ArgoCD GitOps
Deploy applications automatically from Git using ArgoCD.
Time: ~20 minutes Difficulty: Intermediate
What You Will Learn
Section titled “What You Will Learn”- Installing ArgoCD on Minikube with Terraform
- Creating ArgoCD Application resources
- The App-of-Apps pattern
- Auto-sync, self-heal, and auto-prune
- ArgoCD Projects for access control
Prerequisites
Section titled “Prerequisites”- Terraform v1.0+
- Demos simple-app, helm, and kustomize must exist in this repo (ArgoCD deploys them from Git)
Install ArgoCD
Section titled “Install ArgoCD”cd demos/argocd/terraform/
terraform initterraform applyTerraform installs ArgoCD via Helm into the argocd namespace.
Access the ArgoCD UI
Section titled “Access the ArgoCD UI”# Port-forward the ArgoCD serverkubectl port-forward svc/argocd-server -n argocd 8080:80
# Get the admin passwordkubectl -n argocd get secret argocd-initial-admin-secret \ -o jsonpath="{.data.password}" | base64 -dOpen http://localhost:8080 and log in with username admin and the password above.
Deploy Applications
Section titled “Deploy Applications”Option A: App-of-Apps (recommended)
Section titled “Option A: App-of-Apps (recommended)”Deploy all applications at once:
kubectl apply -f applications/app-of-apps.yamlThis creates a parent application that manages all child applications:
| Application | Source Path | What It Deploys |
|---|---|---|
| simple-app | demos/simple-app/manifests | Plain nginx deployment |
| helm-app | demos/helm/chart | Helm-based web app |
| kustomize-dev | demos/kustomize/overlays/development | Dev overlay |
| kustomize-prod | demos/kustomize/overlays/production | Prod overlay |
Option B: One at a time
Section titled “Option B: One at a time”kubectl apply -f applications/1-simple-app.yamlkubectl apply -f applications/2-helm-app.yamlkubectl apply -f applications/3a-kustomize-dev.yamlkubectl apply -f applications/3b-kustomize-prod.yamlVerify
Section titled “Verify”In the ArgoCD UI, you should see all applications with a green “Synced” and “Healthy” status.
From the CLI:
kubectl get applications -n argocdWhat is Happening
Section titled “What is Happening”applications/ app-of-apps.yaml # Meta-application managing all others 1-simple-app.yaml # Points to demos/simple-app/manifests 2-helm-app.yaml # Points to demos/helm/chart 3a-kustomize-dev.yaml # Points to demos/kustomize/overlays/development 3b-kustomize-prod.yaml # Points to demos/kustomize/overlays/production
projects/ project-dev.yaml # RBAC: restricts which repos and namespaces are allowed
terraform/ provider.tf # Helm + Kubernetes providers argocd.tf # ArgoCD Helm release variables.tf # Configurable inputs values.yaml # ArgoCD Helm values outputs.tf # Post-install instructionsEach ArgoCD Application watches a Git path. When you push a change, ArgoCD detects the diff and syncs the cluster to match.
Key sync policies:
- Auto-sync: applies changes without manual approval
- Self-heal: reverts manual cluster edits to match Git
- Auto-prune: deletes resources removed from Git
Experiment
Section titled “Experiment”-
Edit
demos/simple-app/manifests/deployment.yaml, changereplicas: 2toreplicas: 5, commit and push. Watch ArgoCD sync automatically. -
Manually delete a pod and watch ArgoCD self-heal:
Terminal window kubectl delete pod -l app=simple-nginx -n simple-app -
Check sync status from CLI:
Terminal window kubectl get applications -n argocd -o wide
Cleanup
Section titled “Cleanup”# Remove all applicationskubectl delete -f applications/app-of-apps.yaml
# Uninstall ArgoCDcd terraform/terraform destroy
# Remove namespacekubectl delete namespace argocdFurther Reading
Section titled “Further Reading”See docs/deep-dive.md for a detailed explanation of GitOps principles, ArgoCD architecture, sync policies, the App-of-Apps pattern, Projects/RBAC, and troubleshooting.
Next Step
Section titled “Next Step”Move on to Cert-Manager to automate TLS certificate management.