OpenStaticFish/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: qualify Flux HelmChart bootstrap resources
Deploy Cluster / Terraform (push) Successful in 27s
Details
Deploy Cluster / Ansible (push) Has been cancelled
Details

Browse Source
This commit is contained in:
MichaelFisher1997
2026-04-24 10:47:13 +00:00
parent 1f465cc0c1
commit 68b293efe4
3 changed files with 24 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deploy.yml
+4 -4
View File
@@ -270,7 +270,7 @@ jobs:
kubectl -n flux-system get kustomizations,helmrepositories,helmcharts,helmreleases || true kubectl -n flux-system get kustomizations,helmrepositories,helmcharts,helmreleases || true
kubectl -n flux-system describe kustomization addon-external-secrets || true kubectl -n flux-system describe kustomization addon-external-secrets || true
kubectl -n flux-system describe helmrepository external-secrets || true kubectl -n flux-system describe helmrepository external-secrets || true
kubectl -n flux-system describe helmchart flux-system-external-secrets || true kubectl -n flux-system describe helmchart.source.toolkit.fluxcd.io flux-system-external-secrets || true
kubectl -n flux-system describe helmrelease external-secrets || true kubectl -n flux-system describe helmrelease external-secrets || true
kubectl -n external-secrets get pods -o wide || true kubectl -n external-secrets get pods -o wide || true
} }
@@ -283,7 +283,7 @@ jobs:
kubectl -n flux-system get helmrepositories,helmcharts,helmreleases || true kubectl -n flux-system get helmrepositories,helmcharts,helmreleases || true
kubectl -n flux-system describe helmrepository "${repo_name}" || true kubectl -n flux-system describe helmrepository "${repo_name}" || true
kubectl -n flux-system describe helmchart "${chart_name}" || true kubectl -n flux-system describe helmchart.source.toolkit.fluxcd.io "${chart_name}" || true
kubectl -n flux-system describe helmrelease "${release_name}" || true kubectl -n flux-system describe helmrelease "${release_name}" || true
kubectl -n "${target_namespace}" get pods -o wide || true kubectl -n "${target_namespace}" get pods -o wide || true
} }
@@ -306,10 +306,10 @@ jobs:
wait_for_resource flux-system "helmchart.source.toolkit.fluxcd.io/${chart_name}" 600 wait_for_resource flux-system "helmchart.source.toolkit.fluxcd.io/${chart_name}" 600
reconcile_at="$(date +%s)" reconcile_at="$(date +%s)"
kubectl -n flux-system annotate "helmchart/${chart_name}" reconcile.fluxcd.io/requestedAt="${reconcile_at}" --overwrite kubectl -n flux-system annotate "helmchart.source.toolkit.fluxcd.io/${chart_name}" reconcile.fluxcd.io/requestedAt="${reconcile_at}" --overwrite
kubectl -n flux-system annotate "helmrelease/${release_name}" reconcile.fluxcd.io/requestedAt="${reconcile_at}" --overwrite kubectl -n flux-system annotate "helmrelease/${release_name}" reconcile.fluxcd.io/requestedAt="${reconcile_at}" --overwrite
if ! kubectl -n flux-system wait --for=condition=Ready "helmchart/${chart_name}" --timeout="${chart_timeout}"; then if ! kubectl -n flux-system wait --for=condition=Ready "helmchart.source.toolkit.fluxcd.io/${chart_name}" --timeout="${chart_timeout}"; then
flux_helm_diagnostics "${repo_name}" "${chart_name}" "${release_name}" "${target_namespace}" flux_helm_diagnostics "${repo_name}" "${chart_name}" "${release_name}" "${target_namespace}"
exit 1 exit 1
fi fi
ansible/roles/rancher-image-prepull/tasks/main.yml
+7 -3
View File
@@ -1,15 +1,19 @@
--- ---
- name: Pre-pull Rancher images into containerd - name: Pre-pull Rancher images into containerd
command: /usr/local/bin/ctr -n k8s.io images pull {{ item }} command: timeout 180s /usr/local/bin/ctr -n k8s.io images pull {{ item }}
register: rancher_image_pull register: rancher_image_pull
loop: "{{ rancher_images_to_prepull }}" loop: "{{ rancher_images_to_prepull }}"
retries: 6
delay: 20
until: rancher_image_pull.rc == 0
changed_when: rancher_image_pull.rc == 0 changed_when: rancher_image_pull.rc == 0
failed_when: false failed_when: false
- name: Report Rancher images that did not pre-pull - name: Report Rancher images that did not pre-pull after retries
debug: debug:
msg: >- msg: >-
Rancher image pre-pull failed for {{ item.item }}: {{ item.stderr | default('no stderr') }} Best-effort Rancher image pre-pull did not complete for {{ item.item }} after
{{ item.attempts | default(1) }} attempt(s): {{ item.stderr | default('no stderr') }}
loop: "{{ rancher_image_pull.results | default([]) }}" loop: "{{ rancher_image_pull.results | default([]) }}"
loop_control: loop_control:
label: "{{ item.item }}" label: "{{ item.item }}"
ansible/roles/tailscale-cleanup/tasks/main.yml
+13 -12
View File
@@ -13,18 +13,19 @@
- name: Find stale devices matching reserved hostnames - name: Find stale devices matching reserved hostnames
set_fact: set_fact:
stale_devices: >- stale_devices: >-
{{ ts_devices.json.devices | default([]) {{ (ts_devices.json.devices | default([])
| selectattr('hostname', 'defined') | selectattr('hostname', 'defined')
| selectattr('hostname', 'in', tailscale_reserved_hostnames) | selectattr('hostname', 'in', tailscale_reserved_hostnames)
| rejectattr('online', 'defined') | selectattr('connectedToControl', 'defined')
| list | rejectattr('connectedToControl', 'equalto', true)
+ | list
ts_devices.json.devices | default([]) +
| selectattr('hostname', 'defined') ts_devices.json.devices | default([])
| selectattr('hostname', 'in', tailscale_reserved_hostnames) | selectattr('hostname', 'defined')
| selectattr('online', 'defined') | selectattr('hostname', 'in', tailscale_reserved_hostnames)
| rejectattr('online', 'equalto', true) | selectattr('online', 'defined')
| list }} | rejectattr('online', 'equalto', true)
| list) | unique(attribute='id') | list }}
- name: Delete stale devices - name: Delete stale devices
uri: uri: