From 4b3cec1ec8f60fd63ca5dec5c453fe03f00a550b Mon Sep 17 00:00:00 2001 From: yuzishu Date: Wed, 1 Jul 2026 15:54:47 +0800 Subject: [PATCH] fix(chart): add resources block to assert-cluster-secret init container MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR #58's Phase E3 added the assert-cluster-secret init container without resource requests/limits. dev-yuzishu (and any namespace with a ResourceQuota that requires per-container cpu/memory) rejects the Deployment: Error creating: pods "observer-ci-50-observer-..." is forbidden: failed quota: resource-quota: must specify limits.cpu for: assert-cluster-secret; limits.memory for: assert-cluster-secret; requests.cpu for: assert-cluster-secret; requests.memory for: assert-cluster-secret Fix: add cluster.assertSecret.resources in values.yaml (defaults match postgresql.wait.resources: 25m/64Mi requests, 100m/128Mi limits — the container just runs `wc -c` + `grep -Eq`, so 25m/64Mi is generous) and render the block in deployment.yaml via the same pattern the wait-for init containers use. Fixes broken smoke deploy on master post PR #58 merge. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../deploy/charts/observer/templates/deployment.yaml | 4 ++++ multi-agent/deploy/charts/observer/values.yaml | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/multi-agent/deploy/charts/observer/templates/deployment.yaml b/multi-agent/deploy/charts/observer/templates/deployment.yaml index a222f8bd..e1ce0d52 100644 --- a/multi-agent/deploy/charts/observer/templates/deployment.yaml +++ b/multi-agent/deploy/charts/observer/templates/deployment.yaml @@ -108,6 +108,10 @@ spec: secretKeyRef: name: {{ default (include "observer.configSecretName" .) .Values.existingSecret }} key: {{ default "cluster-secret" .Values.cluster.secretKey }} + {{- with .Values.cluster.assertSecret.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} {{- end }} containers: diff --git a/multi-agent/deploy/charts/observer/values.yaml b/multi-agent/deploy/charts/observer/values.yaml index 19b5119c..3375c986 100644 --- a/multi-agent/deploy/charts/observer/values.yaml +++ b/multi-agent/deploy/charts/observer/values.yaml @@ -47,6 +47,18 @@ cluster: headlessServiceName: "" # default "-observer-headless" computed in _helpers.tpl networkPolicy: enabled: true + # Resources for the assert-cluster-secret init container. Namespaces + # with a ResourceQuota that requires per-container cpu/memory + # requests+limits (e.g. dev-yuzishu) will reject the Deployment + # otherwise. Match postgresql.wait.resources for consistency. + assertSecret: + resources: + requests: + cpu: 25m + memory: 64Mi + limits: + cpu: 100m + memory: 128Mi secret: create: false