A comprehensive GitOps demonstration using ArgoCD, Kustomize, and GitHub Actions to showcase automated Kubernetes deployments.
This repository contains a complete GitOps setup demonstrating how to deploy and manage applications using ArgoCD and Kustomize. The project uses a Batman-themed Flask application to make learning GitOps concepts engaging and memorable.
Developer → GitHub → GitHub Actions (CI) → ArgoCD (CD) → K3s Cluster
- GitHub: Source code and GitOps repository
- GitHub Actions: Automated CI pipeline (build, test, push images)
- ArgoCD: GitOps continuous delivery
- Kustomize: Configuration management for multiple environments
- K3s: Lightweight Kubernetes cluster
- Ubuntu/Linux server (tested on Ubuntu 22.04)
- Docker
- Git
- kubectl
- At least 2GB RAM and 2 CPU cores
batman-colpetty-demo/
├── app/ # Flask application
│ ├── app.py # Batman-themed web app
│ ├── Dockerfile # Multi-platform container build
│ └── requirements.txt # Python dependencies
├── k8s-manifests/ # Kubernetes configurations
│ ├── base/ # Common configurations
│ │ ├── kustomization.yaml
│ │ ├── deployment.yaml
│ │ ├── service.yaml
│ │ └── configmap.yaml
│ └── overlays/ # Environment-specific configs
│ ├── staging/
│ │ ├── kustomization.yaml
│ │ └── replica-patch.yaml
│ └── production/
│ ├── kustomization.yaml
│ └── replica-patch.yaml
├── .github/workflows/ # CI/CD automation
│ └── ci-cd.yaml # GitHub Actions workflow
├── argocd/ # ArgoCD application configs
│ └── application.yaml # ArgoCD application definitions
└── README.md # This file
# Install K3s
curl -sfL https://get.k3s.io | sh -
# Configure kubectl for regular user
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $(id -u):$(id -g) ~/.kube/config
# Verify cluster is running
kubectl get nodes# Create ArgoCD namespace
kubectl create namespace argocd
# Install ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Wait for ArgoCD to be ready
kubectl wait --for=condition=available --timeout=300s deployment/argocd-server -n argocd
# Get initial admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo# Port forward ArgoCD server (run in background)
kubectl port-forward svc/argocd-server -n argocd 8080:443 &
# Access ArgoCD at: http://localhost:8080
# Username: admin
# Password: (from step 2 above)# Clone this repository
git clone https://github.com/YOUR_USERNAME/batman-colpetty-demo.git
cd batman-colpetty-demo
# Update ArgoCD application configuration
# Edit argocd/application.yaml and replace YOUR_USERNAME with your GitHub username
# Deploy ArgoCD applications
kubectl apply -f argocd/application.yaml
# Check application status
kubectl get applications -n argocd# Port forward the application
kubectl port-forward svc/colpetty-guardian-service -n colpetty-staging 3000:80
# Access the app at: http://localhost:3000Common resources shared across all environments:
- Deployment template
- Service configuration
- ConfigMap with default values
Staging Environment:
- 1 replica for resource efficiency
- Debug logging enabled
- Development-specific configurations
Production Environment:
- 3 replicas for high availability
- Optimized logging
- Production-specific configurations
# Update staging replica count
cd k8s-manifests/overlays/staging
kustomize edit set replicas colpetty-guardian=2
# Update production image
cd ../production
kustomize edit set image batman-app=ghcr.io/your-username/batman-colpetty-demo:v2.0.0
# Preview changes
kustomize build .The GitHub Actions workflow automatically:
- Builds multi-platform Docker images (AMD64/ARM64)
- Pushes images to GitHub Container Registry
- Updates Kustomize image references
- Commits changes back to the repository
- Triggers ArgoCD sync automatically
# Make a change to the application
echo "# Updated for demo" >> app/README.md
# Commit and push
git add app/
git commit -m "Update Batman app for demo"
git push origin main
# Watch the magic happen:
# 1. GitHub Actions builds new image
# 2. Updates k8s-manifests/
# 3. ArgoCD detects changes
# 4. Syncs to cluster automatically# View ArgoCD applications
kubectl get applications -n argocd
# Check pod status
kubectl get pods -n colpetty-staging
kubectl get pods -n colpetty-production
# View application logs
kubectl logs -l app=colpetty-guardian -n colpetty-staging
# Check recent events
kubectl get events -n colpetty-staging --sort-by='.lastTimestamp'# Install ArgoCD CLI
curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
chmod +x /usr/local/bin/argocd
# Login
argocd login localhost:8080 --username admin --password YOUR_PASSWORD --insecure
# View applications
argocd app list
# Sync application manually
argocd app sync colpetty-guardian-staging- Make code changes
- Push to GitHub
- Watch GitHub Actions build
- Observe ArgoCD sync
- Verify application update
# Simulate bad deployment
cd k8s-manifests/overlays/staging
kustomize edit set image batman-app=nginx:fake-malicious-tag
git add . && git commit -m "Joker attack!" && git push
# Watch failure in ArgoCD UI and kubectl
# Quick rollback
git revert HEAD --no-edit && git push
# Watch automatic recovery# Scale production for high traffic
cd k8s-manifests/overlays/production
kustomize edit set replicas colpetty-guardian=5
git add . && git commit -m "Scale for Penguin's traffic spike" && git push
# Watch pods scale up automatically
kubectl get pods -n colpetty-production -wArgoCD Application Not Syncing:
# Check application status
kubectl describe application colpetty-guardian-staging -n argocd
# Force refresh
kubectl patch application colpetty-guardian-staging -n argocd --type merge -p='{"spec":{"source":{"targetRevision":"HEAD"}}}'Image Pull Errors:
# Check if images exist in registry
# Go to: https://github.com/YOUR_USERNAME/batman-colpetty-demo/pkgs/container/batman-colpetty-demo
# Verify image references in kustomization
cat k8s-manifests/overlays/staging/kustomization.yaml | grep imagePort Forward Issues:
# Kill existing port forwards
pkill -f "kubectl port-forward"
# Use different ports
kubectl port-forward svc/argocd-server -n argocd 8081:443
kubectl port-forward svc/colpetty-guardian-service -n colpetty-staging 3001:80# Check cluster status
kubectl get nodes
kubectl get pods --all-namespaces
# Check ArgoCD status
kubectl get pods -n argocd
kubectl logs -f deployment/argocd-server -n argocd
# Check application resources
kubectl get all -n colpetty-staging
kubectl describe deployment colpetty-guardian -n colpetty-staging# Remove applications
kubectl delete -f argocd/application.yaml
# Remove ArgoCD
kubectl delete namespace argocd
# Remove application namespaces
kubectl delete namespace colpetty-staging colpetty-production
# Uninstall K3s (optional)
sudo /usr/local/bin/k3s-uninstall.sh- Declarative: Everything defined in Git
- Auditable: Complete change history
- Reversible: Easy rollbacks with Git
- Secure: Pull-based deployments
- Scalable: Multi-cluster management
- Automated Sync: Continuous deployment
- Health Monitoring: Application status tracking
- Web UI: Visual deployment management
- RBAC: Role-based access control
- Hooks: Pre/post deployment actions
- Fork the repository
- Create a feature branch
- Make your changes
- Test with your K3s cluster
- Submit a pull request
- Never commit secrets to Git
- Use Sealed Secrets or external secret management
- Implement proper RBAC in ArgoCD
- Regularly update base images and dependencies
- Monitor for security vulnerabilities
MIT License - Feel free to use this for learning and demonstrations.
- GitHub: @kaveeshag
- Website: https://kaveeshagimhana.com
- Email: uakaveeshagimhana@gmail.com
Remember: With great power comes great responsibility... to automate your deployments properly! 🦇