GitOps with ArgoCD
GitOps is an operational framework that uses Git as the single source of truth for declarative infrastructure and applications. Every change to production goes through a pull request — auditable, reversible, and reviewed. ArgoCD continuously reconciles cluster state with Git, automatically correcting any drift and enabling rollback to any previous commit.
Why GitOps Solves Real Problems
Traditional CI/CD pipelines push to production via kubectl apply or helm upgrade commands executed in CI scripts. This creates serious problems: CI scripts have unlimited cluster access (security risk), there's no automatic drift detection (someone kubectl-applies a hotfix directly to production and it's gone at the next deploy), and rollback requires running a CI pipeline (slow when you're in the middle of an incident).
GitOps inverts this model. Instead of CI pushing to the cluster, the cluster pulls from Git. ArgoCD runs inside the Kubernetes cluster, watches a Git repository, and continuously reconciles the cluster state with what's defined in Git. Any difference — whether from a broken deploy or a manual kubectl command — is detected and optionally auto-healed.
The Git repository becomes the complete audit trail. To see why production looks the way it does, you read the Git history. To roll back, you revert a commit. To promote from staging to production, you open a pull request updating the production manifests. Access control is GitHub permissions — not kubectl credentials shared across the team.
Flux CD is the main alternative to ArgoCD. Both use GitOps principles. ArgoCD has a richer UI and better multi-cluster support. Flux is more lightweight and has better native support for Helm and Kustomize with an operator-first approach.
Each model shifts more responsibility from you to the cloud provider
ArgoCD Application Configuration
# Install ArgoCD in your cluster
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# ArgoCD Application — declares what to deploy and where from
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-api
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/my-org/k8s-manifests
targetRevision: main
path: apps/my-api/production # Folder with K8s YAML
destination:
server: https://kubernetes.default.svc
namespace: production
syncPolicy:
automated:
prune: true # Remove resources deleted from Git
selfHeal: true # Auto-correct drift (manual kubectl changes)
syncOptions:
- CreateNamespace=true
retry:
limit: 3
backoff:
duration: 5s
factor: 2
maxDuration: 3m
# Result: any push to apps/my-api/production in main branch
# is automatically deployed to the production cluster
# Any manual kubectl change is reverted within 3 minutesQuick Quiz
Tip
Tip
Practice GitOps with ArgoCD in small, isolated examples before integrating into larger projects. Breaking concepts into small experiments builds genuine understanding faster than reading alone.
Practice Task
Note
Practice Task — (1) Write a working example of GitOps with ArgoCD from scratch without looking at notes. (2) Modify it to handle an edge case (empty input, null value, or error state). (3) Share your solution in the Priygop community for feedback.
Common Mistake
Warning
A common mistake with GitOps with ArgoCD is skipping edge case testing — empty inputs, null values, and unexpected data types. Always validate boundary conditions to write robust, production-ready cloud code.