fix: change operator to receive docling verify ssl

[lucaseduoli]

This pull request adds support for configuring SSL verification for the Docling service via a new verifySsl option. The changes ensure that the DOCLING_SERVE_VERIFY_SSL environment variable is consistently set in both backend and Langflow components, and that this variable is included in all relevant configuration, defaults, and tests.

Docling SSL verification configuration:

• Added a new verifySsl field (default: false) to the docling section in values.yaml and the DoclingSpec struct in the operator API, allowing users to control SSL verification for Docling connections. [1] [2]
• Updated backend and Langflow Helm chart templates to set the DOCLING_SERVE_VERIFY_SSL environment variable based on the verifySsl value, defaulting to "true" if not specified. [1] [2]
• Modified the operator controller to propagate the verifySsl value to the DOCLING_SERVE_VERIFY_SSL environment variable for both backend and Langflow components. [1] [2]

Environment variable management:

• Added DOCLING_SERVE_VERIFY_SSL to the list of required environment variables and ensured it has a default value of "false" in the operator's environment variable manager and related tests. [1] [2] [3] [4] [5]
• Updated the variablesToGetFromEnvironment lists in both Helm values and operator code to include DOCLING_SERVE_VERIFY_SSL so it is exposed to flows. [1] [2]

These changes provide a consistent and configurable way to control SSL verification for Docling service connections across the deployment.

Summary by CodeRabbit

• New Features
  • Added configurable SSL/TLS certificate verification for Docling Serve connections
  • Users can now control whether SSL certificates are validated when connecting to external Docling services across Docker, Kubernetes, and API deployments
  • Configuration available through environment variables and platform-specific settings

[coderabbitai]

Caution

Review failed

Failed to post review comments

Walkthrough

This PR adds configurable SSL certificate verification for external Docling Serve connections. A new verify_ssl component input accepts boolean or string truthy values and is propagated through Langflow run headers. The feature is configured via Kubernetes CRD fields, Helm chart values, and environment variable defaults, with supporting Docker Compose changes for local development.

Changes

Docling SSL Verification Support

Layer / File(s)	Summary
Component-level SSL verification support flows/components/docling_remote.py, flows/ingestion_flow.json	New verify_ssl input field with a _get_verify_ssl() helper method normalizes SSL verification into a boolean. Both task-polling and document-conversion HTTP clients pass the configured verification setting to httpx.Client.
Service-layer configuration propagation src/services/langflow_file_service.py	Langflow file service imports DOCLING_SERVE_VERIFY_SSL and attaches it as a global header (X-Langflow-Global-Var-DOCLING_SERVE_VERIFY_SSL) in both file-based and URL-based ingestion runs.
Kubernetes operator types and env var management kubernetes/operator/api/v1alpha1/openrag_types.go, kubernetes/operator/internal/controller/env.go	CRD adds optional VerifySsl boolean field to DoclingSpec. Env var manager includes DOCLING_SERVE_VERIFY_SSL in required variables list and sets default "false" for both Langflow and backend services.
Kubernetes operator reconciliation kubernetes/operator/internal/controller/openrag_controller.go	Controller reconciler conditionally sets DOCLING_SERVE_VERIFY_SSL in generated .env files for backend and langflow when Docling.VerifySsl is specified.
Helm chart configuration and templating kubernetes/helm/openrag/values.yaml, kubernetes/helm/openrag/templates/backend/backend-dotenv.yaml, kubernetes/helm/openrag/templates/langflow/langflow-dotenv.yaml	Helm values add global.docling.verifySsl (default false) and update Langflow variable list. Dotenv templates conditionally render DOCLING_SERVE_VERIFY_SSL from config, defaulting to "true" when unspecified.
Docker Compose dev environment docker-compose.yml	Local development adds DOCLING_SERVE_VERIFY_SSL to langflow service environment and includes it in the LANGFLOW_VARIABLES_TO_GET_FROM_ENVIRONMENT list.
Integration test coverage kubernetes/operator/internal/controller/env_test.go	Tests updated to verify DOCLING_SERVE_VERIFY_SSL is in required variables and defaults to "false".

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

enhancement, tests

Suggested reviewers

• zzzming
• edwinjosechittilappilly

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 40.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding SSL verification configuration support to the operator for Docling Serve connectivity.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/docling_ssl_operator

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}