feat(deploy): add helm chart

.pre-commit-config.yaml

@@ -4,6 +4,7 @@ repos:
     hooks:
     -   id: check-yaml
         args: ['--allow-multiple-documents']
+        exclude: '^deploy/helm/templates/.*\.yaml$'
     -   id: end-of-file-fixer
     -   id: trailing-whitespace
 

Makefile

@@ -1,4 +1,4 @@
-.PHONY: help venv install run test lint format clean setup-secrets deploy-k8s
+.PHONY: help venv install run test lint format clean setup-secrets check-creds deploy-k8s deploy-helm cleanup-k8s cleanup-helm
 
 PYTHON=python
 PIP=pip
@@ -15,7 +15,11 @@ help:
 	@echo "  lint            Run pre-commit hooks (includes black, yaml, gitleaks)"
 	@echo "  format          Format code with black"
 	@echo "  setup-secrets   Copy and edit secrets template for local dev"
+	@echo "  check-creds     Check and validate all required credentials"
 	@echo "  deploy-k8s      Deploy application to Kubernetes"
+	@echo "  deploy-helm     Deploy application using Helm"
+	@echo "  cleanup-k8s     Clean up Kubernetes deployment"
+	@echo "  cleanup-helm    Clean up Helm deployment"
 	@echo "  clean           Remove Python cache and virtual environment"
 
 venv:
@@ -42,9 +46,22 @@ setup-secrets:
 	cp -n tests/secrets/nebius_secrets.py.template tests/secrets/cred.py; \
 	echo "Edit tests/secrets/cred.py to add your own API credentials."
 
+check-creds:
+	@echo "🔍 Checking credentials..."
+	@./scripts/load-credentials.sh
+
 deploy-k8s:
 	./scripts/deploy-k8s.sh
 
+deploy-helm:
+	./scripts/deploy-helm.sh
+
+cleanup-k8s:
+	./scripts/cleanup-k8s.sh
+
+cleanup-helm:
+	./scripts/cleanup-helm.sh
+
 clean:
 	rm -rf $(VENV) __pycache__ */__pycache__ .pytest_cache .mypy_cache .coverage .hypothesis
 	find . -type f -name '*.pyc' -delete

deploy/helm/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

deploy/helm/Chart.yaml

@@ -0,0 +1,13 @@
+apiVersion: v2
+name: yuga-planner
+description: A Helm chart for Yuga Planner application
+type: application
+version: 0.1.0
+appVersion: "latest"
+maintainers:
+  - name: Yuga Planner Team
+keywords:
+  - planner
+  - ai
+  - application
+home: https://github.com/blackopsrepl/yuga-planner

deploy/helm/templates/NOTES.txt

@@ -0,0 +1,36 @@
+1. Get the application URL by running these commands:
+{{- if eq .Values.service.type "NodePort" }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ .Values.app.name }}-service)
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if eq .Values.service.type "LoadBalancer" }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ .Values.app.name }}-service'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ .Values.app.name }}-service --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if eq .Values.service.type "ClusterIP" }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "yuga-planner.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
+
+2. Check the deployment status:
+  kubectl get deployments {{ .Values.app.name }} -n {{ .Release.Namespace }}
+
+3. View the pods:
+  kubectl get pods -l app={{ .Values.app.name }} -n {{ .Release.Namespace }}
+
+4. Check the logs:
+  kubectl logs -l app={{ .Values.app.name }} -n {{ .Release.Namespace }} -f
+
+Note: Make sure to set the required environment variables before deployment:
+- NEBIUS_API_KEY
+- NEBIUS_MODEL
+- MODAL_TOKEN_ID
+- MODAL_TOKEN_SECRET
+- HF_MODEL
+- HF_TOKEN
+
+You can substitute these values using envsubst before installation:
+  envsubst < values.yaml | helm install yuga-planner ./helm --values -

deploy/helm/templates/_helpers.tpl

@@ -0,0 +1,51 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "yuga-planner.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "yuga-planner.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "yuga-planner.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "yuga-planner.labels" -}}
+helm.sh/chart: {{ include "yuga-planner.chart" . }}
+{{ include "yuga-planner.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "yuga-planner.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "yuga-planner.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

deploy/helm/templates/configmap.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.app.name }}-config
+  labels:
+    app: {{ .Values.app.name }}
+{{- include "yuga-planner.labels" . | nindent 4 }}
+data:
+  JAVA_HOME: {{ .Values.env.java.home | quote }}
+  PATH: {{ .Values.env.java.path | quote }}

deploy/helm/templates/deployment.yaml

@@ -0,0 +1,81 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.app.name }}
+  labels:
+    app: {{ .Values.app.name }}
+{{- include "yuga-planner.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.deployment.replicas }}
+  selector:
+    matchLabels:
+      app: {{ .Values.app.name }}
+{{- include "yuga-planner.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Values.app.name }}
+{{- include "yuga-planner.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+      - name: {{ .Values.app.name }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.container.port }}
+          name: {{ .Values.container.name }}
+          protocol: {{ .Values.service.protocol }}
+        env:
+        - name: JAVA_HOME
+          valueFrom:
+            configMapKeyRef:
+              name: {{ .Values.app.name }}-config
+              key: JAVA_HOME
+        - name: PATH
+          valueFrom:
+            configMapKeyRef:
+              name: {{ .Values.app.name }}-config
+              key: PATH
+        - name: NEBIUS_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: NEBIUS_API_KEY
+        - name: NEBIUS_MODEL
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: NEBIUS_MODEL
+        - name: MODAL_TOKEN_ID
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: MODAL_TOKEN_ID
+        - name: MODAL_TOKEN_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: MODAL_TOKEN_SECRET
+        - name: HF_MODEL
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: HF_MODEL
+        - name: HF_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.app.name }}-secrets
+              key: HF_TOKEN
+        command: {{ .Values.deployment.command | toJson }}
+        args:
+{{- range .Values.deployment.args }}
+        - {{ . | quote }}
+{{- end }}
+        resources:
+{{- toYaml .Values.resources | nindent 10 }}
+        livenessProbe:
+{{- toYaml .Values.probes.liveness | nindent 10 }}
+        readinessProbe:
+{{- toYaml .Values.probes.readiness | nindent 10 }}
+        securityContext:
+{{- toYaml .Values.securityContext | nindent 10 }}

deploy/helm/templates/secret.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Values.app.name }}-secrets
+  labels:
+    app: {{ .Values.app.name }}
+{{- include "yuga-planner.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+  # These values will be populated from environment variables during deployment
+  NEBIUS_API_KEY: {{ .Values.secrets.nebiusApiKey | quote }}
+  NEBIUS_MODEL: {{ .Values.secrets.nebiusModel | quote }}
+  MODAL_TOKEN_ID: {{ .Values.secrets.modalTokenId | quote }}
+  MODAL_TOKEN_SECRET: {{ .Values.secrets.modalTokenSecret | quote }}
+  HF_MODEL: {{ .Values.secrets.hfModel | quote }}
+  HF_TOKEN: {{ .Values.secrets.hfToken | quote }}

deploy/helm/templates/service.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.app.name }}-service
+  labels:
+    app: {{ .Values.app.name }}
+{{- include "yuga-planner.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+  - port: {{ .Values.service.port }}
+    targetPort: {{ .Values.service.targetPort }}
+{{- if eq .Values.service.type "NodePort" }}
+    nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+    protocol: {{ .Values.service.protocol }}
+    name: {{ .Values.container.name }}
+  selector:
+    app: {{ .Values.app.name }}
+{{- include "yuga-planner.selectorLabels" . | nindent 4 }}

deploy/helm/values.yaml

@@ -0,0 +1,90 @@
+# Default values for yuga-planner.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Application configuration
+app:
+  name: yuga-planner
+
+# Image configuration
+image:
+  repository: ghcr.io/blackopsrepl/yuga-planner-test
+  tag: latest
+  pullPolicy: Always
+
+# Service configuration
+service:
+  type: NodePort
+  port: 80
+  targetPort: 7860
+  nodePort: 30860
+  protocol: TCP
+
+# Container configuration
+container:
+  port: 7860
+  name: http
+
+# Resource configuration
+resources:
+  requests:
+    memory: "512Mi"
+    cpu: "250m"
+  limits:
+    memory: "2Gi"
+    cpu: "1000m"
+
+# Deployment configuration
+deployment:
+  replicas: 1
+  command: ["python", "src/app.py"]
+  args:
+    - "--server-name"
+    - "0.0.0.0"
+    - "--server-port"
+    - "7860"
+
+# Health check configuration
+probes:
+  liveness:
+    httpGet:
+      path: /
+      port: 7860
+    initialDelaySeconds: 30
+    periodSeconds: 10
+    timeoutSeconds: 5
+    failureThreshold: 3
+  readiness:
+    httpGet:
+      path: /
+      port: 7860
+    initialDelaySeconds: 10
+    periodSeconds: 5
+    timeoutSeconds: 3
+    failureThreshold: 3
+
+# Security context
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 1000
+  runAsGroup: 1000
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: false
+  capabilities:
+    drop:
+    - ALL
+
+# Environment configuration
+env:
+  java:
+    home: "/usr/lib/jvm/temurin-21-jdk-amd64"
+    path: "/usr/lib/jvm/temurin-21-jdk-amd64/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Secret configuration (values will be populated from environment variables during deployment)
+secrets:
+  nebiusApiKey: "${NEBIUS_API_KEY}"
+  nebiusModel: "${NEBIUS_MODEL}"
+  modalTokenId: "${MODAL_TOKEN_ID}"
+  modalTokenSecret: "${MODAL_TOKEN_SECRET}"
+  hfModel: "${HF_MODEL}"
+  hfToken: "${HF_TOKEN}"

scripts/cleanup-helm.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+set -e
+
+# Yuga Planner Helm Cleanup Script
+# This script removes the Helm release and all associated resources
+
+echo "🧹 Cleaning up Yuga Planner Helm deployment..."
+
+# Check if helm is available
+if ! command -v helm &> /dev/null; then
+    echo "❌ Error: helm is required but not installed."
+    echo "💡 Install Helm from: https://helm.sh/docs/intro/install/"
+    exit 1
+fi
+
+# Configuration (same defaults as deploy script)
+RELEASE_NAME="${HELM_RELEASE_NAME:-yuga-planner}"
+# Get current namespace, fallback to default if not set
+CURRENT_NAMESPACE=$(kubectl config view --minify --output 'jsonpath={..namespace}' 2>/dev/null || echo "default")
+NAMESPACE="${HELM_NAMESPACE:-$CURRENT_NAMESPACE}"
+
+echo "📦 Helm Release: $RELEASE_NAME"
+echo "🏷️  Namespace: $NAMESPACE"
+
+# Check if the release exists
+if ! helm list -n "$NAMESPACE" | grep -q "^$RELEASE_NAME"; then
+    echo "ℹ️  Helm release '$RELEASE_NAME' not found in namespace '$NAMESPACE'."
+    echo "✅ Nothing to clean up."
+    exit 0
+fi
+
+# Show release information
+echo "🔍 Found Helm release:"
+helm list -n "$NAMESPACE" | grep "^$RELEASE_NAME" || true
+
+echo ""
+echo "📊 Release details:"
+helm status "$RELEASE_NAME" -n "$NAMESPACE" || true
+
+# Confirm deletion
+echo ""
+read -p "❓ Are you sure you want to uninstall the Helm release '$RELEASE_NAME'? (y/N): " -n 1 -r
+echo
+if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+    echo "❌ Cleanup cancelled."
+    exit 0
+fi
+
+echo "🗑️  Uninstalling Helm release..."
+helm uninstall "$RELEASE_NAME" -n "$NAMESPACE"
+
+echo "✅ Helm release uninstalled successfully!"
+
+# Check if namespace should be cleaned up (optional)
+if [ "$NAMESPACE" != "default" ]; then
+    echo ""
+    echo "🤔 The namespace '$NAMESPACE' still exists."
+    read -p "❓ Do you want to delete the namespace '$NAMESPACE' as well? (y/N): " -n 1 -r
+    echo
+    if [[ $REPLY =~ ^[Yy]$ ]]; then
+        # Check if namespace has other resources
+        OTHER_RESOURCES=$(kubectl get all -n "$NAMESPACE" --ignore-not-found=true 2>/dev/null | grep -v "^NAME" | wc -l)
+        if [ "$OTHER_RESOURCES" -gt 0 ]; then
+            echo "⚠️  Warning: Namespace '$NAMESPACE' contains other resources."
+            kubectl get all -n "$NAMESPACE" 2>/dev/null || true
+            read -p "❓ Are you sure you want to delete the entire namespace? (y/N): " -n 1 -r
+            echo
+            if [[ $REPLY =~ ^[Yy]$ ]]; then
+                kubectl delete namespace "$NAMESPACE"
+                echo "✅ Namespace '$NAMESPACE' deleted."
+            else
+                echo "ℹ️  Namespace '$NAMESPACE' preserved."
+            fi
+        else
+            kubectl delete namespace "$NAMESPACE"
+            echo "✅ Empty namespace '$NAMESPACE' deleted."
+        fi
+    else
+        echo "ℹ️  Namespace '$NAMESPACE' preserved."
+    fi
+fi
+
+echo ""
+echo "🔍 Useful commands to verify cleanup:"
+echo "  • List remaining releases: helm list -A"
+echo "  • Check for remaining resources: kubectl get all -l app.kubernetes.io/instance=$RELEASE_NAME -A"

scripts/cleanup-k8s.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+set -e
+
+# Yuga Planner Kubernetes Cleanup Script
+# This script removes all Kubernetes resources created by the deployment
+
+echo "🧹 Cleaning up Yuga Planner Kubernetes deployment..."
+
+# Check if kubectl is available
+if ! command -v kubectl &> /dev/null; then
+    echo "❌ Error: kubectl is required but not installed."
+    exit 1
+fi
+
+# Check if we're in the correct directory (project root)
+if [ ! -f "deploy/kubernetes.yaml" ]; then
+    echo "❌ Error: kubernetes.yaml not found. Please run this script from the project root."
+    exit 1
+fi
+
+# Function to check if resources exist
+check_resources() {
+    local resource_exists=false
+
+    if kubectl get deployment yuga-planner &> /dev/null; then
+        resource_exists=true
+    fi
+
+    if kubectl get service yuga-planner-service &> /dev/null; then
+        resource_exists=true
+    fi
+
+    if kubectl get secret yuga-planner-secrets &> /dev/null; then
+        resource_exists=true
+    fi
+
+    if kubectl get configmap yuga-planner-config &> /dev/null; then
+        resource_exists=true
+    fi
+
+    if [ "$resource_exists" = false ]; then
+        echo "ℹ️  No Yuga Planner resources found in the current namespace."
+        return 1
+    fi
+
+    return 0
+}
+
+# Check if any resources exist
+if ! check_resources; then
+    echo "✅ Nothing to clean up."
+    exit 0
+fi
+
+# Show what will be deleted
+echo "🔍 Found the following Yuga Planner resources:"
+kubectl get deployment,service,secret,configmap -l app=yuga-planner 2>/dev/null || true
+
+# Confirm deletion
+read -p "❓ Are you sure you want to delete these resources? (y/N): " -n 1 -r
+echo
+if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+    echo "❌ Cleanup cancelled."
+    exit 0
+fi
+
+echo "🗑️  Deleting Kubernetes resources..."
+
+# Delete resources by label selector (safer approach)
+echo "  • Deleting deployment..."
+kubectl delete deployment -l app=yuga-planner --ignore-not-found=true
+
+echo "  • Deleting service..."
+kubectl delete service -l app=yuga-planner --ignore-not-found=true
+
+echo "  • Deleting secrets..."
+kubectl delete secret -l app=yuga-planner --ignore-not-found=true
+
+echo "  • Deleting configmaps..."
+kubectl delete configmap -l app=yuga-planner --ignore-not-found=true
+
+echo "✅ Cleanup complete!"
+echo "🔍 Verify cleanup: kubectl get all -l app=yuga-planner"

scripts/deploy-helm.sh

@@ -0,0 +1,94 @@
+#!/bin/bash
+set -e
+
+# Yuga Planner Helm Deployment Script
+# This script loads credentials from environment variables or creds.py and deploys using Helm
+
+echo "🚀 Deploying Yuga Planner using Helm..."
+
+# Check if we're in the correct directory (project root)
+if [ ! -d "deploy/helm" ] && [ ! -f "deploy/helm/Chart.yaml" ]; then
+    echo "❌ Error: Helm chart not found. Please ensure deploy/helm/Chart.yaml exists."
+    exit 1
+fi
+
+# Get the script directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# Source the credential loading script
+source "${SCRIPT_DIR}/load-credentials.sh"
+
+# Check and load credentials
+if ! check_credentials; then
+    exit 1
+fi
+
+# Check if helm is available
+if ! command -v helm &> /dev/null; then
+    echo "❌ Error: helm is required but not installed."
+    echo "💡 Install Helm from: https://helm.sh/docs/intro/install/"
+    exit 1
+fi
+
+# Configuration
+RELEASE_NAME="${HELM_RELEASE_NAME:-yuga-planner}"
+# Get current namespace, fallback to default if not set
+CURRENT_NAMESPACE=$(kubectl config view --minify --output 'jsonpath={..namespace}' 2>/dev/null || echo "default")
+NAMESPACE="${HELM_NAMESPACE:-$CURRENT_NAMESPACE}"
+CHART_PATH="${HELM_CHART_PATH:-deploy/helm}"
+
+echo "📦 Helm Release: $RELEASE_NAME"
+echo "🏷️  Namespace: $NAMESPACE"
+echo "📂 Chart Path: $CHART_PATH"
+
+# Create namespace if it doesn't exist
+if ! kubectl get namespace "$NAMESPACE" &> /dev/null; then
+    echo "🏗️  Creating namespace: $NAMESPACE"
+    kubectl create namespace "$NAMESPACE"
+fi
+
+# Prepare Helm values with environment variables
+HELM_VALUES=""
+HELM_VALUES="$HELM_VALUES --set env.NEBIUS_API_KEY=$NEBIUS_API_KEY"
+HELM_VALUES="$HELM_VALUES --set env.NEBIUS_MODEL=$NEBIUS_MODEL"
+HELM_VALUES="$HELM_VALUES --set env.MODAL_TOKEN_ID=$MODAL_TOKEN_ID"
+HELM_VALUES="$HELM_VALUES --set env.MODAL_TOKEN_SECRET=$MODAL_TOKEN_SECRET"
+HELM_VALUES="$HELM_VALUES --set env.HF_MODEL=$HF_MODEL"
+HELM_VALUES="$HELM_VALUES --set env.HF_TOKEN=$HF_TOKEN"
+
+# Add optional environment variables if set
+if [ ! -z "$IMAGE_TAG" ]; then
+    HELM_VALUES="$HELM_VALUES --set image.tag=$IMAGE_TAG"
+fi
+
+if [ ! -z "$REPLICAS" ]; then
+    HELM_VALUES="$HELM_VALUES --set replicaCount=$REPLICAS"
+fi
+
+# Check if release already exists
+if helm list -n "$NAMESPACE" | grep -q "^$RELEASE_NAME"; then
+    echo "🔄 Upgrading existing Helm release..."
+    helm upgrade "$RELEASE_NAME" "$CHART_PATH" \
+        --namespace "$NAMESPACE" \
+        $HELM_VALUES \
+        --timeout 300s \
+        --wait
+else
+    echo "🆕 Installing new Helm release..."
+    helm install "$RELEASE_NAME" "$CHART_PATH" \
+        --namespace "$NAMESPACE" \
+        $HELM_VALUES \
+        --timeout 300s \
+        --wait
+fi
+
+echo "✅ Deployment complete!"
+echo ""
+echo "📊 Release Information:"
+helm status "$RELEASE_NAME" -n "$NAMESPACE"
+echo ""
+echo "🔍 Useful commands:"
+echo "  • Check pods: kubectl get pods -l app.kubernetes.io/instance=$RELEASE_NAME -n $NAMESPACE"
+echo "  • View logs: kubectl logs -l app.kubernetes.io/instance=$RELEASE_NAME -n $NAMESPACE -f"
+echo "  • Port forward: kubectl port-forward svc/$RELEASE_NAME 8080:80 -n $NAMESPACE"
+echo "  • Uninstall: helm uninstall $RELEASE_NAME -n $NAMESPACE"

scripts/deploy-k8s.sh

@@ -12,106 +12,17 @@ if [ ! -f "deploy/kubernetes.yaml" ]; then
     exit 1
 fi
 
-# Function to load credentials from creds.py if environment variables are not set
-load_credentials() {
-    local creds_file="tests/secrets/creds.py"
+# Get the script directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 
-    if [ -f "$creds_file" ]; then
-        echo "📋 Loading credentials from $creds_file..."
+# Source the credential loading script
+source "${SCRIPT_DIR}/load-credentials.sh"
 
-        # Extract credentials from creds.py if environment variables are not set
-        if [ -z "$NEBIUS_API_KEY" ]; then
-            export NEBIUS_API_KEY=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.NEBIUS_API_KEY)
-" 2>/dev/null || echo "")
-        fi
-
-        if [ -z "$NEBIUS_MODEL" ]; then
-            export NEBIUS_MODEL=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.NEBIUS_MODEL)
-" 2>/dev/null || echo "")
-        fi
-
-        if [ -z "$MODAL_TOKEN_ID" ]; then
-            export MODAL_TOKEN_ID=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.MODAL_TOKEN_ID)
-" 2>/dev/null || echo "")
-        fi
-
-        if [ -z "$MODAL_TOKEN_SECRET" ]; then
-            export MODAL_TOKEN_SECRET=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.MODAL_TOKEN_SECRET)
-" 2>/dev/null || echo "")
-        fi
-
-        if [ -z "$HF_MODEL" ]; then
-            export HF_MODEL=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.HF_MODEL)
-" 2>/dev/null || echo "")
-        fi
-
-        if [ -z "$HF_TOKEN" ]; then
-            export HF_TOKEN=$(python3 -c "
-import sys
-sys.path.append('tests/secrets')
-import creds
-print(creds.HF_TOKEN)
-" 2>/dev/null || echo "")
-        fi
-    else
-        echo "⚠️  Warning: $creds_file not found"
-    fi
-}
-
-# Check if credentials are available in environment variables
-echo "🔍 Checking for credentials..."
-
-missing_vars=()
-required_vars=("NEBIUS_API_KEY" "NEBIUS_MODEL" "MODAL_TOKEN_ID" "MODAL_TOKEN_SECRET" "HF_MODEL" "HF_TOKEN")
-
-for var in "${required_vars[@]}"; do
-    if [ -z "${!var}" ]; then
-        missing_vars+=("$var")
-    fi
-done
-
-if [ ${#missing_vars[@]} -gt 0 ]; then
-    echo "📂 Missing environment variables: ${missing_vars[*]}"
-    echo "🔄 Attempting to load from creds.py..."
-    load_credentials
-
-    # Check again after loading from creds.py
-    missing_vars=()
-    for var in "${required_vars[@]}"; do
-        if [ -z "${!var}" ]; then
-            missing_vars+=("$var")
-        fi
-    done
-
-    if [ ${#missing_vars[@]} -gt 0 ]; then
-        echo "❌ Error: The following required environment variables are not set: ${missing_vars[*]}"
-        echo "💡 Please set them in your environment or ensure tests/secrets/creds.py exists with the required values."
-        exit 1
-    fi
+# Check and load credentials
+if ! check_credentials; then
+    exit 1
 fi
 
-echo "✅ All credentials found"
-
 # Check if envsubst is available
 if ! command -v envsubst &> /dev/null; then
     echo "❌ Error: envsubst is required but not installed. Please install gettext-base package."

scripts/load-credentials.sh

@@ -0,0 +1,113 @@
+#!/bin/bash
+
+# Yuga Planner Credential Loading Script
+# This script loads credentials from environment variables or creds.py
+
+# Function to load credentials from creds.py if environment variables are not set
+load_credentials() {
+    local creds_file="tests/secrets/creds.py"
+
+    if [ -f "$creds_file" ]; then
+        echo "📋 Loading credentials from $creds_file..."
+
+        # Extract credentials from creds.py if environment variables are not set
+        if [ -z "$NEBIUS_API_KEY" ]; then
+            export NEBIUS_API_KEY=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.NEBIUS_API_KEY)
+" 2>/dev/null || echo "")
+        fi
+
+        if [ -z "$NEBIUS_MODEL" ]; then
+            export NEBIUS_MODEL=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.NEBIUS_MODEL)
+" 2>/dev/null || echo "")
+        fi
+
+        if [ -z "$MODAL_TOKEN_ID" ]; then
+            export MODAL_TOKEN_ID=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.MODAL_TOKEN_ID)
+" 2>/dev/null || echo "")
+        fi
+
+        if [ -z "$MODAL_TOKEN_SECRET" ]; then
+            export MODAL_TOKEN_SECRET=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.MODAL_TOKEN_SECRET)
+" 2>/dev/null || echo "")
+        fi
+
+        if [ -z "$HF_MODEL" ]; then
+            export HF_MODEL=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.HF_MODEL)
+" 2>/dev/null || echo "")
+        fi
+
+        if [ -z "$HF_TOKEN" ]; then
+            export HF_TOKEN=$(python3 -c "
+import sys
+sys.path.append('tests/secrets')
+import creds
+print(creds.HF_TOKEN)
+" 2>/dev/null || echo "")
+        fi
+    else
+        echo "⚠️  Warning: $creds_file not found"
+    fi
+}
+
+# Function to check and validate required credentials
+check_credentials() {
+    echo "🔍 Checking for credentials..."
+
+    local missing_vars=()
+    local required_vars=("NEBIUS_API_KEY" "NEBIUS_MODEL" "MODAL_TOKEN_ID" "MODAL_TOKEN_SECRET" "HF_MODEL" "HF_TOKEN")
+
+    for var in "${required_vars[@]}"; do
+        if [ -z "${!var}" ]; then
+            missing_vars+=("$var")
+        fi
+    done
+
+    if [ ${#missing_vars[@]} -gt 0 ]; then
+        echo "📂 Missing environment variables: ${missing_vars[*]}"
+        echo "🔄 Attempting to load from creds.py..."
+        load_credentials
+
+        # Check again after loading from creds.py
+        missing_vars=()
+        for var in "${required_vars[@]}"; do
+            if [ -z "${!var}" ]; then
+                missing_vars+=("$var")
+            fi
+        done
+
+        if [ ${#missing_vars[@]} -gt 0 ]; then
+            echo "❌ Error: The following required environment variables are not set: ${missing_vars[*]}"
+            echo "💡 Please set them in your environment or ensure tests/secrets/creds.py exists with the required values."
+            return 1
+        fi
+    fi
+
+    echo "✅ All credentials found"
+    return 0
+}
+
+# Main execution when script is run directly
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    check_credentials
+    exit $?
+fi