets-bootstrap.md section "R1: BFF
+ # Keycloak Admin token — production-safety gate".
+ # assisted-by Claude:claude-opus-4-7
+ keycloakAdminClient:
+ secretName: "caipe-platform-secret"
+ secretKey: "OIDC_CLIENT_SECRET"
+ clientId: "caipe-platform"
image:
repository: "ghcr.io/cnoe-io/caipe-ui"
# tag defaults to .Chart.AppVersion when not specified
@@ -719,6 +809,18 @@
DYNAMIC_AGENTS_ENABLED: "false"
# Dynamic Agents service URL (only used when DYNAMIC_AGENTS_ENABLED is "true")
# DYNAMIC_AGENTS_URL: "http://ai-platform-engineering-dynamic-agents:8001"
+ # Connections & Secrets credential store. Disabled by default. Use local-cmk
+ # only for non-production testing; production must use aws-kms.
+ CAIPE_CREDENTIALS_ENABLED: "false"
+ CREDENTIAL_STORE_BACKEND: "mongodb-envelope"
+ CREDENTIAL_KEY_PROVIDER: "local-cmk"
+ CREDENTIAL_KMS_CMK_ID: ""
+ CREDENTIAL_KMS_REGION: ""
+ CREDENTIAL_SERVICE_AUDIENCE: "caipe-credential-service"
+ # Bootstrap global OAuth connectors from server env at startup. In
+ # Kubernetes, provide provider client IDs/secrets/redirect URIs through
+ # externalSecrets; in Docker Compose, provide them through .env.
+ CREDENTIAL_BOOTSTRAP_OAUTH_CONNECTORS: "false"
# Standalone skill-scanner microservice (cisco-ai-defense/skill-scanner).
# Active when global.skillScanner.enabled=true; the in-cluster Service
# name is derived from the Helm release name, so the URL is rendered
@@ -729,6 +831,15 @@
SKILL_SCANNER_URL: "http://{{ .Release.Name }}-skill-scanner:8000"
# MongoDB configuration
MONGODB_DATABASE: "caipe"
+ # OpenFGA relationship authorization. Enable reconciliation only after
+ # OpenFGA is installed and the authorization model has been initialized.
+ OPENFGA_HTTP: ""
+ OPENFGA_STORE_NAME: "caipe-openfga"
+ OPENFGA_RECONCILE_ENABLED: "false"
+ # Keycloak Admin API integration for resource/scope synchronization.
+ KEYCLOAK_URL: ""
+ KEYCLOAK_REALM: "caipe"
+ KEYCLOAK_RESOURCE_SERVER_ID: "caipe-platform"
# NextAuth URL (non-sensitive)
NEXTAUTH_URL: "http://localhost:3000"
# Node environment
@@ -737,6 +848,29 @@
TAGLINE: "Multi-Agent Workflow Automation"
DESCRIPTION: "Where Humans and AI agents collaborate to deliver high quality outcomes."
APP_NAME: "CAIPE"
+ # Canonical Slack workspace namespace used by UI-managed Slack ReBAC/routes.
+ SLACK_WORKSPACE_ALIAS: "CAIPE"
+ # Slack bot internal admin API used by the Web UI BFF for route reload and
+ # one-time static-config-to-MongoDB/OpenFGA migration. The BFF uses the
+ # existing OIDC_CLIENT_ID/OIDC_CLIENT_SECRET Keycloak client credentials.
+ SLACK_BOT_ADMIN_URL: "http://ai-platform-engineering-slack-bot:3001"
+ SLACK_BOT_ADMIN_AUDIENCE: "caipe-slack-bot-admin"
+ # SLACK_BOT_ADMIN_TOKEN_URL: "http://keycloak:7080/realms/caipe/protocol/openid-connect/token"
+ # SLACK_BOT_ADMIN_SCOPE: "slack:routes:read slack:routes:reload slack:routes:sync"
+ SLACK_DEFAULT_TEAM_SLUG: ""
+ SLACK_DEFAULT_AGENT_ID: ""
+ # Webex bot internal admin API (BFF access-check + route management).
+ WEBEX_BOT_ADMIN_URL: "http://ai-platform-engineering-webex-bot:3002"
+ WEBEX_BOT_ADMIN_CLIENT_ID: "caipe-ui"
+ WEBEX_BOT_ADMIN_AUDIENCE: "caipe-webex-bot-admin"
+ # WEBEX_BOT_ADMIN_TOKEN_URL: "http://keycloak:7080/realms/caipe/protocol/openid-connect/token"
+ WEBEX_DEFAULT_TEAM_SLUG: ""
+ WEBEX_DEFAULT_AGENT_ID: ""
+ WEBEX_THREAD_CONTEXT_ENABLED: "true"
+ WEBEX_THREAD_CONTEXT_MAX_MESSAGES: "10"
+ WEBEX_THREAD_CONTEXT_MAX_CHARS: "4000"
+ CAIPE_ORG_KEY: "caipe"
+ CAIPE_ORG_DISPLAY_NAME: "CAIPE"
LOGO_URL: "/logo.svg"
LOGO_STYLE: "default"
# SPINNER_COLOR: ""
@@ -779,8 +913,18 @@
size: 10Gi
auth:
rootUsername: "admin"
- rootPassword: "changeme" # CHANGE THIS or use external secrets
+ # CHANGE THIS or use external secrets.
+ # R3 (May 2026): set `mongodb.strictPasswords: true` below to make
+ # `helm install` / `helm upgrade` fail-fast on the placeholder.
+ rootPassword: "changeme"
database: "caipe"
+ # R3: Production-safety gate. When true AND `externalSecrets.enabled`
+ # is false, the chart refuses to render if `auth.rootPassword` is a
+ # known placeholder ("changeme", "admin", "password", "mongo",
+ # "root", "test", etc.). Mirrors `keycloak.strictClientSecrets`.
+ # Default false so docker-compose dev + CI matrix keep working.
+ # assisted-by Claude:claude-opus-4-7
+ strictPasswords: false
# External Secrets for MongoDB credentials
externalSecrets:
enabled: false # Set to true to use external secrets
@@ -887,8 +1031,31 @@
port: 8001
# ConfigMap for non-sensitive configuration
config:
+ # ─── Keycloak / OIDC (REQUIRED for Bearer token validation) ─────────
+ # In-cluster Keycloak service URL used for the server-to-server JWKS
+ # fetch. The bundled Keycloak subchart exposes its service as
+ # `<release>-keycloak`; this default works for the umbrella chart
+ # but MUST be overridden when pointing dynamic-agents at an external
+ # Keycloak (production IdP / forge.dev / etc.).
+ KEYCLOAK_URL: "http://ai-platform-engineering-keycloak:8080"
+ # Browser-facing issuer string baked into JWTs (Keycloak's
+ # KC_HOSTNAME). Override when the public issuer differs from
+ # KEYCLOAK_URL (the typical production topology), e.g.
+ # OIDC_ISSUER: "https://idp.example.com/realms/caipe".
+ # Leaving this empty falls back to deriving the issuer from
+ # KEYCLOAK_URL, which only works in dev where both URLs coincide;
+ # NOTES.txt prints a warning otherwise.
+ OIDC_ISSUER: ""
# MongoDB configuration (uses same database as CAIPE UI)
MONGODB_DATABASE: "caipe"
+ # Connections & Secrets credential exchange client. Disabled by default.
+ CAIPE_CREDENTIALS_ENABLED: "false"
+ CREDENTIAL_API_URL: "http://ai-platform-engineering-caipe-ui:3000/api/credentials"
+ CREDENTIAL_SERVICE_AUDIENCE: "caipe-credential-service"
+ USE_IMPERSONATION_TOKENS: "false"
+ # MCP server IDs routed through the shared AgentGateway backend.
+ # Other MCP servers keep direct endpoints so tool names reflect real upstreams.
+ AGENT_GATEWAY_MCP_SERVER_IDS: "jira"
# LLM configuration (override if needed)
# LLM_PROVIDER: "openai"
# LLM_MODEL: "gpt-4o"
@@ -930,9 +1097,20 @@
SLACK_INTEGRATION_SILENCE_ENV: "false"
# MONGODB_URI: "" # Override per environment
# SLACK_WORKSPACE_URL: "" # e.g. "https://mycompany.slack.com"
+ SLACK_WORKSPACE_ALIAS: "CAIPE" # Canonical workspace namespace for Slack ReBAC/routes
# SLACK_INTEGRATION_ENABLE_AUTH: "true" # Enable OAuth2 Client Credentials
# OAUTH2_TOKEN_URL: "" # OIDC token endpoint
# OAUTH2_CLIENT_ID: "" # OAuth2 client ID
+ SLACK_AGENT_ROUTES_MODE: "db_prefer" # Prefer UI-managed Slack routes, fallback to static config
+ SLACK_AUTO_ASSIGN_UNMAPPED_CHANNELS: "false" # Opt-in first-message channel onboarding
+ SLACK_DEFAULT_TEAM_SLUG: "" # Required when auto-assignment is enabled
+ SLACK_DEFAULT_AGENT_ID: "" # Required when auto-assignment is enabled
+ SLACK_ADMIN_API_ENABLED: "false" # Internal admin API for route status/reload/config sync
+ SLACK_ADMIN_API_HOST: "0.0.0.0"
+ SLACK_ADMIN_API_PORT: "3001"
+ SLACK_ADMIN_JWT_ISSUER: "" # Set to Keycloak/OIDC issuer when admin API is enabled
+ SLACK_ADMIN_JWT_AUDIENCE: "caipe-slack-bot-admin"
+ SLACK_ADMIN_ALLOWED_CLIENT_IDS: "caipe-ui"
# -- Reference to a pre-existing Kubernetes Secret.
# Should contain: SLACK_BOT_TOKEN, SLACK_APP_TOKEN, SLACK_SIGNING_SECRET,
@@ -963,10 +1141,41 @@
name: "vault"
kind: "ClusterSecretStore"
data: []
+ # Example placeholders. Keep values in your external secret backend; these
+ # keys are materialized into the generated Kubernetes Secret and injected
+ # into the slack-bot pod via envFrom.
# - secretKey: SLACK_BOT_TOKEN
# remoteRef:
# key: prod/slack-bot
# property: bot_token
+ # - secretKey: SLACK_APP_TOKEN
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: app_token
+ # - secretKey: SLACK_SIGNING_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: signing_secret
+ # - secretKey: SLACK_CLIENT_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: slack_client_secret
+ # - secretKey: SLACK_LINK_HMAC_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: slack_link_hmac_secret
+ # - secretKey: OAUTH2_CLIENT_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: oauth2_client_secret
+ # - secretKey: KEYCLOAK_BOT_CLIENT_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: keycloak_bot_client_secret
+ # - secretKey: KEYCLOAK_SLACK_BOT_ADMIN_CLIENT_SECRET
+ # remoteRef:
+ # key: prod/slack-bot
+ # property: keycloak_slack_bot_admin_client_secret
resources:
requests:
@@ -976,6 +1185,215 @@
cpu: 500m
memory: 512Mi
+######### Webex Bot Integration configuration #########
+# Parallel to slack-bot: Webex spaces, identity linking, and OpenFGA ReBAC.
+# Enable with Helm tag: webex-bot=true
+webex-bot:
+ image:
+ repository: "ghcr.io/cnoe-io/caipe-webex-bot"
+ tag: ""
+ pullPolicy: "IfNotPresent"
+
+ config:
+ APP_NAME: "CAIPE"
+ CAIPE_API_URL: "http://ai-platform-engineering-caipe-ui:3000"
+ WEBEX_WORKSPACE_ALIAS: "CAIPE-WEBEX"
+ WEBEX_AGENT_ROUTES_MODE: "db_prefer"
+ WEBEX_THREAD_CONTEXT_ENABLED: "true"
+ WEBEX_THREAD_CONTEXT_MAX_MESSAGES: "10"
+ WEBEX_THREAD_CONTEXT_MAX_CHARS: "4000"
+ WEBEX_AUTO_ASSIGN_UNMAPPED_SPACES: "false"
+ WEBEX_DEFAULT_TEAM_SLUG: ""
+ WEBEX_DEFAULT_AGENT_ID: ""
+ WEBEX_ADMIN_API_ENABLED: "false"
+ WEBEX_ADMIN_API_HOST: "0.0.0.0"
+ WEBEX_ADMIN_API_PORT: "3002"
+ WEBEX_ADMIN_JWT_ISSUER: "http://ai-platform-engineering-keycloak:8080/realms/caipe"
+ WEBEX_ADMIN_JWKS_URL: "http://ai-platform-engineering-keycloak:8080/realms/caipe/protocol/openid-connect/certs"
+ WEBEX_ADMIN_JWT_AUDIENCE: "caipe-webex-bot-admin"
+ WEBEX_ADMIN_ALLOWED_CLIENT_IDS: "caipe-ui"
+ KEYCLOAK_URL: "http://ai-platform-engineering-keycloak:8080"
+ KEYCLOAK_REALM: "caipe"
+ OPENFGA_HTTP: "http://ai-platform-engineering-openfga:8080"
+ OPENFGA_STORE_NAME: "caipe-openfga"
+
+ # Wire OBO secret from Keycloak chart (see keycloak/templates/NOTES.txt).
+ keycloakBot:
+ clientSecretFromSecret:
+ name: "ai-platform-engineering-keycloak-webex-bot"
+ key: "KC_WEBEX_BOT_CLIENT_SECRET"
+
+ existingSecret: "webex-bot-secrets"
+
+ botConfig: {}
+
+ externalSecrets:
+ enabled: false
+ apiVersion: "v1beta1"
+ secretStoreRef:
+ name: "vault"
+ kind: "ClusterSecretStore"
+ data: []
+
+ resources:
+ requests:
+ cpu: 100m
+ memory: 256Mi
+ limits:
+ cpu: 500m
+ memory: 512Mi
+
+######### Keycloak Identity Provider configuration #########
+# Keycloak provides RBAC, identity federation (upstream SSO broker),
+# and token exchange (RFC 8693) for the Slack bot.
+# Enable with tag: keycloak=true
+keycloak:
+ image:
+ repository: "quay.io/keycloak/keycloak"
+ tag: "26.3"
+ pullPolicy: IfNotPresent
+
+ # Admin credentials — auto-generated random password by default.
+ # For prod: set admin.secretRef to an existing Secret, or enable
+ # externalSecrets to pull from Vault / AWS Secrets Manager.
+ admin:
+ username: admin
+ password: "" # Leave empty for auto-generated 32-char password
+ secretRef: "" # Set to an existing K8s Secret name with keys: username, password
+
+ realm:
+ name: caipe
+ sslRequired: "external" # "none" for dev, "external" for prod
+
+ # Keycloak features
+ features:
+ tokenExchange: true
+ adminFineGrainedAuthz: true
+
+ # Token exchange setup — enables bot impersonation via RFC 8693
+ tokenExchange:
+ enabled: true
+ botClientId: "caipe-slack-bot"
+ webexTokenExchange:
+ enabled: true
+ botClientId: "caipe-webex-bot"
+
+ # CAIPE platform OIDC client (the supervisor confidential client).
+ #
+ # R1 upstream fix (May 2026): the umbrella defaults `secretRef` to
+ # `caipe-platform-secret` so the keycloak chart's
+ # `platformClientSecretName` helper and the caipe-ui Deployment's
+ # `KEYCLOAK_ADMIN_CLIENT_SECRET` valueFrom.secretKeyRef both resolve
+ # to the same Secret name. An operator who:
+ # - pre-creates a K8s Secret called `caipe-platform-secret` with
+ # key `OIDC_CLIENT_SECRET`, OR
+ # - enables `externalSecret.enabled=true` (ESO emits a Secret of
+ # this same name as its target),
+ # gets the full BFF → Keycloak Admin REST wiring out of the box.
+ #
+ # Migration for existing ESO installs that used the OLD default name
+ # `<release>-keycloak-platform-client`: see
+ # docs/docs/security/rbac/secrets-bootstrap.md → R1 upstream fix.
+ # assisted-by Claude:claude-opus-4-7
+ platformClient:
+ secretRef: "caipe-platform-secret"
+
+ # Upstream IDP broker (generic OIDC — works with Okta, Azure AD, Duo, etc.)
+ # No vendor-specific credentials stored here.
+ idp:
+ enabled: false
+ alias: "" # e.g. "upstream-sso"
+ displayName: "" # e.g. "Enterprise SSO"
+ issuer: "" # OIDC issuer URL
+ clientId: ""
+ secretRef: "" # K8s Secret with key: IDP_CLIENT_SECRET
+ accessGroup: "" # Optional upstream group reference; mirrored into idp_groups only
+ adminGroup: "" # Optional upstream admin group reference; map to OpenFGA admin via Identity Group Sync
+
+ # External Secrets for admin password
+ externalSecrets:
+ enabled: false
+ apiVersion: "v1beta1"
+ secretStoreRef:
+ name: "vault"
+ kind: "ClusterSecretStore"
+ data: []
+ # - secretKey: password
+ # remoteRef:
+ # key: prod/keycloak
+ # property: admin_password
+
+ service:
+ type: ClusterIP
+ port: 8080
+
+ resources:
+ requests:
+ cpu: 250m
+ memory: 512Mi
+ limits:
+ cpu: "1"
+ memory: 1Gi
+
+######### OpenFGA Relationship PDP configuration #########
+# OpenFGA stores team/resource tuples used by the UI and the AgentGateway
+# ext_authz bridge. Enable for RBAC/ReBAC installs.
+openfga:
+ enabled: false
+ image:
+ repository: openfga/openfga
+ tag: v1.15.1
+ pullPolicy: IfNotPresent
+ init:
+ enabled: true
+ storeName: caipe-openfga
+ seedTuples: []
+ datastore:
+ engine: memory
+ uriSecretRef:
+ name: ""
+ key: OPENFGA_DATASTORE_URI
+ migrate:
+ enabled: true
+
+######### OpenFGA AgentGateway ext_authz bridge #########
+# The bridge receives Envoy ext_authz checks from AgentGateway and performs
+# OpenFGA Check calls. Enable alongside OpenFGA and AgentGateway.
+openfgaAuthzBridge:
+ enabled: false
+
+# Values for the openfga-authz-bridge subchart. The separate camelCase block
+# above is kept as the dependency condition flag.
+openfga-authz-bridge:
+ image:
+ repository: ghcr.io/cnoe-io/openfga-authz-bridge
+ tag: ""
+ pullPolicy: IfNotPresent
+ openfga:
+ httpUrl: "http://{{ .Release.Name }}-openfga:8080"
+ storeName: caipe-openfga
+ relation: can_call
+ object: mcp_gateway:list
+ agentContext:
+ existingSecret:
+ name: ""
+ key: CAIPE_AGENT_CONTEXT_HMAC_SECRET
+ tokenValidation:
+ jwksUrl: "http://{{ .Release.Name }}-keycloak:8080/realms/caipe/protocol/openid-connect/certs"
+ issuer: ""
+ audiences: []
+ algorithms:
+ - RS256
+ audit:
+ enabled: true
+ mongodbUri: ""
+ mongodbDatabase: caipe
+ tenantId: default
+ subjectSalt: caipe-098-audit
+ existingSecret:
+ name: ""
+ key: MONGODB_URI
+
######### RAG Stack configuration #########
# RAG Stack - Complete stack including web, server, agent, Redis, and Milvus
# Below values are only a subset of the values that are available in the rag-stack chart.
Released: 2026-05-22
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.17
Previous release: 0.4.16
0.4.17 is a targeted fix for RAG web ingestion. Scrapy 2.16.0 added validation that raised AttributeError whenever a spider defined a singular start_url attribute without a populated start_urls, which broke every crawl mode — single, recursive, and sitemap — resulting in zero pages crawled for any web ingestion request. This release renames the conflicting attribute, adds the new async spider entrypoint, and pins a stable Twisted to resolve a Scrapy 2.16 TLS bug.
No new features in this release — it is a focused bug-fix release for RAG web crawling.
self.start_url attribute to self.origin_url across all five affected spiders (scrapy_worker.py, spiders/base.py, spiders/recursive.py, spiders/single_url.py, spiders/sitemap.py) to avoid Scrapy 2.16's new start_url/start_urls validation, added an async start() entrypoint for the new Scrapy API, and pinned twisted==26.4.0 to fix a Scrapy 2.16 TLS bug (#1489)No breaking changes. Drop-in upgrade from 0.4.16.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.17 \
-f your-values.yaml
Drop-in upgrade — no values.yaml edits required. 0.4.17 fixes a critical regression in RAG web ingestion caused by the Scrapy 2.16 upgrade. If you use the RAG stack for web crawling (single URL, recursive, or sitemap modes), this upgrade is strongly recommended — earlier builds returned zero crawled pages.
No Helm values changes between 0.4.16 and 0.4.17. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.17 \
-f your-values.yaml
kubectl get pods -n <namespace>
If you run the RAG stack, confirm a web ingestion crawl now returns pages:
kubectl get pods -n <namespace> | grep rag
Trigger a single-URL crawl and confirm pages are ingested rather than failing immediately at crawl start.
]]>Released: 2026-05-22
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.18
Previous release: 0.4.17
0.4.18 fixes a regression introduced in 0.4.17 where dynamic agent configs stored with null fields in MongoDB raised a pydantic ValidationError on every chat request, effectively breaking chat for affected deployments. A new _strip_nulls() helper now removes explicit null values before pydantic construction so default_factory defaults apply correctly. This release also fixes Jira internal-comment creation, which was failing with a JSM 404 authentication error.
No new features in this release — it is a focused bug-fix release addressing a chat regression and a Jira tooling failure.
null values from MongoDB documents before pydantic construction — passing explicit None for fields stored as null bypassed pydantic default_factory and raised a ValidationError on every chat request in 0.4.17; the new _strip_nulls() helper is now applied at all three construction sites (get_agent, get_server, get_servers_by_ids), and the interrupt_on seed default is reverted back to undefined for consistency with other fields (#1503)sd.public.comment property set to internal: true — the previous JSM customer-request endpoint returned HTTP 404 sd.customerview.error.vpOriginMissing when the API user could not resolve the issue as an accessible portal request (#1490)No breaking changes. Drop-in upgrade from 0.4.17.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.18 \
-f your-values.yaml
Drop-in upgrade — no values.yaml edits required. 0.4.18 is a fix-forward release for the dynamic-agents chat regression in 0.4.17. If you are running 0.4.17 with dynamic agents, upgrade promptly — chat requests fail with a pydantic ValidationError for any agent whose config stores null fields in MongoDB. This release also restores Jira internal-comment creation.
No Helm values changes between 0.4.17 and 0.4.18. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required. Existing documents with null fields are handled at read time by the new _strip_nulls() helper — no document rewrite is necessary.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.18 \
-f your-values.yaml
kubectl get pods -n <namespace>
Confirm a chat request against a dynamic agent succeeds instead of returning a ValidationError:
kubectl get pods -n <namespace> | grep dynamic-agents
Send a test message to a dynamic agent and confirm a normal response is returned.
]]>Released: 2026-05-21
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.16
Previous release: 0.4.15
0.4.16 is a maintenance release focused on correctness. The RAG_MAX_OUTPUT_CHARS cap now actually fires for MCP tool results (previously a type check silently skipped truncation), seed agent configs once again persist their ui, features, and interrupt_on fields to MongoDB, and two reopened CodeQL code-scanning alerts are closed. The bundled CAIPE API reference docs were also refreshed to match the current BFF and RAG surfaces.
/api/usecases and UI OpenAPI examples with a current BFF reference (auth, chat/runtime proxies, dynamic agent config, MCP server config, workflows, skills/catalog, RAG proxy, settings/users, admin routes) plus a dedicated Knowledge Bases RAG API reference (#1484)_truncate_output now serializes non-str results with json.dumps before applying the length cap — MCP tools return list[dict] content blocks, so the previous isinstance(result, str) guard was always False and RAG_MAX_OUTPUT_CHARS truncation never fired (#1488)ui, features, and interrupt_on fields in seedAgents — agent gradient themes, middleware config, and human-approval (interrupt) settings were silently dropped when upserting seed agents to MongoDB; the same change also refines the escalation-handoff and clear-role-definition micro-prompts and removes the no-second-person-preamble AI review rule (#1486)main — removed a clear-text logging path derived from client_secret state in get_token.py, stopped copying raw exception text into the skill scanner result dict in skill_scanner_runner.py, and restored the filesystem Grype SARIF category from grype-filesystem back to the historical grype category so older alerts are correctly superseded (#1478)No breaking changes. Drop-in upgrade from 0.4.15.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.16 \
-f your-values.yaml
Drop-in upgrade — no values.yaml edits required. 0.4.16 ships only application bug fixes (RAG output truncation, seed-agent field persistence) and a security fix for code-scanning alerts. There are no chart, schema, or configuration changes.
No Helm values changes between 0.4.15 and 0.4.16. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.16 \
-f your-values.yaml
kubectl get pods -n <namespace>
All pods should roll over with new image tags and return to Running. No further action is required.
Released: 2026-05-20
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.14
Previous release: 0.4.13
0.4.14 is a maintenance release focused on Slack and chat reliability. It fixes several cases where the Slack bot silently failed to respond — overthink skip logic that never fired on auto-routed channel messages, and alert integrations that put all their content inside attachment blocks. The /invoke chat endpoint gains optional conversation-history persistence, the skill scanner now returns actionable validation errors for malformed skills, and Jira agents can post internal (non-customer-visible) service desk comments.
public: false, so agents can leave internal-only notes without customer-visible comments (#1445)/invoke history persistence — POST /api/v1/chat/invoke was always ephemeral, so reusing a conversation_id carried no memory across turns. A new INVOKE_PERSIST_HISTORY env var (default false) opts into the shared MongoDB-backed runtime for multi-turn history; the endpoint also now applies config_override and returns 503 on capacity errors instead of 500 (#1449)is_overthink_message in _route_to_agent so the [DEFER] skip-check fires for auto-routed channel messages — previously [DEFER] was stripped to empty and a footer-only message was posted (#1466)attachment.blocks in extract_message_text so the bot responds to alert integrations that post with empty text and all content nested inside attachment Block Kit (#1467)delete_by_key_prefix against InMemoryStore, which lacks the method and raised an AttributeError (500) on runtime init in ephemeral contexts (#1450)SKILL.md instead of a generic 500 (#1410)workflow_runs, point the workflow engine at the correct DYNAMIC_AGENTS_URL env var, and include cause code/message and target URL in streaming error messages (#1469)No breaking changes. Drop-in upgrade from 0.4.13.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.14 \
-f your-values.yaml
0.4.14 is a drop-in upgrade — no values.yaml edits are required. There are no Helm values changes between 0.4.13 and 0.4.14.
No Helm values changes between 0.4.13 and 0.4.14. Drop-in upgrade.
No data migrations are required. As a one-time cleanup, #1469 drops stale v1-schema indexes from the workflow_runs collection automatically on startup; the operation is idempotent and no operator action is needed.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.14 \
-f your-values.yaml
/invoke history persistenceIf you rely on multi-turn memory through POST /api/v1/chat/invoke, set INVOKE_PERSIST_HISTORY: "true" in your supervisor config. It defaults to false (ephemeral, no MongoDB writes).
kubectl get pods -n <namespace>
Released: 2026-05-20
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.15
Previous release: 0.4.14
0.4.15 is a small follow-up release. The curl builtin tool gains an opt-in allow_non_public_urls flag so dynamic agents can reach private or internal endpoints when explicitly configured, while domain ACLs still apply. The release also quiets noisy Jira MCP logs by default and closes several CodeQL findings by removing sensitive data from logs and stdout.
curl private-endpoint opt-in — a new per-agent allow_non_public_urls field (default false) on the curl builtin tool bypasses the SSRF IP-routing check so agents can reach private/internal endpoints; the domain ACL still applies, and fetch_url is unchanged. The field is surfaced in the agent configuration UI alongside https_only and allowed_domains (#1476)WARNING to reduce protocol noise and lower the chance of Jira payloads appearing in logs; verbose logging stays available via MCP_JIRA_LOG_LEVEL (#1475)caipe-skills.py, remove bearer-token stdout printing from get_token.py (tokens can now be written to a 0600 file), and bound scan-content API responses to sanitized severity/exit-code fields while avoiding logging of raw scan exceptions and HTTP error metadata (#1474)No breaking changes. Drop-in upgrade from 0.4.14.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.15 \
-f your-values.yaml
0.4.15 is a drop-in upgrade — no values.yaml edits are required. There are no Helm values changes between 0.4.14 and 0.4.15.
No Helm values changes between 0.4.14 and 0.4.15. Drop-in upgrade.
No data migrations are required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.15 \
-f your-values.yaml
curlIf a dynamic agent must reach a private or internal endpoint, set builtin_tools.curl.allow_non_public_urls: true for that agent (default false). Keep allowed_domains scoped — the domain ACL is still enforced.
kubectl get pods -n <namespace>
Released: 2026-05-18
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.13
Previous release: 0.4.12
0.4.13 introduces the Workflow Service — a multi-step orchestration engine with a ReactFlow visual editor, fire-and-forget execution, HITL interrupts, and config-driven seeding that runs natively inside the Next.js UI. It also adds a configurable default agent so new chats can open against a chosen dynamic agent instead of the supervisor, an AI Review module that grades skills and agent prompts against an admin rubric, and a curl builtin tool for dynamic agents to call write APIs. Security hardening closes a class of SSRF-prone URL fetches across RAG ingestion and agent fetch tools.
user_prompt.txt, tool_calls.txt, agent_output.txt), error.txt detection, and human-in-the-loop interrupt/resume (#1418)app-config.yaml are upserted on startup as read-only (lock icon, disabled forms, warning banner) (#1418)WORKFLOWS_ENABLED and the Task Builder tab behind TASK_BUILDER_ENABLED, so both stay hidden unless explicitly turned on (#1418)DEFAULT_AGENT_ID Helm key) lets you bootstrap new chats against a specific dynamic agent. Resolution order is MongoDB platform_config → DEFAULT_AGENT_ID env var → supervisor fallback, so existing deployments are unaffected by default (#1441)SKILL.md files and dynamic-agent system prompts against an admin-configurable rubric. Each criterion runs as its own LLM call, verdicts aggregate into a weighted A–F score, and results surface as GitHub-style inline comments with click-to-apply fixes. Reviews are hash-cached so unchanged content reuses the prior verdict (#1433)curl builtin tool — dynamic agents can now make PUT/POST/PATCH/DELETE calls (the existing fetch_url tool is GET-only). Disabled by default and gated behind the same domain ACL and https-only guards as fetch_url; enable via builtin_tools.curl.enabled: true (#1413)fresh_until to the message post time (message_ts + lookback_days) instead of ingestion time, giving a true rolling retention window instead of expiring historical messages ~36h after ingestion (#1435)TOOL_CALL_RESULT for MCP tools that return list-type content (#1418)sanitize_url, dynamic-agent fetch_url, the shared multi-agent fetch_url_tool, and the new curl tool; hostnames resolving to private, link-local, CGNAT, loopback, or reserved IPs are rejected. Redirect following is now validated per-hop, and a SSRFProtectionMiddleware was added to the Scrapy downloader pipeline so redirect-generated requests are blocked too (#1431)cnoe-agent-utils to 0.4.0, fixed a langchain-openai CVE, and refreshed vulnerable Python/npm dependency locks to clear Dependabot alerts (#1418)No breaking changes. Drop-in upgrade from 0.4.12.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.13 \
-f your-values.yaml
0.4.13 is a drop-in upgrade. The only Helm values change is a single new optional key (DEFAULT_AGENT_ID) that defaults to empty and preserves existing behaviour — new chats continue to open against the supervisor unless you opt in. The Workflows and Task Builder tabs are gated behind env-var feature flags and stay hidden until enabled.
One new optional field was added under caipe-ui.config. No existing keys were renamed, removed, or changed.
| Env Var / Key | Default | Description |
|---|---|---|
DEFAULT_AGENT_ID | "" (supervisor) | Bootstrap default agent for new chats. Set to a dynamic agent ID to pre-configure the default without manual admin action. Overridden at runtime by Admin → Settings. |
To pre-configure a default agent at deploy time:
caipe-ui:
config:
DEFAULT_AGENT_ID: "<dynamic-agent-id>"
A runtime value set via Admin → Settings (stored in the MongoDB platform_config collection) takes precedence over this env var.
The Workflows and Task Builder tabs are off by default. Enable them through the UI config when ready:
caipe-ui:
config:
WORKFLOWS_ENABLED: "true"
TASK_BUILDER_ENABLED: "true"
No MongoDB schema or data migrations are required. The platform_config and workflow collections self-initialize on first use.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.13 \
-f your-values.yaml
Add DEFAULT_AGENT_ID to caipe-ui.config to bootstrap a default agent, and/or set WORKFLOWS_ENABLED / TASK_BUILDER_ENABLED to surface those tabs.
kubectl get pods -n <namespace>
--- values-0.4.12.yaml
+++ values-0.4.13.yaml
@@ -686,6 +686,10 @@
config:
# CAIPE Supervisor URL - automatically configured to use the supervisor-agent service
A2A_BASE_URL: "http://ai-platform-engineering-supervisor-agent:8000"
+ # Bootstrap default agent for new chats. Overridden at runtime by Admin → Settings UI.
+ # Set to a dynamic agent ID to pre-configure the default without manual admin action.
+ # Leave empty to use the supervisor (Platform Engineer) as default.
+ DEFAULT_AGENT_ID: ""
# Skills template directory (mounted from ConfigMap)
SKILLS_DIR: "/app/data/skills"
# Live-skills skill template (mounted from ConfigMap "skills-live-skills").
Released: 2026-05-13
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.12
Previous release: 0.4.11
0.4.12 adds a standalone LiteLLM MCP server for FinOps reporting, letting dynamic agents query LiteLLM cost and usage data directly. The chart gains a new optional litellmMcp section — disabled by default — so existing deployments are unaffected until you opt in. Dynamic agents now expose their persisted agent ID through the self_identity tool. This is a drop-in Helm upgrade; the only values change is the new opt-in litellmMcp block.
mcp-litellm server — new standalone MCP server (ghcr.io/cnoe-io/mcp-litellm) exposing LiteLLM FinOps reporting tools for cost and usage analysis; enable it when dynamic agents should call LiteLLM tools directly. Ships with theme-aware FinOps workflow images and improved LiteLLM FinOps report exports. Deployed via the new optional litellmMcp Helm section (enabled: false by default) (#1402)self_identity built-in tool now returns the persisted dynamic agent ID, so an agent can reliably report which agent it is (#1403)No breaking changes. Drop-in upgrade from 0.4.11.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.12 \
-f your-values.yaml
0.4.12 is a drop-in upgrade for existing deployments. It adds one new optional chart section — litellmMcp — which is disabled by default. No existing keys are renamed, removed, or changed.
One new optional section was added. Nothing else changed.
The litellmMcp block deploys the standalone LiteLLM FinOps MCP server. It is enabled: false by default, so no action is required unless you want it.
| Key | Default | Description |
|---|---|---|
litellmMcp.enabled | false | Deploy the LiteLLM MCP server |
litellmMcp.image.repository | ghcr.io/cnoe-io/mcp-litellm | Server image |
litellmMcp.service.port | 8000 | Service port |
litellmMcp.config.LITELLM_API_URL | "" | LiteLLM API base URL |
litellmMcp.config.LITELLM_API_TIMEOUT | "120" | Request timeout (seconds) |
litellmMcp.config.LITELLM_VERIFY_SSL | "true" | Verify TLS on the LiteLLM API |
litellmMcp.existingSecret | "" | Existing Secret holding LITELLM_API_KEY (preferred in shared clusters) |
litellmMcp.externalSecrets.enabled | false | Source LITELLM_API_KEY from a ClusterSecretStore (e.g. Vault) |
To enable it in your values.yaml:
litellmMcp:
enabled: true
config:
LITELLM_API_URL: "https://litellm.example.com"
# Prefer an existing Secret or externalSecrets for the API key in shared clusters
existingSecret: "litellm-mcp"
# externalSecrets:
# enabled: true
# data:
# - secretKey: LITELLM_API_KEY
# remoteRef:
# key: dev/litellm-mcp
# property: LITELLM_API_KEY
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.12 \
-f your-values.yaml
Set litellmMcp.enabled: true and provide LITELLM_API_URL plus the LITELLM_API_KEY (via existingSecret or externalSecrets) if you want dynamic agents to query LiteLLM FinOps data.
kubectl get pods -n <namespace>
# If you enabled it, confirm the LiteLLM MCP server is running
kubectl get deploy -n <namespace> | grep litellm-mcp
@@ -793,6 +793,80 @@
# remoteRef:
# key: dev/mongodb
# property: password
+
+######### LiteLLM MCP configuration #########
+# Standalone MCP server for LiteLLM FinOps reporting.
+# Enable this when dynamic agents should call LiteLLM tools directly.
+litellmMcp:
+ enabled: false
+ nameOverride: "litellm-mcp"
+ fullnameOverride: ""
+ replicaCount: 1
+ revisionHistoryLimit: 3
+ image:
+ repository: "ghcr.io/cnoe-io/mcp-litellm"
+ # tag defaults to .Chart.AppVersion when not specified
+ tag: ""
+ pullPolicy: "IfNotPresent"
+ imagePullSecrets: []
+ service:
+ type: ClusterIP
+ port: 8000
+ # Non-sensitive environment variables.
+ config:
+ SERVER_NAME: "LITELLM"
+ LITELLM_API_URL: ""
+ LITELLM_API_TIMEOUT: "120"
+ LITELLM_VERIFY_SSL: "true"
+ # Existing Secret containing LITELLM_API_KEY. Takes precedence over secret.name.
+ existingSecret: ""
+ # Simple Secret creation for local/dev installs. Prefer existingSecret or
+ # externalSecrets in shared clusters.
+ secret:
+ create: false
+ name: ""
+ data: {}
+ # LITELLM_API_KEY: ""
+ externalSecrets:
+ enabled: false
+ apiVersion: "v1beta1"
+ refreshInterval: "1h"
+ secretStoreRef:
+ name: "vault"
+ kind: "ClusterSecretStore"
+ data: []
+ # - secretKey: LITELLM_API_KEY
+ # remoteRef:
+ # key: dev/litellm-mcp
+ # property: LITELLM_API_KEY
+ podAnnotations: {}
+ podLabels: {}
+ podSecurityContext: {}
+ securityContext: {}
+ resources: {}
+ livenessProbe:
+ tcpSocket:
+ port: http
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ readinessProbe:
+ tcpSocket:
+ port: http
+ initialDelaySeconds: 5
+ periodSeconds: 5
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
Released: 2026-05-12
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.11
Previous release: 0.4.10
0.4.11 gives operators finer control over which skills appear in the Skills Gallery: a new HIDE_BUILTIN_SKILLS flag and a default of BUILTIN_SKILL_IDS: "none" keep built-in templates out of the gallery until you import them explicitly. The VictorOps MCP is consolidated around the v2 incidents reporting API and stops silently dropping fields. Several charts fixes stop Prometheus from firing spurious TargetDown alerts on services that never exposed /metrics, and the session-expiry sign-in flow no longer relies on a brittle new-tab refresh. This is a drop-in Helm upgrade — no values.yaml edits are required.
HIDE_BUILTIN_SKILLS flag — when set to true, GET /api/skills skips loading disk-based skill templates so built-in skills do not appear in the gallery; operators load them on demand via Import template skills. Pairs cleanly with BUILTIN_SKILL_IDS=none for an empty starting gallery. The same PR also lets X-Caipe-Catalog-Key holders call POST /skills/refresh without a browser OIDC session — the catalog key is still validated against MongoDB, so security is unchanged (#1383)caipe-ui chart now defaults BUILTIN_SKILL_IDS: "none", disabling automatic seeding of template skills on startup. Restore the previous behavior with BUILTIN_SKILL_IDS: "" (seed all) or a comma-separated allow-list of template IDs (#1382)/skills gateway page: simplified quick-install flow, clearer API-key gating, collapsed advanced options, and corrected launch guidance (#1399)get_api_reporting_v2_incidents becomes the single incident-query tool with all_orgs=True fan-out (per-org payloads under by_org[slug], per-org errors under errors[slug], plus a total_count_by_phase summary). Removes redundant v1 GET endpoints and drops slim/projection logic that was silently dropping fields (notably the on-call user's name); all tools now return pretty-printed JSON so grep/glob over results works again (#1377)/login?session_expired=true to avoid AuthGuard redirect loops (#1386)rag-server, agent-ontology, and skill-scanner from ServiceMonitor scraping — these services do not expose /metrics, so Prometheus was recording up=0 and firing TargetDown for healthy pods (#1388)caipe-ui from ServiceMonitor scraping for the same reason (#1394)No breaking changes. Drop-in upgrade from 0.4.10.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.11 \
-f your-values.yaml
0.4.11 is a drop-in Helm upgrade. The only chart values change is a cosmetic comment update ("Skills API Gateway" → "Skills Gateway"). The new Skills Gallery behavior is driven by caipe-ui env vars (HIDE_BUILTIN_SKILLS, BUILTIN_SKILL_IDS), not by new top-level chart keys.
No functional Helm values changes between 0.4.10 and 0.4.11 — the only diff is a comment label updated to "Skills Gateway". Drop-in upgrade — no values.yaml edits required.
These caipe-ui config values changed defaults / gained meaning in this release:
| Env Var | Default | Description |
|---|---|---|
BUILTIN_SKILL_IDS | "none" | Which built-in template skills to auto-seed on startup. "none" = seed none; "" = seed all; comma-separated list = seed specific IDs |
HIDE_BUILTIN_SKILLS | unset (false) | When true, hides built-in skill templates from GET /api/skills / the gallery until imported via Import template skills |
To restore pre-0.4.11 auto-seeding behavior, set BUILTIN_SKILL_IDS: "" in your caipe-ui config.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.11 \
-f your-values.yaml
If you rely on built-in template skills appearing automatically, set BUILTIN_SKILL_IDS: "" (or an explicit allow-list) in your caipe-ui config. Otherwise, the gallery starts empty and templates are imported on demand.
kubectl get pods -n <namespace>
# Confirm the previously noisy services are no longer scraped as down
kubectl get servicemonitor -n <namespace>
@@ -217,7 +217,7 @@
# ---------------------------------------------------------------------------
# Live-skills command template (rendered as the `/skills` slash command
-# in the "Skills API Gateway" UI page). Customizable per-deployment.
+# in the "Skills Gateway" UI page). Customizable per-deployment.
#
# Resolution order (mirrors promptConfig):
# 1. .Values.skillsLiveSkills - inline multi-line string (highest)
Released: 2026-05-08
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.10
Previous release: 0.4.9
0.4.10 reworks how "overthink" gating instructions reach agent prompts. Instead of a per-config custom_prompt string, the platform now injects a built-in OVERTHINK_BOILERPLATE template variable server-side, so agent prompts can opt into standard [DEFER]/[LOW_CONFIDENCE] gating with a single {{ client_context.overthink_boilerplate }} reference. A follow-up fix relocates that logic from the agent runtime to the slack-bot, where it belongs. This is a drop-in Helm upgrade — no values.yaml edits are required.
OVERTHINK_BOILERPLATE template variable — replaces the removed custom_prompt field on OverthinkConfig with a built-in boilerplate injected into every system-prompt render context. Agent prompts using overthink: enabled: true can include {{ client_context.overthink_boilerplate }} to get standard [DEFER]/[LOW_CONFIDENCE] gating instructions without coupling the prompt to platform marker conventions; the variable is always available and silently ignored when not referenced (#1364)OVERTHINK_BOILERPLATE constant out of agent_runtime.py and into the slack-bot, injecting overthink_boilerplate into client_context only when overthink.enabled is true — the runtime treats client_context as an opaque dict and should not own this logic, so the slack-bot can now evolve independently of the runtime (#1369)Removed: overthink.custom_prompt (slack-bot config). The custom_prompt field was removed from OverthinkConfig. This only affects deployments that explicitly set it in their slack-bot configuration.
Before (0.4.9):
overthink:
enabled: true
custom_prompt: "Defer to a human when uncertain..."
After (0.4.10):
overthink:
enabled: true
# custom_prompt removed — reference the built-in boilerplate in your agent's
# system prompt instead:
# {{ client_context.overthink_boilerplate }}
Consequence: If you leave custom_prompt in place, it is no longer applied, and your previous gating instructions will not reach the prompt. Add {{ client_context.overthink_boilerplate }} to the agent's system prompt to restore standard [DEFER]/[LOW_CONFIDENCE] gating. No Helm chart values are affected.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.10 \
-f your-values.yaml
0.4.10 is a drop-in Helm upgrade. The only operator-visible change is the removal of the slack-bot overthink.custom_prompt field, replaced by the server-injected {{ client_context.overthink_boilerplate }} template variable. No chart values.yaml edits are required.
No Helm values changes between 0.4.9 and 0.4.10. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.10 \
-f your-values.yaml
overthink.custom_prompt) Update your agent promptRemove custom_prompt from your slack-bot overthink config and add the boilerplate reference to the agent's system prompt:
{{ client_context.overthink_boilerplate }}
kubectl get pods -n <namespace>
Released: 2026-05-07
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.9
Previous release: 0.4.8
0.4.9 ships Human-in-the-Loop tool approval for dynamic agents, a GridFS-backed store for large tool results, custom agent color themes, an improved agent-selection UX, an automated release-docs coding-agent skill, and a fully redesigned documentation site.
interrupt_on per agent — admins can require explicit approval before specific MCP tools execute; the agent pauses mid-run and waits for a human accept/rejectToolApprovalCard component surfaces the pending tool call with its arguments; timeline expands during wait and collapses on resume/invoke now detects HITL interrupts and returns a clear error rather than hanging (#1351 by @subbaksh)MongoDBGridFSStore — stores tool results in MongoDB GridFS, bypassing the 16 MB document limit that caused checkpoint failures for large LLM outputsUSE_GRIDFS_BACKEND=true; can be toggled off for smaller deploymentsformat_file builtin tool — reformats single-line blobs into newline-delimited output, making grep-friendly file searching possible from within an agent runfrom / to gradient colors and accent; AI suggest can generate a full color scheme from a natural-language descriptionmax-h-64 with overflow-y-auto; no more overflow when many agents are configuredrelease-docs Coding-Agent Skill.claude/skills/release-docs/SKILL.md — invoke /release-docs in Claude Code to generate a release blog post and upgrade guide from git history; wired into docs-release.yml CI so a post is opened automatically on every stable tag (#1356 by @sriaradhyula)main 🚧 accessible at /docs/next/prebuild/* image and Helm chart CIUnboundLocalError in the finally block when client.initialize() fails before the client variable is set — caused silent crashes on misconfigured ingestor startup (#1357 by @sriaradhyula)docs-build-check.yml workflow to catch broken Docusaurus builds on PRs touching docs/ (#1360 by @sriaradhyula)llm_clients.get_llm — fixes a subagent model config bug where the wrong model was used when AGENT_MODEL differed from SUPERVISOR_MODEL; inlined StreamingMixin; removed dead models and state (#1351 by @subbaksh)No breaking changes. Drop-in upgrade from 0.4.8.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.9 \
-f your-values.yaml
0.4.9 adds HITL tool approval and GridFS backend for dynamic agents, plus UI improvements and docs updates. No Helm values changes are required — new features default to enabled and existing deployments continue to work without modification.
No breaking Helm values changes. Drop-in upgrade — no values.yaml edits required.
GridFS is enabled by default. To disable it (e.g., if your MongoDB instance doesn't support GridFS):
dynamic-agents:
config:
USE_GRIDFS_BACKEND: "false"
To require human approval before a specific tool executes, set interrupt_on in the agent config via the agent editor UI, or in your agent YAML:
interrupt_on:
- tool_name: "my-sensitive-tool"
No Helm chart changes needed — this is per-agent configuration managed at runtime.
The documentation site now serves 0.4.9 as the default (Latest) version. The previous main-based docs are accessible at /docs/next/. If you have bookmarks to versioned doc URLs, they will continue to work.
Released: 2026-05-06
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.8
Previous release: 0.4.7
0.4.8 introduces a new AWS MCP server, configurable call-limit middlewares for the supervisor, and Kubernetes Pod Security Standards Baseline compliance across all Helm charts. A tracing fix resolves silent OTLP batch drops to Langfuse caused by oversized spans, and several long-standing compatibility and correctness bugs are resolved.
mcp-aws agent — new FastMCP server exposing aws_cli_execute and eks_kubectl_execute as MCP tools over HTTP/SSE; supports opt-in INSTALL_AWS_CLI=true / INSTALL_KUBECTL=true Docker build args; automatically built as ghcr.io/cnoe-io/mcp-aws (#1324)ToolCallLimitMiddleware — caps total tool invocations per run via TOOL_CALL_LIMIT env var; prevents agents from hammering external tools in a loopModelCallLimitMiddleware — caps total LLM inference calls per run via MODEL_CALL_LIMIT env var; prevents infinite reasoning loopsSummarizationMiddleware (opt-in) — compresses conversation history when approaching token/message thresholds; uses the same model as the supervisorsecurityContext satisfying the PSS Baseline profile; Restricted profile requirements met except readOnlyRootFilesystem (left false for agents that write to the filesystem at runtime) (#1337)max_tree_pages; GitHub truncated: true flag detected; both providers surface truncation status in the UISkillScrubberSpanProcessor removes skill/workflow content from OTLP spans before export; hard cap on span attribute size prevents 413 drops to Langfuse (#1330)/mcp/; streamable-http clients do not follow redirects, causing tool-load failures on startup (#1339)"Task <status> (ID: ...)" filler messages in chat — these placeholders from A2A Task events with no artifacts were showing as actual agent output (#1275)<!subteam^{id}>) vs individual users (<@{id}>) in escalation messages (#1341)${var,,}) with POSIX-compatible tr — fixes silent failures on macOS bash 3.2 for back-navigation and "all" agent selection (#1340)No breaking changes. Drop-in upgrade from 0.4.7.
None known at this time.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.8 \
-f your-values.yaml
0.4.8 adds the AWS MCP server, supervisor call-limit middlewares, and Kubernetes PSS Baseline security contexts across all charts. No Helm values changes are required for existing deployments — the new middlewares default to disabled and PSS security contexts are applied automatically.
No breaking Helm values changes between 0.4.7 and 0.4.8. Drop-in upgrade — no values.yaml edits required.
Two new environment variables (configurable via supervisor-agent.config in your values file) control per-run limits:
| Env Var | Default | Description |
|---|---|---|
TOOL_CALL_LIMIT | 0 (disabled) | Max tool invocations per run; 0 = unlimited |
MODEL_CALL_LIMIT | 0 (disabled) | Max LLM inference calls per run; 0 = unlimited |
SUMMARIZATION_ENABLED | false | Enable history summarization when approaching token limits |
To enable limits in your values.yaml:
supervisor-agent:
config:
TOOL_CALL_LIMIT: "50"
MODEL_CALL_LIMIT: "20"
All chart subcharts now set default securityContext values satisfying the Kubernetes PSS Baseline profile. For operators running readOnlyRootFilesystem: true in a custom policy, note that this is intentionally left false because several agents write to the filesystem at runtime. No values.yaml changes are needed.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.8 \
-f your-values.yaml
Add TOOL_CALL_LIMIT and/or MODEL_CALL_LIMIT to your supervisor-agent.config block if you want to cap agent run lengths.
kubectl get pods -n <namespace>
# Confirm mcp-aws is running (if you include it in your agent config)
kubectl get deploy -n <namespace> | grep mcp-aws
Check that no pods are blocked by PSS admission — existing charts already have compatible defaults.
]]>Released: 2026-05-05
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.6
Previous release: 0.4.5
0.4.6 significantly improves the setup-caipe.sh installer experience with Docker auto-detection, back-navigation, and upgrade-aware prompts. The dynamic agents runtime is simplified with a shared-client memory model, lazy provider loading, and a single-flight init pattern that prevents duplicate runtime startup. Several UI agent editor polish items round out the release.
docker group and offer to add them0, b, or back at any wizard prompt to return to the previous stepllm_clients refactored; provider guard removed; uses cnoe-agent-utils 0.4.0 lazy importsRetry-After reduced from 10s to 5s; runtime TTL reduced to 60s for faster cleanup (multiple commits)?tab= param — tabs are now linkable and bookmarkable; include agent name in editor card title (#1325)No breaking changes. Drop-in upgrade from 0.4.5.
None known beyond those noted in 0.4.0.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.6 \
-f your-values.yaml
0.4.6 simplifies the dynamic agents runtime (shared clients, lazy provider loading, single-flight init) and improves the setup installer. No Helm values changes and no data migrations are required.
No Helm values changes between 0.4.5 and 0.4.6. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.6 \
-f your-values.yaml
kubectl get pods -n <namespace>
kubectl logs -n <namespace> deployment/ai-platform-engineering-dynamic-agents | grep -i "runtime\|init"
Dynamic agents should start without duplicate initialization log lines.
]]>Released: 2026-05-05
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.7
Previous release: 0.4.6
0.4.7 delivers a comprehensive end-to-end overhaul of the Skills platform and a new unsaved-changes guard in the dynamic agent editor. The Skills Workspace is redesigned with a standalone scanner microservice, multi-source hub support, install history, ZIP export, and AI Assist — resolving four pre-existing UX bugs rooted in architectural mismatches.
No breaking changes. Drop-in upgrade from 0.4.6.
None known beyond those noted in 0.4.0.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.7 \
-f your-values.yaml
0.4.7 overhauled the Skills platform (new scanner microservice, multi-source hubs, ZIP export, AI Assist) and added an unsaved-changes guard to the agent editor. No Helm values changes are required. The Skills scanner runs as a new internal service — no extra configuration is needed for default deployments.
No Helm values changes between 0.4.6 and 0.4.7. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.7 \
-f your-values.yaml
kubectl get pods -n <namespace>
The admin Skills page should show the new Workspace view with unified multi-hub browsing and the Live Crawl console.
]]>Released: 2026-04-29
Chart: oci://ghcr.io/cnoe-io/charts/ai-platform-engineering:0.4.5
Previous release: 0.4.4
0.4.5 is a focused bug-fix release. The most impactful change is a DocumentDB/CosmosDB compatibility fix that removes $facet aggregation from conversation list and audit log routes — operators running CAIPE against Amazon DocumentDB or Azure CosmosDB will see these admin views work correctly for the first time. RAG server JavaScript rendering is also repaired on x86_64.
chromium_headless_shell in Dockerfile.ingestors (x86_64); add init container chart support — fixes JS rendering failures introduced in the 0.4.4 image (#1320)$facet aggregation from conversations and audit log APIs for CosmosDB/DocumentDB compatibility; add client_type=webui default filter so Slack conversations no longer appear in web UI sidebar (#1321)/skills slash command not loading hub-sourced skills — now uses the unified /api/skills catalog endpoint (#1314)overthink_config so agents with overthink: enabled: true correctly gate on @mentions (#1315)No breaking changes. Drop-in upgrade from 0.4.4.
None known beyond those noted in 0.4.0.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.5 \
-f your-values.yaml
0.4.5 is a bug-fix release focused on DocumentDB/CosmosDB compatibility and RAG server repairs. No Helm values changes and no data migrations are required.
No Helm values changes between 0.4.4 and 0.4.5. Drop-in upgrade — no values.yaml edits required.
No MongoDB schema or data migrations required.
The $facet aggregation stage has been removed from the conversation list and audit log APIs. If you were seeing MongoServerError: Aggregation 'facet' is not supported errors on the admin Conversations or Audit Logs pages, this release resolves them without any configuration changes.
helm upgrade ai-platform-engineering \
oci://ghcr.io/cnoe-io/charts/ai-platform-engineering \
--version 0.4.5 \
-f your-values.yaml
kubectl get pods -n <namespace>
Verify admin Conversations and Audit Logs pages load without errors on DocumentDB/CosmosDB deployments.
]]>