sourcegraph · michaellzc · Feb 28, 2022 · Feb 25, 2022 · Feb 28, 2022
diff --git a/charts/sourcegraph-migrator/templates/migrator/sourcegraph-migrator.Job.yaml b/charts/sourcegraph-migrator/templates/migrator/sourcegraph-migrator.Job.yaml
@@ -46,12 +46,12 @@ spec:
         resources:
           {{- toYaml .Values.migrator.resources | nindent 10 }}
         securityContext:
-          {{- toYaml .Values.migrator.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.migrator.containerSecurityContext | nindent 10 }}
       {{- if .Values.migrator.extraContainers }}
         {{- toYaml .Values.migrator.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.migrator.securityContext | nindent 8 }}
+        {{- toYaml .Values.migrator.podSecurityContext | nindent 8 }}
       {{- with .Values.sourcegraph.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

diff --git a/charts/sourcegraph-migrator/values.yaml b/charts/sourcegraph-migrator/values.yaml
@@ -91,7 +91,7 @@ migrator:
     PGUSER:
       value: sg
   resources: {}
-  podSecurityContext:
+  containerSecurityContext:
     allowPrivilegeEscalation: false
     runAsUser: 100
     runAsGroup: 101

diff --git a/charts/sourcegraph/CHANGELOG.md b/charts/sourcegraph/CHANGELOG.md
@@ -0,0 +1,27 @@
+<!-- README:
+Use `**BREAKING**:` to denote a breaking change
+-->
+
+# Changelog
+
+All notable changes to Sourcegraph are documented in this file.
+
+<!-- START CHANGELOG -->
+
+## Unreleased
+
+### Added
+
+- 
+
+### Changed
+
+- **BREAKING**: Uses of `podSecurityContext` have been renamed to `containerSecurityContext`, and `securityContext` renamed to `podSecurityContext` to better illustrate their actual usage [#48](https://github.com/sourcegraph/deploy-sourcegraph-helm/pull/48)
+
+### Fixed
+
+-
+
+### Removed
+
+-
diff --git a/charts/sourcegraph/templates/_tracing.tpl b/charts/sourcegraph/templates/_tracing.tpl
@@ -31,5 +31,5 @@ Define the tracing sidecar
     - --reporter.type=grpc
 {{- end }}
   securityContext:
-    {{- toYaml .Values.tracingAgent.podSecurityContext | nindent 4 }}
+    {{- toYaml .Values.tracingAgent.containerSecurityContext | nindent 4 }}
 {{- end }}
diff --git a/charts/sourcegraph/templates/cadvisor/cadvisor.DaemonSet.yaml b/charts/sourcegraph/templates/cadvisor/cadvisor.DaemonSet.yaml
@@ -65,7 +65,7 @@ spec:
           {{- toYaml .Values.cadvisor.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.cadvisor.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.cadvisor.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - name: rootfs
           mountPath: /rootfs
@@ -95,7 +95,7 @@ spec:
         {{- toYaml .Values.cadvisor.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.cadvisor.securityContext | nindent 8 }}
+        {{- toYaml .Values.cadvisor.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "cadvisor" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "cadvisor" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "cadvisor" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.Deployment.yaml b/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.Deployment.yaml
@@ -70,7 +70,7 @@ spec:
           {{- toYaml .Values.codeInsightsDB.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.codeInsightsDB.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.codeInsightsDB.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /var/lib/postgresql/data/
           name: disk
@@ -85,7 +85,7 @@ spec:
         {{- toYaml .Values.codeInsightsDB.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.codeInsightsDB.securityContext | nindent 8 }}
+        {{- toYaml .Values.codeInsightsDB.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "codeInsightsDB" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "codeInsightsDB" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "codeInsightsDB" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/codeintel-db/codeintel-db.Deployment.yaml b/charts/sourcegraph/templates/codeintel-db/codeintel-db.Deployment.yaml
@@ -52,7 +52,7 @@ spec:
         - mountPath: /data
           name: disk
         securityContext:
-        {{- toYaml .Values.alpine.podSecurityContext | nindent 10 }}
+        {{- toYaml .Values.alpine.containerSecurityContext | nindent 10 }}
         {{- if not .Values.sourcegraph.localDevMode }}
         resources:
           {{- toYaml .Values.alpine.resources | nindent 10 }}
@@ -88,7 +88,7 @@ spec:
           {{- toYaml .Values.codeIntelDB.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.codeIntelDB.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.codeIntelDB.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /data
           name: disk
@@ -118,7 +118,7 @@ spec:
         {{- end }}
       terminationGracePeriodSeconds: 120
       securityContext:
-        {{- toYaml .Values.codeIntelDB.securityContext | nindent 8 }}
+        {{- toYaml .Values.codeIntelDB.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "codeIntelDB" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "codeIntelDB" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "codeIntelDB" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml b/charts/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml
@@ -62,7 +62,7 @@ spec:
         resources:
           {{- toYaml .Values.migrator.resources | nindent 10 }}
         securityContext:
-          {{- toYaml .Values.migrator.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.migrator.containerSecurityContext | nindent 10 }}
       {{- end }}
       containers:
       - name: frontend
@@ -110,7 +110,7 @@ spec:
           {{- toYaml .Values.frontend.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.frontend.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.frontend.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /mnt/cache
           name: cache-ssd
@@ -124,7 +124,7 @@ spec:
         {{- toYaml .Values.frontend.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.frontend.securityContext | nindent 8 }}
+        {{- toYaml .Values.frontend.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "frontend" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "frontend" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "frontend" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml b/charts/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml
@@ -67,7 +67,7 @@ spec:
           {{- toYaml .Values.githubProxy.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.githubProxy.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.githubProxy.containerSecurityContext | nindent 10 }}
         volumeMounts:
         {{- if .Values.githubProxy.extraVolumeMounts }}
         {{- toYaml .Values.githubProxy.extraVolumeMounts | nindent 8 }}
@@ -77,7 +77,7 @@ spec:
         {{- toYaml .Values.githubProxy.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.githubProxy.securityContext | nindent 8 }}
+        {{- toYaml .Values.githubProxy.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "githubProxy" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "githubProxy" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "githubProxy" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml b/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml
@@ -66,7 +66,7 @@ spec:
           {{- toYaml .Values.gitserver.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.gitserver.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.gitserver.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /data/repos
           name: repos
@@ -82,7 +82,7 @@ spec:
         {{- toYaml .Values.gitserver.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.gitserver.securityContext | nindent 8 }}
+        {{- toYaml .Values.gitserver.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "gitserver" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "gitserver" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "gitserver" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml b/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml
@@ -75,13 +75,13 @@ spec:
           {{- toYaml .Values.grafana.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.grafana.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.grafana.containerSecurityContext | nindent 10 }}
       serviceAccountName: grafana
       {{- if .Values.grafana.extraContainers }}
         {{- toYaml .Values.grafana.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.grafana.securityContext | nindent 8 }}
+        {{- toYaml .Values.grafana.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "grafana" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "grafana" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "grafana" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml b/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml
@@ -68,7 +68,7 @@ spec:
           {{- toYaml .Values.indexedSearch.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.indexedSearch.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.indexedSearch.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /data
           name: data
@@ -91,7 +91,7 @@ spec:
           {{- toYaml .Values.indexedSearchIndexer.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.indexedSearchIndexer.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.indexedSearchIndexer.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /data
           name: data
@@ -102,7 +102,7 @@ spec:
         {{- toYaml .Values.indexedSearch.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.indexedSearch.securityContext | nindent 8 }}
+        {{- toYaml .Values.indexedSearch.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "indexedSearch" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "indexedSearch" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "indexedSearch" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/jaeger/jaeger.Deployment.yaml b/charts/sourcegraph/templates/jaeger/jaeger.Deployment.yaml
@@ -79,7 +79,7 @@ spec:
           {{- toYaml .Values.tracing.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.tracing.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.tracing.containerSecurityContext | nindent 10 }}
         volumeMounts:
         {{- if .Values.tracing.extraVolumeMounts }}
         {{- toYaml .Values.tracing.extraVolumeMounts | nindent 8 }}
@@ -88,7 +88,7 @@ spec:
         {{- toYaml .Values.tracing.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.tracing.securityContext | nindent 8 }}
+        {{- toYaml .Values.tracing.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "tracing" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "tracing" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "tracing" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/minio/minio.Deployment.yaml b/charts/sourcegraph/templates/minio/minio.Deployment.yaml
@@ -76,7 +76,7 @@ spec:
           {{- toYaml .Values.minio.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.minio.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.minio.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - name: minio-data
           mountPath: /data
@@ -89,7 +89,7 @@ spec:
         {{- toYaml .Values.minio.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.minio.securityContext | nindent 8 }}
+        {{- toYaml .Values.minio.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "minio" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "minio" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "minio" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/pgsql/pgsql.Deployment.yaml b/charts/sourcegraph/templates/pgsql/pgsql.Deployment.yaml
@@ -52,7 +52,7 @@ spec:
         - mountPath: /data
           name: disk
         securityContext:
-        {{- toYaml .Values.alpine.podSecurityContext | nindent 10 }}
+        {{- toYaml .Values.alpine.containerSecurityContext | nindent 10 }}
         {{- if not .Values.sourcegraph.localDevMode }}
         resources:
           {{- toYaml .Values.alpine.resources | nindent 10 }}
@@ -88,7 +88,7 @@ spec:
           {{- toYaml .Values.pgsql.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.pgsql.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.pgsql.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /data
           name: disk
@@ -119,10 +119,10 @@ spec:
           {{- toYaml .Values.postgresExporter.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.postgresExporter.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.postgresExporter.containerSecurityContext | nindent 10 }}
       terminationGracePeriodSeconds: 120
       securityContext:
-        {{- toYaml .Values.pgsql.securityContext | nindent 8 }}
+        {{- toYaml .Values.pgsql.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "pgsql" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "pgsql" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "pgsql" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/precise-code-intel/worker.Deployment.yaml b/charts/sourcegraph/templates/precise-code-intel/worker.Deployment.yaml
@@ -87,7 +87,7 @@ spec:
           {{- toYaml .Values.preciseCodeIntel.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.preciseCodeIntel.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.preciseCodeIntel.containerSecurityContext | nindent 10 }}
         volumeMounts:
         {{- if .Values.preciseCodeIntel.extraVolumeMounts }}
         {{- toYaml .Values.preciseCodeIntel.extraVolumeMounts | nindent 8 }}
@@ -96,7 +96,7 @@ spec:
         {{- toYaml .Values.preciseCodeIntel.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.preciseCodeIntel.securityContext | nindent 8 }}
+        {{- toYaml .Values.preciseCodeIntel.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "preciseCodeIntel" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "preciseCodeIntel" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "preciseCodeIntel" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml b/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml
@@ -79,13 +79,13 @@ spec:
           {{- toYaml .Values.prometheus.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.prometheus.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.prometheus.containerSecurityContext | nindent 10 }}
       terminationGracePeriodSeconds: 120
       {{- if .Values.prometheus.extraContainers }}
         {{- toYaml .Values.prometheus.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.prometheus.securityContext | nindent 8 }}
+        {{- toYaml .Values.prometheus.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "prometheus" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "prometheus" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "prometheus" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml b/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml
@@ -72,7 +72,7 @@ spec:
           {{- toYaml .Values.redisCache.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.redisCache.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.redisCache.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /redis-data
           name: redis-data
@@ -95,12 +95,12 @@ spec:
           {{- toYaml .Values.redisExporter.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.redisExporter.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.redisExporter.containerSecurityContext | nindent 10 }}
       {{- if .Values.redisCache.extraContainers }}
         {{- toYaml .Values.redisCache.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.redisCache.securityContext | nindent 8 }}
+        {{- toYaml .Values.redisCache.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "redisCache" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "redisCache" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "redisCache" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml b/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml
@@ -72,7 +72,7 @@ spec:
           {{- toYaml .Values.redisStore.resources | nindent 10 }}
         {{- end }}
         securityContext:
-        {{- toYaml .Values.redisStore.podSecurityContext | nindent 10 }}
+        {{- toYaml .Values.redisStore.containerSecurityContext | nindent 10 }}
         volumeMounts:
         - mountPath: /redis-data
           name: redis-data
@@ -95,12 +95,12 @@ spec:
           {{- toYaml .Values.redisExporter.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.redisExporter.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.redisExporter.containerSecurityContext | nindent 10 }}
       {{- if .Values.redisStore.extraContainers }}
         {{- toYaml .Values.redisStore.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.redisStore.securityContext | nindent 8 }}
+        {{- toYaml .Values.redisStore.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "redisStore" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "redisStore" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "redisStore" ) | trim | nindent 6 }}

diff --git a/charts/sourcegraph/templates/repo-updater/repo-updater.Deployment.yaml b/charts/sourcegraph/templates/repo-updater/repo-updater.Deployment.yaml
@@ -85,7 +85,7 @@ spec:
           {{- toYaml .Values.repoUpdater.resources | nindent 10 }}
         {{- end }}
         securityContext:
-          {{- toYaml .Values.repoUpdater.podSecurityContext | nindent 10 }}
+          {{- toYaml .Values.repoUpdater.containerSecurityContext | nindent 10 }}
         volumeMounts:
         {{- if .Values.repoUpdater.extraVolumeMounts }}
         {{- toYaml .Values.repoUpdater.extraVolumeMounts | nindent 8 }}
@@ -95,7 +95,7 @@ spec:
         {{- toYaml .Values.repoUpdater.extraContainers | nindent 6 }}
       {{- end }}
       securityContext:
-        {{- toYaml .Values.repoUpdater.securityContext | nindent 8 }}
+        {{- toYaml .Values.repoUpdater.podSecurityContext | nindent 8 }}
       {{- include "sourcegraph.nodeSelector" (list . "repoUpdater" ) | trim | nindent 6 }}
       {{- include "sourcegraph.affinity" (list . "repoUpdater" ) | trim | nindent 6 }}
       {{- include "sourcegraph.tolerations" (list . "repoUpdater" ) | trim | nindent 6 }}