OpenStaticFish/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: force sync rancher bootstrap secrets
Deploy Cluster / Terraform (push) Successful in 33s
Details
Deploy Cluster / Ansible (push) Failing after 49m21s
Details

Browse Source
This commit is contained in:
MichaelFisher1997
2026-05-02 18:27:05 +00:00
parent ce5a05dcd4
commit 6ed0a29253
2 changed files with 35 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deploy.yml
+34 -3
View File
@@ -716,10 +716,41 @@ jobs:
done
}
wait_for_rancher_bootstrap_secrets() {
local timeout_seconds="$1"
local deadline
local force_sync
deadline=$(($(date +%s) + timeout_seconds))
while [ "$(date +%s)" -lt "${deadline}" ]; do
force_sync="$(date +%s)"
kubectl -n flux-system annotate externalsecret/rancher-bootstrap-password external-secrets.io/force-sync="${force_sync}" --overwrite || true
kubectl -n cattle-system annotate externalsecret/rancher-bootstrap-password external-secrets.io/force-sync="${force_sync}" --overwrite || true
if kubectl wait --for=condition=Ready clustersecretstore/doppler-hetznerterra --timeout=30s \
&& kubectl -n flux-system wait --for=condition=Ready externalsecret/rancher-bootstrap-password --timeout=30s \
&& kubectl -n cattle-system wait --for=condition=Ready externalsecret/rancher-bootstrap-password --timeout=30s \
&& kubectl -n flux-system get secret/rancher-bootstrap-password >/dev/null 2>&1 \
&& kubectl -n cattle-system get secret/rancher-bootstrap-password >/dev/null 2>&1; then
return 0
fi
sleep 30
done
echo "Timed out waiting for Rancher bootstrap ExternalSecrets to sync" >&2
kubectl get clustersecretstore/doppler-hetznerterra -o yaml || true
kubectl -n flux-system get externalsecret/rancher-bootstrap-password -o yaml || true
kubectl -n cattle-system get externalsecret/rancher-bootstrap-password -o yaml || true
kubectl -n external-secrets logs deploy/external-secrets-external-secrets --tail=120 || true
exit 1
}
echo "Waiting for Rancher..."
wait_for_resource flux-system kustomization.kustomize.toolkit.fluxcd.io/addon-rancher-secrets 600
reconcile_flux_resource flux-system kustomization/addon-rancher-secrets 600
kubectl -n flux-system wait --for=condition=Ready kustomization/addon-rancher-secrets --timeout=600s
wait_for_resource flux-system kustomization.kustomize.toolkit.fluxcd.io/addon-rancher-secrets 900
reconcile_flux_resource flux-system kustomization/addon-rancher-secrets 900
kubectl -n flux-system wait --for=condition=Ready kustomization/addon-rancher-secrets --timeout=900s
wait_for_rancher_bootstrap_secrets 900
wait_for_resource flux-system kustomization.kustomize.toolkit.fluxcd.io/addon-rancher 600
reconcile_flux_resource flux-system kustomization/addon-rancher 1800
wait_for_resource flux-system helmrelease.helm.toolkit.fluxcd.io/rancher 600