Add environment variable reference documentation

[aantn]

Summary

This PR adds comprehensive documentation for environment variables used when deploying Robusta, making it easier for users to understand configuration options without reading source code.

Key Changes

• New documentation file (docs/setup-robusta/env-vars.rst): Complete reference guide covering:

  • Runner environment variables (API endpoints, credentials, proxy settings, etc.)
  • HolmesGPT environment variables (LLM configuration, Robusta backend integration)
  • Quick reference table showing which credentials are needed by which components
  • Links to source code for additional internal/tuning variables

• Enhanced secrets management guide (docs/setup-robusta/configuration-secrets.rst):

  • Added detailed section on loading account_id, signing_key, and UI token from Kubernetes Secrets
  • Provided step-by-step instructions with YAML examples
  • Clarified which credentials are needed by runner vs. HolmesGPT
  • Added guidance for non-default API regions (e.g., EU)
  • Improved existing "Using an Existing Secret for the Robusta UI Token" section with clearer context

• Updated GitOps guides (docs/setup-robusta/gitops/argocd.rst and flux.rst):

  • Changed admonition from informational note to warning about not committing secrets in plain text
  • Added cross-references to the new secrets loading guide
  • Improved guidance on handling sensitive values in Git repositories

• Updated documentation index (docs/setup-robusta/index.rst):

  • Added new env-vars page to the table of contents

Notable Implementation Details

• The env var reference is organized by component (runner vs. HolmesGPT) and by purpose (connectivity, credentials, runtime)
• Includes default values and cross-references to source code for advanced users
• Provides practical examples showing the {{ env.X }} template syntax for referencing environment variables in configuration
• Emphasizes the pattern of setting env vars on pods and referencing them from Helm values, keeping secrets out of version control

https://claude.ai/code/session_01YC1JKRVtkdzUJvLHRcGank

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 63ac17ec-0ab7-4fcd-8540-5156edac6eef

📥 Commits

Reviewing files that changed from the base of the PR and between b910105 and 173fad8.

📒 Files selected for processing (5)

• docs/setup-robusta/configuration-secrets.rst
• docs/setup-robusta/env-vars.rst
• docs/setup-robusta/gitops/argocd.rst
• docs/setup-robusta/gitops/flux.rst
• docs/setup-robusta/index.rst

---

Walkthrough

This PR expands Robusta configuration documentation to provide secure credential-loading guidance. It adds a comprehensive Kubernetes Secrets workflow to configuration-secrets.rst, introduces a new env-vars.rst reference page, adds security warnings to GitOps guides, and updates documentation navigation.

Changes

Secure Credential Loading Documentation

Layer / File(s)	Summary
Kubernetes Secrets credential-loading workflow docs/setup-robusta/configuration-secrets.rst	New section describing workflow to load account_id, signing_key, and UI/sink token from a single Kubernetes Secret, with step-by-step Secret creation, Helm additional_env_vars/additionalEnvVars configuration, env-var references in globalConfig and sinksConfig, guidance for external secret managers, and setup for non-default API regions. HolmesGPT-only section updated with cross-reference.
Environment variable reference documentation docs/setup-robusta/env-vars.rst	New reference page documenting runner and HolmesGPT environment variables: backend connection settings, credential variable conventions, common runtime variables (proxy, certificate, OpenShift, cluster DNS), HolmesGPT-specific LLM/runtime config, quick-reference matrix mapping settings to runner vs Holmes, and links to source files for internal variables.
GitOps security warnings docs/setup-robusta/gitops/argocd.rst, docs/setup-robusta/gitops/flux.rst	Warning admonitions added to ArgoCD and Flux setup guides cautioning against committing signing_key, account_id, and robusta_sink token in plain text, with references to Kubernetes Secrets credential-loading documentation.
Documentation navigation docs/setup-robusta/index.rst	Adds env-vars entry to Sphinx toctree for setup documentation.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• moshemorad

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly describes the main change: adding comprehensive environment variable reference documentation.
Description check	✅ Passed	The description is well-organized and clearly related to the changeset, detailing the new env-vars documentation and enhancements to secrets management and GitOps guides.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/clarify-env-vars-docs-FVWwi

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Docker image ready for 0f7df6e (built in 4m 1s)

• us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:0f7df6e

⚠️ Warning: does not support ARM (ARM images are built on release only - not on every PR)

Use this tag to pull the image for testing.

📋 Copy commands

⚠️ Temporary images are deleted after 30 days. Copy to a permanent registry before using them:

gcloud auth configure-docker us-central1-docker.pkg.dev
docker pull us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:0f7df6e
docker tag us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:0f7df6e me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:0f7df6e
docker push me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:0f7df6e

Patch Helm values in one line:

helm upgrade --install robusta robusta/robusta \
  --reuse-values \
  --set runner.image=me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:0f7df6e