feat: simplify k8s deployment (#1708)

7a341f86 · julienmancuso · GitHub · 5505507b · 5505507b · 5505507b
Unverified Commit 7a341f86 authored Jul 07, 2025 by julienmancuso Committed by GitHub Jul 08, 2025
20 changed files
--- a/deploy/cloud/api-store/ai_dynamo_store/tests/__init__.py
+++ b/deploy/cloud/api-store/ai_dynamo_store/tests/__init__.py
-#  SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-#  SPDX-License-Identifier: Apache-2.0
-#  #
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  #
-#  http://www.apache.org/licenses/LICENSE-2.0
-#  #
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
--- a/deploy/cloud/api-store/ai_dynamo_store/tests/test_utils.py
+++ b/deploy/cloud/api-store/ai_dynamo_store/tests/test_utils.py
-#  SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-#  SPDX-License-Identifier: Apache-2.0
-#  #
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  #
-#  http://www.apache.org/licenses/LICENSE-2.0
-#  #
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-from ..api.utils import build_latest_revision_from_cr, get_deployment_status, get_urls
-def test_get_deployment_status():
-    # Test case 1: Ready condition present with message
-    resource = {
-        "status": {"conditions": [{"type": "Ready", "message": "Deployment is ready"}]}
-    }
-    assert get_deployment_status(resource) == "Deployment is ready"
-    # Test case 2: Ready condition not present
-    resource = {
-        "status": {
-            "conditions": [{"type": "Available", "message": "Some other condition"}]
-        }
-    }
-    assert get_deployment_status(resource) == "unknown"
-    # Test case 3: Empty conditions list
-    resource = {"status": {"conditions": []}}
-    assert get_deployment_status(resource) == "unknown"
-    # Test case 4: No status field
-    resource = {}
-    assert get_deployment_status(resource) == "unknown"
-    # Test case 5: No conditions field in status
-    resource = {"status": {}}
-    assert get_deployment_status(resource) == "unknown"
-    # Test case 6: Ready condition present without message
-    resource = {"status": {"conditions": [{"type": "Ready"}]}}
-    assert get_deployment_status(resource) == "unknown"
-def test_get_urls():
-    resource = {
-        "status": {
-            "conditions": [
-                {"type": "EndpointExposed", "message": "https://example.com"}
-            ]
-        }
-    }
-    assert get_urls(resource) == ["https://example.com"]
-def test_build_latest_revision_from_cr_minimal():
-    cr = {
-        "metadata": {
-            "uid": "u1",
-            "name": "n1",
-            "creationTimestamp": "2024-01-01T00:00:00Z",
-        },
-        "spec": {
-            "dynamoGraph": "repo:ver",
-            "services": {"svc": {}},
-            "envs": [{"name": "A", "value": "B"}],
-        },
-    }
-    rev = build_latest_revision_from_cr(cr)
-    assert rev["uid"] == "u1"
-    assert rev["name"] == "n1"
-    assert rev["targets"][0]["dynamo"]["repository"]["name"] == "repo"
-    assert rev["targets"][0]["dynamo"]["name"] == "ver"
-    assert rev["targets"][0]["config"]["services"] == {"svc": {}}
-    assert rev["targets"][0]["config"]["envs"] == [{"name": "A", "value": "B"}]
-def test_build_latest_revision_from_cr_missing_fields():
-    cr = {"spec": {}}
-    rev = build_latest_revision_from_cr(cr)
-    assert rev["uid"] == "dummy-uid"
-    assert rev["name"] == "dummy-revision"
-    assert rev["targets"][0]["dynamo"]["repository"]["name"] == "unknown"
-    assert rev["targets"][0]["dynamo"]["name"] == "unknown"
-    assert rev["targets"][0]["config"]["services"] == {}
-    assert rev["targets"][0]["config"]["envs"] == []
-def test_build_latest_revision_from_cr_dynamo_colonless():
-    cr = {"spec": {"dynamoGraph": "justrepo"}}
-    rev = build_latest_revision_from_cr(cr)
-    assert rev["targets"][0]["dynamo"]["repository"]["name"] == "unknown"
-    assert rev["targets"][0]["dynamo"]["name"] == "unknown"
--- a/deploy/cloud/api-store/docker-compose.yaml
+++ b/deploy/cloud/api-store/docker-compose.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2024-2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-version: "3"
-services:
-  ###
-  # Postgres service
-  #  adapted from https://github.com/docker-library/docs/blob/master/postgres/README.md#-via-docker-compose-or-docker-stack-deploy
-  ###
-  postgres:
-    image: postgres:16.2
-    restart: always
-    environment:
-      PGUSER: postgres
-      POSTGRES_USER: postgres
-      POSTGRES_PASSWORD: pgadmin
-      POSTGRES_DB: postgres
-    ports:
-      - "5432:5432"
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready"]
-      interval: 30s
-      timeout: 30s
-      retries: 3
-  ###
-  # Minio
-  #  adapted from https://github.com/minio/minio/blob/master/docs/orchestration/docker-compose/docker-compose.yaml
-  ###
-  minio:
-    image: quay.io/minio/minio:RELEASE.2024-06-29T01-20-47Z
-    command: minio server /data --console-address ":9001"
-    environment:
-      MINIO_ROOT_USER: dynamo-minio
-      MINIO_ROOT_PASSWORD: dynamo-minio
-    ports:
-      - "9000:9000"
-      - "9001:9001"
-    healthcheck:
-      test: ["CMD", "mc", "ready", "local"]
-      interval: 5s
-      timeout: 5s
-      retries: 5
\ No newline at end of file
--- a/deploy/cloud/api-store/pyproject.toml
+++ b/deploy/cloud/api-store/pyproject.toml
-#  SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-#  SPDX-License-Identifier: Apache-2.0
-#  #
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  #
-#  http://www.apache.org/licenses/LICENSE-2.0
-#  #
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-[build-system]
-requires = ["hatchling"]
-build-backend = "hatchling.build"
-[project]
-name = "ai-dynamo-store"
-version = "0.1.0"
-description = "AI Dynamo Store for managing Dynamo artifacts"
-readme = "README.md"
-requires-python = ">=3.12"
-dependencies = [
-    "fastapi>=0.115.11",
-    "uvicorn>=0.34.0",
-    "sqlalchemy>=2.0.39",
-    "pydantic>=2.10.6,<2.11.0",
-    "aiosqlite==0.21.0",
-    "asyncpg==0.30.0",
-    "base58==2.1.1",
-    "boto3==1.37.1",
-    "botocore==1.37.1",
-    "sqlmodel==0.0.22",
-    "kubernetes"
-]
-[project.optional-dependencies]
-dev = [
-    "pytest>=7.0.0",
-    "black>=23.0.0",
-    "isort>=5.12.0",
-    "mypy>=1.0.0",
-    "ruff>=0.0.270",
-    "pytest>=7.0",
-    "pytest-asyncio>=0.21.0"
-]
-[project.scripts]
-ai-dynamo-store = "ai_dynamo_store.main:main"
--- a/deploy/cloud/api-store/uv.lock
+++ b/deploy/cloud/api-store/uv.lock
--- a/deploy/cloud/helm/crds/Chart.yaml
+++ b/deploy/cloud/helm/crds/Chart.yaml
@@ -16,5 +16,5 @@ apiVersion: v2
 name: dynamo-crds
 description: A Helm chart for dynamo CRDs
 type: application
-version: 0.1.6
+version: 0.3.2
 dependencies: []
\ No newline at end of file
--- a/deploy/cloud/helm/crds/templates/nvidia.com_dynamocomponentdeployments.yaml
+++ b/deploy/cloud/helm/crds/templates/nvidia.com_dynamocomponentdeployments.yaml
--- a/deploy/cloud/helm/crds/templates/nvidia.com_dynamocomponents.yaml
+++ b/deploy/cloud/helm/crds/templates/nvidia.com_dynamocomponents.yaml
--- a/deploy/cloud/helm/crds/templates/nvidia.com_dynamographdeployments.yaml
+++ b/deploy/cloud/helm/crds/templates/nvidia.com_dynamographdeployments.yaml
--- a/deploy/cloud/helm/dynamo-platform-values.yaml
+++ b/deploy/cloud/helm/dynamo-platform-values.yaml
@@ -32,26 +32,8 @@ dynamo-operator:
      gateway: ${ISTIO_GATEWAY}
    ingressHostSuffix: ${DYNAMO_INGRESS_SUFFIX}
    dockerRegistry:
+      useKubernetesSecret: true
      server: ${PIPELINES_DOCKER_SERVER}
      username: ${PIPELINES_DOCKER_USERNAME}
      password: ${PIPELINES_DOCKER_PASSWORD}
    virtualServiceSupportsHTTPS: ${VIRTUAL_SERVICE_SUPPORTS_HTTPS}
-dynamo-api-store:
-  istio:
-    enabled: ${ISTIO_ENABLED}
-    gateway: ${ISTIO_GATEWAY}
-    host: ${NAMESPACE}.${DYNAMO_INGRESS_SUFFIX}
-  image:
-    repository: ${DOCKER_SERVER}/dynamo-api-store
-    tag: ${IMAGE_TAG}
-  imagePullSecrets:
-    - name: ${DOCKER_SECRET_NAME}
-  ingress:
-    enabled: ${INGRESS_ENABLED}
-    className: ${INGRESS_CLASS}
-    hosts:
-      - host: ${NAMESPACE}.${DYNAMO_INGRESS_SUFFIX}
-        paths:
-          - path: /
-            pathType: Prefix
--- a/deploy/cloud/helm/platform/Chart.yaml
+++ b/deploy/cloud/helm/platform/Chart.yaml
@@ -13,23 +13,19 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 apiVersion: v2
-name: dynamo-helm-chart
+name: dynamo-platform
 maintainers:
  - name: NVIDIA, Inc.
    url: https://www.nvidia.com
-description: A Helm chart for NVIDIA CompoundAI Platform.
+description: A Helm chart for NVIDIA Dynamo Platform.
 type: application
-version: 25.2.0-rc3
+version: 0.3.2
 home: https://nvidia.com
 dependencies:
  - name: dynamo-operator
-    version: 0.1.7
+    version: 0.3.2
    repository: file://components/operator
    condition: dynamo-operator.enabled
-  - name: dynamo-api-store
-    version: 0.1.0
-    repository: file://components/api-store
-    condition: dynamo-api-store.enabled
  - name: nats
    version: 1.3.2
    repository: https://nats-io.github.io/k8s/helm/charts/
@@ -38,10 +34,6 @@ dependencies:
    version: 11.1.0
    repository: "https://charts.bitnami.com/bitnami"
    condition: etcd.enabled
-  - name: postgresql
-    version: 16.6.2
-    repository: "https://charts.bitnami.com/bitnami"
-    condition: postgresql.enabled
  - name: minio
    version: 16.0.2
    repository: "https://charts.bitnami.com/bitnami"

--- a/deploy/cloud/helm/platform/components/api-store/.helmignore
+++ b/deploy/cloud/helm/platform/components/api-store/.helmignore
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/deploy/cloud/helm/platform/components/api-store/Chart.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/Chart.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v2
-name: dynamo-api-store
-description: A Helm chart for the Dynamo API Store component
-type: application
-version: 0.1.0
-appVersion: "1.0.0"
-dependencies: []
\ No newline at end of file
--- a/deploy/cloud/helm/platform/components/api-store/templates/_helpers.tpl
+++ b/deploy/cloud/helm/platform/components/api-store/templates/_helpers.tpl
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "helm.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "helm.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "helm.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{/*
-Common labels
-*/}}
-{{- define "helm.labels" -}}
-helm.sh/chart: {{ include "helm.chart" . }}
-{{ include "helm.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-{{/*
-Selector labels
-*/}}
-{{- define "helm.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "helm.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-app: {{ include "helm.name" . }}
-{{- end }}
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "helm.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "helm.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
--- a/deploy/cloud/helm/platform/components/api-store/templates/deployment.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/deployment.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "helm.fullname" . }}
-  labels:
-    {{- include "helm.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "helm.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      labels:
-        {{- include "helm.selectorLabels" . | nindent 8 }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "helm.serviceAccountName" . }}
-      securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
-      initContainers:
-        - name: wait-for-postgres
-          image: busybox
-          command: [ 'sh', '-c', 'until nc -z {{ .Values.postgresql.host | default (printf "%s-postgresql" .Release.Name) }} {{ .Values.postgresql.port | default 5432 }}; do echo "PostgreSQL is unavailable. Sleeping for 5 seconds"; sleep 5; done;' ]
-      containers:
-        - name: "api-store"
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          ports:
-            - name: http
-              containerPort: {{ .Values.dynamo.apiStore.port }}
-              protocol: TCP
-          livenessProbe:
-            {{- toYaml .Values.livenessProbe | nindent 12 }}
-          readinessProbe:
-            {{- toYaml .Values.readinessProbe | nindent 12 }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          {{- with .Values.volumeMounts }}
-          volumeMounts:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          env:
-            - name: DB_HOST
-              value: '{{ .Values.postgresql.host | default (printf "%s-postgresql" .Release.Name) }}'
-            - name: DB_USER
-              value: '{{ .Values.postgresql.user | default "admin" }}'
-            - name: DB_NAME
-              value: '{{ .Values.postgresql.database | default "dynamo" }}'
-            - name: DB_PORT
-              value: '{{ .Values.postgresql.port | default 5432 }}'
-            - name: DB_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: '{{ .Values.postgresql.passwordSecret | default (printf "%s-postgresql" .Release.Name) }}'
-                  key: password
-            - name: SERVICE_PORT
-              value: "8000"
-            - name: RESOURCE_SCOPE
-              value: {{ .Values.dynamo.env.resource_scope | quote }}
-            - name: DEFAULT_KUBE_NAMESPACE
-              value: {{ .Release.Namespace }}
-            - name: DYN_OBJECT_STORE_BUCKET
-              value: "dynamo-storage"
-            - name: DYN_OBJECT_STORE_ID
-              valueFrom:
-                secretKeyRef:
-                  name: '{{ .Values.minio.passwordSecret | default (printf "%s-minio" .Release.Name) }}'
-                  key: root-user
-            - name: DYN_OBJECT_STORE_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: '{{ .Values.minio.passwordSecret | default (printf "%s-minio" .Release.Name) }}'
-                  key: root-password
-            - name: DYN_OBJECT_STORE_ENDPOINT
-              value: 'http://{{ .Values.minio.host | default (printf "%s-minio" .Release.Name) }}:{{ .Values.minio.port | default 9000 }}'
-          envFrom:
-          - secretRef:
-              name: dynamo-deployment-env
-      {{- with .Values.volumes }}
-      volumes:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
--- a/deploy/cloud/helm/platform/components/api-store/templates/hpa.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/hpa.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-{{- if .Values.autoscaling.enabled }}
---
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  name: {{ include "helm.fullname" . }}
-  labels:
-    {{- include "helm.labels" . | nindent 4 }}
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: {{ include "helm.fullname" . }}
-  minReplicas: {{ .Values.autoscaling.minReplicas }}
-  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
-  metrics:
-    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: cpu
-        target:
-          type: Utilization
-          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
-    {{- end }}
-    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: memory
-        target:
-          type: Utilization
-          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
-    {{- end }}
-{{- end }}
\ No newline at end of file
--- a/deploy/cloud/helm/platform/components/api-store/templates/ingress.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/ingress.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
---
-{{- if .Values.ingress.enabled -}}
-{{- $fullName := include "helm.fullname" . -}}
-{{- $svcPort := .Values.service.port -}}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: {{ $fullName }}
-  labels:
-    {{- include "helm.labels" . | nindent 4 }}
-  {{- with .Values.ingress.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-spec:
-  {{- if .Values.ingress.className }}
-  ingressClassName: {{ .Values.ingress.className }}
-  {{- end }}
-  {{- if .Values.ingress.tls }}
-  tls:
-    {{- range .Values.ingress.tls }}
-    - hosts:
-        {{- range .hosts }}
-        - {{ . | quote }}
-        {{- end }}
-      secretName: {{ .secretName }}
-    {{- end }}
-  {{- end }}
-  rules:
-    {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
-      http:
-        paths:
-          {{- range .paths }}
-          - path: {{ .path }}
-            pathType: {{ .pathType }}
-            backend:
-              service:
-                name: {{ $fullName }}
-                port:
-                  number: {{ $svcPort }}
-          {{- end }}
-    {{- end }}
-{{- end }}
--- a/deploy/cloud/helm/platform/components/api-store/templates/rbac.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/rbac.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: rbac.authorization.k8s.io/v1
-{{- if .Values.namespaceRestriction.enabled }}
-kind: Role
-{{- else }}
-kind: ClusterRole
-{{- end }}
-metadata:
-  name: {{ include "helm.fullname" . }}-role
-  {{- if .Values.namespaceRestriction.enabled }}
-  namespace: {{ default .Release.Namespace .Values.namespaceRestriction.targetNamespace }}
-  {{- end }}
-rules:
- apiGroups: [""]
-  resources: ["pods"]
-  verbs: ["get", "list", "watch"]
- apiGroups:
-  - nvidia.com
-  resources:
-  - dynamographdeployments
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
---
-apiVersion: rbac.authorization.k8s.io/v1
-{{- if .Values.namespaceRestriction.enabled }}
-kind: RoleBinding
-{{- else }}
-kind: ClusterRoleBinding
-{{- end }}
-metadata:
-  name: {{ include "helm.fullname" . }}-role-binding
-  {{- if .Values.namespaceRestriction.enabled }}
-  namespace: {{ default .Release.Namespace .Values.namespaceRestriction.targetNamespace }}
-  {{- end }}
-subjects:
- kind: ServiceAccount
-  name: {{ include "helm.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-roleRef:
-  {{- if .Values.namespaceRestriction.enabled }}
-  kind: Role
-  {{- else }}
-  kind: ClusterRole
-  {{- end }}
-  name: {{ include "helm.fullname" . }}-role
-  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
--- a/deploy/cloud/helm/platform/components/api-store/templates/service.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/service.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "helm.fullname" . }}
-  {{- with .Values.service.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-  labels:
-    {{- include "helm.labels" . | nindent 4 }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: {{ .Values.dynamo.apiStore.port }}
-      protocol: TCP
-      name: http
-  selector:
-    app: {{ include "helm.name" . }}
\ No newline at end of file
--- a/deploy/cloud/helm/platform/components/api-store/templates/serviceaccount.yaml
+++ b/deploy/cloud/helm/platform/components/api-store/templates/serviceaccount.yaml
-# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-{{- if .Values.serviceAccount.create -}}
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "helm.serviceAccountName" . }}
-  labels:
-    {{- include "helm.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
-{{- end }}
\ No newline at end of file