From 2414e52eef6bfa11f324368fdceae31d99fe260c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20SPIERS?= Date: Thu, 30 Apr 2026 23:41:20 +0200 Subject: [PATCH 1/2] fix(vcluster): remove manifests block causing startup crash, restore host ExternalSecret --- .../genmachine/genmachine-values.yaml | 59 ++++++++----------- 1 file changed, 26 insertions(+), 33 deletions(-) diff --git a/gitops/manifests/vcluster/genmachine/genmachine-values.yaml b/gitops/manifests/vcluster/genmachine/genmachine-values.yaml index e7ebd1f02..61809a283 100644 --- a/gitops/manifests/vcluster/genmachine/genmachine-values.yaml +++ b/gitops/manifests/vcluster/genmachine/genmachine-values.yaml @@ -36,33 +36,34 @@ vcluster: telemetry: enabled: false + experimental: deploy: - # host: - # manifests: | - # --- - # apiVersion: external-secrets.io/v1 - # kind: ExternalSecret - # metadata: - # name: vault-approle-ci - # spec: - # refreshInterval: 1h - # secretStoreRef: - # name: admin - # kind: ClusterSecretStore - # target: - # name: vault-approle-ci - # creationPolicy: Owner - # deletionPolicy: Retain - # data: - # - secretKey: roleID - # remoteRef: - # key: apps/ci-vcluster/approle - # property: ROLE_ID - # - secretKey: secretID - # remoteRef: - # key: apps/ci-vcluster/approle - # property: SECRET_ID + host: + manifests: | + --- + apiVersion: external-secrets.io/v1 + kind: ExternalSecret + metadata: + name: vault-approle-ci + spec: + refreshInterval: 1h + secretStoreRef: + name: admin + kind: ClusterSecretStore + target: + name: vault-approle-ci + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: roleID + remoteRef: + key: apps/ci-vcluster/approle + property: ROLE_ID + - secretKey: secretID + remoteRef: + key: apps/ci-vcluster/approle + property: SECRET_ID vcluster: helm: - chart: @@ -84,11 +85,3 @@ vcluster: namespace: external-secrets values: | installCRDs: true - manifests: | - --- - apiVersion: cert-manager.io/v1 - kind: ClusterIssuer - metadata: - name: admin - spec: - selfSigned: {} From b34c4262b052291e5f6d42278b65261e6392d1a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20SPIERS?= Date: Thu, 30 Apr 2026 23:43:29 +0200 Subject: [PATCH 2/2] fix(vcluster): move ClusterIssuer into cert-manager extraObjects to fix CRD timing --- .../manifests/vcluster/genmachine/genmachine-values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/gitops/manifests/vcluster/genmachine/genmachine-values.yaml b/gitops/manifests/vcluster/genmachine/genmachine-values.yaml index 61809a283..97f8f43a6 100644 --- a/gitops/manifests/vcluster/genmachine/genmachine-values.yaml +++ b/gitops/manifests/vcluster/genmachine/genmachine-values.yaml @@ -76,6 +76,13 @@ vcluster: values: | crds: enabled: true + extraObjects: + - apiVersion: cert-manager.io/v1 + kind: ClusterIssuer + metadata: + name: selfsigned-issuer + spec: + selfSigned: {} - chart: name: external-secrets repo: https://charts.external-secrets.io