diff --git a/charts/sourcegraph-executor/Chart.yaml b/charts/sourcegraph-executor/Chart.yaml index 03978364..45f63065 100644 --- a/charts/sourcegraph-executor/Chart.yaml +++ b/charts/sourcegraph-executor/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.0.1" +version: "5.0.2" # Version of Sourcegraph release -appVersion: "5.0.1" +appVersion: "5.0.2" diff --git a/charts/sourcegraph-executor/README.md b/charts/sourcegraph-executor/README.md index c3298ae5..68e3f300 100644 --- a/charts/sourcegraph-executor/README.md +++ b/charts/sourcegraph-executor/README.md @@ -59,7 +59,7 @@ In addition to the documented values, the `executor` and `private-docker-registr | executor.env.EXECUTOR_FRONTEND_PASSWORD | object | `{"value":""}` | The shared secret configured in the Sourcegraph instance site config under executors.accessToken. Required. | | executor.env.EXECUTOR_FRONTEND_URL | object | `{"value":""}` | The external URL of the Sourcegraph instance. Required. | | executor.env.EXECUTOR_QUEUE_NAME | object | `{"value":""}` | The name of the queue to pull jobs from to. Possible values: batches and codeintel. Required. | -| executor.image.defaultTag | string | `"5.0.1@sha256:a5e8fa56cb4e3539b659be3780e5509462739cdeaf158a88f77b54927f4383e0"` | | +| executor.image.defaultTag | string | `"5.0.2@sha256:72ec1236d831146dda4061276637cc215545df273d1911934e6606eed44d71eb"` | | | executor.image.name | string | `"executor"` | | | privateDockerRegistry.image.registry | string | `"index.docker.io"` | | | privateDockerRegistry.image.repository | string | `"docker/regisry"` | | diff --git a/charts/sourcegraph-executor/values.yaml b/charts/sourcegraph-executor/values.yaml index f4841bc8..32681ea1 100644 --- a/charts/sourcegraph-executor/values.yaml +++ b/charts/sourcegraph-executor/values.yaml @@ -102,7 +102,7 @@ storageClass: executor: enabled: true image: - defaultTag: 5.0.1@sha256:a5e8fa56cb4e3539b659be3780e5509462739cdeaf158a88f77b54927f4383e0 + defaultTag: 5.0.2@sha256:72ec1236d831146dda4061276637cc215545df273d1911934e6606eed44d71eb name: "executor" env: # -- The external URL of the Sourcegraph instance. Required. diff --git a/charts/sourcegraph-migrator/Chart.yaml b/charts/sourcegraph-migrator/Chart.yaml index 9d383946..3ae481ec 100644 --- a/charts/sourcegraph-migrator/Chart.yaml +++ b/charts/sourcegraph-migrator/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.0.1" +version: "5.0.2" # Version of Sourcegraph release -appVersion: "5.0.1" +appVersion: "5.0.2" diff --git a/charts/sourcegraph-migrator/README.md b/charts/sourcegraph-migrator/README.md index 6064a8a0..05280f10 100644 --- a/charts/sourcegraph-migrator/README.md +++ b/charts/sourcegraph-migrator/README.md @@ -42,7 +42,7 @@ You should consult the list of available [migrator commands]. Below is some exam - Perform initial migrations against external PostgreSQL databases prior to the Sourcegraph deployment ```sh -helm upgrade --install -f --version 5.0.1 sg-migrator sourcegraph/sourcegraph-migrator +helm upgrade --install -f --version 5.0.2 sg-migrator sourcegraph/sourcegraph-migrator ``` ### Add a migration log entry @@ -52,7 +52,7 @@ helm upgrade --install -f --version 5.0.1 sg-migrator Add an entry to the migration log after a site administrator has explicitly applied the contents of a migration file, learn more about troubleshooting a [dirty database]. ```sh -helm upgrade --install -f --set "migrator.args={add-log,-db=frontend,-version=1528395834}" --version 5.0.1 sg-migrator sourcegraph/sourcegraph-migrator +helm upgrade --install -f --set "migrator.args={add-log,-db=frontend,-version=1528395834}" --version 5.0.2 sg-migrator sourcegraph/sourcegraph-migrator ``` ## Rendering manifests for kubectl deployment @@ -80,7 +80,7 @@ In addition to the documented values, the `migrator` service also supports the f | migrator.args | list | `["up","-db=all"]` | Override default `migrator` container args Available commands can be found at https://docs.sourcegraph.com/admin/how-to/manual_database_migrations | | migrator.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | migrator.env | object | `{}` | Environment variables for the `migrator` container | -| migrator.image.defaultTag | string | `"5.0.1@sha256:9430432c198a9b6d5b094400120b66afbaf634332267ea86c42bc303cf69b0e7"` | Docker image tag for the `migrator` image | +| migrator.image.defaultTag | string | `"5.0.2@sha256:7099095e9b87dcc570c403ef92258b70eff0308cb8474e37911df4f37a89a5c4"` | Docker image tag for the `migrator` image | | migrator.image.name | string | `"migrator"` | Docker image name for the `migrator` image | | migrator.resources | object | `{"limits":{"cpu":"500m","memory":"100M"},"requests":{"cpu":"100m","memory":"50M"}}` | Resource requests & limits for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | pgsql.auth.existingSecret | string | `""` | Name of existing secret to use for pgsql credentials This should match the setting in the sourcegraph chart values | diff --git a/charts/sourcegraph-migrator/values.yaml b/charts/sourcegraph-migrator/values.yaml index 1250866f..ba862c7f 100644 --- a/charts/sourcegraph-migrator/values.yaml +++ b/charts/sourcegraph-migrator/values.yaml @@ -102,7 +102,7 @@ pgsql: migrator: image: # -- Docker image tag for the `migrator` image - defaultTag: 5.0.1@sha256:9430432c198a9b6d5b094400120b66afbaf634332267ea86c42bc303cf69b0e7 + defaultTag: 5.0.2@sha256:7099095e9b87dcc570c403ef92258b70eff0308cb8474e37911df4f37a89a5c4 # -- Docker image name for the `migrator` image name: "migrator" # -- Environment variables for the `migrator` container diff --git a/charts/sourcegraph/Chart.yaml b/charts/sourcegraph/Chart.yaml index a4109d2d..f7432a30 100644 --- a/charts/sourcegraph/Chart.yaml +++ b/charts/sourcegraph/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.0.1" +version: "5.0.2" # Version of Sourcegraph release -appVersion: "5.0.1" +appVersion: "5.0.2" diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index f8aa3fd8..e8dd609e 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -28,12 +28,12 @@ In addition to the documented values, all services also support the following va | Key | Type | Default | Description | |-----|------|---------|-------------| | alpine.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| alpine.image.defaultTag | string | `"5.0.1@sha256:a0265de9afb7f721f94395ab8782e5b51e4f835da2c43f582aa7a91a38588fbc"` | Docker image tag for the `alpine` image | +| alpine.image.defaultTag | string | `"5.0.2@sha256:bc31a72825415b9b3d500afa32fc41b856bee8c9d4fcbb9031936e1b7b4791ed"` | Docker image tag for the `alpine` image | | alpine.image.name | string | `"alpine-3.14"` | Docker image name for the `alpine` image | | alpine.resources | object | `{"limits":{"cpu":"10m","memory":"50Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Resource requests & limits for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | blobstore.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"runAsGroup":101,"runAsUser":100}` | Security context for the `blobstore` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | blobstore.enabled | bool | `true` | Enable `blobstore` (S3 compatible storage) | -| blobstore.image.defaultTag | string | `"5.0.1@sha256:9904327495993dd58b2e26c9b32448c9d843cb845e97b56619ce2c75199e163f"` | Docker image tag for the `blobstore` image | +| blobstore.image.defaultTag | string | `"5.0.2@sha256:8404af743f077d3f54ec2ff99936782e2116d388baa478955f9b0583b53e7185"` | Docker image tag for the `blobstore` image | | blobstore.image.name | string | `"blobstore"` | Docker image name for the `blobstore` image | | blobstore.name | string | `"blobstore"` | Name used by resources. Does not affect service names or PVCs. | | blobstore.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `blobstore` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -43,7 +43,7 @@ In addition to the documented values, all services also support the following va | blobstore.storageSize | string | `"100Gi"` | PVC Storage Request for `blobstore` data volume | | cadvisor.containerSecurityContext | object | `{"privileged":true}` | Security context for the `cadvisor` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | cadvisor.enabled | bool | `true` | Enable `cadvisor` | -| cadvisor.image.defaultTag | string | `"5.0.1@sha256:0cd361b92b1eb6f50b7893b815f37fa9468586f3050869043b14955a6be65502"` | Docker image tag for the `cadvisor` image | +| cadvisor.image.defaultTag | string | `"5.0.2@sha256:a383f3e566eb99f3e79420112857e5ee581003fa48544fc8533c947fdf6029f1"` | Docker image tag for the `cadvisor` image | | cadvisor.image.name | string | `"cadvisor"` | Docker image name for the `cadvisor` image | | cadvisor.name | string | `"cadvisor"` | Name used by resources. Does not affect service names or PVCs. | | cadvisor.podSecurityPolicy.enabled | bool | `false` | Enable [PodSecurityPolicy](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) for `cadvisor` pods | @@ -61,7 +61,7 @@ In addition to the documented values, all services also support the following va | codeInsightsDB.enabled | bool | `true` | Enable `codeinsights-db` PostgreSQL server | | codeInsightsDB.env | object | `{}` | Environment variables for the `codeinsights-db` container | | codeInsightsDB.existingConfig | string | `""` | Name of existing ConfigMap for `codeinsights-db`. It must contain a `postgresql.conf` key. | -| codeInsightsDB.image.defaultTag | string | `"5.0.1@sha256:eafb389958bc521d2e503982119ee949baf2305d55e71520df229f52ee7bfb79"` | Docker image tag for the `codeinsights-db` image | +| codeInsightsDB.image.defaultTag | string | `"5.0.2@sha256:b25f28b4a3409d96e71adb42a2a13ccb98cbf5f5f150d4c91e2088e000481c26"` | Docker image tag for the `codeinsights-db` image | | codeInsightsDB.image.name | string | `"codeinsights-db"` | Docker image name for the `codeinsights-db` image | | codeInsightsDB.init.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":70,"runAsUser":70}` | Security context for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | codeInsightsDB.name | string | `"codeinsights-db"` | Name used by resources. Does not affect service names or PVCs. | @@ -81,7 +81,7 @@ In addition to the documented values, all services also support the following va | codeIntelDB.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `codeintel-db` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | codeIntelDB.enabled | bool | `true` | Enable `codeintel-db` PostgreSQL server | | codeIntelDB.existingConfig | string | `""` | Name of existing ConfigMap for `codeintel-db`. It must contain a `postgresql.conf` key | -| codeIntelDB.image.defaultTag | string | `"5.0.1@sha256:eb56defa3b30dcf5c6deba348759a2103f14dcb9a77d1fa6855ca649082bba47"` | Docker image tag for the `codeintel-db` image | +| codeIntelDB.image.defaultTag | string | `"5.0.2@sha256:9bb31aff2fe4b06da2a2048cee9d021ddb97f56ae000fba52dba974b40d234c4"` | Docker image tag for the `codeintel-db` image | | codeIntelDB.image.name | string | `"codeintel-db"` | Docker image name for the `codeintel-db` image | | codeIntelDB.name | string | `"codeintel-db"` | Name used by resources. Does not affect service names or PVCs. | | codeIntelDB.podSecurityContext | object | `{"fsGroup":999,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":999}` | Security context for the `codeintel-db` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -93,7 +93,7 @@ In addition to the documented values, all services also support the following va | extraResources | list | `[]` | Additional resources to include in the rendered manifest. Templates are supported. | | frontend.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `frontend` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | frontend.env | object | the chart will add some default environment values | Environment variables for the `frontend` container | -| frontend.image.defaultTag | string | `"5.0.1@sha256:9e147eac69a98e245419f6c58c6ba007f5f62a8ff254fc25fd1e0e2876e7a54c"` | Docker image tag for the `frontend` image | +| frontend.image.defaultTag | string | `"5.0.2@sha256:a70d7223df34cd721675d5886dc2fc32a766c908ec680538182fcf9789972480"` | Docker image tag for the `frontend` image | | frontend.image.name | string | `"frontend"` | Docker image name for the `frontend` image | | frontend.ingress.annotations | object | `{"kubernetes.io/ingress.class":"nginx","nginx.ingress.kubernetes.io/proxy-body-size":"150m"}` | Annotations for the Sourcegraph server ingress. For example, securing ingress with TLS provided by [cert-manager](https://cert-manager.io/docs/usage/ingress/) | | frontend.ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | [Deprecated annotation](https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation) for specifing the IngressClass in Kubernetes 1.17 and earlier. If you are using Kubernetes 1.18+, use `ingressClassName` instead and set an override value of `null` for this annotation. | @@ -109,7 +109,7 @@ In addition to the documented values, all services also support the following va | frontend.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount for `frontend` | | frontend.serviceAccount.name | string | `"sourcegraph-frontend"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | githubProxy.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `github-proxy` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| githubProxy.image.defaultTag | string | `"5.0.1@sha256:0e0339042372eacbb51852d2e75ec91d3e9f9e2bb39516b72af5fb5ef594534a"` | Docker image tag for the `github-proxy` image | +| githubProxy.image.defaultTag | string | `"5.0.2@sha256:c69284028cc9a00c481d42341e2948a92ca94935f2d588611ff08662e5389c7d"` | Docker image tag for the `github-proxy` image | | githubProxy.image.name | string | `"github-proxy"` | Docker image name for the `github-proxy` image | | githubProxy.name | string | `"github-proxy"` | Name used by resources. Does not affect service names or PVCs. | | githubProxy.podSecurityContext | object | `{}` | Security context for the `github-proxy` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -117,7 +117,7 @@ In addition to the documented values, all services also support the following va | githubProxy.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `github-proxy` | | githubProxy.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | gitserver.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `gitserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| gitserver.image.defaultTag | string | `"5.0.1@sha256:26002caba4bfc6a3e2d11d0e0d2091627697de0a133529b8bd795c8847e9f1d3"` | Docker image tag for the `gitserver` image | +| gitserver.image.defaultTag | string | `"5.0.2@sha256:8e2f365ee986202ce5ab86c7d9013f24db54a621d30f8aed3d431d620b4ca829"` | Docker image tag for the `gitserver` image | | gitserver.image.name | string | `"gitserver"` | Docker image name for the `gitserver` image | | gitserver.name | string | `"gitserver"` | Name used by resources. Does not affect service names or PVCs. | | gitserver.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `gitserver` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -130,7 +130,7 @@ In addition to the documented values, all services also support the following va | grafana.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":472,"runAsUser":472}` | Security context for the `grafana` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | grafana.enabled | bool | `true` | Enable `grafana` dashboard (recommended) | | grafana.existingConfig | string | `""` | Name of existing ConfigMap for `grafana`. It must contain a `datasources.yml` key. | -| grafana.image.defaultTag | string | `"5.0.1@sha256:68f3a2c94f0e81075f863361de7b9392bd41359b7278070c94108079254898f3"` | Docker image tag for the `grafana` image | +| grafana.image.defaultTag | string | `"5.0.2@sha256:2acb828335892f2b7ff8b7f7939eee57091dcd1dd5fa21306794e8b8c1feb66a"` | Docker image tag for the `grafana` image | | grafana.image.name | string | `"grafana"` | Docker image name for the `grafana` image | | grafana.name | string | `"grafana"` | Name used by resources. Does not affect service names or PVCs. | | grafana.podSecurityContext | object | `{"fsGroup":472,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":472,"runAsUser":472}` | Security context for the `grafana` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -139,7 +139,7 @@ In addition to the documented values, all services also support the following va | grafana.serviceAccount.name | string | `"grafana"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | grafana.storageSize | string | `"2Gi"` | PVC Storage Request for `grafana` data volume | | indexedSearch.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-webserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| indexedSearch.image.defaultTag | string | `"5.0.1@sha256:db8bcc5db82d62024230e525b9dc5b94214eb097a115adba3228fa64840699f4"` | Docker image tag for the `zoekt-webserver` image | +| indexedSearch.image.defaultTag | string | `"5.0.2@sha256:db8bcc5db82d62024230e525b9dc5b94214eb097a115adba3228fa64840699f4"` | Docker image tag for the `zoekt-webserver` image | | indexedSearch.image.name | string | `"indexed-searcher"` | Docker image name for the `zoekt-webserver` image | | indexedSearch.name | string | `"indexed-search"` | Name used by resources. Does not affect service names or PVCs. | | indexedSearch.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `indexed-search` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -149,7 +149,7 @@ In addition to the documented values, all services also support the following va | indexedSearch.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | indexedSearch.storageSize | string | `"200Gi"` | PVC Storage Request for `indexed-search` data volume The size of disk to used for search indexes. This should typically be gitserver disk size multipled by the number of gitserver shards. | | indexedSearchIndexer.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-indexserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| indexedSearchIndexer.image.defaultTag | string | `"5.0.1@sha256:7a770bfebd2c4d0eeaccb2ae3c7b93208514910d39a13e6289cc0db66b6b444e"` | Docker image tag for the `zoekt-indexserver` image | +| indexedSearchIndexer.image.defaultTag | string | `"5.0.2@sha256:7a770bfebd2c4d0eeaccb2ae3c7b93208514910d39a13e6289cc0db66b6b444e"` | Docker image tag for the `zoekt-indexserver` image | | indexedSearchIndexer.image.name | string | `"search-indexer"` | Docker image name for the `zoekt-indexserver` image | | indexedSearchIndexer.resources | object | `{"limits":{"cpu":"8","memory":"8G"},"requests":{"cpu":"4","memory":"4G"}}` | Resource requests & limits for the `zoekt-indexserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) zoekt-indexserver is CPU bound. The more CPU you allocate to it, the lower lag between a new commit and it being indexed for search. | | jaeger.collector.name | string | `""` | Name of jaeger `collector` service | @@ -158,7 +158,7 @@ In addition to the documented values, all services also support the following va | jaeger.collector.serviceType | string | "ClusterIP" | Kubernetes service type of jaeger `collector` service, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | | jaeger.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `jaeger` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | jaeger.enabled | bool | `false` | Enable `jaeger` | -| jaeger.image.defaultTag | string | `"5.0.1@sha256:fa28467f930a714eee34f71cc0b4f4f9de58f56f7b6f16464025ef7f38e572f4"` | Docker image tag for the `jaeger` image | +| jaeger.image.defaultTag | string | `"5.0.2@sha256:47022c02cc33f60881761272bdffa20dffbf92a7bfc0ae54942e3991cd354169"` | Docker image tag for the `jaeger` image | | jaeger.image.name | string | `"jaeger-all-in-one"` | Docker image name for the `jaeger` image | | jaeger.name | string | `"jaeger"` | Name used by resources. Does not affect service names or PVCs. | | jaeger.podSecurityContext | object | `{}` | Security context for the `jaeger` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -173,14 +173,14 @@ In addition to the documented values, all services also support the following va | migrator.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | migrator.enabled | bool | `true` | Enable [migrator](https://docs.sourcegraph.com/admin/how-to/manual_database_migrations) initContainer in `frontend` deployment to perform database migration | | migrator.env | object | `{}` | Environment variables for the `migrator` container | -| migrator.image.defaultTag | string | `"5.0.1@sha256:9430432c198a9b6d5b094400120b66afbaf634332267ea86c42bc303cf69b0e7"` | Docker image tag for the `migrator` image | +| migrator.image.defaultTag | string | `"5.0.2@sha256:7099095e9b87dcc570c403ef92258b70eff0308cb8474e37911df4f37a89a5c4"` | Docker image tag for the `migrator` image | | migrator.image.name | string | `"migrator"` | Docker image name for the `migrator` image | | migrator.resources | object | `{"limits":{"cpu":"500m","memory":"100M"},"requests":{"cpu":"100m","memory":"50M"}}` | Resource requests & limits for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | nodeExporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":65534,"runAsUser":65534}` | Security context for the `node-exporter` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | nodeExporter.enabled | bool | `true` | Enable `node-exporter` | | nodeExporter.extraArgs | list | `[]` | | | nodeExporter.hostPID | bool | `true` | | -| nodeExporter.image.defaultTag | string | `"5.0.1@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80"` | Docker image tag for the `node-exporter` image | +| nodeExporter.image.defaultTag | string | `"5.0.2@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80"` | Docker image tag for the `node-exporter` image | | nodeExporter.image.name | string | `"node-exporter"` | Docker image name for the `node-exporter` image | | nodeExporter.name | string | `"node-exporter"` | Name used by resources. Does not affect service names or PVCs. | | nodeExporter.podSecurityContext | object | `{"fsGroup":65534,"runAsGroup":65534,"runAsNonRoot":true,"runAsUser":65534}` | Security context for the `node-exporter` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -204,7 +204,7 @@ In addition to the documented values, all services also support the following va | openTelemetry.gateway.resources | object | `{"limits":{"cpu":"3","memory":"3Gi"},"requests":{"cpu":"1","memory":"1Gi"}}` | Resource requests & limits for the `otel-collector` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | openTelemetry.gateway.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `otel-collector` | | openTelemetry.gateway.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | -| openTelemetry.image.defaultTag | string | `"5.0.1@sha256:1fd0daec77a302cba6c8194c5eb802d1440a4cf329112aceddadb8004d9aa541"` | Docker image tag for the `otel-collector` image | +| openTelemetry.image.defaultTag | string | `"5.0.2@sha256:142c9cbef9692f46e118c84a38411fc306223b27178687e875258564a91ad373"` | Docker image tag for the `otel-collector` image | | openTelemetry.image.name | string | `"opentelemetry-collector"` | Docker image name for the `otel-collector` image | | pgsql.additionalConfig | string | `""` | Additional PostgreSQL configuration. This will override or extend our default configuration. Notes: This is expecting a multiline string. Learn more from our [recommended PostgreSQL configuration](https://docs.sourcegraph.com/admin/config/postgres-conf) and [PostgreSQL documentation](https://www.postgresql.org/docs/12/config-setting.html) | | pgsql.auth.database | string | `"sg"` | Sets postgres database name | @@ -216,7 +216,7 @@ In addition to the documented values, all services also support the following va | pgsql.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `pgsql` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | pgsql.enabled | bool | `true` | Enable `pgsql` PostgreSQL server | | pgsql.existingConfig | string | `""` | Name of existing ConfigMap for `pgsql`. It must contain a `postgresql.conf` key | -| pgsql.image.defaultTag | string | `"5.0.1@sha256:0d55bd55b5a5d0f3df0d10ab84ea69403ae21fc6f1413276ef8d04de8acef931"` | Docker image tag for the `pgsql` image | +| pgsql.image.defaultTag | string | `"5.0.2@sha256:f569bd5c1a5d05ef6cba1d9eb59e7a0009ba89fa65134e5e462d0e83a16ef5d1"` | Docker image tag for the `pgsql` image | | pgsql.image.name | string | `"postgres-12-alpine"` | Docker image name for the `pgsql` image | | pgsql.name | string | `"pgsql"` | Name used by resources. Does not affect service names or PVCs. | | pgsql.podSecurityContext | object | `{"fsGroup":999,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":999,"runAsUser":999}` | Security context for the `pgsql` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -225,12 +225,12 @@ In addition to the documented values, all services also support the following va | pgsql.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `pgsql` | | pgsql.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | pgsql.storageSize | string | `"200Gi"` | PVC Storage Request for `pgsql` data volume | -| postgresExporter.image.defaultTag | string | `"5.0.1@sha256:d6500fe725fadb75c0b3ad4abcb22e112fd92be07115a0bd12c534cb26784ad2"` | Docker image tag for the `pgsql-exporter` image | +| postgresExporter.image.defaultTag | string | `"5.0.2@sha256:4a9a304b43b16d80a5e88ef5b3d014d38a9291b7a097b9cef493f26769664429"` | Docker image tag for the `pgsql-exporter` image | | postgresExporter.image.name | string | `"postgres_exporter"` | Docker image name for the `pgsql-exporter` image | | postgresExporter.resources | object | `{"limits":{"cpu":"10m","memory":"50Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Resource requests & limits for the `pgsql-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | preciseCodeIntel.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `precise-code-intel-worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | preciseCodeIntel.env | object | `{"NUM_WORKERS":{"value":"4"}}` | Environment variables for the `precise-code-intel-worker` container | -| preciseCodeIntel.image.defaultTag | string | `"5.0.1@sha256:eed01488d791985eeb018cc211c0afd117dd6a518cf74fe74fc5ada27d3bad7a"` | Docker image tag for the `precise-code-intel-worker` image | +| preciseCodeIntel.image.defaultTag | string | `"5.0.2@sha256:fe91ec24850d756127dd69d020997e81f597e9032b29b5286f5b8f00f0d66257"` | Docker image tag for the `precise-code-intel-worker` image | | preciseCodeIntel.image.name | string | `"precise-code-intel-worker"` | Docker image name for the `precise-code-intel-worker` image | | preciseCodeIntel.name | string | `"precise-code-intel-worker"` | Name used by resources. Does not affect service names or PVCs. | | preciseCodeIntel.podSecurityContext | object | `{}` | Security context for the `precise-code-intel-worker` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -241,7 +241,7 @@ In addition to the documented values, all services also support the following va | prometheus.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":false,"runAsGroup":100,"runAsUser":100}` | Security context for the `prometheus` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | prometheus.enabled | bool | `true` | Enable `prometheus` (recommended) | | prometheus.existingConfig | string | `""` | Name of existing ConfigMap for `pgsql`. It must contain a `prometheus.yml` key | -| prometheus.image.defaultTag | string | `"5.0.1@sha256:0b2252b2d0e2e67e2bc924bcd575dfc619926bd948cf397361c424ca213c0073"` | Docker image tag for the `prometheus` image | +| prometheus.image.defaultTag | string | `"5.0.2@sha256:9fadf72a694d207c5b8a9a4f039d9f094d647436c5f8a43da0c6154682128eed"` | Docker image tag for the `prometheus` image | | prometheus.image.name | string | `"prometheus"` | Docker image name for the `prometheus` image | | prometheus.name | string | `"prometheus"` | Name used by resources. Does not affect service names or PVCs. | | prometheus.podSecurityContext | object | `{"fsGroup":100,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `prometheus` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -254,7 +254,7 @@ In addition to the documented values, all services also support the following va | redisCache.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisCache.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-cache` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | redisCache.enabled | bool | `true` | Enable `redis-cache` Redis server | -| redisCache.image.defaultTag | string | `"5.0.1@sha256:7091d15e3829952bb6b0ee38b4f90365846d850b0fc30734e98b57db067f9ff0"` | Docker image tag for the `redis-cache` image | +| redisCache.image.defaultTag | string | `"5.0.2@sha256:96bb3b92ec87cc033ca332635c9f38de64619c9c6983d6d354e45210d01e4c5c"` | Docker image tag for the `redis-cache` image | | redisCache.image.name | string | `"redis-cache"` | Docker image name for the `redis-cache` image | | redisCache.name | string | `"redis-cache"` | Name used by resources. Does not affect service names or PVCs. | | redisCache.podSecurityContext | object | `{"fsGroup":1000,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `redis-cache` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -263,14 +263,14 @@ In addition to the documented values, all services also support the following va | redisCache.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | redisCache.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-cache` data volume | | redisExporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| redisExporter.image.defaultTag | string | `"5.0.1@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70"` | Docker image tag for the `redis-exporter` image | +| redisExporter.image.defaultTag | string | `"5.0.2@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70"` | Docker image tag for the `redis-exporter` image | | redisExporter.image.name | string | `"redis_exporter"` | Docker image name for the `redis-exporter` image | | redisExporter.resources | object | `{"limits":{"cpu":"10m","memory":"100Mi"},"requests":{"cpu":"10m","memory":"100Mi"}}` | Resource requests & limits for the `redis-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | redisStore.connection.endpoint | string | `"redis-store:6379"` | Endpoint to use for redis-store. Supports either host:port or IANA specification | | redisStore.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisStore.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-store` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | redisStore.enabled | bool | `true` | Enable `redis-store` Redis server | -| redisStore.image.defaultTag | string | `"5.0.1@sha256:7e830609f10d298e14f898b7f8b723ef45b7ca27979c35ebe6ab8ac54dac2fa3"` | Docker image tag for the `redis-store` image | +| redisStore.image.defaultTag | string | `"5.0.2@sha256:6e076559b494aa52c9f40dc25a8e59e977697ead3e3fe04f2be26e341709f123"` | Docker image tag for the `redis-store` image | | redisStore.image.name | string | `"redis-store"` | Docker image name for the `redis-store` image | | redisStore.name | string | `"redis-store"` | Name used by resources. Does not affect service names or PVCs. | | redisStore.podSecurityContext | object | `{"fsGroup":1000,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `redis-store` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -279,7 +279,7 @@ In addition to the documented values, all services also support the following va | redisStore.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | redisStore.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-store` data volume | | repoUpdater.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `repo-updater` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| repoUpdater.image.defaultTag | string | `"5.0.1@sha256:9a8be407a7209f76f7482dbbbaa249ea6de4bae5aa35b56ea07c20cbae402dc5"` | Docker image tag for the `repo-updater` image | +| repoUpdater.image.defaultTag | string | `"5.0.2@sha256:23a63c6e2c8b9505389ed4faef9b739821dfd1c5549d2b285672bcd468ded88a"` | Docker image tag for the `repo-updater` image | | repoUpdater.image.name | string | `"repo-updater"` | Docker image name for the `repo-updater` image | | repoUpdater.name | string | `"repo-updater"` | Name used by resources. Does not affect service names or PVCs. | | repoUpdater.podSecurityContext | object | `{}` | Security context for the `repo-updater` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -287,7 +287,7 @@ In addition to the documented values, all services also support the following va | repoUpdater.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `repo-updater` | | repoUpdater.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | searcher.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `searcher` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| searcher.image.defaultTag | string | `"5.0.1@sha256:0532d980546d537db4eb75b157ff14216f11a80264bb89512afbd1bc33ea907f"` | Docker image tag for the `searcher` image | +| searcher.image.defaultTag | string | `"5.0.2@sha256:be8ba25612b3b34845a2baa8beded47a3c1187a79e998ff393af71d1ec7f30cc"` | Docker image tag for the `searcher` image | | searcher.image.name | string | `"searcher"` | Docker image name for the `searcher` image | | searcher.name | string | `"searcher"` | Name used by resources. Does not affect service names or PVCs. | | searcher.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":100}` | Security context for the `searcher` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -318,7 +318,7 @@ In addition to the documented values, all services also support the following va | storageClass.provisioner | string | `"kubernetes.io/gce-pd"` | Name of the storageClass provisioner, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/storage/storage-classes/#provisioner) and consult your cloud provider persistent storage documentation | | storageClass.type | string | `"pd-ssd"` | Value of `type` key in storageClass `parameters`, consult your cloud provider persistent storage documentation | | symbols.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `symbols` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| symbols.image.defaultTag | string | `"5.0.1@sha256:c825ebe7767398efea836599d7795cfd58dbbbe863022129d5b4d8dcaec90d8b"` | Docker image tag for the `symbols` image | +| symbols.image.defaultTag | string | `"5.0.2@sha256:7bfb8df2251292e28333e989b49e0663be4a57f5e3dac6380422a5c362c7db00"` | Docker image tag for the `symbols` image | | symbols.image.name | string | `"symbols"` | Docker image name for the `symbols` image | | symbols.name | string | `"symbols"` | Name used by resources. Does not affect service names or PVCs. | | symbols.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":100}` | Security context for the `symbols` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -328,7 +328,7 @@ In addition to the documented values, all services also support the following va | symbols.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | symbols.storageSize | string | `"12Gi"` | Size of the PVC for symbols pods to store cache data | | syntectServer.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `syntect-server` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| syntectServer.image.defaultTag | string | `"5.0.1@sha256:5ea5f8effb2ba4362e339c7eb841ce1be9ad95efd0e433482aa06b41477da7e8"` | Docker image tag for the `syntect-server` image | +| syntectServer.image.defaultTag | string | `"5.0.2@sha256:35c4aa7256bbe80f43042fd99a47ca2eeeb75e4c0d737c6df1bd1351da29a272"` | Docker image tag for the `syntect-server` image | | syntectServer.image.name | string | `"syntax-highlighter"` | Docker image name for the `syntect-server` image | | syntectServer.name | string | `"syntect-server"` | Name used by resources. Does not affect service names or PVCs. | | syntectServer.podSecurityContext | object | `{}` | Security context for the `syntect-server` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -337,7 +337,7 @@ In addition to the documented values, all services also support the following va | syntectServer.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `syntect-server` | | syntectServer.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | worker.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| worker.image.defaultTag | string | `"5.0.1@sha256:60fe826467baceb99edce25af11ccf859f66cc71fba723603333190fd0393984"` | Docker image tag for the `worker` image | +| worker.image.defaultTag | string | `"5.0.2@sha256:83f1e1d30bad33a311e8e0c0c9e7995ef7b7df9a1135ac0ff5e5c9561c7b74c4"` | Docker image tag for the `worker` image | | worker.image.name | string | `"worker"` | Docker image name for the `worker` image | | worker.name | string | `"worker"` | Name used by resources. Does not affect service names or PVCs. | | worker.podSecurityContext | object | `{}` | Security context for the `worker` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 9be5b22a..73d62399 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -87,7 +87,7 @@ sourcegraph: alpine: # Used in init containers image: # -- Docker image tag for the `alpine` image - defaultTag: 5.0.1@sha256:a0265de9afb7f721f94395ab8782e5b51e4f835da2c43f582aa7a91a38588fbc + defaultTag: 5.0.2@sha256:bc31a72825415b9b3d500afa32fc41b856bee8c9d4fcbb9031936e1b7b4791ed # -- Docker image name for the `alpine` image name: "alpine-3.14" # -- Security context for the `alpine` initContainer, @@ -112,7 +112,7 @@ cadvisor: enabled: true image: # -- Docker image tag for the `cadvisor` image - defaultTag: 5.0.1@sha256:0cd361b92b1eb6f50b7893b815f37fa9468586f3050869043b14955a6be65502 + defaultTag: 5.0.2@sha256:a383f3e566eb99f3e79420112857e5ee581003fa48544fc8533c947fdf6029f1 # -- Docker image name for the `cadvisor` image name: "cadvisor" # -- Name used by resources. Does not affect service names or PVCs. @@ -175,7 +175,7 @@ codeInsightsDB: additionalConfig: "" image: # -- Docker image tag for the `codeinsights-db` image - defaultTag: 5.0.1@sha256:eafb389958bc521d2e503982119ee949baf2305d55e71520df229f52ee7bfb79 + defaultTag: 5.0.2@sha256:b25f28b4a3409d96e71adb42a2a13ccb98cbf5f5f150d4c91e2088e000481c26 # -- Docker image name for the `codeinsights-db` image name: "codeinsights-db" # -- Security context for the `codeinsights-db` container, @@ -246,7 +246,7 @@ codeIntelDB: additionalConfig: "" image: # -- Docker image tag for the `codeintel-db` image - defaultTag: 5.0.1@sha256:eb56defa3b30dcf5c6deba348759a2103f14dcb9a77d1fa6855ca649082bba47 + defaultTag: 5.0.2@sha256:9bb31aff2fe4b06da2a2048cee9d021ddb97f56ae000fba52dba974b40d234c4 # -- Docker image name for the `codeintel-db` image name: "codeintel-db" # -- Security context for the `codeintel-db` container, @@ -297,7 +297,7 @@ frontend: value: http://prometheus:30090 image: # -- Docker image tag for the `frontend` image - defaultTag: 5.0.1@sha256:9e147eac69a98e245419f6c58c6ba007f5f62a8ff254fc25fd1e0e2876e7a54c + defaultTag: 5.0.2@sha256:a70d7223df34cd721675d5886dc2fc32a766c908ec680538182fcf9789972480 # -- Docker image name for the `frontend` image name: "frontend" ingress: @@ -355,7 +355,7 @@ migrator: enabled: true image: # -- Docker image tag for the `migrator` image - defaultTag: 5.0.1@sha256:9430432c198a9b6d5b094400120b66afbaf634332267ea86c42bc303cf69b0e7 + defaultTag: 5.0.2@sha256:7099095e9b87dcc570c403ef92258b70eff0308cb8474e37911df4f37a89a5c4 # -- Docker image name for the `migrator` image name: "migrator" # -- Environment variables for the `migrator` container @@ -380,7 +380,7 @@ migrator: githubProxy: image: # -- Docker image tag for the `github-proxy` image - defaultTag: 5.0.1@sha256:0e0339042372eacbb51852d2e75ec91d3e9f9e2bb39516b72af5fb5ef594534a + defaultTag: 5.0.2@sha256:c69284028cc9a00c481d42341e2948a92ca94935f2d588611ff08662e5389c7d # -- Docker image name for the `github-proxy` image name: "github-proxy" # -- Security context for the `github-proxy` container, @@ -413,7 +413,7 @@ githubProxy: gitserver: image: # -- Docker image tag for the `gitserver` image - defaultTag: 5.0.1@sha256:26002caba4bfc6a3e2d11d0e0d2091627697de0a133529b8bd795c8847e9f1d3 + defaultTag: 5.0.2@sha256:8e2f365ee986202ce5ab86c7d9013f24db54a621d30f8aed3d431d620b4ca829 # -- Docker image name for the `gitserver` image name: "gitserver" # -- Name of existing Secret that contains SSH credentials to clone repositories. @@ -462,7 +462,7 @@ grafana: existingConfig: "" # Name of an existing configmap image: # -- Docker image tag for the `grafana` image - defaultTag: 5.0.1@sha256:68f3a2c94f0e81075f863361de7b9392bd41359b7278070c94108079254898f3 + defaultTag: 5.0.2@sha256:2acb828335892f2b7ff8b7f7939eee57091dcd1dd5fa21306794e8b8c1feb66a # -- Docker image name for the `grafana` image name: "grafana" # -- Security context for the `grafana` container, @@ -501,7 +501,7 @@ grafana: indexedSearch: image: # -- Docker image tag for the `zoekt-webserver` image - defaultTag: 5.0.1@sha256:db8bcc5db82d62024230e525b9dc5b94214eb097a115adba3228fa64840699f4 + defaultTag: 5.0.2@sha256:db8bcc5db82d62024230e525b9dc5b94214eb097a115adba3228fa64840699f4 # -- Docker image name for the `zoekt-webserver` image name: "indexed-searcher" # -- Security context for the `zoekt-webserver` container, @@ -542,7 +542,7 @@ indexedSearch: indexedSearchIndexer: image: # -- Docker image tag for the `zoekt-indexserver` image - defaultTag: 5.0.1@sha256:7a770bfebd2c4d0eeaccb2ae3c7b93208514910d39a13e6289cc0db66b6b444e + defaultTag: 5.0.2@sha256:7a770bfebd2c4d0eeaccb2ae3c7b93208514910d39a13e6289cc0db66b6b444e # -- Docker image name for the `zoekt-indexserver` image name: "search-indexer" # -- Security context for the `zoekt-indexserver` container, @@ -569,7 +569,7 @@ blobstore: enabled: true image: # -- Docker image tag for the `blobstore` image - defaultTag: 5.0.1@sha256:9904327495993dd58b2e26c9b32448c9d843cb845e97b56619ce2c75199e163f + defaultTag: 5.0.2@sha256:8404af743f077d3f54ec2ff99936782e2116d388baa478955f9b0583b53e7185 # -- Docker image name for the `blobstore` image name: "blobstore" # -- Security context for the `blobstore` container, @@ -608,7 +608,7 @@ openTelemetry: enabled: true image: # -- Docker image tag for the `otel-collector` image - defaultTag: 5.0.1@sha256:1fd0daec77a302cba6c8194c5eb802d1440a4cf329112aceddadb8004d9aa541 # TODO: change once we have a versioned image with bundled configs + logging exporter + defaultTag: 5.0.2@sha256:142c9cbef9692f46e118c84a38411fc306223b27178687e875258564a91ad373 # TODO: change once we have a versioned image with bundled configs + logging exporter # -- Docker image name for the `otel-collector` image name: "opentelemetry-collector" gateway: @@ -667,7 +667,7 @@ nodeExporter: enabled: true image: # -- Docker image tag for the `node-exporter` image - defaultTag: 5.0.1@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80 + defaultTag: 5.0.2@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80 # -- Docker image name for the `node-exporter` image name: "node-exporter" # -- Name used by resources. Does not affect service names or PVCs. @@ -736,7 +736,7 @@ pgsql: additionalConfig: "" image: # -- Docker image tag for the `pgsql` image - defaultTag: 5.0.1@sha256:0d55bd55b5a5d0f3df0d10ab84ea69403ae21fc6f1413276ef8d04de8acef931 + defaultTag: 5.0.2@sha256:f569bd5c1a5d05ef6cba1d9eb59e7a0009ba89fa65134e5e462d0e83a16ef5d1 # -- Docker image name for the `pgsql` image name: "postgres-12-alpine" # -- Security context for the `pgsql` container, @@ -778,7 +778,7 @@ pgsql: postgresExporter: image: # -- Docker image tag for the `pgsql-exporter` image - defaultTag: 5.0.1@sha256:d6500fe725fadb75c0b3ad4abcb22e112fd92be07115a0bd12c534cb26784ad2 + defaultTag: 5.0.2@sha256:4a9a304b43b16d80a5e88ef5b3d014d38a9291b7a097b9cef493f26769664429 # -- Docker image name for the `pgsql-exporter` image name: "postgres_exporter" # -- Resource requests & limits for the `pgsql-exporter` sidecar container, @@ -798,7 +798,7 @@ preciseCodeIntel: value: "4" image: # -- Docker image tag for the `precise-code-intel-worker` image - defaultTag: 5.0.1@sha256:eed01488d791985eeb018cc211c0afd117dd6a518cf74fe74fc5ada27d3bad7a + defaultTag: 5.0.2@sha256:fe91ec24850d756127dd69d020997e81f597e9032b29b5286f5b8f00f0d66257 # -- Docker image name for the `precise-code-intel-worker` image name: "precise-code-intel-worker" # -- Security context for the `precise-code-intel-worker` container, @@ -837,7 +837,7 @@ prometheus: existingConfig: "" # Name of an existing configmap image: # -- Docker image tag for the `prometheus` image - defaultTag: 5.0.1@sha256:0b2252b2d0e2e67e2bc924bcd575dfc619926bd948cf397361c424ca213c0073 + defaultTag: 5.0.2@sha256:9fadf72a694d207c5b8a9a4f039d9f094d647436c5f8a43da0c6154682128eed # -- Docker image name for the `prometheus` image name: "prometheus" # -- Security context for the `prometheus` container, @@ -887,7 +887,7 @@ redisCache: enabled: true image: # -- Docker image tag for the `redis-cache` image - defaultTag: 5.0.1@sha256:7091d15e3829952bb6b0ee38b4f90365846d850b0fc30734e98b57db067f9ff0 + defaultTag: 5.0.2@sha256:96bb3b92ec87cc033ca332635c9f38de64619c9c6983d6d354e45210d01e4c5c # -- Docker image name for the `redis-cache` image name: "redis-cache" connection: @@ -931,7 +931,7 @@ redisCache: redisExporter: image: # -- Docker image tag for the `redis-exporter` image - defaultTag: 5.0.1@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 + defaultTag: 5.0.2@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 # -- Docker image name for the `redis-exporter` image name: "redis_exporter" # -- Security context for the `redis-exporter` sidecar container, @@ -963,7 +963,7 @@ redisStore: endpoint: "redis-store:6379" image: # -- Docker image tag for the `redis-store` image - defaultTag: 5.0.1@sha256:7e830609f10d298e14f898b7f8b723ef45b7ca27979c35ebe6ab8ac54dac2fa3 + defaultTag: 5.0.2@sha256:6e076559b494aa52c9f40dc25a8e59e977697ead3e3fe04f2be26e341709f123 # -- Docker image name for the `redis-store` image name: "redis-store" # -- Security context for the `redis-store` container, @@ -1000,7 +1000,7 @@ redisStore: repoUpdater: image: # -- Docker image tag for the `repo-updater` image - defaultTag: 5.0.1@sha256:9a8be407a7209f76f7482dbbbaa249ea6de4bae5aa35b56ea07c20cbae402dc5 + defaultTag: 5.0.2@sha256:23a63c6e2c8b9505389ed4faef9b739821dfd1c5549d2b285672bcd468ded88a # -- Docker image name for the `repo-updater` image name: "repo-updater" # -- Security context for the `repo-updater` container, @@ -1033,7 +1033,7 @@ repoUpdater: searcher: image: # -- Docker image tag for the `searcher` image - defaultTag: 5.0.1@sha256:0532d980546d537db4eb75b157ff14216f11a80264bb89512afbd1bc33ea907f + defaultTag: 5.0.2@sha256:be8ba25612b3b34845a2baa8beded47a3c1187a79e998ff393af71d1ec7f30cc # -- Docker image name for the `searcher` image name: "searcher" # -- Security context for the `searcher` container, @@ -1094,7 +1094,7 @@ storageClass: symbols: image: # -- Docker image tag for the `symbols` image - defaultTag: 5.0.1@sha256:c825ebe7767398efea836599d7795cfd58dbbbe863022129d5b4d8dcaec90d8b + defaultTag: 5.0.2@sha256:7bfb8df2251292e28333e989b49e0663be4a57f5e3dac6380422a5c362c7db00 # -- Docker image name for the `symbols` image name: "symbols" # -- Security context for the `symbols` container, @@ -1134,7 +1134,7 @@ symbols: syntectServer: image: # -- Docker image tag for the `syntect-server` image - defaultTag: 5.0.1@sha256:5ea5f8effb2ba4362e339c7eb841ce1be9ad95efd0e433482aa06b41477da7e8 + defaultTag: 5.0.2@sha256:35c4aa7256bbe80f43042fd99a47ca2eeeb75e4c0d737c6df1bd1351da29a272 # -- Docker image name for the `syntect-server` image name: "syntax-highlighter" # -- Security context for the `syntect-server` container, @@ -1182,7 +1182,7 @@ jaeger: enabled: false image: # -- Docker image tag for the `jaeger` image - defaultTag: 5.0.1@sha256:fa28467f930a714eee34f71cc0b4f4f9de58f56f7b6f16464025ef7f38e572f4 + defaultTag: 5.0.2@sha256:47022c02cc33f60881761272bdffa20dffbf92a7bfc0ae54942e3991cd354169 # -- Docker image name for the `jaeger` image name: "jaeger-all-in-one" # -- Name used by resources. Does not affect service names or PVCs. @@ -1228,7 +1228,7 @@ jaeger: worker: image: # -- Docker image tag for the `worker` image - defaultTag: 5.0.1@sha256:60fe826467baceb99edce25af11ccf859f66cc71fba723603333190fd0393984 + defaultTag: 5.0.2@sha256:83f1e1d30bad33a311e8e0c0c9e7995ef7b7df9a1135ac0ff5e5c9561c7b74c4 # -- Docker image name for the `worker` image name: "worker" # -- Security context for the `worker` container,