OpenStaticFish/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use Rancher registry for webhook image
Deploy Cluster / Terraform (push) Successful in 32s
Details
Deploy Cluster / Ansible (push) Failing after 26m36s
Details

Browse Source
This commit is contained in:
MichaelFisher1997
2026-04-26 01:35:16 +00:00
parent 9879de5a86
commit a4f1d179e9
2 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deploy.yml
+37
View File
@@ -611,6 +611,41 @@ jobs:
exit 1 exit 1
} }
pull_image_on_matching_pod_nodes() {
local namespace="$1"
local selector="$2"
local image="$3"
local attempts="$4"
local sleep_seconds="$5"
local nodes
nodes="$(kubectl -n "${namespace}" get pods -l "${selector}" -o jsonpath='{range .items[*]}{.spec.nodeName}{"\n"}{end}' 2>/dev/null | sort -u)"
if [ -z "${nodes}" ]; then
echo "No pods found for ${namespace}/${selector}; skipping targeted image pull for ${image}" >&2
return 0
fi
for node in ${nodes}; do
local node_ip
local pulled=false
node_ip="$(kubectl get node "${node}" -o jsonpath='{.status.addresses[?(@.type=="InternalIP")].address}')"
for attempt in $(seq 1 "${attempts}"); do
echo "Pre-pulling ${image} on ${node}/${node_ip} (${attempt}/${attempts})"
if ssh -i "$HOME/.ssh/id_ed25519" -o StrictHostKeyChecking=no -o ConnectTimeout=10 "ubuntu@${node_ip}" \
"sudo k3s crictl inspecti '${image}' >/dev/null 2>&1 || (sudo k3s crictl pull '${image}' && sudo k3s crictl inspecti '${image}' >/dev/null 2>&1)"; then
pulled=true
break
fi
sleep "${sleep_seconds}"
done
if [ "${pulled}" != "true" ]; then
echo "Best-effort targeted image pre-pull did not complete for ${image} on ${node}/${node_ip}" >&2
fi
done
}
echo "Waiting for Rancher..." echo "Waiting for Rancher..."
wait_for_resource flux-system kustomization.kustomize.toolkit.fluxcd.io/addon-rancher 600 wait_for_resource flux-system kustomization.kustomize.toolkit.fluxcd.io/addon-rancher 600
kubectl -n flux-system annotate kustomization/addon-rancher reconcile.fluxcd.io/requestedAt="$(date +%s)" --overwrite kubectl -n flux-system annotate kustomization/addon-rancher reconcile.fluxcd.io/requestedAt="$(date +%s)" --overwrite
@@ -622,6 +657,8 @@ jobs:
wait_for_resource cattle-system deployment/cattle-system-rancher 600 wait_for_resource cattle-system deployment/cattle-system-rancher 600
kubectl -n cattle-system rollout status deployment/cattle-system-rancher --timeout=900s kubectl -n cattle-system rollout status deployment/cattle-system-rancher --timeout=900s
wait_for_resource cattle-system deployment/rancher-webhook 900 wait_for_resource cattle-system deployment/rancher-webhook 900
pull_image_on_matching_pod_nodes cattle-system app=rancher-webhook registry.rancher.com/rancher/rancher-webhook:v0.9.3 12 10
kubectl -n cattle-system rollout restart deployment/rancher-webhook
kubectl -n cattle-system rollout status deployment/rancher-webhook --timeout=900s kubectl -n cattle-system rollout status deployment/rancher-webhook --timeout=900s
wait_for_resource cattle-system issuer/cattle-system-rancher 900 wait_for_resource cattle-system issuer/cattle-system-rancher 900
wait_for_resource cattle-system certificate/tls-rancher-ingress 900 wait_for_resource cattle-system certificate/tls-rancher-ingress 900
infrastructure/addons/rancher/helmrelease-rancher.yaml
+5
View File
@@ -29,6 +29,11 @@ spec:
value: "true" value: "true"
- name: CATTLE_FEATURES - name: CATTLE_FEATURES
value: "managed-system-upgrade-controller=false" value: "managed-system-upgrade-controller=false"
webhook:
image:
repository: registry.rancher.com/rancher/rancher-webhook
tag: v0.9.3
imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
cpu: 500m cpu: 500m