fix: wait for Cilium and node readiness before marking bootstrap success

Update verification stage to block on cilium daemonset rollout and all nodes reaching Ready. This prevents workflows from reporting success while the cluster is still NotReady immediately after join.
2026-03-04 22:26:43 +00:00
parent 5ddd00f711
commit a70de061b0
1 changed files with 8 additions and 0 deletions
--- a/nixos/kubeadm/bootstrap/controller.py
+++ b/nixos/kubeadm/bootstrap/controller.py
@@ -397,6 +397,14 @@ class Controller:
            self.log("Verification already complete")
            return
        self.log("Final node verification")
+        self.remote(
+            self.primary_ip,
+            "sudo kubectl --kubeconfig /etc/kubernetes/admin.conf -n kube-system rollout status ds/cilium --timeout=10m",
+        )
+        self.remote(
+            self.primary_ip,
+            "sudo kubectl --kubeconfig /etc/kubernetes/admin.conf wait --for=condition=Ready nodes --all --timeout=10m",
+        )
        proc = self.remote(self.primary_ip, "sudo kubectl --kubeconfig /etc/kubernetes/admin.conf get nodes -o wide")
        print(proc.stdout)
        self.mark_done("verified")