feat: add ClusterSecretStore and ExternalSecret for Tailscale #12

Closed

gitea-admin wants to merge 2 commits from orion/auto/feat-add-clustersecretstore-and-external-1778373287112 into main

pull from: orion/auto/feat-add-clustersecretstore-and-external-1778373287112

merge into: gitea-admin:main

gitea-admin:main

gitea-admin:orion/auto/fix-align-pelican-backup-externalsecret--1780406406524

gitea-admin:orion/auto/fix-correct-pelican-pghost-to-match-actu-1780406356497

gitea-admin:orion/auto/fix-delete-broken-transmission-deploymen-1780384971953

gitea-admin:orion/auto/feat-add-argocd-application-for-backups--1780384909112

gitea-admin:orion/auto/feat-deploy-falco-runtime-security-1780380247953

gitea-admin:orion/auto/feat-deploy-wazuh-siem-for-security-moni-1780380225261

gitea-admin:orion/auto/fix-repair-transmission-deployment-yaml--1780375360519

gitea-admin:orion/auto/feat-add-backup-infrastructure-cronjobs--1780363069966

gitea-admin:orion/auto/feat-add-backups-namespace-with-pelican--1780361834306

gitea-admin:orion/auto/feat-add-backup-infrastructure-namespace-1780360691804

gitea-admin:orion/auto/fix-transmission-deployment-invalid-cont-1780182803013

gitea-admin:orion/auto/fix-update-n8n-externalsecret-api-versio-1780181761004

gitea-admin:orion/auto/feat-deploy-tailscale-operator-1780145866429

gitea-admin:orion/auto/fix-update-n8n-externalsecret-to-v1-1780145710378

gitea-admin:orion/auto/feat-deploy-n8n-with-persistent-storage--1780102304681

gitea-admin:orion/auto/feat-deploy-n8n-workflow-automation-1780101994761

gitea-admin:orion/auto/feat-add-n8n-service-and-ingress-1779989928023

gitea-admin:orion/auto/feat-deploy-n8n-workflow-automation-1779989910653

gitea-admin:orion/auto/fix-remove-static-peer-port-from-transmi-1779632181197

gitea-admin:orion/auto/feat-add-transmission-with-gluetun-vpn-s-1779632092555

gitea-admin:add-khalisio

gitea-admin:orion/auto/fix-correct-api-versions-for-externalsec-1779230976308

gitea-admin:orion/auto/fix-move-bitwarden-to-security-bitwarden-1779229047173

gitea-admin:orion/auto/fix-deploy-bitwarden-to-security-bitward-1779229021873

gitea-admin:orion/auto/feat-deploy-bitwarden-vault-to-security--1779180493216

gitea-admin:orion/auto/feat-deploy-bitwarden-vault-to-security--1779180404481

gitea-admin:orion/auto/feat-deploy-bitwarden-self-hosted-in-sec-1779180155812

gitea-admin:orion/auto/fix-correct-valheim-uuid-and-ingress-api-1779150243957

gitea-admin:orion/auto/feat-deploy-all-8-wings-instances-ark-sa-1779150161684

gitea-admin:orion/auto/feat-deploy-wings-instance-for-ark-sa-1779149758378

gitea-admin:orion/auto/feat-deploy-wings-instance-for-valheim-1779149739358

gitea-admin:orion/auto/feat-deploy-wings-instance-for-7-days-to-1779149721710

gitea-admin:orion/auto/feat-deploy-wings-instance-for-return-to-1779149703605

gitea-admin:orion/auto/feat-deploy-wings-instance-for-enshroude-1779149685319

gitea-admin:orion/auto/feat-deploy-wings-instance-for-enshroude-1779149618111

gitea-admin:orion/auto/feat-deploy-wings-instance-for-7-days-to-1779149599180

gitea-admin:orion/auto/feat-deploy-wings-instance-for-7-days-to-1779149568168

gitea-admin:orion/auto/feat-deploy-wings-instance-for-ark-survi-1779149545920

gitea-admin:orion/auto/feat-wings-deploy-ark-sa-wings-instance-1779149339514

gitea-admin:orion/auto/feat-pelican-deploy-pelican-panel-with-d-1779147272995

gitea-admin:orion/auto/feat-game-servers-add-game-servers-names-1779147254094

gitea-admin:orion/auto/feat-pelican-add-pelican-namespace-1779147240136

gitea-admin:orion/auto/feat-media-remove-readarr-from-the-media-1779146111490

gitea-admin:orion/auto/fix-media-data-pvc-access-mode-and-reada-1779145748122

gitea-admin:orion/auto/fix-media-data-pvc-access-mode-and-apps--1779145418664

gitea-admin:orion/auto/fix-readarr-update-image-to-ghcr-io-read-1779145372721

gitea-admin:orion/auto/fix-update-readarr-image-from-linuxserve-1779145344595

gitea-admin:orion/auto/fix-readarr-mount-to-use-books-pvc-1779143917759

gitea-admin:orion/auto/feat-restructure-media-stack-with-correc-1779142596794

gitea-admin:orion/auto/fix-create-missing-pvcs-and-clean-up-dup-1779141054277

gitea-admin:orion/auto/restructure-organize-excalidraw-under-ap-1779056975970

gitea-admin:orion/auto/restructure-organize-by-namespace-with-a-1779056962271

gitea-admin:orion/auto/restructure-move-tailscale-into-namespac-1779056949375

gitea-admin:orion/auto/restructure-move-excalidraw-into-apps-na-1779056934922

gitea-admin:orion/auto/restructure-move-excalidraw-under-apps-n-1779056925243

gitea-admin:orion/auto/restructure-organize-excalidraw-under-na-1779056868033

gitea-admin:orion/auto/restructure-organize-apps-under-namespac-1779056799071

gitea-admin:orion/auto/refactor-organize-media-apps-into-namesp-1779056277071

gitea-admin:orion/auto/feat-reorganize-media-apps-under-namespa-1779056222548

gitea-admin:orion/auto/feat-reorganize-media-apps-under-namespa-1779056172173

gitea-admin:orion/auto/refactor-reorganize-manifests-into-names-1779056072745

gitea-admin:orion/auto/deploy-arr-stack-emby-to-media-namespace-1779055509777

gitea-admin:orion/auto/feat-deploy-arr-stack-emby-to-media-name-1779055305502

gitea-admin:orion/auto/feat-deploy-excalidraw-whiteboard-1779034065203

gitea-admin:orion/auto/remove-whoami-test-service-1779033614058

gitea-admin:orion/auto/fix-actually-remove-whoami-service-delet-1779028173625

gitea-admin:orion/auto/feat-remove-whoami-test-service-1779027282216

gitea-admin:orion/auto/remove-whoami-test-service-1779027183612

gitea-admin:orion/auto/fix-add-tls-certificate-to-whoami-ingres-1779025733344

gitea-admin:orion/auto/feat-create-apps-namespace-1779025554970

gitea-admin:orion/auto/deploy-whoami-test-server-1779024941578

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778979711696

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778979641646

gitea-admin:orion/auto/fix-migrate-tailscale-operator-to-oauth--1778979071556

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778978985567

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778978915769

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778978823477

gitea-admin:orion/auto/fix-migrate-tailscale-operator-to-oauth--1778978762853

gitea-admin:orion/auto/feat-update-tailscale-operator-to-oauth--1778977997837

gitea-admin:orion/auto/fix-add-oauth-config-to-tailscale-operat-1778977929419

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778968649055

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778966778432

gitea-admin:orion/auto/fix-move-deployment-to-correct-path-and--1778962026359

gitea-admin:orion/auto/feat-migrate-tailscale-operator-to-oauth-1778958534086

gitea-admin:orion/auto/fix-update-tailscale-operator-to-oauth-s-1778957203077

gitea-admin:orion/auto/fix-update-tailscale-operator-to-use-oau-1778955519224

gitea-admin:orion/auto/fix-migrate-tailscale-operator-to-oauth--1778955313506

gitea-admin:orion/auto/fix-migrate-tailscale-operator-to-oauth--1778955211915

gitea-admin:orion/auto/feat-deploy-tailscale-operator-for-tailn-1778807220856

gitea-admin:orion/auto/fix-correctly-reference-existing-tailsca-1778809478719

gitea-admin:orion/auto/feat-deploy-tailscale-operator-via-gitop-1778426037111

gitea-admin:orion/auto/feat-deploy-tailscale-operator-with-auth-1778415696837

gitea-admin:orion/auto/feat-deploy-tailscale-operator-with-auth-1778415685599

gitea-admin:orion/auto/feat-deploy-tailscale-operator-with-auth-1778415674454

gitea-admin:orion/auto/feat-deploy-tailscale-operator-and-auth--1778378566626

gitea-admin:orion/auto/feat-deploy-tailscale-operator-and-auth--1778378551457

gitea-admin:orion/auto/feat-add-externalsecret-for-tailscale-au-1778373309640

gitea-admin:orion/auto/feat-deploy-tailscale-operator-1778357494349

gitea-admin:orion/auto/feat-deploy-tailscale-operator-1778353657489

gitea-admin:orion/auto/feat-deploy-tailscale-operator-1778353620055

gitea-admin:orion/auto/feat-add-tailnet-custom-resource-for-tai-1778353404155

gitea-admin:orion/auto/chore-remove-tailscale-operator-and-all--1778352258236

gitea-admin:orion/auto/test-branch-1778347892

gitea-admin:orion/auto/feat-add-tailscale-operator-and-daemonse-1778347811370

gitea-admin:orion/auto/feat-deploy-tailscale-operator-for-secur-1778347768093

gitea-admin:orion/auto/feat-deploy-tailscale-operator-for-secur-1778347758464

gitea-admin:orion/auto/chore-remove-excalidraw-deployment-1776697923944

Conversation 0 Commits 2 Files Changed 2

+37

gitea-admin commented 2026-05-10 00:34:47 +00:00

Owner

Copy Link

Copy Source

AI Reasoning

The Tailscale operator pods are failing with CreateContainerConfigError because the ExternalSecret (tailscale-auth) and ClusterSecretStore (orion-vault) don't exist in the cluster. The ORION ExternalSecret is registered and marked "applied" but the actual K8s resources haven't been deployed via GitOps. This PR will create the necessary ESO resources to sync the TS_AUTH_KEY from Vault into the tailscale namespace.

---

Policy Verdict

✅ Auto-merge — Scaling replicas up/down is low-risk and fully reversible

Operation type: scale

Proposed by ORION

## AI Reasoning The Tailscale operator pods are failing with CreateContainerConfigError because the ExternalSecret (tailscale-auth) and ClusterSecretStore (orion-vault) don't exist in the cluster. The ORION ExternalSecret is registered and marked "applied" but the actual K8s resources haven't been deployed via GitOps. This PR will create the necessary ESO resources to sync the TS_AUTH_KEY from Vault into the tailscale namespace. --- ## Policy Verdict ✅ **Auto-merge** — Scaling replicas up/down is low-risk and fully reversible *Operation type: `scale`* *Proposed by [ORION](https://github.com/richard-callis/orion-web)*

gitea-admin added 2 commits 2026-05-10 00:34:48 +00:00

feat: add ClusterSecretStore and ExternalSecret for Tailscale b587b56772

feat: add ClusterSecretStore and ExternalSecret for Tailscale 9a525658a4

gitea-admin added 1 commit 2026-05-10 00:34:48 +00:00

feat: add ClusterSecretStore and ExternalSecret for Tailscale 9a525658a4

gitea-admin closed this pull request 2026-05-10 12:23:44 +00:00

Some checks are pending

Hide all checks

Validate Manifests / validate (pull_request) Has been cancelled

Details

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

gitea-admin

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: gitea-admin/talos-cluster#12