Workflow Troubleshooting - Starter Kit

Workflow Fails to Schedule
Step Errors and Logs
Templating Issues
Secret Pull/Push Failures
Scheduling and Concurrency
General Tips

Workflow Fails to Schedule

Ensure the Workflow CRD is installed:

kubectl get crd workflows.external-secrets.io

Verify RBAC permissions for the controller in the target namespace.

Step Errors and Logs

Inspect WorkflowRun status and events:

kubectl describe workflowrun <name> -n <namespace>

Check controller logs for error messages:

kubectl logs deployment/external-secrets-enterprise-controller -n <namespace>

Templating Issues

Invalid Go template expressions will cause step failures.
Validate templates locally.
Use <debug> steps to emit context data during runs.

Secret Pull/Push Failures

Pull: Confirm SecretStore name and access credentials are correct.
Push: Ensure destination storeRef exists and has write permissions.

Scheduling and Concurrency

For spec.schedule.every, validate duration format (e.g., "30m", "1h").
Loop jobs with concurrency: 0 run unlimited parallel iterations—monitor controller resource usage.

General Tips

Use the <Note> component in definitions to add run-time annotations.
Incrementally add jobs and steps, verifying each run to isolate issues.
Refer to the Workflow API spec for detailed field descriptions.

Workflow Examples Targets

⌘I