docs: update README for deferred observability baseline

README.md

@@ -234,7 +234,8 @@ Terraform/bootstrap secrets remain in Gitea Actions secrets and are not managed
 ### Current addon status
 
 - Core infrastructure addons are Flux-managed from `infrastructure/addons/`.
-- Active Flux addons include `addon-ccm`, `addon-csi`, `addon-tailscale-operator`, `addon-tailscale-proxyclass`, `addon-external-secrets`, `addon-observability`, and `addon-observability-content`.
+- Active Flux addons for stable baseline: `addon-tailscale-operator`, `addon-tailscale-proxyclass`, `addon-external-secrets`.
+- Deferred addons: `addon-ccm`, `addon-csi`, `addon-observability`, `addon-observability-content` (to be added after baseline is stable).
 - Ansible is limited to cluster bootstrap, private-access setup, and prerequisite secret creation for Flux-managed addons.
 - `addon-flux-ui` is optional for the stable-baseline phase and is not a blocker for rebuild success.
 
@@ -245,12 +246,13 @@ A rebuild is considered successful only when all of the following pass without m
 - Terraform create succeeds for the default `1` control plane and `2` workers.
 - Ansible bootstrap succeeds end-to-end.
 - All nodes become `Ready`.
-- `hcloud-cloud-controller-manager` and `hcloud-csi` are `Ready`.
-- Required External Secrets sync successfully.
-- Tailscale private access works.
-- Grafana and Prometheus are reachable privately.
+- Flux core reconciliation is healthy.
+- External Secrets Operator is ready.
+- Tailscale operator is ready.
 - Terraform destroy succeeds cleanly or succeeds after workflow retries.
 
+_Note: Observability stack (Grafana/Prometheus) is deferred and will be added once the core platform baseline is stable._
+
 ## Observability Stack
 
 Flux deploys a lightweight observability stack in the `observability` namespace: