From 7e71c928fcf3d0567f15f7a64816e86e076b181d Mon Sep 17 00:00:00 2001
From: Warren Gifford <warrenbruceg@gmail.com>
Date: Thu, 4 Jun 2026 14:39:33 -0700
Subject: [PATCH 1/2] warn about k8s native state

---
 charts/sourcegraph-executor/README.md           | 17 ++++++++++++++---
 charts/sourcegraph-executor/dind/README.md      |  8 +++++++-
 .../sourcegraph-executor/dind/README.md.gotmpl  |  8 +++++++-
 charts/sourcegraph-executor/k8s/README.md       |  6 ++++++
 .../sourcegraph-executor/k8s/README.md.gotmpl   |  6 ++++++
 5 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/charts/sourcegraph-executor/README.md b/charts/sourcegraph-executor/README.md
index 279cf0229..df4bf0f08 100644
--- a/charts/sourcegraph-executor/README.md
+++ b/charts/sourcegraph-executor/README.md
@@ -3,7 +3,13 @@
 This directory contains two Helm charts for deploying executors on Kubernetes. [See the docs](https://docs.sourcegraph.com/admin/executors/deploy_executors_kubernetes) for more information on executors on Kubernetes.
 
 ## Native Kubernetes (k8s)
-This chart deploys executors that interact with the Kubernetes API to handle jobs. This is the preferred deployment option.  
+This chart deploys executors that interact with the Kubernetes API to handle jobs.
+
+> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
+> mode has known durability and reliability limitations. For production workloads, deploy using
+> [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary) instead.
+
 Your cluster will need to allow configuration of the following RBAC rules:
 
 | API Groups | Resources          | Verbs                     | Reason                                                                                    |
@@ -12,5 +18,10 @@ Your cluster will need to allow configuration of the following RBAC rules:
 |            | `pods`, `pods/log` | `get`, `list`, `watch`    | Executors need to look up and steam logs from the Job Pods.                               |
 
 ## Docker in Docker (dind)
-This chart deploys executors that deploy a [Docker in Docker](https://www.docker.com/blog/docker-can-now-run-within-docker/) sidecar with each executor pod to avoid accessing the host container runtime directly. This method requires privileged access to a container runtime daemon in order to operate correctly.  
-If you have security concerns, consider deploying via [a non-Kubernetes method](https://docs.sourcegraph.com/admin/executors).
+
+> ⚠️ **Beta:** Docker-in-Docker Kubernetes executors are not recommended for production use.
+> This method requires privileged access to a container runtime daemon and does not use Firecracker
+> isolation. For production workloads, consider a
+> [non-Kubernetes method](https://docs.sourcegraph.com/admin/executors).
+
+This chart deploys executors that deploy a [Docker in Docker](https://www.docker.com/blog/docker-can-now-run-within-docker/) sidecar with each executor pod to avoid accessing the host container runtime directly. This method requires privileged access to a container runtime daemon in order to operate correctly.
diff --git a/charts/sourcegraph-executor/dind/README.md b/charts/sourcegraph-executor/dind/README.md
index 0b29fad53..8de11ecda 100644
--- a/charts/sourcegraph-executor/dind/README.md
+++ b/charts/sourcegraph-executor/dind/README.md
@@ -5,7 +5,13 @@
 
 # Sourcegraph Executor Helm Chart
 
-This chart contains two deployments, Sourcegraph Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy executors
+This chart contains two deployments, Sourcegraph Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy executors.
+
+> ⚠️ **Beta:** Docker-in-Docker Kubernetes executors are not recommended for production use.
+> This method requires privileged access to a container runtime daemon. For production workloads,
+> consider deploying via
+> [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or
+> [binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
 
 Use cases:
 
diff --git a/charts/sourcegraph-executor/dind/README.md.gotmpl b/charts/sourcegraph-executor/dind/README.md.gotmpl
index 25825df51..14e507ba9 100644
--- a/charts/sourcegraph-executor/dind/README.md.gotmpl
+++ b/charts/sourcegraph-executor/dind/README.md.gotmpl
@@ -5,7 +5,13 @@
 
 # Sourcegraph Executor Helm Chart
 
-This chart contains two deployments, Sourcegraph Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy executors
+This chart contains two deployments, Sourcegraph Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy executors.
+
+> ⚠️ **Beta:** Docker-in-Docker Kubernetes executors are not recommended for production use.
+> This method requires privileged access to a container runtime daemon. For production workloads,
+> consider deploying via
+> [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or
+> [binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
 
 Use cases:
 
diff --git a/charts/sourcegraph-executor/k8s/README.md b/charts/sourcegraph-executor/k8s/README.md
index 936c019ed..cdb2d0169 100644
--- a/charts/sourcegraph-executor/k8s/README.md
+++ b/charts/sourcegraph-executor/k8s/README.md
@@ -7,6 +7,12 @@
 
 This chart contains two deployments, Sourcegraph Kubernetes native Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy Kubernetes native executors.
 
+> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
+> mode has known durability and reliability limitations including job loss on node failure and
+> best-effort resource cleanup. For production workloads, deploy using
+> [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
+
 Use cases:
 
 - Deploy Sourcegraph Kubernetes native Executors on Kubernetes
diff --git a/charts/sourcegraph-executor/k8s/README.md.gotmpl b/charts/sourcegraph-executor/k8s/README.md.gotmpl
index 679793aa6..c75659b3d 100644
--- a/charts/sourcegraph-executor/k8s/README.md.gotmpl
+++ b/charts/sourcegraph-executor/k8s/README.md.gotmpl
@@ -7,6 +7,12 @@
 
 This chart contains two deployments, Sourcegraph Kubernetes native Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy Kubernetes native executors.
 
+> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
+> mode has known durability and reliability limitations including job loss on node failure and
+> best-effort resource cleanup. For production workloads, deploy using
+> [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
+
 Use cases:
 
 - Deploy Sourcegraph Kubernetes native Executors on Kubernetes

From 10ea31b7ce0c38a135a742085dcb9b7e32931476 Mon Sep 17 00:00:00 2001
From: Warren Gifford <warrenbruceg@gmail.com>
Date: Thu, 4 Jun 2026 14:52:04 -0700
Subject: [PATCH 2/2] correct warning

---
 charts/sourcegraph-executor/README.md            | 5 ++---
 charts/sourcegraph-executor/k8s/README.md        | 6 ++----
 charts/sourcegraph-executor/k8s/README.md.gotmpl | 6 ++----
 3 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/charts/sourcegraph-executor/README.md b/charts/sourcegraph-executor/README.md
index df4bf0f08..d3492ffcd 100644
--- a/charts/sourcegraph-executor/README.md
+++ b/charts/sourcegraph-executor/README.md
@@ -5,10 +5,9 @@ This directory contains two Helm charts for deploying executors on Kubernetes. [
 ## Native Kubernetes (k8s)
 This chart deploys executors that interact with the Kubernetes API to handle jobs.
 
-> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
-> mode has known durability and reliability limitations. For production workloads, deploy using
+> ⚠️ **Beta:** Native Kubernetes executors are in beta. For production workloads, consider deploying using
 > [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
-> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary) instead.
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary) for better long-term support.
 
 Your cluster will need to allow configuration of the following RBAC rules:
 
diff --git a/charts/sourcegraph-executor/k8s/README.md b/charts/sourcegraph-executor/k8s/README.md
index cdb2d0169..86a37bed8 100644
--- a/charts/sourcegraph-executor/k8s/README.md
+++ b/charts/sourcegraph-executor/k8s/README.md
@@ -7,11 +7,9 @@
 
 This chart contains two deployments, Sourcegraph Kubernetes native Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy Kubernetes native executors.
 
-> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
-> mode has known durability and reliability limitations including job loss on node failure and
-> best-effort resource cleanup. For production workloads, deploy using
+> ⚠️ **Beta:** Native Kubernetes executors are in beta. For production workloads, consider deploying using
 > [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
-> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary) for better long-term support.
 
 Use cases:
 
diff --git a/charts/sourcegraph-executor/k8s/README.md.gotmpl b/charts/sourcegraph-executor/k8s/README.md.gotmpl
index c75659b3d..02c346832 100644
--- a/charts/sourcegraph-executor/k8s/README.md.gotmpl
+++ b/charts/sourcegraph-executor/k8s/README.md.gotmpl
@@ -7,11 +7,9 @@
 
 This chart contains two deployments, Sourcegraph Kubernetes native Executors and a private Docker Registry. It is a supplemental chart for the parent [sourcegraph/sourcegraph] Helm Chart if you wish to deploy Kubernetes native executors.
 
-> ⚠️ **Beta:** Native Kubernetes executors are not recommended for production use. This deployment
-> mode has known durability and reliability limitations including job loss on node failure and
-> best-effort resource cleanup. For production workloads, deploy using
+> ⚠️ **Beta:** Native Kubernetes executors are in beta. For production workloads, consider deploying using
 > [Terraform](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-terraform) or the
-> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary).
+> [Linux binary](https://docs.sourcegraph.com/self-hosted/executors/deploy-executors-binary) for better long-term support.
 
 Use cases: