From 8e081ddfdaef93f82032c3b11833f13434cdc3c7 Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Thu, 23 Apr 2026 07:32:19 +0000 Subject: [PATCH] fix: wait on ESO deployment directly instead of Flux Kustomization status The addon-external-secrets Flux Kustomization was timing out during bootstrap because image pulls on fresh Proxmox VMs are slow. The critical dependency is the ESO deployment being available for the Doppler ClusterSecretStore. Replace the Kustomization readiness check with direct checks for ESO CRD establishment and deployment rollout, which are the actual prerequisites for the next step. --- .gitea/workflows/deploy.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 80a99ae..892b730 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -225,7 +225,10 @@ jobs: kubectl -n flux-system rollout status deployment/helm-controller --timeout=600s kubectl -n flux-system wait --for=condition=Ready gitrepository/platform --timeout=300s kubectl -n flux-system wait --for=condition=Ready kustomization/infrastructure --timeout=600s - kubectl -n flux-system wait --for=condition=Ready kustomization/addon-external-secrets --timeout=600s + # Wait for ESO CRDs and deployment directly instead of Flux Kustomization status + kubectl wait --for=condition=established --timeout=600s crd/clustersecretstores.external-secrets.io + kubectl wait --for=condition=established --timeout=600s crd/externalsecrets.external-secrets.io + kubectl -n kube-system rollout status deployment/external-secrets --timeout=600s # Create Doppler ClusterSecretStore now that ESO CRDs are available kubectl apply -f - <<'EOF' apiVersion: external-secrets.io/v1