gitops-workflows

仓库: nickcrew/claude-ctx-plugin
安装量: 35
排名: #19838

安装

npx skills add https://github.com/nickcrew/claude-ctx-plugin --skill gitops-workflows

GitOps Workflows

Expert guidance for implementing production-grade GitOps workflows using ArgoCD and Flux CD, covering declarative deployment patterns, progressive delivery strategies, multi-environment management, and secure secret handling for Kubernetes infrastructure.

When to Use This Skill Implementing GitOps principles for Kubernetes deployments Automating continuous delivery from Git repositories Managing multi-cluster or multi-environment deployments Implementing progressive delivery (canary, blue-green) strategies Configuring automated sync policies and reconciliation Managing secrets securely in GitOps workflows Setting up environment promotion workflows Designing repository structures for GitOps (monorepo vs multi-repo) Implementing rollback strategies and disaster recovery Establishing compliance and audit trails through Git Core Concepts The Four Principles Declarative: Entire system state expressed in code Versioned: Canonical state stored in Git with full history Pulled Automatically: Agents pull desired state (no push to prod) Continuously Reconciled: Automatic drift detection and correction Key Benefits Complete deployment history and audit trail Fast rollback via Git operations Enhanced security (no cluster credentials in CI) Self-healing infrastructure Multi-cluster consistency Familiar Git workflows for infrastructure changes Quick Reference Task Load reference GitOps principles and benefits skills/gitops-workflows/references/core-principles.md Repository structure patterns (monorepo, multi-repo, branches) skills/gitops-workflows/references/repository-structures.md ArgoCD setup, Applications, ApplicationSets skills/gitops-workflows/references/argocd-implementation.md Flux bootstrap, sources, Kustomizations, HelmReleases skills/gitops-workflows/references/flux-implementation.md Environment promotion strategies skills/gitops-workflows/references/environment-promotion.md Secret management (Sealed Secrets, ESO, SOPS) skills/gitops-workflows/references/secret-management.md Progressive delivery (canary, blue-green) skills/gitops-workflows/references/progressive-delivery.md Rollback strategies and disaster recovery skills/gitops-workflows/references/rollback-strategies.md Best practices and patterns skills/gitops-workflows/references/best-practices.md Workflow Steps 1. Choose Repository Structure

Decision factors:

Team size and organization structure Application coupling and dependencies Access control requirements Deployment frequency and independence

Options:

Monorepo: Single repo, unified platform teams, shared infrastructure Multi-repo: Separate repos per app/team, independent release cycles Environment branches: Git flow style, simple mental model 2. Select GitOps Tool

ArgoCD:

UI-focused with visual application management App of Apps pattern for hierarchical deployments ApplicationSets for multi-cluster deployments Strong RBAC and project isolation

Flux:

CLI-first, GitOps Toolkit architecture Native Kustomize and Helm support Automated image updates Lighter weight, cloud-native 3. Configure Secret Management

Never commit unencrypted secrets to Git

Options:

Sealed Secrets: Client-side encryption, simple workflow External Secrets Operator: Sync from external secret stores (AWS, Vault, GCP) SOPS: File-based encryption with age or cloud KMS 4. Implement Sync Policies

Non-production environments:

Automated sync with prune and selfHeal Frequent reconciliation (1-5 minutes) Fail fast with immediate feedback

Production environments:

Manual approval or gated automation Health checks and wait conditions Progressive delivery for high-risk changes Sync windows for maintenance periods 5. Set Up Environment Promotion

Promotion strategies:

Git-based: Tag or branch promotion with Git operations Kustomize overlays: Update image tags in environment-specific overlays Automated updates: Flux ImageUpdateAutomation for semver policies 6. Configure Progressive Delivery

For high-risk changes:

ArgoCD Rollouts: Canary deployments with automated analysis Flagger: Progressive delivery with metric-based promotion Traffic shifting with Istio or other service mesh Automated rollback on failed analysis 7. Establish Rollback Procedures

Git rollback:

git revert for specific commits Tag-based rollback by updating targetRevision Fast and declarative

Tool-specific:

ArgoCD: argocd app rollback with revision history Flux: Suspend automation, manual rollback, resume Common Mistakes Committing unencrypted secrets - Always use secret management solution No automated sync in non-prod - Slows development feedback Automated sync in production without gates - High risk of breaking changes Ignoring drift detection - Manual changes should be reconciled or alerted No health checks - Sync succeeds but app is unhealthy Missing dependency ordering - Apps deploy before infrastructure ready No rollback testing - Discover issues during actual incidents Inconsistent environments - Staging differs too much from production No promotion testing - Manual errors during environment promotion Weak RBAC - Too many permissions for GitOps service accounts Resources OpenGitOps: https://opengitops.dev/ ArgoCD Documentation: https://argo-cd.readthedocs.io/ Flux Documentation: https://fluxcd.io/docs/ ArgoCD Rollouts: https://argoproj.github.io/argo-rollouts/ Flagger: https://docs.flagger.app/ External Secrets Operator: https://external-secrets.io/ Sealed Secrets: https://github.com/bitnami-labs/sealed-secrets SOPS: https://github.com/mozilla/sops

返回排行榜