Ted Nyman tnm

🌿 Deployment Poem: cased/comet

Deployment Details:

Repository: cased/comet
Status: success
Environment: production
Commit: st4r5h1p
Deployed by: stellar-engineer
Deployment: Deploying stellar update v7.3.1 to production
Timestamp: 2025-09-11T20:44:51.237Z

Upgrade Instructions for Josh - Cased CD Enterprise 0.1.17

What Was Fixed

Root Cause: Nginx was hardcoded to use Docker's DNS server (127.0.0.11) which doesn't exist in Kubernetes pods. This caused all DNS lookups to fail with "Operation timed out" errors.

The Fix: Version 0.1.17 auto-detects the correct DNS resolver from /etc/resolv.conf:

In Docker: Uses 127.0.0.11
In Kubernetes: Uses cluster DNS (typically 10.96.0.10)

Debugging 502 Errors (No DNS Issues) - Josh

Good news: The DNS fix worked! No more DNS timeout errors. Bad news: Now getting 502 errors for a different reason.

The 502 without DNS errors means nginx can resolve the hostname but can't connect to the enterprise backend. Let's debug:

Step 1: Check Pod Status

Quick Fix for TLS Error - Josh

The issue is that the enterprise backend is trying to connect to ArgoCD over HTTPS with a self-signed cert.

Quick Fix (Patch the Running Deployment)

# Update the enterprise deployment to use HTTP instead of HTTPS
kubectl set env deployment/cased-cd-enterprise \
 ARGOCD_SERVER=http://argocd-server.argocd.svc.cluster.local \

Find the Deployment - Josh

The manifest has namespace: default hardcoded, so your -n argocd flag was ignored. Let's find where it actually is:

# Find all cased-cd deployments across all namespaces
kubectl get deployments -A | grep cased-cd

This will show you which namespace it's in and the exact deployment name.

Comprehensive Debug - Josh

Run ALL of these and send back the output:

1. Check Frontend ARGOCD_SERVER Setting

kubectl get deployment cased-cd -n argocd -o yaml | grep -A2 "ARGOCD_SERVER"

2. Watch Logs During Login Attempt

Cased CD Enterprise Setup - Josh Customer

Your kubectl command is failing due to shell escaping issues. Use this YAML approach instead:

Step 1: Create registry-secret.yaml

Save this to a file called registry-secret.yaml:

apiVersion: v1

	#!/usr/bin/env bash
	set -euo pipefail

	usage() {
	cat <<EOF
	Usage: gwc <branch> [file]

	Ensures a git worktree exists for <branch>, creates it if needed,
	and opens Claude Code in that worktree (optionally opening [file]).

	#!/bin/bash
	# Cased CD Enterprise - NetworkPolicy Diagnostic & Fix
	# This script diagnoses and fixes DNS timeout issues caused by missing NetworkPolicies

	set -e

	echo "=== Step 1: Check for existing NetworkPolicies for cased-cd ==="
	echo "Expected: No results (this is the problem)"
	kubectl get networkpolicies -n argocd -o json \| jq '.items[] \| select(.spec.podSelector.matchLabels."app.kubernetes.io/name" == "cased-cd") \| .metadata.name'
	echo ""

	#!/bin/bash
	# Cased CD Enterprise - NetworkPolicy Fix v2
	# This fixes DNS timeout by removing egress control (matching ArgoCD's pattern)

	set -e

	echo "=== The Problem ==="
	echo "ArgoCD NetworkPolicies only control Ingress, not Egress"
	echo "This means all ArgoCD pods have unrestricted egress (including DNS)"
	echo "Our first attempt tried to control egress with explicit allow rules"