Antigravity-skills gitops-workflow
Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes deployments with continuous reconciliation. Use when implementing GitOps practices, automating Kubernetes deployments, or setting up declarative infrastructure management.
install
source · Clone the upstream repo
git clone https://github.com/rmyndharis/antigravity-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/rmyndharis/antigravity-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/gitops-workflow" ~/.claude/skills/rmyndharis-antigravity-skills-gitops-workflow && rm -rf "$T"
manifest:
skills/gitops-workflow/SKILL.mdsource content
GitOps Workflow
Complete guide to implementing GitOps workflows with ArgoCD and Flux for automated Kubernetes deployments.
Purpose
Implement declarative, Git-based continuous delivery for Kubernetes using ArgoCD or Flux CD, following OpenGitOps principles.
Use this skill when
- Set up GitOps for Kubernetes clusters
- Automate application deployments from Git
- Implement progressive delivery strategies
- Manage multi-cluster deployments
- Configure automated sync policies
- Set up secret management in GitOps
Do not use this skill when
- You need a one-off manual deployment
- You cannot manage cluster access or repo permissions
- You are not deploying to Kubernetes
Instructions
- Define repo layout and desired-state conventions.
- Install ArgoCD or Flux and connect clusters.
- Configure sync policies, environments, and promotion flow.
- Validate rollbacks and secret handling.
Safety
- Avoid auto-sync to production without approvals.
- Keep secrets out of Git and use sealed or external secret managers.
OpenGitOps Principles
- Declarative - Entire system described declaratively
- Versioned and Immutable - Desired state stored in Git
- Pulled Automatically - Software agents pull desired state
- Continuously Reconciled - Agents reconcile actual vs desired state
ArgoCD Setup
1. Installation
# Create namespace kubectl create namespace argocd # Install ArgoCD kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml # Get admin password kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
Reference: See
references/argocd-setup.md2. Repository Structure
gitops-repo/ ├── apps/ │ ├── production/ │ │ ├── app1/ │ │ │ ├── kustomization.yaml │ │ │ └── deployment.yaml │ │ └── app2/ │ └── staging/ ├── infrastructure/ │ ├── ingress-nginx/ │ ├── cert-manager/ │ └── monitoring/ └── argocd/ ├── applications/ └── projects/
3. Create Application
# argocd/applications/my-app.yaml apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: my-app namespace: argocd spec: project: default source: repoURL: https://github.com/org/gitops-repo targetRevision: main path: apps/production/my-app destination: server: https://kubernetes.default.svc namespace: production syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true
4. App of Apps Pattern
apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: applications namespace: argocd spec: project: default source: repoURL: https://github.com/org/gitops-repo targetRevision: main path: argocd/applications destination: server: https://kubernetes.default.svc namespace: argocd syncPolicy: automated: {}
Flux CD Setup
1. Installation
# Install Flux CLI curl -s https://fluxcd.io/install.sh | sudo bash # Bootstrap Flux flux bootstrap github \ --owner=org \ --repository=gitops-repo \ --branch=main \ --path=clusters/production \ --personal
2. Create GitRepository
apiVersion: source.toolkit.fluxcd.io/v1 kind: GitRepository metadata: name: my-app namespace: flux-system spec: interval: 1m url: https://github.com/org/my-app ref: branch: main
3. Create Kustomization
apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: my-app namespace: flux-system spec: interval: 5m path: ./deploy prune: true sourceRef: kind: GitRepository name: my-app
Sync Policies
Auto-Sync Configuration
ArgoCD:
syncPolicy: automated: prune: true # Delete resources not in Git selfHeal: true # Reconcile manual changes allowEmpty: false retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m
Flux:
spec: interval: 1m prune: true wait: true timeout: 5m
Reference: See
references/sync-policies.mdProgressive Delivery
Canary Deployment with ArgoCD Rollouts
apiVersion: argoproj.io/v1alpha1 kind: Rollout metadata: name: my-app spec: replicas: 5 strategy: canary: steps: - setWeight: 20 - pause: {duration: 1m} - setWeight: 50 - pause: {duration: 2m} - setWeight: 100
Blue-Green Deployment
strategy: blueGreen: activeService: my-app previewService: my-app-preview autoPromotionEnabled: false
Secret Management
External Secrets Operator
apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: db-credentials spec: refreshInterval: 1h secretStoreRef: name: aws-secrets-manager kind: SecretStore target: name: db-credentials data: - secretKey: password remoteRef: key: prod/db/password
Sealed Secrets
# Encrypt secret kubeseal --format yaml < secret.yaml > sealed-secret.yaml # Commit sealed-secret.yaml to Git
Best Practices
- Use separate repos or branches for different environments
- Implement RBAC for Git repositories
- Enable notifications for sync failures
- Use health checks for custom resources
- Implement approval gates for production
- Keep secrets out of Git (use External Secrets)
- Use App of Apps pattern for organization
- Tag releases for easy rollback
- Monitor sync status with alerts
- Test changes in staging first
Troubleshooting
Sync failures:
argocd app get my-app argocd app sync my-app --prune
Out of sync status:
argocd app diff my-app argocd app sync my-app --force
Related Skills
- For creating manifestsk8s-manifest-generator
- For packaging applicationshelm-chart-scaffolding