From 487083dfbc31985f33a4d9625f6de0a9e8ccc518 Mon Sep 17 00:00:00 2001 From: Jacob Pleiness Date: Thu, 24 Aug 2023 21:31:44 -0400 Subject: [PATCH 1/3] release: sourcegraph@5.1.7 --- charts/sourcegraph-executor/dind/Chart.yaml | 4 +- charts/sourcegraph-executor/dind/README.md | 2 +- charts/sourcegraph-executor/dind/values.yaml | 2 +- charts/sourcegraph-executor/k8s/Chart.yaml | 4 +- charts/sourcegraph-executor/k8s/README.md | 2 +- charts/sourcegraph-executor/k8s/values.yaml | 2 +- charts/sourcegraph-migrator/Chart.yaml | 4 +- charts/sourcegraph-migrator/README.md | 6 +- charts/sourcegraph-migrator/values.yaml | 2 +- charts/sourcegraph/Chart.yaml | 4 +- charts/sourcegraph/README.md | 56 +++++++++--------- .../sourcegraph/examples/subchart/Chart.yaml | 4 +- charts/sourcegraph/values.yaml | 58 +++++++++---------- 13 files changed, 75 insertions(+), 75 deletions(-) diff --git a/charts/sourcegraph-executor/dind/Chart.yaml b/charts/sourcegraph-executor/dind/Chart.yaml index 81fe0ef7..f110db63 100644 --- a/charts/sourcegraph-executor/dind/Chart.yaml +++ b/charts/sourcegraph-executor/dind/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.1.2" +version: "5.1.7" # Version of Sourcegraph release -appVersion: "5.1.2" +appVersion: "5.1.7" diff --git a/charts/sourcegraph-executor/dind/README.md b/charts/sourcegraph-executor/dind/README.md index 1d669db3..457a4f18 100644 --- a/charts/sourcegraph-executor/dind/README.md +++ b/charts/sourcegraph-executor/dind/README.md @@ -60,7 +60,7 @@ In addition to the documented values, the `executor` and `private-docker-registr | executor.env.EXECUTOR_FRONTEND_URL | object | `{"value":""}` | The external URL of the Sourcegraph instance. Required. | | executor.env.EXECUTOR_QUEUE_NAME | object | `{"value":""}` | The name of the queue to pull jobs from to. Possible values: batches and codeintel. **Either this or EXECUTOR_QUEUE_NAMES is required.** | | executor.env.EXECUTOR_QUEUE_NAMES | object | `{"value":""}` | The comma-separated list of names of multiple queues to pull jobs from to. Possible values: batches and codeintel. **Either this or EXECUTOR_QUEUE_NAME is required.** | -| executor.image.defaultTag | string | `"5.1.6@sha256:cd5cacef9a1ff18a13032b551a2fc2edbd65d31825288f321455ae1304c89ee0"` | | +| executor.image.defaultTag | string | `"5.1.7@sha256:a2e0380f8bf5d16d02a17e1e3923e151fdd2799cf12df3e3e49d45b3f7accc5a"` | | | executor.image.name | string | `"executor"` | | | executor.replicaCount | int | `1` | | | privateDockerRegistry.enabled | bool | `true` | Whether to deploy the private registry. Only one registry is needed when deploying multiple executors. More information: https://docs.sourcegraph.com/admin/executors/deploy_executors#using-private-registries | diff --git a/charts/sourcegraph-executor/dind/values.yaml b/charts/sourcegraph-executor/dind/values.yaml index 0a355d5a..d851c817 100644 --- a/charts/sourcegraph-executor/dind/values.yaml +++ b/charts/sourcegraph-executor/dind/values.yaml @@ -55,7 +55,7 @@ storageClass: executor: enabled: true image: - defaultTag: 5.1.6@sha256:cd5cacef9a1ff18a13032b551a2fc2edbd65d31825288f321455ae1304c89ee0 + defaultTag: 5.1.7@sha256:a2e0380f8bf5d16d02a17e1e3923e151fdd2799cf12df3e3e49d45b3f7accc5a name: "executor" replicaCount: 1 env: diff --git a/charts/sourcegraph-executor/k8s/Chart.yaml b/charts/sourcegraph-executor/k8s/Chart.yaml index f1c72e94..79b792fa 100644 --- a/charts/sourcegraph-executor/k8s/Chart.yaml +++ b/charts/sourcegraph-executor/k8s/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.1.2" +version: "5.1.7" # Version of Sourcegraph release -appVersion: "5.1.2" +appVersion: "5.1.7" diff --git a/charts/sourcegraph-executor/k8s/README.md b/charts/sourcegraph-executor/k8s/README.md index b794e59c..1862f82d 100644 --- a/charts/sourcegraph-executor/k8s/README.md +++ b/charts/sourcegraph-executor/k8s/README.md @@ -61,7 +61,7 @@ In addition to the documented values, the `executor` and `private-docker-registr | executor.extraEnv | string | `nil` | Sets extra environment variables on the executor deployment. See `values.yaml` for the format. | | executor.frontendPassword | string | `""` | The shared secret configured in the Sourcegraph instance site config under executors.accessToken. Required. | | executor.frontendUrl | string | `""` | The external URL of the Sourcegraph instance. Required. **Recommended:** set to the internal service endpoint (e.g. `http://sourcegraph-frontend.sourcegraph.svc.cluster.local:30080` if Sourcegraph is deployed in the `sourcegraph` namespace). This will avoid unnecessary network charges as traffic will stay within the local network. | -| executor.image.defaultTag | string | `"5.1.6@sha256:2482cea8b920f20a8994e60c5190afdc484520459736f3d616dd19e0da4bd3a7"` | | +| executor.image.defaultTag | string | `"5.1.7@sha256:d17d4947a15efd7518f16ba2b32fc46258843a42ac9fa0d5584a24841054f247"` | | | executor.image.name | string | `"executor-kubernetes"` | | | executor.kubeconfigPath | string | `""` | The path to the kubeconfig file. If not specified, the in-cluster config is used. | | executor.kubernetesJob.deadline | string | `"1200"` | The number of seconds after which a Kubernetes job will be terminated. | diff --git a/charts/sourcegraph-executor/k8s/values.yaml b/charts/sourcegraph-executor/k8s/values.yaml index 143bb885..82413c05 100644 --- a/charts/sourcegraph-executor/k8s/values.yaml +++ b/charts/sourcegraph-executor/k8s/values.yaml @@ -58,7 +58,7 @@ executor: replicas: 1 enabled: true image: - defaultTag: 5.1.6@sha256:2482cea8b920f20a8994e60c5190afdc484520459736f3d616dd19e0da4bd3a7 + defaultTag: 5.1.7@sha256:d17d4947a15efd7518f16ba2b32fc46258843a42ac9fa0d5584a24841054f247 name: "executor-kubernetes" # -- The external URL of the Sourcegraph instance. Required. **Recommended:** set to the internal service endpoint (e.g. `http://sourcegraph-frontend.sourcegraph.svc.cluster.local:30080` if Sourcegraph is deployed in the `sourcegraph` namespace). # This will avoid unnecessary network charges as traffic will stay within the local network. diff --git a/charts/sourcegraph-migrator/Chart.yaml b/charts/sourcegraph-migrator/Chart.yaml index c5a3a083..e1f1fba2 100644 --- a/charts/sourcegraph-migrator/Chart.yaml +++ b/charts/sourcegraph-migrator/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.1.6" +version: "5.1.7" # Version of Sourcegraph release -appVersion: "5.1.6" +appVersion: "5.1.7" diff --git a/charts/sourcegraph-migrator/README.md b/charts/sourcegraph-migrator/README.md index cd218810..f06569dc 100644 --- a/charts/sourcegraph-migrator/README.md +++ b/charts/sourcegraph-migrator/README.md @@ -42,7 +42,7 @@ You should consult the list of available [migrator commands]. Below is some exam - Perform initial migrations against external PostgreSQL databases prior to the Sourcegraph deployment ```sh -helm upgrade --install -f --version 5.1.6 sg-migrator sourcegraph/sourcegraph-migrator +helm upgrade --install -f --version 5.1.7 sg-migrator sourcegraph/sourcegraph-migrator ``` ### Add a migration log entry @@ -52,7 +52,7 @@ helm upgrade --install -f --version 5.1.6 sg-migrator Add an entry to the migration log after a site administrator has explicitly applied the contents of a migration file, learn more about troubleshooting a [dirty database]. ```sh -helm upgrade --install -f --set "migrator.args={add-log,-db=frontend,-version=1528395834}" --version 5.1.6 sg-migrator sourcegraph/sourcegraph-migrator +helm upgrade --install -f --set "migrator.args={add-log,-db=frontend,-version=1528395834}" --version 5.1.7 sg-migrator sourcegraph/sourcegraph-migrator ``` ## Rendering manifests for kubectl deployment @@ -80,7 +80,7 @@ In addition to the documented values, the `migrator` service also supports the f | migrator.args | list | `["up","-db=all"]` | Override default `migrator` container args Available commands can be found at https://docs.sourcegraph.com/admin/how-to/manual_database_migrations | | migrator.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | migrator.env | object | `{}` | Environment variables for the `migrator` container | -| migrator.image.defaultTag | string | `"5.1.6@sha256:76facd38029ee611e5bee723736e42eedb633b2c31d4494711c55f59906a5f93"` | Docker image tag for the `migrator` image | +| migrator.image.defaultTag | string | `"5.1.7@sha256:aa5b96b2ac6fa1f72a3f4ad5f34f8b6762f63e28aa6f37026cd337a221971da9"` | Docker image tag for the `migrator` image | | migrator.image.name | string | `"migrator"` | Docker image name for the `migrator` image | | migrator.resources | object | `{"limits":{"cpu":"500m","memory":"100M"},"requests":{"cpu":"100m","memory":"50M"}}` | Resource requests & limits for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | pgsql.auth.existingSecret | string | `""` | Name of existing secret to use for pgsql credentials This should match the setting in the sourcegraph chart values | diff --git a/charts/sourcegraph-migrator/values.yaml b/charts/sourcegraph-migrator/values.yaml index c0d33a97..d7fc4fcf 100644 --- a/charts/sourcegraph-migrator/values.yaml +++ b/charts/sourcegraph-migrator/values.yaml @@ -102,7 +102,7 @@ pgsql: migrator: image: # -- Docker image tag for the `migrator` image - defaultTag: 5.1.6@sha256:76facd38029ee611e5bee723736e42eedb633b2c31d4494711c55f59906a5f93 + defaultTag: 5.1.7@sha256:aa5b96b2ac6fa1f72a3f4ad5f34f8b6762f63e28aa6f37026cd337a221971da9 # -- Docker image name for the `migrator` image name: "migrator" # -- Environment variables for the `migrator` container diff --git a/charts/sourcegraph/Chart.yaml b/charts/sourcegraph/Chart.yaml index 67fe44b3..7d5222c5 100644 --- a/charts/sourcegraph/Chart.yaml +++ b/charts/sourcegraph/Chart.yaml @@ -5,7 +5,7 @@ icon: https://sourcegraph.com/favicon.ico type: application # Chart version, separate from Sourcegraph -version: "5.1.6" +version: "5.1.7" # Version of Sourcegraph release -appVersion: "5.1.6" +appVersion: "5.1.7" diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 71366579..2b15d80e 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -28,12 +28,12 @@ In addition to the documented values, all services also support the following va | Key | Type | Default | Description | |-----|------|---------|-------------| | alpine.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| alpine.image.defaultTag | string | `"5.1.6@sha256:ed08c72677022f8b7f23189d3eb406221a0adec00837a6648c868454c3030dc5"` | Docker image tag for the `alpine` image | +| alpine.image.defaultTag | string | `"5.1.7@sha256:fac2594c147359da754905fc7fe6df07483a2b03d12b5c7591d540cf982b9898"` | Docker image tag for the `alpine` image | | alpine.image.name | string | `"alpine-3.14"` | Docker image name for the `alpine` image | | alpine.resources | object | `{"limits":{"cpu":"10m","memory":"50Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Resource requests & limits for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | blobstore.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"runAsGroup":101,"runAsUser":100}` | Security context for the `blobstore` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | blobstore.enabled | bool | `true` | Enable `blobstore` (S3 compatible storage) | -| blobstore.image.defaultTag | string | `"5.1.6@sha256:f21a7f4092e279a1e251e34d8b54fdccb29e80f8a8e5653f6bf43404c7b27b18"` | Docker image tag for the `blobstore` image | +| blobstore.image.defaultTag | string | `"5.1.7@sha256:f21a7f4092e279a1e251e34d8b54fdccb29e80f8a8e5653f6bf43404c7b27b18"` | Docker image tag for the `blobstore` image | | blobstore.image.name | string | `"blobstore"` | Docker image name for the `blobstore` image | | blobstore.name | string | `"blobstore"` | Name used by resources. Does not affect service names or PVCs. | | blobstore.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `blobstore` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -43,7 +43,7 @@ In addition to the documented values, all services also support the following va | blobstore.storageSize | string | `"100Gi"` | PVC Storage Request for `blobstore` data volume | | cadvisor.containerSecurityContext | object | `{"privileged":true}` | Security context for the `cadvisor` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | cadvisor.enabled | bool | `true` | Enable `cadvisor` | -| cadvisor.image.defaultTag | string | `"5.1.6@sha256:791b45a1aae249c03fa2e1c7d7c4df0c4969d4b25e1774ce466573d63aa04fe8"` | Docker image tag for the `cadvisor` image | +| cadvisor.image.defaultTag | string | `"5.1.7@sha256:791b45a1aae249c03fa2e1c7d7c4df0c4969d4b25e1774ce466573d63aa04fe8"` | Docker image tag for the `cadvisor` image | | cadvisor.image.name | string | `"cadvisor"` | Docker image name for the `cadvisor` image | | cadvisor.name | string | `"cadvisor"` | Name used by resources. Does not affect service names or PVCs. | | cadvisor.podSecurityPolicy.enabled | bool | `false` | Enable [PodSecurityPolicy](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) for `cadvisor` pods | @@ -61,7 +61,7 @@ In addition to the documented values, all services also support the following va | codeInsightsDB.enabled | bool | `true` | Enable `codeinsights-db` PostgreSQL server | | codeInsightsDB.env | object | `{}` | Environment variables for the `codeinsights-db` container | | codeInsightsDB.existingConfig | string | `""` | Name of existing ConfigMap for `codeinsights-db`. It must contain a `postgresql.conf` key. | -| codeInsightsDB.image.defaultTag | string | `"5.1.6@sha256:9e4715fdde56c293fca9ce5f23d886f215a7db4c8b71efe8dab4f18a0c9d6895"` | Docker image tag for the `codeinsights-db` image | +| codeInsightsDB.image.defaultTag | string | `"5.1.7@sha256:d487e749a3c33602885ccf1cde3832e21a48d0207840af25044fe2e35eb4d5b6"` | Docker image tag for the `codeinsights-db` image | | codeInsightsDB.image.name | string | `"codeinsights-db"` | Docker image name for the `codeinsights-db` image | | codeInsightsDB.init.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":70,"runAsUser":70}` | Security context for the `alpine` initContainer, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | codeInsightsDB.name | string | `"codeinsights-db"` | Name used by resources. Does not affect service names or PVCs. | @@ -81,7 +81,7 @@ In addition to the documented values, all services also support the following va | codeIntelDB.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `codeintel-db` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | codeIntelDB.enabled | bool | `true` | Enable `codeintel-db` PostgreSQL server | | codeIntelDB.existingConfig | string | `""` | Name of existing ConfigMap for `codeintel-db`. It must contain a `postgresql.conf` key | -| codeIntelDB.image.defaultTag | string | `"5.1.6@sha256:f3658f9f4922df5350085285d86e79ece21fe10b71ac450bcd6989dcab6ac7a7"` | Docker image tag for the `codeintel-db` image | +| codeIntelDB.image.defaultTag | string | `"5.1.7@sha256:14f40666a73e32116139e6554842e18c6d54e6b16db447cff768b9d043880f43"` | Docker image tag for the `codeintel-db` image | | codeIntelDB.image.name | string | `"codeintel-db"` | Docker image name for the `codeintel-db` image | | codeIntelDB.name | string | `"codeintel-db"` | Name used by resources. Does not affect service names or PVCs. | | codeIntelDB.podSecurityContext | object | `{"fsGroup":999,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":999}` | Security context for the `codeintel-db` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -95,7 +95,7 @@ In addition to the documented values, all services also support the following va | embeddings.env | object | `{}` | Environment variables for the `embeddings` container | | embeddings.extraVolumeMounts | object | `{}` | | | embeddings.extraVolumes | object | `{}` | | -| embeddings.image.defaultTag | string | `"5.1.6@sha256:e849f52e38637882e5d2ba3d7d27a656d897c4b4e2905e1fdb843536d9c948ab"` | Docker image tag for the `embeddings` image | +| embeddings.image.defaultTag | string | `"5.1.7@sha256:2c283ed507c7c7f80dacf6fbc7130df28220b805c7b54e37e7acb080b027a710"` | Docker image tag for the `embeddings` image | | embeddings.image.name | string | `"embeddings"` | Docker image name for the `embeddings` image | | embeddings.name | string | `"embeddings"` | Name of the `embeddings` service | | embeddings.podSecurityContext | object | `{}` | Security context for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | @@ -106,7 +106,7 @@ In addition to the documented values, all services also support the following va | extraResources | list | `[]` | Additional resources to include in the rendered manifest. Templates are supported. | | frontend.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `frontend` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | frontend.env | object | the chart will add some default environment values | Environment variables for the `frontend` container | -| frontend.image.defaultTag | string | `"5.1.6@sha256:d4a143f107b1c6d7cc18f948f668c1d1c9cd847abda590763e2998c16bae098e"` | Docker image tag for the `frontend` image | +| frontend.image.defaultTag | string | `"5.1.7@sha256:e4ca096bff965011882ceea8e81a1ca0afc5db134cc7b5c5a5be1b4b2f443ecb"` | Docker image tag for the `frontend` image | | frontend.image.name | string | `"frontend"` | Docker image name for the `frontend` image | | frontend.ingress.annotations | object | `{"kubernetes.io/ingress.class":"nginx","nginx.ingress.kubernetes.io/proxy-body-size":"150m"}` | Annotations for the Sourcegraph server ingress. For example, securing ingress with TLS provided by [cert-manager](https://cert-manager.io/docs/usage/ingress/) | | frontend.ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | [Deprecated annotation](https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation) for specifing the IngressClass in Kubernetes 1.17 and earlier. If you are using Kubernetes 1.18+, use `ingressClassName` instead and set an override value of `null` for this annotation. | @@ -122,7 +122,7 @@ In addition to the documented values, all services also support the following va | frontend.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount for `frontend` | | frontend.serviceAccount.name | string | `"sourcegraph-frontend"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | githubProxy.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `github-proxy` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| githubProxy.image.defaultTag | string | `"5.1.6@sha256:b5df1ae065702701549b12e626b5fd382babad6618ae752f9340557f5ff0b809"` | Docker image tag for the `github-proxy` image | +| githubProxy.image.defaultTag | string | `"5.1.7@sha256:75a58b8bb961e0c387521183875d677cc23813dfca2cf588c4bb2db83837fea0"` | Docker image tag for the `github-proxy` image | | githubProxy.image.name | string | `"github-proxy"` | Docker image name for the `github-proxy` image | | githubProxy.name | string | `"github-proxy"` | Name used by resources. Does not affect service names or PVCs. | | githubProxy.podSecurityContext | object | `{}` | Security context for the `github-proxy` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -130,7 +130,7 @@ In addition to the documented values, all services also support the following va | githubProxy.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `github-proxy` | | githubProxy.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | gitserver.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `gitserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| gitserver.image.defaultTag | string | `"5.1.6@sha256:2bf27f6ca7e8eddf7a17f18e7f5d41edd6d2180818ae8ff1d51181b9b0124b4d"` | Docker image tag for the `gitserver` image | +| gitserver.image.defaultTag | string | `"5.1.7@sha256:c0964390c0f165e8afa821f068b7aa2732510dc2c84e51531a1c393c15bc0c50"` | Docker image tag for the `gitserver` image | | gitserver.image.name | string | `"gitserver"` | Docker image name for the `gitserver` image | | gitserver.name | string | `"gitserver"` | Name used by resources. Does not affect service names or PVCs. | | gitserver.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `gitserver` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -143,7 +143,7 @@ In addition to the documented values, all services also support the following va | grafana.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":472,"runAsUser":472}` | Security context for the `grafana` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | grafana.enabled | bool | `true` | Enable `grafana` dashboard (recommended) | | grafana.existingConfig | string | `""` | Name of existing ConfigMap for `grafana`. It must contain a `datasources.yml` key. | -| grafana.image.defaultTag | string | `"5.1.6@sha256:e34b7c0b6997e3b64d4a7d61a2b6ea9a50d07006caaffcbfc218849201e63af9"` | Docker image tag for the `grafana` image | +| grafana.image.defaultTag | string | `"5.1.7@sha256:9f6e6812df8ac80f311f3598e62e822048c4eb77233822d5ebd439426b67a18d"` | Docker image tag for the `grafana` image | | grafana.image.name | string | `"grafana"` | Docker image name for the `grafana` image | | grafana.name | string | `"grafana"` | Name used by resources. Does not affect service names or PVCs. | | grafana.podSecurityContext | object | `{"fsGroup":472,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":472,"runAsUser":472}` | Security context for the `grafana` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -152,7 +152,7 @@ In addition to the documented values, all services also support the following va | grafana.serviceAccount.name | string | `"grafana"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | grafana.storageSize | string | `"2Gi"` | PVC Storage Request for `grafana` data volume | | indexedSearch.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-webserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| indexedSearch.image.defaultTag | string | `"5.1.6@sha256:ed04e99a3b4e50f4f4794420c120deb872af84b31d2daf35ebf94a9aae97971b"` | Docker image tag for the `zoekt-webserver` image | +| indexedSearch.image.defaultTag | string | `"5.1.7@sha256:c40cea4fd9698be6d4eaedd4abb713e2c85ec2c328fd3fdfec738c54a7c3f2da"` | Docker image tag for the `zoekt-webserver` image | | indexedSearch.image.name | string | `"indexed-searcher"` | Docker image name for the `zoekt-webserver` image | | indexedSearch.name | string | `"indexed-search"` | Name used by resources. Does not affect service names or PVCs. | | indexedSearch.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `indexed-search` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -162,7 +162,7 @@ In addition to the documented values, all services also support the following va | indexedSearch.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | indexedSearch.storageSize | string | `"200Gi"` | PVC Storage Request for `indexed-search` data volume The size of disk to used for search indexes. This should typically be gitserver disk size multipled by the number of gitserver shards. | | indexedSearchIndexer.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-indexserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| indexedSearchIndexer.image.defaultTag | string | `"5.1.6@sha256:d84cbdb626c7d48288d794e5085cd651406b5d3ec346b506ad370718b9a422c5"` | Docker image tag for the `zoekt-indexserver` image | +| indexedSearchIndexer.image.defaultTag | string | `"5.1.7@sha256:cde4201479ae09d4c611e631e6547de00312e1397d9073e0a38e07b55a8fdf21"` | Docker image tag for the `zoekt-indexserver` image | | indexedSearchIndexer.image.name | string | `"search-indexer"` | Docker image name for the `zoekt-indexserver` image | | indexedSearchIndexer.resources | object | `{"limits":{"cpu":"8","memory":"8G"},"requests":{"cpu":"4","memory":"4G"}}` | Resource requests & limits for the `zoekt-indexserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) zoekt-indexserver is CPU bound. The more CPU you allocate to it, the lower lag between a new commit and it being indexed for search. | | jaeger.collector.name | string | `""` | Name of jaeger `collector` service | @@ -171,7 +171,7 @@ In addition to the documented values, all services also support the following va | jaeger.collector.serviceType | string | "ClusterIP" | Kubernetes service type of jaeger `collector` service, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | | jaeger.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `jaeger` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | jaeger.enabled | bool | `false` | Enable `jaeger` | -| jaeger.image.defaultTag | string | `"5.1.6@sha256:ada836a287beafeca38b8e940067e802749f13c0daf6c5c6842afb81875a4b8b"` | Docker image tag for the `jaeger` image | +| jaeger.image.defaultTag | string | `"5.1.7@sha256:ada836a287beafeca38b8e940067e802749f13c0daf6c5c6842afb81875a4b8b"` | Docker image tag for the `jaeger` image | | jaeger.image.name | string | `"jaeger-all-in-one"` | Docker image name for the `jaeger` image | | jaeger.name | string | `"jaeger"` | Name used by resources. Does not affect service names or PVCs. | | jaeger.podSecurityContext | object | `{}` | Security context for the `jaeger` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -186,14 +186,14 @@ In addition to the documented values, all services also support the following va | migrator.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | migrator.enabled | bool | `true` | Enable [migrator](https://docs.sourcegraph.com/admin/how-to/manual_database_migrations) initContainer in `frontend` deployment to perform database migration | | migrator.env | object | `{}` | Environment variables for the `migrator` container | -| migrator.image.defaultTag | string | `"5.1.6@sha256:76facd38029ee611e5bee723736e42eedb633b2c31d4494711c55f59906a5f93"` | Docker image tag for the `migrator` image | +| migrator.image.defaultTag | string | `"5.1.7@sha256:aa5b96b2ac6fa1f72a3f4ad5f34f8b6762f63e28aa6f37026cd337a221971da9"` | Docker image tag for the `migrator` image | | migrator.image.name | string | `"migrator"` | Docker image name for the `migrator` image | | migrator.resources | object | `{"limits":{"cpu":"500m","memory":"100M"},"requests":{"cpu":"100m","memory":"50M"}}` | Resource requests & limits for the `migrator` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | nodeExporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":65534,"runAsUser":65534}` | Security context for the `node-exporter` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | nodeExporter.enabled | bool | `true` | Enable `node-exporter` | | nodeExporter.extraArgs | list | `[]` | | | nodeExporter.hostPID | bool | `true` | | -| nodeExporter.image.defaultTag | string | `"5.1.6@sha256:f750e658062c1f170f0d21310759cd53a1d76fbaa3f6482b2c421438ed25c523"` | Docker image tag for the `node-exporter` image | +| nodeExporter.image.defaultTag | string | `"5.1.7@sha256:f750e658062c1f170f0d21310759cd53a1d76fbaa3f6482b2c421438ed25c523"` | Docker image tag for the `node-exporter` image | | nodeExporter.image.name | string | `"node-exporter"` | Docker image name for the `node-exporter` image | | nodeExporter.name | string | `"node-exporter"` | Name used by resources. Does not affect service names or PVCs. | | nodeExporter.podSecurityContext | object | `{"fsGroup":65534,"runAsGroup":65534,"runAsNonRoot":true,"runAsUser":65534}` | Security context for the `node-exporter` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -217,7 +217,7 @@ In addition to the documented values, all services also support the following va | openTelemetry.gateway.resources | object | `{"limits":{"cpu":"3","memory":"3Gi"},"requests":{"cpu":"1","memory":"1Gi"}}` | Resource requests & limits for the `otel-collector` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | openTelemetry.gateway.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `otel-collector` | | openTelemetry.gateway.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | -| openTelemetry.image.defaultTag | string | `"5.1.6@sha256:e6c23cf589bae9e6ca6ace031da329d9d963917d8a739902bfd70e1d3e6fcc74"` | Docker image tag for the `otel-collector` image | +| openTelemetry.image.defaultTag | string | `"5.1.7@sha256:e6c23cf589bae9e6ca6ace031da329d9d963917d8a739902bfd70e1d3e6fcc74"` | Docker image tag for the `otel-collector` image | | openTelemetry.image.name | string | `"opentelemetry-collector"` | Docker image name for the `otel-collector` image | | pgsql.additionalConfig | string | `""` | Additional PostgreSQL configuration. This will override or extend our default configuration. Notes: This is expecting a multiline string. Learn more from our [recommended PostgreSQL configuration](https://docs.sourcegraph.com/admin/config/postgres-conf) and [PostgreSQL documentation](https://www.postgresql.org/docs/12/config-setting.html) | | pgsql.auth.database | string | `"sg"` | Sets postgres database name | @@ -229,7 +229,7 @@ In addition to the documented values, all services also support the following va | pgsql.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":999,"runAsUser":999}` | Security context for the `pgsql` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | pgsql.enabled | bool | `true` | Enable `pgsql` PostgreSQL server | | pgsql.existingConfig | string | `""` | Name of existing ConfigMap for `pgsql`. It must contain a `postgresql.conf` key | -| pgsql.image.defaultTag | string | `"5.1.6@sha256:f3658f9f4922df5350085285d86e79ece21fe10b71ac450bcd6989dcab6ac7a7"` | Docker image tag for the `pgsql` image | +| pgsql.image.defaultTag | string | `"5.1.7@sha256:14f40666a73e32116139e6554842e18c6d54e6b16db447cff768b9d043880f43"` | Docker image tag for the `pgsql` image | | pgsql.image.name | string | `"postgres-12-alpine"` | Docker image name for the `pgsql` image | | pgsql.name | string | `"pgsql"` | Name used by resources. Does not affect service names or PVCs. | | pgsql.podSecurityContext | object | `{"fsGroup":999,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":999,"runAsUser":999}` | Security context for the `pgsql` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -238,12 +238,12 @@ In addition to the documented values, all services also support the following va | pgsql.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `pgsql` | | pgsql.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | pgsql.storageSize | string | `"200Gi"` | PVC Storage Request for `pgsql` data volume | -| postgresExporter.image.defaultTag | string | `"5.1.6@sha256:657411909f08e50d59293b4812f2aa870c59098172ab5bbb4eef0512272e5f02"` | Docker image tag for the `pgsql-exporter` image | +| postgresExporter.image.defaultTag | string | `"5.1.7@sha256:657411909f08e50d59293b4812f2aa870c59098172ab5bbb4eef0512272e5f02"` | Docker image tag for the `pgsql-exporter` image | | postgresExporter.image.name | string | `"postgres_exporter"` | Docker image name for the `pgsql-exporter` image | | postgresExporter.resources | object | `{"limits":{"cpu":"10m","memory":"50Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Resource requests & limits for the `pgsql-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | preciseCodeIntel.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `precise-code-intel-worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | preciseCodeIntel.env | object | `{"NUM_WORKERS":{"value":"4"}}` | Environment variables for the `precise-code-intel-worker` container | -| preciseCodeIntel.image.defaultTag | string | `"5.1.6@sha256:334fba3628ead3aae7f1edf7eab229fcc98220c4d282a66e039b13e19e641a30"` | Docker image tag for the `precise-code-intel-worker` image | +| preciseCodeIntel.image.defaultTag | string | `"5.1.7@sha256:b24593389862f345f52a7932743fa91f5d6758b9aaa9b0fb9049ae39dacc4f5d"` | Docker image tag for the `precise-code-intel-worker` image | | preciseCodeIntel.image.name | string | `"precise-code-intel-worker"` | Docker image name for the `precise-code-intel-worker` image | | preciseCodeIntel.name | string | `"precise-code-intel-worker"` | Name used by resources. Does not affect service names or PVCs. | | preciseCodeIntel.podSecurityContext | object | `{}` | Security context for the `precise-code-intel-worker` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -255,7 +255,7 @@ In addition to the documented values, all services also support the following va | prometheus.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":false,"runAsGroup":100,"runAsUser":100}` | Security context for the `prometheus` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | prometheus.enabled | bool | `true` | Enable `prometheus` (recommended) | | prometheus.existingConfig | string | `""` | Name of existing ConfigMap for `pgsql`. It must contain a `prometheus.yml` key | -| prometheus.image.defaultTag | string | `"5.1.6@sha256:f549631d050066931d74a8a5705f52d820da976c266e04b69b1d941c3d22ff9d"` | Docker image tag for the `prometheus` image | +| prometheus.image.defaultTag | string | `"5.1.7@sha256:6f9fa3fa41ae5e2aa5c5261a9efa44bbdfd000a2a6d4f28542212bd2e95c145b"` | Docker image tag for the `prometheus` image | | prometheus.image.name | string | `"prometheus"` | Docker image name for the `prometheus` image | | prometheus.name | string | `"prometheus"` | Name used by resources. Does not affect service names or PVCs. | | prometheus.podSecurityContext | object | `{"fsGroup":100,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `prometheus` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -286,7 +286,7 @@ In addition to the documented values, all services also support the following va | redisCache.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisCache.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-cache` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | redisCache.enabled | bool | `true` | Enable `redis-cache` Redis server | -| redisCache.image.defaultTag | string | `"5.1.6@sha256:2edcd4ccdec826462b989332c27c054416149341f2eb5312f7a776a73f6d548d"` | Docker image tag for the `redis-cache` image | +| redisCache.image.defaultTag | string | `"5.1.7@sha256:2edcd4ccdec826462b989332c27c054416149341f2eb5312f7a776a73f6d548d"` | Docker image tag for the `redis-cache` image | | redisCache.image.name | string | `"redis-cache"` | Docker image name for the `redis-cache` image | | redisCache.name | string | `"redis-cache"` | Name used by resources. Does not affect service names or PVCs. | | redisCache.podSecurityContext | object | `{"fsGroup":1000,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `redis-cache` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -295,14 +295,14 @@ In addition to the documented values, all services also support the following va | redisCache.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | redisCache.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-cache` data volume | | redisExporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| redisExporter.image.defaultTag | string | `"5.1.6@sha256:2ef28cd8e9202f13d58b2426cb1250f2fb56ca9cda2392262cedb4706867f6ab"` | Docker image tag for the `redis-exporter` image | +| redisExporter.image.defaultTag | string | `"5.1.7@sha256:2ef28cd8e9202f13d58b2426cb1250f2fb56ca9cda2392262cedb4706867f6ab"` | Docker image tag for the `redis-exporter` image | | redisExporter.image.name | string | `"redis_exporter"` | Docker image name for the `redis-exporter` image | | redisExporter.resources | object | `{"limits":{"cpu":"10m","memory":"100Mi"},"requests":{"cpu":"10m","memory":"100Mi"}}` | Resource requests & limits for the `redis-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | redisStore.connection.endpoint | string | `"redis-store:6379"` | Endpoint to use for redis-store. Supports either host:port or IANA specification | | redisStore.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisStore.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-store` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | redisStore.enabled | bool | `true` | Enable `redis-store` Redis server | -| redisStore.image.defaultTag | string | `"5.1.6@sha256:4b7622d7a5bfa57f23b4532692480d8225c6d9d0e4095aaa914d3ad45e9a6e72"` | Docker image tag for the `redis-store` image | +| redisStore.image.defaultTag | string | `"5.1.7@sha256:4b7622d7a5bfa57f23b4532692480d8225c6d9d0e4095aaa914d3ad45e9a6e72"` | Docker image tag for the `redis-store` image | | redisStore.image.name | string | `"redis-store"` | Docker image name for the `redis-store` image | | redisStore.name | string | `"redis-store"` | Name used by resources. Does not affect service names or PVCs. | | redisStore.podSecurityContext | object | `{"fsGroup":1000,"fsGroupChangePolicy":"OnRootMismatch"}` | Security context for the `redis-store` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -311,7 +311,7 @@ In addition to the documented values, all services also support the following va | redisStore.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | redisStore.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-store` data volume | | repoUpdater.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `repo-updater` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| repoUpdater.image.defaultTag | string | `"5.1.6@sha256:d7655831f328eabdbf6b5030a8845aaa29b11bce514d9880104c3d9864afc5f7"` | Docker image tag for the `repo-updater` image | +| repoUpdater.image.defaultTag | string | `"5.1.7@sha256:970292e7c58ba5b3858c90ff0b40573a946a4b7ed1a47f6c7e56d514e8f0127b"` | Docker image tag for the `repo-updater` image | | repoUpdater.image.name | string | `"repo-updater"` | Docker image name for the `repo-updater` image | | repoUpdater.name | string | `"repo-updater"` | Name used by resources. Does not affect service names or PVCs. | | repoUpdater.podSecurityContext | object | `{}` | Security context for the `repo-updater` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -319,7 +319,7 @@ In addition to the documented values, all services also support the following va | repoUpdater.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `repo-updater` | | repoUpdater.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | searcher.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `searcher` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| searcher.image.defaultTag | string | `"5.1.6@sha256:e912d02fd69ed678d679344a39d609b88ed0b8170e6f7148ff461b9ba235541c"` | Docker image tag for the `searcher` image | +| searcher.image.defaultTag | string | `"5.1.7@sha256:a3805aa13fbe74de7e864ef17c37a85b871083faea7c3cc21a47221d86033825"` | Docker image tag for the `searcher` image | | searcher.image.name | string | `"searcher"` | Docker image name for the `searcher` image | | searcher.name | string | `"searcher"` | Name used by resources. Does not affect service names or PVCs. | | searcher.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":100}` | Security context for the `searcher` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -350,7 +350,7 @@ In addition to the documented values, all services also support the following va | storageClass.provisioner | string | `"kubernetes.io/gce-pd"` | Name of the storageClass provisioner, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/storage/storage-classes/#provisioner) and consult your cloud provider persistent storage documentation | | storageClass.type | string | `"pd-ssd"` | Value of `type` key in storageClass `parameters`, consult your cloud provider persistent storage documentation | | symbols.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `symbols` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| symbols.image.defaultTag | string | `"5.1.6@sha256:d6d0a0b98800ee1f2a2e2a4318824b0dc238c93818679304276a76299acc44ab"` | Docker image tag for the `symbols` image | +| symbols.image.defaultTag | string | `"5.1.7@sha256:fb4e907f48692a83b9cddb520f37e41004a4612e85537ed8e0bd76b184631330"` | Docker image tag for the `symbols` image | | symbols.image.name | string | `"symbols"` | Docker image name for the `symbols` image | | symbols.name | string | `"symbols"` | Name used by resources. Does not affect service names or PVCs. | | symbols.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":100}` | Security context for the `symbols` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -360,7 +360,7 @@ In addition to the documented values, all services also support the following va | symbols.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | symbols.storageSize | string | `"12Gi"` | Size of the PVC for symbols pods to store cache data | | syntectServer.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `syntect-server` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| syntectServer.image.defaultTag | string | `"5.1.6@sha256:71998fd2544147b42b9b6ac374acea2f3d6a717bf70a25b2e985966a61d6ca28"` | Docker image tag for the `syntect-server` image | +| syntectServer.image.defaultTag | string | `"5.1.7@sha256:71998fd2544147b42b9b6ac374acea2f3d6a717bf70a25b2e985966a61d6ca28"` | Docker image tag for the `syntect-server` image | | syntectServer.image.name | string | `"syntax-highlighter"` | Docker image name for the `syntect-server` image | | syntectServer.name | string | `"syntect-server"` | Name used by resources. Does not affect service names or PVCs. | | syntectServer.podSecurityContext | object | `{}` | Security context for the `syntect-server` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | @@ -370,7 +370,7 @@ In addition to the documented values, all services also support the following va | syntectServer.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | worker.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | worker.env | object | `{}` | Environment variables for the `worker` container | -| worker.image.defaultTag | string | `"5.1.6@sha256:896883346f60fc0bacbf2a0ef36b9c424d5a5453aa29964095a755e510672943"` | Docker image tag for the `worker` image | +| worker.image.defaultTag | string | `"5.1.7@sha256:013124d674896a20a981dd08d062120619f70137ae2031e574ee5f283e887e27"` | Docker image tag for the `worker` image | | worker.image.name | string | `"worker"` | Docker image name for the `worker` image | | worker.name | string | `"worker"` | Name used by resources. Does not affect service names or PVCs. | | worker.podSecurityContext | object | `{}` | Security context for the `worker` pod, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) | diff --git a/charts/sourcegraph/examples/subchart/Chart.yaml b/charts/sourcegraph/examples/subchart/Chart.yaml index 3b32c089..bc5cb843 100644 --- a/charts/sourcegraph/examples/subchart/Chart.yaml +++ b/charts/sourcegraph/examples/subchart/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: sourcegraph-subchart description: Customer-owned chart that inherits from Sourcegraph type: application -version: 1.0.0 +version: "5.1.7" dependencies: - name: sourcegraph alias: sg # Optional, allows a custom name to be used - version: 0.7.0 + version: "5.1.7" repository: "https://sourcegraph.github.io/deploy-sourcegraph-helm" diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 023c8896..e171c514 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -86,7 +86,7 @@ sourcegraph: alpine: # Used in init containers image: # -- Docker image tag for the `alpine` image - defaultTag: 5.1.6@sha256:ed08c72677022f8b7f23189d3eb406221a0adec00837a6648c868454c3030dc5 + defaultTag: 5.1.7@sha256:fac2594c147359da754905fc7fe6df07483a2b03d12b5c7591d540cf982b9898 # -- Docker image name for the `alpine` image name: "alpine-3.14" # -- Security context for the `alpine` initContainer, @@ -111,7 +111,7 @@ cadvisor: enabled: true image: # -- Docker image tag for the `cadvisor` image - defaultTag: 5.1.6@sha256:791b45a1aae249c03fa2e1c7d7c4df0c4969d4b25e1774ce466573d63aa04fe8 + defaultTag: 5.1.7@sha256:791b45a1aae249c03fa2e1c7d7c4df0c4969d4b25e1774ce466573d63aa04fe8 # -- Docker image name for the `cadvisor` image name: "cadvisor" # -- Name used by resources. Does not affect service names or PVCs. @@ -174,7 +174,7 @@ codeInsightsDB: additionalConfig: "" image: # -- Docker image tag for the `codeinsights-db` image - defaultTag: 5.1.6@sha256:9e4715fdde56c293fca9ce5f23d886f215a7db4c8b71efe8dab4f18a0c9d6895 + defaultTag: 5.1.7@sha256:d487e749a3c33602885ccf1cde3832e21a48d0207840af25044fe2e35eb4d5b6 # -- Docker image name for the `codeinsights-db` image name: "codeinsights-db" # -- Security context for the `codeinsights-db` container, @@ -245,7 +245,7 @@ codeIntelDB: additionalConfig: "" image: # -- Docker image tag for the `codeintel-db` image - defaultTag: 5.1.6@sha256:f3658f9f4922df5350085285d86e79ece21fe10b71ac450bcd6989dcab6ac7a7 + defaultTag: 5.1.7@sha256:14f40666a73e32116139e6554842e18c6d54e6b16db447cff768b9d043880f43 # -- Docker image name for the `codeintel-db` image name: "codeintel-db" # -- Security context for the `codeintel-db` container, @@ -291,8 +291,8 @@ embeddings: # -- Docker image name for the `embeddings` image name: "embeddings" # -- Docker image tag for the `embeddings` image - defaultTag: "5.1.6@sha256:e849f52e38637882e5d2ba3d7d27a656d897c4b4e2905e1fdb843536d9c948ab" - # -- Resource requests & limits for the `embeddings` container, + defaultTag: "5.1.7@sha256:2c283ed507c7c7f80dacf6fbc7130df28220b805c7b54e37e7acb080b027a710" + # -- Resource requests & limits for the `worker` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) resources: limits: @@ -384,7 +384,7 @@ frontend: value: http://prometheus:30090 image: # -- Docker image tag for the `frontend` image - defaultTag: 5.1.6@sha256:d4a143f107b1c6d7cc18f948f668c1d1c9cd847abda590763e2998c16bae098e + defaultTag: 5.1.7@sha256:e4ca096bff965011882ceea8e81a1ca0afc5db134cc7b5c5a5be1b4b2f443ecb # -- Docker image name for the `frontend` image name: "frontend" ingress: @@ -442,7 +442,7 @@ migrator: enabled: true image: # -- Docker image tag for the `migrator` image - defaultTag: 5.1.6@sha256:76facd38029ee611e5bee723736e42eedb633b2c31d4494711c55f59906a5f93 + defaultTag: 5.1.7@sha256:aa5b96b2ac6fa1f72a3f4ad5f34f8b6762f63e28aa6f37026cd337a221971da9 # -- Docker image name for the `migrator` image name: "migrator" # -- Environment variables for the `migrator` container @@ -467,7 +467,7 @@ migrator: githubProxy: image: # -- Docker image tag for the `github-proxy` image - defaultTag: 5.1.6@sha256:b5df1ae065702701549b12e626b5fd382babad6618ae752f9340557f5ff0b809 + defaultTag: 5.1.7@sha256:75a58b8bb961e0c387521183875d677cc23813dfca2cf588c4bb2db83837fea0 # -- Docker image name for the `github-proxy` image name: "github-proxy" # -- Security context for the `github-proxy` container, @@ -500,7 +500,7 @@ githubProxy: gitserver: image: # -- Docker image tag for the `gitserver` image - defaultTag: 5.1.6@sha256:2bf27f6ca7e8eddf7a17f18e7f5d41edd6d2180818ae8ff1d51181b9b0124b4d + defaultTag: 5.1.7@sha256:c0964390c0f165e8afa821f068b7aa2732510dc2c84e51531a1c393c15bc0c50 # -- Docker image name for the `gitserver` image name: "gitserver" # -- Name of existing Secret that contains SSH credentials to clone repositories. @@ -549,7 +549,7 @@ grafana: existingConfig: "" # Name of an existing configmap image: # -- Docker image tag for the `grafana` image - defaultTag: 5.1.6@sha256:e34b7c0b6997e3b64d4a7d61a2b6ea9a50d07006caaffcbfc218849201e63af9 + defaultTag: 5.1.7@sha256:9f6e6812df8ac80f311f3598e62e822048c4eb77233822d5ebd439426b67a18d # -- Docker image name for the `grafana` image name: "grafana" # -- Security context for the `grafana` container, @@ -588,7 +588,7 @@ grafana: indexedSearch: image: # -- Docker image tag for the `zoekt-webserver` image - defaultTag: 5.1.6@sha256:ed04e99a3b4e50f4f4794420c120deb872af84b31d2daf35ebf94a9aae97971b + defaultTag: 5.1.7@sha256:c40cea4fd9698be6d4eaedd4abb713e2c85ec2c328fd3fdfec738c54a7c3f2da # -- Docker image name for the `zoekt-webserver` image name: "indexed-searcher" # -- Security context for the `zoekt-webserver` container, @@ -629,7 +629,7 @@ indexedSearch: indexedSearchIndexer: image: # -- Docker image tag for the `zoekt-indexserver` image - defaultTag: 5.1.6@sha256:d84cbdb626c7d48288d794e5085cd651406b5d3ec346b506ad370718b9a422c5 + defaultTag: 5.1.7@sha256:cde4201479ae09d4c611e631e6547de00312e1397d9073e0a38e07b55a8fdf21 # -- Docker image name for the `zoekt-indexserver` image name: "search-indexer" # -- Security context for the `zoekt-indexserver` container, @@ -656,7 +656,7 @@ blobstore: enabled: true image: # -- Docker image tag for the `blobstore` image - defaultTag: 5.1.6@sha256:f21a7f4092e279a1e251e34d8b54fdccb29e80f8a8e5653f6bf43404c7b27b18 + defaultTag: 5.1.7@sha256:f21a7f4092e279a1e251e34d8b54fdccb29e80f8a8e5653f6bf43404c7b27b18 # -- Docker image name for the `blobstore` image name: "blobstore" # -- Security context for the `blobstore` container, @@ -695,7 +695,7 @@ openTelemetry: enabled: true image: # -- Docker image tag for the `otel-collector` image - defaultTag: 5.1.6@sha256:e6c23cf589bae9e6ca6ace031da329d9d963917d8a739902bfd70e1d3e6fcc74 # TODO: change once we have a versioned image with bundled configs + logging exporter + defaultTag: 5.1.7@sha256:e6c23cf589bae9e6ca6ace031da329d9d963917d8a739902bfd70e1d3e6fcc74 # TODO: change once we have a versioned image with bundled configs + logging exporter # -- Docker image name for the `otel-collector` image name: "opentelemetry-collector" gateway: @@ -754,7 +754,7 @@ nodeExporter: enabled: true image: # -- Docker image tag for the `node-exporter` image - defaultTag: 5.1.6@sha256:f750e658062c1f170f0d21310759cd53a1d76fbaa3f6482b2c421438ed25c523 + defaultTag: 5.1.7@sha256:f750e658062c1f170f0d21310759cd53a1d76fbaa3f6482b2c421438ed25c523 # -- Docker image name for the `node-exporter` image name: "node-exporter" # -- Name used by resources. Does not affect service names or PVCs. @@ -823,7 +823,7 @@ pgsql: additionalConfig: "" image: # -- Docker image tag for the `pgsql` image - defaultTag: 5.1.6@sha256:f3658f9f4922df5350085285d86e79ece21fe10b71ac450bcd6989dcab6ac7a7 + defaultTag: 5.1.7@sha256:14f40666a73e32116139e6554842e18c6d54e6b16db447cff768b9d043880f43 # -- Docker image name for the `pgsql` image name: "postgres-12-alpine" # -- Security context for the `pgsql` container, @@ -865,7 +865,7 @@ pgsql: postgresExporter: image: # -- Docker image tag for the `pgsql-exporter` image - defaultTag: 5.1.6@sha256:657411909f08e50d59293b4812f2aa870c59098172ab5bbb4eef0512272e5f02 + defaultTag: 5.1.7@sha256:657411909f08e50d59293b4812f2aa870c59098172ab5bbb4eef0512272e5f02 # -- Docker image name for the `pgsql-exporter` image name: "postgres_exporter" # -- Resource requests & limits for the `pgsql-exporter` sidecar container, @@ -885,7 +885,7 @@ preciseCodeIntel: value: "4" image: # -- Docker image tag for the `precise-code-intel-worker` image - defaultTag: 5.1.6@sha256:334fba3628ead3aae7f1edf7eab229fcc98220c4d282a66e039b13e19e641a30 + defaultTag: 5.1.7@sha256:b24593389862f345f52a7932743fa91f5d6758b9aaa9b0fb9049ae39dacc4f5d # -- Docker image name for the `precise-code-intel-worker` image name: "precise-code-intel-worker" # -- Security context for the `precise-code-intel-worker` container, @@ -924,7 +924,7 @@ prometheus: existingConfig: "" # Name of an existing configmap image: # -- Docker image tag for the `prometheus` image - defaultTag: 5.1.6@sha256:f549631d050066931d74a8a5705f52d820da976c266e04b69b1d941c3d22ff9d + defaultTag: 5.1.7@sha256:6f9fa3fa41ae5e2aa5c5261a9efa44bbdfd000a2a6d4f28542212bd2e95c145b # -- Docker image name for the `prometheus` image name: "prometheus" # -- Security context for the `prometheus` container, @@ -974,7 +974,7 @@ redisCache: enabled: true image: # -- Docker image tag for the `redis-cache` image - defaultTag: 5.1.6@sha256:2edcd4ccdec826462b989332c27c054416149341f2eb5312f7a776a73f6d548d + defaultTag: 5.1.7@sha256:2edcd4ccdec826462b989332c27c054416149341f2eb5312f7a776a73f6d548d # -- Docker image name for the `redis-cache` image name: "redis-cache" connection: @@ -1018,7 +1018,7 @@ redisCache: redisExporter: image: # -- Docker image tag for the `redis-exporter` image - defaultTag: 5.1.6@sha256:2ef28cd8e9202f13d58b2426cb1250f2fb56ca9cda2392262cedb4706867f6ab + defaultTag: 5.1.7@sha256:2ef28cd8e9202f13d58b2426cb1250f2fb56ca9cda2392262cedb4706867f6ab # -- Docker image name for the `redis-exporter` image name: "redis_exporter" # -- Security context for the `redis-exporter` sidecar container, @@ -1050,7 +1050,7 @@ redisStore: endpoint: "redis-store:6379" image: # -- Docker image tag for the `redis-store` image - defaultTag: 5.1.6@sha256:4b7622d7a5bfa57f23b4532692480d8225c6d9d0e4095aaa914d3ad45e9a6e72 + defaultTag: 5.1.7@sha256:4b7622d7a5bfa57f23b4532692480d8225c6d9d0e4095aaa914d3ad45e9a6e72 # -- Docker image name for the `redis-store` image name: "redis-store" # -- Security context for the `redis-store` container, @@ -1087,7 +1087,7 @@ redisStore: repoUpdater: image: # -- Docker image tag for the `repo-updater` image - defaultTag: 5.1.6@sha256:d7655831f328eabdbf6b5030a8845aaa29b11bce514d9880104c3d9864afc5f7 + defaultTag: 5.1.7@sha256:970292e7c58ba5b3858c90ff0b40573a946a4b7ed1a47f6c7e56d514e8f0127b # -- Docker image name for the `repo-updater` image name: "repo-updater" # -- Security context for the `repo-updater` container, @@ -1120,7 +1120,7 @@ repoUpdater: searcher: image: # -- Docker image tag for the `searcher` image - defaultTag: 5.1.6@sha256:e912d02fd69ed678d679344a39d609b88ed0b8170e6f7148ff461b9ba235541c + defaultTag: 5.1.7@sha256:a3805aa13fbe74de7e864ef17c37a85b871083faea7c3cc21a47221d86033825 # -- Docker image name for the `searcher` image name: "searcher" # -- Security context for the `searcher` container, @@ -1181,7 +1181,7 @@ storageClass: symbols: image: # -- Docker image tag for the `symbols` image - defaultTag: 5.1.6@sha256:d6d0a0b98800ee1f2a2e2a4318824b0dc238c93818679304276a76299acc44ab + defaultTag: 5.1.7@sha256:fb4e907f48692a83b9cddb520f37e41004a4612e85537ed8e0bd76b184631330 # -- Docker image name for the `symbols` image name: "symbols" # -- Security context for the `symbols` container, @@ -1221,7 +1221,7 @@ symbols: syntectServer: image: # -- Docker image tag for the `syntect-server` image - defaultTag: 5.1.6@sha256:71998fd2544147b42b9b6ac374acea2f3d6a717bf70a25b2e985966a61d6ca28 + defaultTag: 5.1.7@sha256:71998fd2544147b42b9b6ac374acea2f3d6a717bf70a25b2e985966a61d6ca28 # -- Docker image name for the `syntect-server` image name: "syntax-highlighter" # -- Security context for the `syntect-server` container, @@ -1269,7 +1269,7 @@ jaeger: enabled: false image: # -- Docker image tag for the `jaeger` image - defaultTag: 5.1.6@sha256:ada836a287beafeca38b8e940067e802749f13c0daf6c5c6842afb81875a4b8b + defaultTag: 5.1.7@sha256:ada836a287beafeca38b8e940067e802749f13c0daf6c5c6842afb81875a4b8b # -- Docker image name for the `jaeger` image name: "jaeger-all-in-one" # -- Name used by resources. Does not affect service names or PVCs. @@ -1315,7 +1315,7 @@ jaeger: worker: image: # -- Docker image tag for the `worker` image - defaultTag: 5.1.6@sha256:896883346f60fc0bacbf2a0ef36b9c424d5a5453aa29964095a755e510672943 + defaultTag: 5.1.7@sha256:013124d674896a20a981dd08d062120619f70137ae2031e574ee5f283e887e27 # -- Docker image name for the `worker` image name: "worker" # -- Security context for the `worker` container, From a5419aeabc1e116372ab6e117166e6c37239b88f Mon Sep 17 00:00:00 2001 From: Jacob Pleiness Date: Thu, 24 Aug 2023 21:34:28 -0400 Subject: [PATCH 2/3] changelog --- charts/sourcegraph/CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/charts/sourcegraph/CHANGELOG.md b/charts/sourcegraph/CHANGELOG.md index fcd8ff11..1fba2bec 100644 --- a/charts/sourcegraph/CHANGELOG.md +++ b/charts/sourcegraph/CHANGELOG.md @@ -8,6 +8,9 @@ Use `**BREAKING**:` to denote a breaking change ## Unreleased +## 5.1.7 + +- Sourcegraph 5.1.7 is now available! - Added a service for the Qdrant vector database ## 5.1.6 From e1918cdba611cbe40dcac6fffb3d1a263ab847c4 Mon Sep 17 00:00:00 2001 From: Jacob Pleiness Date: Thu, 24 Aug 2023 21:58:18 -0400 Subject: [PATCH 3/3] docs --- charts/sourcegraph/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 2b15d80e..460be314 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -99,7 +99,7 @@ In addition to the documented values, all services also support the following va | embeddings.image.name | string | `"embeddings"` | Docker image name for the `embeddings` image | | embeddings.name | string | `"embeddings"` | Name of the `embeddings` service | | embeddings.podSecurityContext | object | `{}` | Security context for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | embeddings.serviceAccount.annotations | object | `{}` | | | embeddings.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | | embeddings.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount |