From 14462dd870d5cd90d614e7ee51e12c3c6d30c760 Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Sun, 26 Apr 2026 20:25:42 +0000 Subject: [PATCH] fix: avoid resetting healthy observability --- .gitea/workflows/deploy.yml | 15 ++++----------- .gitea/workflows/destroy.yml | 4 ++++ ansible/roles/doppler-bootstrap/tasks/main.yml | 1 + ansible/roles/k3s-agent/tasks/main.yml | 2 -- 4 files changed, 9 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 2ab61db..9351446 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -9,6 +9,10 @@ on: - main workflow_dispatch: +concurrency: + group: prod-cluster + cancel-in-progress: false + env: TF_VERSION: "1.7.0" TF_VAR_s3_access_key: ${{ secrets.S3_ACCESS_KEY }} @@ -1123,17 +1127,6 @@ jobs: kubectl -n flux-system wait --for=condition=Ready kustomization/addon-rancher-config --timeout=300s kubectl -n flux-system wait --for=condition=Ready kustomization/addon-rancher-backup --timeout=300s kubectl -n flux-system wait --for=condition=Ready kustomization/addon-rancher-backup-config --timeout=300s - reconcile_at=$(date +%s) - for release in kube-prometheus-stack loki promtail; do - kubectl -n flux-system annotate "helmrelease/${release}" \ - reconcile.fluxcd.io/requestedAt="${reconcile_at}" \ - reconcile.fluxcd.io/resetAt="${reconcile_at}" \ - reconcile.fluxcd.io/forceAt="${reconcile_at}" \ - --overwrite - done - kubectl -n flux-system annotate kustomization/addon-observability \ - reconcile.fluxcd.io/requestedAt="${reconcile_at}" \ - --overwrite kubectl -n flux-system wait --for=condition=Ready kustomization/addon-observability --timeout=1200s kubectl -n flux-system wait --for=condition=Ready kustomization/addon-observability-content --timeout=300s kubectl -n flux-system wait --for=condition=Ready helmrelease --all --timeout=1200s diff --git a/.gitea/workflows/destroy.yml b/.gitea/workflows/destroy.yml index 281a318..b4a1ea1 100644 --- a/.gitea/workflows/destroy.yml +++ b/.gitea/workflows/destroy.yml @@ -8,6 +8,10 @@ on: required: true default: '' +concurrency: + group: prod-cluster + cancel-in-progress: false + env: TF_VERSION: "1.7.0" TF_VAR_s3_access_key: ${{ secrets.S3_ACCESS_KEY }} diff --git a/ansible/roles/doppler-bootstrap/tasks/main.yml b/ansible/roles/doppler-bootstrap/tasks/main.yml index 9cafdfd..c8ecc89 100644 --- a/ansible/roles/doppler-bootstrap/tasks/main.yml +++ b/ansible/roles/doppler-bootstrap/tasks/main.yml @@ -15,6 +15,7 @@ --from-literal=dopplerToken='{{ doppler_hetznerterra_service_token }}' --dry-run=client -o yaml | kubectl apply -f - changed_when: true + no_log: true - name: Note pending Doppler ClusterSecretStore bootstrap debug: diff --git a/ansible/roles/k3s-agent/tasks/main.yml b/ansible/roles/k3s-agent/tasks/main.yml index 7185a2e..62878fa 100644 --- a/ansible/roles/k3s-agent/tasks/main.yml +++ b/ansible/roles/k3s-agent/tasks/main.yml @@ -37,8 +37,6 @@ {% if k3s_kubelet_cloud_provider_external | bool %}--kubelet-arg=cloud-provider=external{% endif %} register: k3s_agent_install failed_when: false - args: - creates: /usr/local/bin/k3s-agent - name: Wait for k3s agent to be ready command: systemctl is-active k3s-agent