ArgoCD¶

Overview¶

ArgoCD provides GitOps continuous deployment, automatically syncing Kubernetes manifests from Git repositories.

Architecture¶

graph LR
    subgraph GitHub
        Repo[Git Repository]
    end

    subgraph ArgoCD
        Server[API Server]
        Repo_Server[Repo Server]
        Controller[App Controller]
    end

    subgraph Kubernetes
        Apps[Applications]
    end

    Repo --> Repo_Server
    Repo_Server --> Controller
    Controller --> Apps
    Server --> Controller

Access¶

Property	Value
URL	argocd.ajandrews.pro
Port	443
Namespace	argocd

Applications¶

Managed Applications¶

Application	Repository	Path	Sync Status
hub	GitHub	k8s/	Auto
wiki	GitHub	k8s/	Auto
monitoring	GitHub	k8s/	Auto

Application Configuration¶

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: hub
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://github.com/user/repo.git
    targetRevision: main
    path: k8s
  destination:
    server: https://kubernetes.default.svc
    namespace: hub
  syncPolicy:
    automated:
      prune: true
      selfHeal: true

Sync Policies¶

Automated Sync¶

syncPolicy:
  automated:
    prune: true      # Delete resources not in Git
    selfHeal: true   # Revert manual changes
    allowEmpty: false

Manual Sync¶

For production-critical applications:

syncPolicy:
  automated: {}  # No automated sync

Repository Management¶

Adding Repository¶

argocd repo add https://github.com/user/repo.git \
  --username <user> \
  --password <token>

SSH Key¶

argocd repo add [email protected]:user/repo.git \
  --ssh-private-key-path ~/.ssh/id_rsa

Application Management¶

CLI Commands¶

# List applications
argocd app list

# Get application status
argocd app get hub

# Sync application
argocd app sync hub

# Rollback
argocd app rollback hub <revision>

# Delete application
argocd app delete hub

Health Status¶

Status	Description
Healthy	All resources healthy
Progressing	Deployment in progress
Degraded	Some resources unhealthy
Suspended	Sync suspended
Unknown	Status unknown

Sync Status¶

Status	Description
Synced	Matches Git
OutOfSync	Differs from Git
Unknown	Status unknown

Projects¶

Default Project¶

apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
  name: default
  namespace: argocd
spec:
  sourceRepos:
    - '*'
  destinations:
    - namespace: '*'
      server: '*'
  clusterResourceWhitelist:
    - group: '*'
      kind: '*'

Notifications¶

Webhook Integration¶

apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-notifications-cm
  namespace: argocd
data:
  trigger.on-sync-succeeded: |
    - when: app.status.sync.status == 'Synced'
      send: [sync-succeeded]
  template.sync-succeeded: |
    webhook:
      my-webhook:
        method: POST
        body: |
          {"app": "{{.app.metadata.name}}", "status": "synced"}

Troubleshooting¶

Common Issues¶

Issue	Cause	Resolution
Sync failed	Invalid manifest	Check application logs
OutOfSync	Manual change	Sync or revert
ImagePullBackOff	Registry auth	Check image pull secrets

Debug Commands¶

# Check app events
argocd app get hub --show-events

# View resource tree
argocd app resources hub

# Check diff
argocd app diff hub

# View logs
kubectl logs -n argocd deploy/argocd-application-controller

Best Practices¶

Use app-of-apps - Manage apps declaratively
Separate repos - Config repo vs code repo
Environment branches - Branch per environment
Sync windows - Limit production sync times
RBAC - Restrict application access
Notifications - Alert on sync status