HELMhelm-ai-enterprise
MCPLLMs

helm-ai-enterprise

HELM Operator Guide

This page summarizes the public safe operational material for HELM AI Enterprise. It links the public docs site to the source documents under docs/operations/ without publishing credentials, customer specific inventory,
PublicSource-ownedMarkdown export

This page summarizes the public-safe operational material for HELM AI Enterprise. It links the public docs site to the source documents under docs/operations/ without publishing credentials, customer-specific inventory, or private incident details.

Audience

Use this page if you operate HELM, evaluate deployment readiness, review backup and restore posture, or need to understand promotion, rollback, and SLO mechanics.

Outcome

You should know the operator workflow, which source docs own each procedure, and which checks to run before promotion or recovery.

Operator Flow

Diagram1. Ingestion & Context Plane -> Deployment inventory -> Baseline infrastructure -> Deploy / migrate -> SLOs and perf budgets -> Backup, restore, rollback -> 4. Tamper-Evident Ledger Plane -> Production verification
flowchart TD
    subgraph Ingestion["1. Ingestion & Context Plane"]
        inventory["Deployment inventory"]
        baseline["Baseline infrastructure"]
        deploy["Deploy / migrate"]
        observe["SLOs and perf budgets"]
        recover["Backup, restore, rollback"]
    end

    subgraph Ledger["4. Tamper-Evident Ledger Plane"]
        verify["Production verification"]
    end

    %% Operational Flow Edges
    inventory --> baseline
    baseline --> deploy
    deploy --> verify
    verify --> observe
    observe --> recover

    %% Premium Styling Rules
    style verify fill:#2f855a,stroke:#276749,stroke-width:2px,color:#fff
Mermaid source
flowchart TD
    subgraph Ingestion["1. Ingestion & Context Plane"]
        inventory["Deployment inventory"]
        baseline["Baseline infrastructure"]
        deploy["Deploy / migrate"]
        observe["SLOs and perf budgets"]
        recover["Backup, restore, rollback"]
    end

    subgraph Ledger["4. Tamper-Evident Ledger Plane"]
        verify["Production verification"]
    end

    %% Operational Flow Edges
    inventory --> baseline
    baseline --> deploy
    deploy --> verify
    verify --> observe
    observe --> recover

    %% Premium Styling Rules
    style verify fill:#2f855a,stroke:#276749,stroke-width:2px,color:#fff

Canonical Release Readiness

Use the repository root as the release gate entrypoint for the active backend:

make release-readiness
docker compose up -d postgres helm-ai-enterprise helm-ai-enterprise-console
curl -fsS http://localhost:8080/health/live
curl -fsS http://localhost:8080/health/ready

What this verifies:

  • make release-readiness runs the canonical Go tests for core, commercial, and apps/controlplane, the JS workspace typecheck/lint/test/build set, boundary verification, and documentation truth checks.
  • docker compose up -d postgres helm-ai-enterprise helm-ai-enterprise-console exercises the local controlplane runtime path only.
  • /health/live confirms process liveness; /health/ready confirms readiness before promotion or rollback decisions.

Operational Domains

Domain Source truth Public purpose
Deployment inventory docs/operations/DEPLOYMENT_INVENTORY.md Track services, dependencies, and ownership.
Baseline infrastructure docs/operations/DROPLET_BASELINE.md, docs/operations/TERRAFORM.md Explain infrastructure baseline and IaC expectations.
Deployment and chart docs/operations/DEPLOY_RUNBOOK.md, docs/operations/HELM_CHART.md Describe rollout prerequisites and Kubernetes chart operation.
Migration and versioning docs/operations/MIGRATIONS.md, docs/operations/VERSIONING.md Keep data and API changes ordered.
Promotion docs/operations/PROMOTION_RULES.md, docs/operations/PROD_VERIFICATION.md Define release promotion and verification checks.
Observability docs/operations/slos.md, docs/operations/PERF_BUDGETS.md, docs/public/observability/observability.md Explain service health and budget enforcement.
Recovery docs/operations/DR_RESTORE.md, docs/operations/RESTORE_DRILL.md, docs/operations/runbooks/ROLLBACK.md Prepare backup, restore, and rollback paths.

Public-Safe Boundary

The docs site exposes operational concepts, checks, and source links. It does not publish secrets, private inventory values, customer-specific incident data, or active credentials. When a source runbook contains environment-specific material, the public page summarizes the invariant and points operators back to their controlled repository access.

Source Truth

  • docs/operations/README.md
  • docs/operations/PROMOTION_RULES.md
  • docs/operations/PROD_VERIFICATION.md
  • docs/operations/DR_RESTORE.md
  • docs/operations/runbooks/ROLLBACK.md
  • docs/public/observability/observability.md

Troubleshooting

Symptom First check
Release cannot promote Confirm promotion rules, SLO state, and production verification results.
Migration order is unclear Review MIGRATIONS.md and versioning policy before applying.
Restore path is uncertain Run the restore drill against controlled non-production data first.
Runtime is healthy but evidence is missing Check observability, tracing, and receipt index materialization.
A duplicate backend or standalone proof service reappears in CI or docs Run make docs-truth and bash scripts/ci/22_console_unification_guard.sh; the gates block split Console surfaces.

Operational Readiness

Use this page as the public operating layer for HELM Operator Guide. The source of truth is helm-ai-enterprise/docs/public/operations/operator-guide.md; if this page and the implementation disagree, update the source-backed doc and rerun the validation command before publishing.

Before relying on this surface, confirm three things: the source path above still exists, the referenced commands or contracts are still present in the owning repo, and the docs-platform export surfaces still show this page in search, Markdown, llms-full.txt, and MCP without exposing protected routes.

Validation command: corepack pnpm run docs:coverage && corepack pnpm run docs:truth. For website parity, also run npm run exports:boundary and npm run thin-pages:check from docs-platform.

Expected Output

A reader should leave with a concrete next action, the source file or contract to inspect, the command that proves the claim, and a clear boundary for what is public versus protected. For reference pages, the expected output is a correctly scoped request, schema, command, or diagnostic path. For operations pages, the expected output is a reproducible readiness or failure signal that can be attached to an evaluation or support thread.

Failure Modes

If the validation command fails, do not patch this page in isolation. First identify whether the drift is in code, generated contracts, source-owner docs, or the docs manifest. If the public page needs a protected deep link, describe the protected document by name instead of exposing its route. Commercial operator details, tenant data, key ceremonies, and deployment-sensitive internals stay in protected customer or staff docs; this public page only exposes the safe developer contract.