gitops-workflow
关于
This skill enables developers to implement GitOps workflows using ArgoCD and Flux for automated, declarative Kubernetes deployments. It provides guidance for setting up continuous reconciliation, managing multi-cluster deployments, and automating application deployments directly from Git. Use it when adopting GitOps practices or establishing declarative infrastructure management for Kubernetes.
技能文档
GitOps Workflow
Complete guide to implementing GitOps workflows with ArgoCD and Flux for automated Kubernetes deployments.
Purpose
Implement declarative, Git-based continuous delivery for Kubernetes using ArgoCD or Flux CD, following OpenGitOps principles.
When to Use This Skill
- Set up GitOps for Kubernetes clusters
- Automate application deployments from Git
- Implement progressive delivery strategies
- Manage multi-cluster deployments
- Configure automated sync policies
- Set up secret management in GitOps
OpenGitOps Principles
- Declarative - Entire system described declaratively
- Versioned and Immutable - Desired state stored in Git
- Pulled Automatically - Software agents pull desired state
- Continuously Reconciled - Agents reconcile actual vs desired state
ArgoCD Setup
1. Installation
# Create namespace
kubectl create namespace argocd
# Install ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Get admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
Reference: See references/argocd-setup.md for detailed setup
2. Repository Structure
gitops-repo/
├── apps/
│ ├── production/
│ │ ├── app1/
│ │ │ ├── kustomization.yaml
│ │ │ └── deployment.yaml
│ │ └── app2/
│ └── staging/
├── infrastructure/
│ ├── ingress-nginx/
│ ├── cert-manager/
│ └── monitoring/
└── argocd/
├── applications/
└── projects/
3. Create Application
# argocd/applications/my-app.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/org/gitops-repo
targetRevision: main
path: apps/production/my-app
destination:
server: https://kubernetes.default.svc
namespace: production
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
4. App of Apps Pattern
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: applications
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/org/gitops-repo
targetRevision: main
path: argocd/applications
destination:
server: https://kubernetes.default.svc
namespace: argocd
syncPolicy:
automated: {}
Flux CD Setup
1. Installation
# Install Flux CLI
curl -s https://fluxcd.io/install.sh | sudo bash
# Bootstrap Flux
flux bootstrap github \
--owner=org \
--repository=gitops-repo \
--branch=main \
--path=clusters/production \
--personal
2. Create GitRepository
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: my-app
namespace: flux-system
spec:
interval: 1m
url: https://github.com/org/my-app
ref:
branch: main
3. Create Kustomization
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: my-app
namespace: flux-system
spec:
interval: 5m
path: ./deploy
prune: true
sourceRef:
kind: GitRepository
name: my-app
Sync Policies
Auto-Sync Configuration
ArgoCD:
syncPolicy:
automated:
prune: true # Delete resources not in Git
selfHeal: true # Reconcile manual changes
allowEmpty: false
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
Flux:
spec:
interval: 1m
prune: true
wait: true
timeout: 5m
Reference: See references/sync-policies.md
Progressive Delivery
Canary Deployment with ArgoCD Rollouts
apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
name: my-app
spec:
replicas: 5
strategy:
canary:
steps:
- setWeight: 20
- pause: {duration: 1m}
- setWeight: 50
- pause: {duration: 2m}
- setWeight: 100
Blue-Green Deployment
strategy:
blueGreen:
activeService: my-app
previewService: my-app-preview
autoPromotionEnabled: false
Secret Management
External Secrets Operator
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: db-credentials
spec:
refreshInterval: 1h
secretStoreRef:
name: aws-secrets-manager
kind: SecretStore
target:
name: db-credentials
data:
- secretKey: password
remoteRef:
key: prod/db/password
Sealed Secrets
# Encrypt secret
kubeseal --format yaml < secret.yaml > sealed-secret.yaml
# Commit sealed-secret.yaml to Git
Best Practices
- Use separate repos or branches for different environments
- Implement RBAC for Git repositories
- Enable notifications for sync failures
- Use health checks for custom resources
- Implement approval gates for production
- Keep secrets out of Git (use External Secrets)
- Use App of Apps pattern for organization
- Tag releases for easy rollback
- Monitor sync status with alerts
- Test changes in staging first
Troubleshooting
Sync failures:
argocd app get my-app
argocd app sync my-app --prune
Out of sync status:
argocd app diff my-app
argocd app sync my-app --force
Related Skills
k8s-manifest-generator- For creating manifestshelm-chart-scaffolding- For packaging applications
快速安装
/plugin add https://github.com/camoneart/claude-code/tree/main/gitops-workflow在 Claude Code 中复制并粘贴此命令以安装该技能
GitHub 仓库
相关推荐技能
sglang
元SGLang是一个专为LLM设计的高性能推理框架,特别适用于需要结构化输出的场景。它通过RadixAttention前缀缓存技术,在处理JSON、正则表达式、工具调用等具有重复前缀的复杂工作流时,能实现极速生成。如果你正在构建智能体或多轮对话系统,并追求远超vLLM的推理性能,SGLang是理想选择。
generating-unit-tests
元该Skill能自动为源代码生成全面的单元测试,支持Jest、pytest、JUnit等多种测试框架。当开发者请求"生成测试"、"创建单元测试"或使用"gut"快捷指令时即可触发。它能智能识别合适框架或按指定框架生成测试用例,显著提升测试效率。
business-rule-documentation
元该Skill为开发者提供标准化的业务规则和领域知识文档模板,遵循领域驱动设计原则。它能系统化地捕获业务规则、流程、决策树和术语表,确保业务需求与技术实现的一致性。适用于创建领域模型、业务规则库、流程映射,以及改善业务与技术团队之间的沟通。
orchestrating-test-workflows
元该技能让开发者能通过Claude编排复杂测试工作流,包括定义测试依赖关系图、并行执行测试以及基于代码变更智能选择测试用例。适用于需要测试编排、依赖管理、并行测试或CI/CD集成测试的场景。当用户提及"orchestrate tests"、"parallel testing"等触发词时即可调用此技能。