diff --git a/base/blobstore/blobstore.Deployment.yaml b/base/blobstore/blobstore.Deployment.yaml index 405d74537426..12bcee416fba 100644 --- a/base/blobstore/blobstore.Deployment.yaml +++ b/base/blobstore/blobstore.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: blobstore - image: index.docker.io/sourcegraph/blobstore:5.9.347@sha256:aed5ade110f16b36237c040ffc787e73237e109f0b1341aaa608c44eae48004b + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/blobstore:5.9.17785@sha256:2eadc30402db576b9a9ffb3ed1abfbd26e455b7444ab0dde0bd2aa1838c7b21b terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9000 diff --git a/base/cadvisor/cadvisor.DaemonSet.yaml b/base/cadvisor/cadvisor.DaemonSet.yaml index a5c3bebef282..dcc37f6d359e 100644 --- a/base/cadvisor/cadvisor.DaemonSet.yaml +++ b/base/cadvisor/cadvisor.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: serviceAccountName: cadvisor containers: - name: cadvisor - image: index.docker.io/sourcegraph/cadvisor:5.9.347@sha256:4f2a2c550f4cdfeca0d87cf607d75d356f3be6a32132fa88cdbb3e086ae6429a + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/cadvisor:5.9.17785@sha256:5b4459633e28b53a41fdb3118194d9c353373d7e4327e73cb44ad9a788815ae9 args: # Kubernetes-specific flags below (other flags are baked into the Docker image) # diff --git a/base/codeinsights-db/codeinsights-db.Deployment.yaml b/base/codeinsights-db/codeinsights-db.Deployment.yaml index 9c2f9fb8896a..6684fce6a540 100644 --- a/base/codeinsights-db/codeinsights-db.Deployment.yaml +++ b/base/codeinsights-db/codeinsights-db.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.9.347@sha256:b4d78b475c4eb1fa4e592338bf619939d574b0ac7056df4d96533748c5c06560 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 command: ["sh", "-c", "if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; fi"] volumeMounts: - mountPath: /var/lib/postgresql/data/ @@ -42,7 +42,7 @@ spec: memory: "50Mi" containers: - name: codeinsights - image: index.docker.io/sourcegraph/codeinsights-db:5.9.347@sha256:dfe1d4f308ae27baddf144ceb7249b653af6c6cdd731a82e3a36741a7a939e94 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/codeinsights-db:5.9.17785@sha256:2a49fd773e6d15b1e2796917f511ec702e1d939e16cb5092c23c408859fd0cdd env: - name: POSTGRES_DB value: postgres @@ -75,7 +75,7 @@ spec: value: postgres://postgres:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_insights_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.9.347@sha256:5ae8e30dc827e30154ca1c0d309b476e0298b354e877fe95f71b4c5130d1da33 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/codeinsights-db/codeinsights-db.StatefulSet.yaml b/base/codeinsights-db/codeinsights-db.StatefulSet.yaml new file mode 100644 index 000000000000..aa54ba745221 --- /dev/null +++ b/base/codeinsights-db/codeinsights-db.StatefulSet.yaml @@ -0,0 +1,98 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Code Insights Postgres DB instance. + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeinsights-db + serviceName: codeinsights-db + template: + metadata: + labels: + app: codeinsights-db + deploy: sourcegraph + group: backend + spec: + containers: + - env: + - name: POSTGRES_DB + value: postgres + - name: POSTGRES_PASSWORD + value: password + - name: POSTGRES_USER + value: postgres + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRESQL_CONF_DIR + value: /conf + image: index.docker.io/sourcegraph/postgresql-16-codeinsights:5.10.2832@sha256:96b88fb2fe8bbd735be8ee75e5b49c70d7dc11089ae5fa7307955728adba6a7d + name: codeinsights + ports: + - containerPort: 5432 + name: codeinsights-db + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 70 + runAsUser: 70 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + - mountPath: /conf + name: codeinsights-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://postgres:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_insights_queries.yaml + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba + name: pgsql-exporter + ports: + - containerPort: 9187 + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; fi + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 70 + runAsUser: 70 + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + securityContext: + fsGroup: 70 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 70 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeinsights-db + - configMap: + defaultMode: 511 + name: codeinsights-db-conf + name: codeinsights-conf + updateStrategy: + type: RollingUpdate diff --git a/base/codeintel-db/codeintel-db.Deployment.yaml b/base/codeintel-db/codeintel-db.Deployment.yaml index 65eefd6c391e..124f8686a5cf 100644 --- a/base/codeintel-db/codeintel-db.Deployment.yaml +++ b/base/codeintel-db/codeintel-db.Deployment.yaml @@ -27,7 +27,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.9.347@sha256:b4d78b475c4eb1fa4e592338bf619939d574b0ac7056df4d96533748c5c06560 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data @@ -43,7 +43,7 @@ spec: memory: "50Mi" containers: - name: pgsql - image: index.docker.io/sourcegraph/codeintel-db:5.9.347@sha256:98399050651d0d0ba169693c82f254ad1c160e28d3a16c42e1b82bbc7f0cb9e5 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/codeintel-db:5.9.17785@sha256:516d731ba26bb138332429bcf964d7542b2573df5553bf1fb6f5be91a4c9af99 terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -80,7 +80,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_intel_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.9.347@sha256:5ae8e30dc827e30154ca1c0d309b476e0298b354e877fe95f71b4c5130d1da33 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/codeintel-db/codeintel-db.StatefulSet.yaml b/base/codeintel-db/codeintel-db.StatefulSet.yaml new file mode 100644 index 000000000000..355b756458ad --- /dev/null +++ b/base/codeintel-db/codeintel-db.StatefulSet.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeintel-db + serviceName: codeintel-db + template: + metadata: + labels: + app: codeintel-db + deploy: sourcegraph + group: backend + spec: + containers: + - image: index.docker.io/sourcegraph/postgresql-16:5.10.2832@sha256:7a637a98960cb7d3ac6705c7f7335874c005ed9f0c68bfaa0e5eebf2d7f71e94 + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 999 + runAsUser: 999 + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_intel_queries.yaml + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba + name: pgsql-exporter + ports: + - containerPort: 9187 + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 999 + runAsUser: 999 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + fsGroup: 999 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 999 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeintel-db + - configMap: + defaultMode: 511 + name: codeintel-db-conf + name: pgsql-conf + updateStrategy: + type: RollingUpdate diff --git a/base/frontend/sourcegraph-frontend.Deployment.yaml b/base/frontend/sourcegraph-frontend.Deployment.yaml index 30e7730322cd..3f9975ed6316 100644 --- a/base/frontend/sourcegraph-frontend.Deployment.yaml +++ b/base/frontend/sourcegraph-frontend.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: initContainers: - name: migrator - image: index.docker.io/sourcegraph/migrator:5.9.347@sha256:a2a90a003c12643e40256dc4a3a80cd6a1854b67d487b5f8ef7a3cfb6b5a0c93 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/migrator:5.9.17785@sha256:3a50acab73c079cbcc0df69ddb03225dd0183bcd02bf1ce9dc710849f3b78dde args: ["up"] resources: limits: @@ -63,7 +63,7 @@ spec: value: sg containers: - name: frontend - image: index.docker.io/sourcegraph/frontend:5.9.347@sha256:a6536c2379c05c6547910c5569dab5ddbc5b09a54219749bebcedfd550359cff + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/frontend:5.9.17785@sha256:2456ad7f20d04a674df8c926a2ab3576627bcc984b6118db18c11bd482f8cb10 args: - serve env: diff --git a/base/gitserver/gitserver.StatefulSet.yaml b/base/gitserver/gitserver.StatefulSet.yaml index 795c818d950a..efbe91e6988e 100644 --- a/base/gitserver/gitserver.StatefulSet.yaml +++ b/base/gitserver/gitserver.StatefulSet.yaml @@ -35,7 +35,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/gitserver:5.9.347@sha256:ad4a27e69f33a9a38a53db0bd801ce6508bfebbc51b2af1e5a881b748742dab2 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/gitserver:5.9.17785@sha256:6ed0d3cb298f250687965b61f0762c6ffc290d293f8bc9a80145895fec52e4d6 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 5 diff --git a/base/grafana/grafana.StatefulSet.yaml b/base/grafana/grafana.StatefulSet.yaml index 1156f584b53a..552298cf6a56 100644 --- a/base/grafana/grafana.StatefulSet.yaml +++ b/base/grafana/grafana.StatefulSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: grafana - image: index.docker.io/sourcegraph/grafana:5.9.347@sha256:91d0076d075a461d9ff977f9d32b2c7b7e453869ee38f36ab147f0f3fe347a3f + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/grafana:5.9.17785@sha256:f26e275c6d2181a677a8fd077b4524fe85b478492a1d011af8e7aabb6c3edcb6 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3370 diff --git a/base/indexed-search/indexed-search.StatefulSet.yaml b/base/indexed-search/indexed-search.StatefulSet.yaml index 52d367b19ff4..790d80404524 100644 --- a/base/indexed-search/indexed-search.StatefulSet.yaml +++ b/base/indexed-search/indexed-search.StatefulSet.yaml @@ -33,7 +33,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/indexed-searcher:5.9.347@sha256:817141cc166702896fdf14f710b5d610042c0639e1dd2ea5a6ef572648fd8456 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/indexed-searcher:5.9.17785@sha256:617eca4a1b5e4fefaa6a87c5423667b68a0c27b3c606dbefdd8d74823a913cde terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6070 @@ -67,7 +67,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/search-indexer:5.9.347@sha256:2542aaa8fb7b418b94374c14797b90ad3b39688b324897b0adfc726d05a2ba48 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/search-indexer:5.9.17785@sha256:97977b63da0b0c1f33926d0a32201e532ffbeada2be2d561c80503c695a28ab5 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6072 diff --git a/base/node-exporter/node-exporter.DaemonSet.yaml b/base/node-exporter/node-exporter.DaemonSet.yaml index e1c109737d4a..8d319334247f 100644 --- a/base/node-exporter/node-exporter.DaemonSet.yaml +++ b/base/node-exporter/node-exporter.DaemonSet.yaml @@ -24,7 +24,7 @@ spec: spec: containers: - name: node-exporter - image: index.docker.io/sourcegraph/node-exporter:5.9.347@sha256:43d70602b9f5a461fc6f137d743006605d18dab627b9961587fca499db721d7b + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/node-exporter:5.9.17785@sha256:8fc64a1c746b3720a022c78f83481550f2fb6c94bcbbfe1fc339f1314e22d233 imagePullPolicy: IfNotPresent resources: limits: diff --git a/base/otel-collector/otel-agent.DaemonSet.yaml b/base/otel-collector/otel-agent.DaemonSet.yaml index 5f3c1200438b..b66ed2223fea 100644 --- a/base/otel-collector/otel-agent.DaemonSet.yaml +++ b/base/otel-collector/otel-agent.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-agent - image: index.docker.io/sourcegraph/opentelemetry-collector:5.9.347@sha256:78846526afae30eaebd0c598720f05490e64cc32534421357d2b40444bf56bfa + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/opentelemetry-collector:5.9.17785@sha256:dd5aee9c51b53a51828c7723952d82ca752b79aabb1bd32861a61f66c597c32a command: - "/bin/otelcol-sourcegraph" - "--config=/etc/otel-agent/config.yaml" diff --git a/base/otel-collector/otel-collector.Deployment.yaml b/base/otel-collector/otel-collector.Deployment.yaml index 8859a2b81e56..a44be6f0adef 100644 --- a/base/otel-collector/otel-collector.Deployment.yaml +++ b/base/otel-collector/otel-collector.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-collector - image: index.docker.io/sourcegraph/opentelemetry-collector:5.9.347@sha256:78846526afae30eaebd0c598720f05490e64cc32534421357d2b40444bf56bfa + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/opentelemetry-collector:5.9.17785@sha256:dd5aee9c51b53a51828c7723952d82ca752b79aabb1bd32861a61f66c597c32a command: - "/bin/otelcol-sourcegraph" # To use a custom configuration, edit otel-collector.ConfigMap.yaml diff --git a/base/pgsql/pgsql.Deployment.yaml b/base/pgsql/pgsql.Deployment.yaml index 400ffcf85fa3..5a2f3b4059fe 100644 --- a/base/pgsql/pgsql.Deployment.yaml +++ b/base/pgsql/pgsql.Deployment.yaml @@ -27,7 +27,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.9.347@sha256:b4d78b475c4eb1fa4e592338bf619939d574b0ac7056df4d96533748c5c06560 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data @@ -43,7 +43,7 @@ spec: memory: "50Mi" containers: - env: - image: index.docker.io/sourcegraph/postgres-12-alpine:5.9.347@sha256:98399050651d0d0ba169693c82f254ad1c160e28d3a16c42e1b82bbc7f0cb9e5 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres-12-alpine:5.9.17785@sha256:516d731ba26bb138332429bcf964d7542b2573df5553bf1fb6f5be91a4c9af99 terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -83,7 +83,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.9.347@sha256:5ae8e30dc827e30154ca1c0d309b476e0298b354e877fe95f71b4c5130d1da33 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/pgsql/pgsql.StatefulSet.yaml b/base/pgsql/pgsql.StatefulSet.yaml new file mode 100644 index 000000000000..daedaf664319 --- /dev/null +++ b/base/pgsql/pgsql.StatefulSet.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: pgsql + serviceName: pgsql + template: + metadata: + labels: + app: pgsql + deploy: sourcegraph + group: backend + spec: + containers: + - image: index.docker.io/sourcegraph/postgresql-16:5.10.2832@sha256:7a637a98960cb7d3ac6705c7f7335874c005ed9f0c68bfaa0e5eebf2d7f71e94 + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 999 + runAsUser: 999 + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - mountPath: /dev/shm + name: dshm + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/queries.yaml + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.9.17785@sha256:f6a536624f6852b3c906b72bbe3bbcc29004a442de165698e5831f7834487bba + name: pgsql-exporter + ports: + - containerPort: 9187 + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.9.17785@sha256:37e5c808adb380a04902e8620dbf44a716509431de4e7151e733609b40344084 + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + runAsGroup: 999 + runAsUser: 999 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + fsGroup: 999 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 999 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: pgsql + - configMap: + defaultMode: 511 + name: pgsql-conf + name: pgsql-conf + - emptyDir: + medium: Memory + sizeLimit: 1G + name: dshm + updateStrategy: + type: RollingUpdate diff --git a/base/precise-code-intel/worker.Deployment.yaml b/base/precise-code-intel/worker.Deployment.yaml index 196a28ae2153..c88d765f8d68 100644 --- a/base/precise-code-intel/worker.Deployment.yaml +++ b/base/precise-code-intel/worker.Deployment.yaml @@ -46,7 +46,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/precise-code-intel-worker:5.9.347@sha256:aa0a9787d2626d606f89e9bd39371f3d21261d9d700102aa70e2640f2ed6ff2b + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/precise-code-intel-worker:5.9.17785@sha256:1c5952b0fdfb0c134bb0d7269cf36d90fc725050f98c6047a68111c12e941e84 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/prometheus/prometheus.Deployment.yaml b/base/prometheus/prometheus.Deployment.yaml index 85f8ce3a8ee5..7fb85dd93e38 100644 --- a/base/prometheus/prometheus.Deployment.yaml +++ b/base/prometheus/prometheus.Deployment.yaml @@ -25,7 +25,7 @@ spec: spec: containers: - name: prometheus - image: index.docker.io/sourcegraph/prometheus:5.9.347@sha256:4a7710ede3b1eccadc0b6364d61c66d8f9a5c4b5a4209313987529fa4e9ebda1 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/prometheus:5.9.17785@sha256:73c3645eb4fbbb0763e22239904d5162b6d4120c0da4d45f3704173459a35ecb terminationMessagePolicy: FallbackToLogsOnError readinessProbe: httpGet: diff --git a/base/redis/redis-cache.Deployment.yaml b/base/redis/redis-cache.Deployment.yaml index f1b92785c1f1..d2da1d9c44ae 100644 --- a/base/redis/redis-cache.Deployment.yaml +++ b/base/redis/redis-cache.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: redis-cache - image: index.docker.io/sourcegraph/redis-cache:5.9.347@sha256:a9ff1251eb3c4e8934516bb7266eb131b8ef2a8cc715a1841baea4bedce75341 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis-cache:5.9.17785@sha256:c0420c12bf50f4c60fd6a1c59ecd62e28febee402aa19249974116b95b0178f1 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -66,7 +66,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:5.9.347@sha256:f5f1b1e78c6812b91185418c38497930eed16fd5d0633518ef5c73d6a98c1f1f + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis_exporter:5.9.17785@sha256:a8008099a466b4a1475741572c1a93f786182b5c6247d66173a11584ed3639ac terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/redis/redis-store.Deployment.yaml b/base/redis/redis-store.Deployment.yaml index 417bdf1d746b..512ad26bf3a1 100644 --- a/base/redis/redis-store.Deployment.yaml +++ b/base/redis/redis-store.Deployment.yaml @@ -25,7 +25,7 @@ spec: spec: containers: - name: redis-store - image: index.docker.io/sourcegraph/redis-store:5.9.347@sha256:2364359b9fdeb53e25831e0ff3783867a74333c6cc4df4f5d272e3eb87356cd1 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis-store:5.9.17785@sha256:ef7517c7b65c73f9b581dbd4469828bad12c51fc369ec5caffeebace3e972b9e terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -65,7 +65,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:5.9.347@sha256:f5f1b1e78c6812b91185418c38497930eed16fd5d0633518ef5c73d6a98c1f1f + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis_exporter:5.9.17785@sha256:a8008099a466b4a1475741572c1a93f786182b5c6247d66173a11584ed3639ac terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/repo-updater/repo-updater.Deployment.yaml b/base/repo-updater/repo-updater.Deployment.yaml index ecc6393ce5f2..0ea454b6b9dd 100644 --- a/base/repo-updater/repo-updater.Deployment.yaml +++ b/base/repo-updater/repo-updater.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: containers: - name: repo-updater - image: index.docker.io/sourcegraph/repo-updater:5.9.347@sha256:093e0e0e9f717bd26b3309a59d69238e5ae8caf60b84f11c4d49a4ffb5437db5 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/repo-updater:5.9.17785@sha256:d8c17aac658b55b85c98a29f85968c1ce98c9de3ba65cf332157cf5649534fd6 env: # OTEL_AGENT_HOST must be defined before OTEL_EXPORTER_OTLP_ENDPOINT to substitute the node IP on which the DaemonSet pod instance runs in the latter variable - name: OTEL_AGENT_HOST diff --git a/base/searcher/searcher.Deployment.yaml b/base/searcher/searcher.Deployment.yaml index 49e3d07abfc1..af9f2e410ba6 100644 --- a/base/searcher/searcher.Deployment.yaml +++ b/base/searcher/searcher.Deployment.yaml @@ -49,7 +49,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/searcher:5.9.347@sha256:6ef2e798c158a8129f1a6a4206ec4eff31b6f4bbf2a52ef22ecdd6e64fa013b7 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/searcher:5.9.17785@sha256:9cdb3110a4ae29cb4811a1be69810c2f1cb14fd0a4ace478ebcea8916519d4f1 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3181 diff --git a/base/symbols/symbols.Deployment.yaml b/base/symbols/symbols.Deployment.yaml index e17fe6c2ce26..457185981941 100644 --- a/base/symbols/symbols.Deployment.yaml +++ b/base/symbols/symbols.Deployment.yaml @@ -49,7 +49,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/symbols:5.9.347@sha256:ed5f4c5db70dd0f256f332f30a93b91c0d32de0686b531c7b377f1da33d3bc42 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/symbols:5.9.17785@sha256:d7b2d2ff028e0dc6af4fb88bc1132be61285fe0a2c05e11346fbd87a5e53ebbb terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/syntect-server/syntect-server.Deployment.yaml b/base/syntect-server/syntect-server.Deployment.yaml index fd9478ec84d2..6f0609d5a7f3 100644 --- a/base/syntect-server/syntect-server.Deployment.yaml +++ b/base/syntect-server/syntect-server.Deployment.yaml @@ -29,7 +29,7 @@ spec: containers: - name: syntect-server env: - image: index.docker.io/sourcegraph/syntax-highlighter:5.9.347@sha256:068144989c8afa62db3dcb45bc86697f6da84e376ac42d4c25b794c2b8b3c97c + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/syntax-highlighter:5.9.17785@sha256:230685b85b02e789e41f3c9ca354991f5d13e66289a1ae7e50f44fd22a4140a6 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/worker/worker.Deployment.yaml b/base/worker/worker.Deployment.yaml index ba002dd35a2a..92f5b02fa2fc 100644 --- a/base/worker/worker.Deployment.yaml +++ b/base/worker/worker.Deployment.yaml @@ -44,7 +44,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/worker:5.9.347@sha256:b4b01b6ee35420743ac2c7492d19e0479d151be84b850c96bc96a52a88e2f1dd + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/worker:5.9.17785@sha256:fb69eb97aba4d9dc7b59fca6e7d81dbf164223a0c8beab9587eb87ab1f659267 envFrom: - configMapRef: name: embeddings-backend diff --git a/configure/executors/dind/executor.Deployment.yaml b/configure/executors/dind/executor.Deployment.yaml index 6fe1315dbd04..40bc514870ae 100644 --- a/configure/executors/dind/executor.Deployment.yaml +++ b/configure/executors/dind/executor.Deployment.yaml @@ -28,7 +28,7 @@ spec: spec: containers: - name: executor - image: index.docker.io/sourcegraph/executor:5.9.347@sha256:1fd0a18a6ee868f683f7307489c872650f21fb0894a83aef203702ad68d959fc + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/executor:5.9.17785@sha256:baab4c6f41020974968c5152537a3f8b3df994cf062d50ac4632b65e006c42d9 imagePullPolicy: Always livenessProbe: exec: @@ -67,7 +67,7 @@ spec: - mountPath: /scratch name: executor-scratch - name: dind - image: index.docker.io/sourcegraph/dind:5.9.347@sha256:767c8e7b60ab71957a500745155ca0a3c6f5e96083e101c6497526413314d07f + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/dind:5.9.17785@sha256:c7106e0e77ec110136da1fd744662efd2c9ba7ea32014f2033a63cf21465a733 imagePullPolicy: Always securityContext: privileged: true diff --git a/configure/executors/k8s/executor.Deployment.yaml b/configure/executors/k8s/executor.Deployment.yaml index f4814cca36ae..876ad622710e 100644 --- a/configure/executors/k8s/executor.Deployment.yaml +++ b/configure/executors/k8s/executor.Deployment.yaml @@ -29,7 +29,7 @@ spec: serviceAccountName: executor containers: - name: executor - image: index.docker.io/sourcegraph/executor-kubernetes:5.9.347@sha256:f393592d65e5058fb265e281ca8acb8e9f2bddc8d91b48d28d78490515505797 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/executor-kubernetes:5.9.17785@sha256:f8fc00cd0ee39515bcc775fc530527018310df396c4d27a0c73ee764a8ebee71 imagePullPolicy: Always livenessProbe: exec: diff --git a/configure/migrator/migrator.Job.yaml b/configure/migrator/migrator.Job.yaml index 648939c8f67c..f5501797e9cb 100644 --- a/configure/migrator/migrator.Job.yaml +++ b/configure/migrator/migrator.Job.yaml @@ -12,7 +12,7 @@ spec: spec: containers: - name: migrator - image: "index.docker.io/sourcegraph/migrator:5.9.347@sha256:a2a90a003c12643e40256dc4a3a80cd6a1854b67d487b5f8ef7a3cfb6b5a0c93" + image: "us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/migrator:5.9.17785@sha256:3a50acab73c079cbcc0df69ddb03225dd0183bcd02bf1ce9dc710849f3b78dde" args: ["up"] env: - name: PGHOST diff --git a/release.yaml b/release.yaml index 72e4f5260b3c..8ed1e3241add 100644 --- a/release.yaml +++ b/release.yaml @@ -28,7 +28,7 @@ internal: patch: - name: "sg ops (base)" cmd: | - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -41,7 +41,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -55,7 +55,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -94,7 +94,7 @@ internal: minor: - name: "sg ops (base)" cmd: | - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -107,7 +107,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -121,7 +121,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -160,7 +160,7 @@ internal: major: - name: "sg ops (base)" cmd: | - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -173,7 +173,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -187,7 +187,7 @@ internal: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal \ --docker-username=$DOCKER_USERNAME \ @@ -280,7 +280,7 @@ promoteToPublic: git switch "${branch}" - name: "sg ops (base)" cmd: | - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry index.docker.io/sourcegraph \ --docker-username=$DOCKER_USERNAME \ @@ -293,7 +293,7 @@ promoteToPublic: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry index.docker.io/sourcegraph \ --docker-username=$DOCKER_USERNAME \ @@ -307,7 +307,7 @@ promoteToPublic: for path in $folders; do echo "updating ${path}" - sg ops update-images \ + /Users/warrengifford/sourcegraph/sg ops update-images \ --kind k8s \ --registry index.docker.io/sourcegraph \ --docker-username=$DOCKER_USERNAME \