adds mcp products service

charts/galust-ai-layer/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: galust-ai-layer
 description: Galust AI layer umbrella chart for Kubernetes clusters
 type: application
-version: 0.1.1
-appVersion: "0.1.1"
+version: 0.1.2
+appVersion: "0.1.2"
 
 dependencies:
   - name: base
@@ -21,6 +21,11 @@ dependencies:
     version: 0.3.30
     repository: https://dasmeta.github.io/helm
     condition: mcpUseCase.enabled
+  - name: base
+    alias: mcpProducts
+    version: 0.3.30
+    repository: https://dasmeta.github.io/helm
+    condition: mcpProducts.enabled
   - name: base
     alias: orchestrator
     version: 0.3.30

charts/galust-ai-layer/README.md

@@ -9,6 +9,7 @@ This chart is an umbrella chart for the Galust AI layer services. It wraps the p
 - Strapi backend
 - MCP
 - MCP use-case service
+- MCP products service
 - Orchestrator
 
 The chart manages Kubernetes workload configuration for these services. It does not provision cloud infrastructure, databases, DNS records, TLS issuers, IAM roles, ECR policies, or external secrets.
@@ -22,6 +23,7 @@ The chart wraps the published `dasmeta/base` chart with one alias per deployable
 | Strapi backend | `backend.enabled` | `true` |
 | MCP | `mcp.enabled` | `true` |
 | MCP use-case service | `mcpUseCase.enabled` | `true` |
+| MCP products service | `mcpProducts.enabled` | `true` |
 | Orchestrator | `orchestrator.enabled` | `true` |
 
 Each component can be disabled independently:
@@ -43,7 +45,7 @@ Before deploying, confirm the target cluster has:
 - AWS access to the target account, usually through an AWS SSO permission set and account assignment managed outside this chart.
 - Namespace access for `ai-layer`, or permission to create it.
 - Image pull access for the private ECR images.
-- ECR read access for the private repositories used by the backend, MCP, MCP use-case, and orchestrator images.
+- ECR read access for the private repositories used by the backend, MCP, MCP use-case, MCP products and orchestrator images.
 - Required application secrets already created in the namespace.
 - Database connectivity for the backend.
 - A PVC or storage class suitable for backend uploads.
@@ -55,7 +57,7 @@ If AWS access is managed through the Terraform SSO/RBAC modules, create or assig
 
 - Read private ECR repositories and get ECR authorization tokens.
 - Access the target EKS cluster and update Kubernetes resources in the `ai-layer` namespace.
-- Create or update Kubernetes Secrets used by the chart, including `ecr-secret`, `ai-layer-strapi`, `db-ai-layer-strapi`, `ai-layer-mcp`, `ai-layer-mcp-use-case`, and `ai-layer-orchestrator`.
+- Create or update Kubernetes Secrets used by the chart, including `ecr-secret`, `ai-layer-strapi`, `db-ai-layer-strapi`, `ai-layer-mcp`, `ai-layer-mcp-use-case`, `ai-layer-mcp-products` and `ai-layer-orchestrator`.
 - If `ecrCredentialsRefresh.enabled=true`, provide an AWS identity for the refresh job with `ecr:GetAuthorizationToken`.
 
 Required default Kubernetes objects:
@@ -70,6 +72,7 @@ Required default Kubernetes objects:
 | Backend uploads PVC | `ai-layer-strapi-uploads` | backend |
 | MCP secret | `ai-layer-mcp` | MCP |
 | MCP use-case secret | `ai-layer-mcp-use-case` | MCP use-case |
+| MCP products secret | `ai-layer-mcp-products` | MCP products |
 | Orchestrator secret | `ai-layer-orchestrator` | orchestrator |
 
 External dependencies such as Redis, Qdrant, Langfuse, OpenAI credentials, database provisioning, External Secrets, IAM trust, and DNS are handled outside this chart.
@@ -345,6 +348,7 @@ Expected default service names:
 - `ai-layer-strapi`
 - `ai-layer-mcp`
 - `ai-layer-mcp-use-case`
+- `ai-layer-mcp-products`
 - `ai-layer-orchestrator`
 
 Expected public hosts when ingress is enabled:

charts/galust-ai-layer/templates/NOTES.txt

@@ -10,6 +10,9 @@ Enabled components:
 {{- if .Values.mcpUseCase.enabled }}
 - mcp-use-case: {{ .Values.mcpUseCase.fullnameOverride | default "mcp-use-case" }}
 {{- end }}
+{{- if .Values.mcpProducts.enabled }}
+- mcp-products: {{ .Values.mcpProducts.fullnameOverride | default "mcp-products" }}
+{{- end }}
 {{- if .Values.orchestrator.enabled }}
 - orchestrator: {{ .Values.orchestrator.fullnameOverride | default "orchestrator" }}
 {{- end }}

charts/galust-ai-layer/values.yaml

@@ -227,9 +227,48 @@ mcpUseCase:
     secret: ai-layer-mcp-use-case
   config:
     DEBUG_MCP_HEADER_FLOW: "true"
-    TOOLS_CATALOG_URL: *apiUrl
+    DEBUG_MCP_USE_CASE: "true"
+    DEBUG_MCP_USE_CASE_API: "true"
+    DEBUG_MCP_TOOL_CALL_HEADERS: "true"
+    AI_LAYER_BACKEND_URL: *apiUrl
     ORCHESTRATOR_ENDPOINT: *orchestratorEndpoint
 
+mcpProducts:
+  enabled: true
+  gatewayApi:
+    enabled: false
+  zeroTrustMesh:
+    enabled: false
+    allowTo: []
+  fullnameOverride: ai-layer-mcp-products
+  version: 0.0.1
+  appVersion: 0.0.1
+  image:
+    repository: 565580475168.dkr.ecr.eu-central-1.amazonaws.com/ai-layer-mcp-products
+    tag: latest
+    pullPolicy: Always
+  imagePullSecrets: *galustImagePullSecrets
+  replicaCount: 1
+  labels:
+    version:
+      name: app-version
+      value: v0.0.1
+    app:
+      name: app
+      value: ai-layer-mcp-products
+  service:
+    type: ClusterIP
+    port: 4002
+  containerPort: 4002
+  envFrom:
+    secret: ai-layer-mcp-products
+  config:
+    NODE_ENV: production
+    DEBUG_MCP_HEADER_FLOW: "true"
+    DEBUG_MCP_PRODUCTS: "true"
+    DEBUG_MCP_PRODUCTS_API: "true"
+    AI_LAYER_BACKEND_URL: *apiUrl
+
 orchestrator:
   enabled: true
   gatewayApi:
@@ -275,6 +314,7 @@ orchestrator:
     GLOBAL_PREFIX: orchestrator
     OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: http://localhost:4318/v1/traces
     AI_LAYER_BACKEND_URL: *apiUrl
+    PORTKEY_PROVIDER: dm-openai
   ingress:
     enabled: true
     class: nginx