From 44a98d408e2a2fbccd7c7fdedb4b2dfb3725f26d Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sat, 20 Jun 2026 08:09:08 +0000 Subject: [PATCH] k8s-version-upgrade: detector next-minor probe must follow 302 (curl -sfL) The next-minor Packages query used `curl -sf` without -L. pkgs.k8s.io 302-redirects every request to a backing host, so without -L curl returned an empty body, NEXT_MINOR_PATCH came back empty, and the detector fell through to "No upgrade needed". That is exactly why last night's 23:00 chain no-op'd instead of resolving the 1.35 next-minor target (1.35.6) and handing it to the compat gate. `curl -sfL` follows the redirect and returns the Packages file (verified: -sf -> empty, -sfL -> 1.35.6). Mirrors the same -L fix already applied to the Release availability probe (-sILo) above. Co-Authored-By: Claude Opus 4.8 --- stacks/k8s-version-upgrade/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stacks/k8s-version-upgrade/main.tf b/stacks/k8s-version-upgrade/main.tf index c2ac3b01..bbba532f 100644 --- a/stacks/k8s-version-upgrade/main.tf +++ b/stacks/k8s-version-upgrade/main.tf @@ -435,7 +435,7 @@ resource "kubernetes_cron_job_v1" "k8s_version_check" { KIND="patch" elif [ "$NEXT_MINOR_AVAILABLE" = "yes" ]; then NEXT_MINOR_PATCH=$($SSH wizard@k8s-master.viktorbarzin.lan \ - "curl -sf 'https://pkgs.k8s.io/core:/stable:/v$NEXT_MINOR/deb/Packages' \ + "curl -sfL 'https://pkgs.k8s.io/core:/stable:/v$NEXT_MINOR/deb/Packages' \ | grep -oE 'Version: [0-9.-]+' \ | awk '{print \$2}' | sed 's/-.*//' \ | sort -V | tail -1" || echo "")