• enquiry@srtechhub.com
  • +91 81255 39898‬, ‪+91 89195 44304‬
Facebook Instagram
Login

GitOps with ArgoCD – A Complete Guide for Modern DevOps Automation

GitOps with ArgoCD - A Complete Guide for Modern DevOps Automation

As applications scale and infrastructure becomes more dynamic, managing Kubernetes environments manually becomes painful, inconsistent, and difficult to audit. DevOps engineers needed a way to:

  • deploy faster
  • reduce configuration drift
  • improve security and auditing
  • automate rollbacks
  • enforce consistency across environments

This paved the way for GitOps — an operational model that uses Git as the single source of truth for declarative infrastructure and application delivery.

GitOps is built on the idea that if it’s not in Git, it does not exist.

By storing all Kubernetes manifests, Helm charts, and configuration files in Git, teams gain version control, traceability, and auditability — automatically.

What is GitOps?

GitOps is an operational framework for Kubernetes, based on three core principles:

1. Declarative Configuration

Applications and infrastructure must be fully described using declarative YAML manifests.

2. Version Control using Git

Git acts as the single source of truth. Every change is stored, reviewed, and approved through Pull Requests.

3. Automated Reconciliation

A GitOps operator (like ArgoCD) continuously checks whether the cluster state matches the Git state.
If something drifts, the operator automatically fixes it.

GitOps = Git + Kubernetes + Continuous Delivery + Automation

Why GitOps?

1. Full Automation

GitOps eliminates manual kubectl apply commands.
Everything is automated via Git events and ArgoCD reconciliation.

2. Faster Deployments

Each merge to the main branch automatically triggers deployment.

3. Strong Security

No developer needs direct access to the cluster.
Only the GitOps operator does.

4. Easy Rollbacks

Every Git commit is a version.
Rollback = git revert.

5. Traceability & Compliance

Every deployment is linked to a Pull Request and Git history.

6. Multi-Cluster Management

ArgoCD can deploy to many clusters from a single dashboard.

7. Self-Healing Infrastructure

If someone manually changes a resource, GitOps will revert it.

Introduction to ArgoCD

ArgoCD is a declarative, GitOps-based continuous delivery tool for Kubernetes.

It ensures that your running applications always match the desired state stored in Git.

Key Features

  • Declarative GitOps deployments
  • Web UI + CLI + API
  • Automatic syncing and drift detection
  • Multi-environment support (dev, stage, prod)
  • Supports Helm, Kustomize, Jsonnet, YAML
  • Automatic rollbacks
  • SSO, RBAC, and enterprise-grade security
  • Metrics + logs for observability

ArgoCD is one of the most popular CNCF projects, adopted by thousands of DevOps teams globally.

How ArgoCD Works

Let’s simplify the workflow:

  1. You store Kubernetes manifests in Git.
  2. ArgoCD continuously watches that repository.
  3. If something changes, ArgoCD updates the cluster.
  4. If the cluster drifts, ArgoCD restores the correct state.
  5. You control everything through Pull Requests.

ArgoCD = Git → Sync → Deploy → Monitor → Heal

ArgoCD Architecture Explained

ArgoCD architecture has four main components:

1. API Server

Frontend + REST API used by CLI/UI.

2. Repository Server

Interacts with Git repositories (pulls manifests, Helm charts, Kustomize overlays).

3. Application Controller

The brain of ArgoCD compares the desired vs the actual state.

4. Redis + Database

Stores cluster/application state.

5. ArgoCD Agent (in cluster)

Applies Kubernetes manifests.

The flow is simple:

Git → ArgoCD Repository Server → Application Controller → Kubernetes Cluster

GitOps Workflow with ArgoCD (Step-by-Step)

Step 1: Developer commits code

A new feature or update is committed.

Step 2: Pipeline builds a container image

The DevOps pipeline (using GitHub Actions, Jenkins, or GitLab CI) builds the Docker image and pushes it to the registry.

Step 3: Kubernetes manifests updated in Git

Deployment YAML, Helm chart, or Kustomize overlay is updated with the new image tag.

Step 4: ArgoCD detects the change

ArgoCD periodically checks Git for updates.

Step 5: ArgoCD syncs the cluster

ArgoCD deploys the new version to the cluster.

Step 6: Monitoring & rollback If anything fails, rollback is instant by reverting the Git commit.

Declarative Setup for ArgoCD

The most powerful part of ArgoCD is the Application YAML.

Example:

This single YAML tells ArgoCD:

  • which repo to watch
  • which path to monitor
  • where to deploy
  • whether to self-heal or auto-sync

GitOps + ArgoCD vs Traditional CI/CD

Traditional CI/CD

  • CI/CD pipeline deploys directly to Kubernetes
  • Requires admin access to cluster
  • Harder to track drift
  • Everything is push-based

GitOps with ArgoCD

  • Deployment controlled entirely by GitOps operator
  • Zero cluster access needed for developers
  • Automatically fixes drift
  • Pull-based, more secure

GitOps is more secure, scalable, and auditable.

Multi-Environment GitOps

A clean GitOps setup uses folders or branches for environments:

Folder Structure Method:

repo/

  dev/

  qa/

  stage/

  prod/

Each folder contains its own manifests or Helm values.

ArgoCD deploys based on the folder mapped to the environment.

Best Practices for GitOps with ArgoCD

1. Don’t allow direct kubectl access

All changes must go through Git PRs.

2. Use separate repos for app code and infra YAML

Keeps things clean and secure.

3. Enforce branch protection

Production changes must be reviewed.

4. Use automated image updaters

Example: ArgoCD Image Updater

5. Label all Kubernetes resources

Better tracking & troubleshooting.

6. Store secrets securely (not in Git)

Use:

  • Sealed Secrets
  • External Secrets Operator
  • Vault

7. Use Kustomize for overlays Perfect for dev/stage/prod variations.

Advantages of ArgoCD Over Other GitOps Tools

Feature                                  ArgoCDFluxCDJenkins X
UI Dashboard     ✔       ✖   ✖
Multi-cluster     ✔       ✔   ✔
Helm support     ✔       ✔   ✔
Drift detection     ✔       ✔   Limited
Ease of setup       Easy          Medium    Hard
Ecosystem maturity    Very strong           Strong    Weak
    

ArgoCD stands out due to its user-friendly UI and reliability.

Real-World Use Case

A large enterprise with 50+ microservices:

  • Developers commit code
  • CI pipeline builds the image
  • GitOps repo updates image tag
  • ArgoCD deploys to the dev environment
  • After approval, the change is merged to stage → prod
  • ArgoCD syncs to all clusters
  • Monitoring with Prometheus + Grafana
  • Rollback = 1 Git command

This reduces deployment time from hours to minutes with full traceability.

GitOps Anti-Patterns (What NOT to Do)

❌ Storing secrets in Git
❌ Allowing developers cluster access
❌ Manually applying Kubernetes YAML
❌ Mixing app code + infra YAML in one repo
❌ Turning off auto-sync + self-heal
❌ Using kubectl edit on running clusters

Avoid these to maintain GitOps purity.

Key Takeaways

  • GitOps is the future of Kubernetes automation
  • ArgoCD is the top GitOps tool
  • Git becomes the single source of truth
  • Deployments, rollbacks, and environment management become automatic
  • Security improves drastically
  • Drift detection ensures consistency
  • Multi-cluster management made simple

GitOps + ArgoCD = Zero-touch deployment + Maximum reliability

FAQ

Q1. Is GitOps only for Kubernetes?

Primarily, yes, but some tools support non-Kubernetes infrastructure.

Q2. Does ArgoCD replace CI pipelines?

No. CI builds artifacts; ArgoCD deploys them.

Q3. How often does ArgoCD sync with Git?

Every 3 minutes (default). Configurable.

Q4. Can ArgoCD work without internet?

Yes, it works fully offline in private clusters.

Q5. GitOps vs Helm — are they the same?

No. Helm is a packaging tool; GitOps is a process.