GitOps implementation: Using GitHub Actions & ArgoCD in Kubernetes cluster.
These days GitOps is the one of the happening implementations for the cloud native applications, mainly for micro-services based applications because of its declarative infrastructure as code & policy as code approaches.
In the simple words, GitOps uses Git as single source of truth for Infrastructure as code or policy as code. We will be typically using GitHub or any centralized version control system as single source of truth for infrastructure as code.. let’s say in our case Kubernetes manifest files in GitHub.
Let’s get into a simple example to understand GitOps using GitHub Actions for Continuous Integration(CI) and Argo CD tool for Continuous Deployment(CD).
Our CI process involves:
- Developer merges the code to env branch.
- GitHub Actions webhook triggers for new code merge and start a new build.
- Docker image is built with a new tag(in my case i took build number as docker image tag).
- Docker image pushed to Docker Hub.
- After performing all the above steps, GitHub actions need to update my GitOps repository with the new image tag in Kubernetes deployment yaml files.
GitHub Workflow created in the application repository in the directory .github/workflows to run the automated builds when a webhook triggered.
Save your docker hub secrets in the repository secrets. Click on Code Repository -> Settings -> Secrets and variables -> Actions -> New Repository secret to add a secret for that specific repo.
In the GitOps repository, make sure to change the repository to your GitOps repository and the branch.
In the Update image version in manifest build step, my image with it’s tag starting with ‘v’(photosapp:v.*) will be changed to image with new build version number in deployment yaml file. These file changes will be explicitly handled by ‘sed’ tool. Then I will create a GitHub Actions user who pushes the changed code to my GitOps repository.
Our CD process involves:
- Argo CD will deploy our manifest file changes in Kubernetes Cluster.
What is Argo CD?
It’s a GitOps based Continuous delivery tool for Kubernetes applications which is responsible for monitoring all the running applications live state with the desired state specified in the Git repository.
Argo CD identifies the live state and the deviated desired state as OutOfSync. It will give a visual dashboard to make dev’s manually apply or automate the changes to desired state in the Git repository to the target environment, which will ensure the applications in sync.
Installation of Argo CD in Kubernetes cluster:
Checkout the official documentation by Argo CD itself.
After installing the Argo CD, check all the deployments in argocd namespace are running.
Port-forward the argocd-server to have the Argo CD CLI visible.
In the login page, the username is admin & the password need to extract from a secret created automatically in the argocd namespace. Extract the password using the following command:
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
Before creating a new application, if your GitOps repository is a private one connect it to Argo CD. In the Settings -> Repositories -> Connect repository.
On the applications pane, Click on +NEW APP to create a new argo-cd application. Then Edit as YAML.
Make sure to change the GitOps repository URL and the path of the manifest files you want to maintain the synced state.
I have pushed a new commit to the application & GitHub Actions performed my build and created a new image. Updated that tag in the deployment manifest files in the GitOps repository.
I have enabled Auto sync in which polls Argo CD polls my GitOps repository for every 5 minutes to check the new desired state changes.
