chore(DATAGO-129192): helm v2 docs

[moodiRealist]

What is the purpose of this change?

Introduce 4 new documents for kubernetes 2.0 helm installations

How was this change implemented?

Updated docs

How was this change tested?

• Manual testing: [describe scenarios]
• Ran docs locally and went over them.
• Unit tests: [new/modified tests]
• Integration tests: [if applicable]
• Known limitations: [what wasn't tested]

Is there anything the reviewers should focus on/be aware of?

Some existing k8s related docs have been removed/updated since it is decided that we only support k8s path for enterprise and not community

[github-actions]

✅ FOSSA Guard: Licensing (SolaceLabs_solace-agent-mesh) • PASSED

Compared against main (745b06ffb6ed16c877a5e073bed17954c2883e58) • 0 new, 9 total (9 in base)

Scan Report | View Details in FOSSA

[github-actions]

✅ FOSSA Guard: Vulnerability (SolaceLabs_solace-agent-mesh) • PASSED

Compared against main (745b06ffb6ed16c877a5e073bed17954c2883e58) • 0 new, 6 total (6 in base)

Scan Report | View Details in FOSSA

[sonarqube-solacecloud]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

[krismckinnonSolace]

I've reviewed some documents with the Middleware admin persona - I'm going to comment once per document with a summarized set of changes. There's a couple technical errors where I'm depending on Claude - so apologies if they're wrong.

Doc: quickstart-kubernetes.md — Requested Changes

1. Below-requirements install behavior
   In the Prerequisites section, after the node requirements table, add a note clarifying what happens if a cluster doesn't meet the listed CPU/memory minimums — specifically which requirement wasn't met, not a generic failure. The backend validation mechanism does not need to be explained; just set the expectation for the operator.

2. NOTES.txt reference
   After the helm install command in Step 1 or 2, add one sentence noting that once the install completes, the terminal will display post-install instructions including the port-forward command and first-login URL.

3. First-login to chat handoff
   The "Getting Started with SAM" list must reflect a clear handoff between initial model setup and the chat interface. The UI guides users from model configuration into SAM Chat — the doc should set that expectation so users know what to expect after saving their first model. <- DESIGN NOTE: this may require additioanl work in SAM, it's specifically a concern between setting the LLM model account and then sending the user back to the chat to talk to SAM.

4. Factual bug — --create-namespace missing
   The helm install command in Step 1 is missing --create-namespace. This will fail on a clean cluster.

5. Factual bug — Azure StorageClass name

6. In the "Recommended Storage Classes by Provider" table, Premium_LRS is listed for Azure AKS. This is a disk SKU, not a StorageClass name. Correct to managed-csi-premium (or managed-premium for older AKS clusters).

[krismckinnonSolace]

Doc: airgap-kubernetes.md — Requested Changes

1. Add secrets file to bundle structure
   The bundle structure in Step 1 is missing the Kubernetes secrets file. It lives in a separate directory alongside the disk images. Update the bundle tree to reflect this.

2. Consolidate helm install into one command
   Steps 3 and 5 each contain a helm install command that can't be run independently — one uses --set-file for credentials, the other uses -f airgap-overrides.yaml. Show one final complete install command that combines all necessary flags. The user should never have to mentally merge two partial commands.

3. BOM decision guidance
   The BOM table explains both files but doesn't tell the user which one to use. Add one sentence: for a first-time PoC evaluation install, use bom-quickStart.yaml.

4. Empty section heading
   "## Understanding the Air-Gapped Installation Process" has no content. Remove it or fill it in.

5. Broken path in Step 5
   helm install sam /../bundle/charts/... — /../ is not a valid path prefix. Replace with a proper relative path, absolute path, or a clearly-marked placeholder like /path/to/bundle/charts/....

6. Connect Steps 4 and 5 explicitly
   Step 5 references airgap-overrides.yaml without stating it's the file created in Step 4. Add one sentence making that connection explicit.

7. Add a troubleshooting section
   Doc 1 has one, Doc 2 doesn't — and air-gapped is exactly where debugging is hardest with no internet access. At minimum, include the same kubectl inspect commands from Doc 1 plus guidance on the most common air-gapped failure modes (image pull from internal registry failing, CA trust errors).

8. Inline post-install verification steps
   Step 6 redirects to two other docs for verification. At a secure terminal, that's not workable. Repeat the essential kubectl get pods and health check commands inline — they're two commands.

9. Move custom CA certificate configuration before Step 5
   The CA cert section currently appears after the install step. In most regulated environments, custom CA certs must be in place before pods start making outbound calls to LLM or OIDC endpoints. Move this section before the helm install step with a clear note: if your environment uses custom CA certificates, configure this first.

10. Credential security callout
    accessKey, secretKey, and llmServiceApiKey appear as plaintext values in values.yaml examples (under LLM Service Configuration and Storage Services). Add a callout near these examples: do not store credentials directly in values.yaml — use Kubernetes Secrets instead.

11. Operationalize SHA256 verification
    The BOM files include SHA256 digests, but the doc doesn't show how to use them. Add an optional code block showing how to verify a digest before docker load. Mark it as optional but recommended for environments with compliance requirements.

12. Replace "What is an Air-Gapped Deployment?" with a one-liner
    The current section explains what air-gapped means — the audience already knows. Replace with a single framing sentence and go straight to prerequisites.