K8sCalc

kubernetes

ArgoCD Application Generator

Generate an ArgoCD Application manifest for GitOps deployments. Supports directory, Kustomize, and Helm chart sources with automated or manual sync policies.

ArgoCD GitOps Patterns

ArgoCD continuously reconciles your cluster state with Git. The Application CRD is the core abstraction — it links a Git source to a cluster destination.

Sync Waves

Control the order resources are applied using annotations:

yaml
metadata:
  annotations:
    argocd.argoproj.io/sync-wave: "1"  # lower = earlier

Typical order: Namespace (wave -1) → CRDs (wave 0) → Deployments (wave 1) → Ingress (wave 2).

Health Checks

ArgoCD has built-in health checks for Deployments, StatefulSets, PVCs, etc. For custom resources, define a Lua health check:

yaml
resource.customizations.health.argoproj.io_Application: |
  hs = {}
  if obj.status ~= nil then
    if obj.status.health.status == "Healthy" then
      hs.status = "Healthy"
    end
  end
  return hs

Image Updater

ArgoCD Image Updater watches a container registry and automatically updates the image tag in Git when a new version is pushed — completing the CI/CD loop without manual intervention.

Frequently Asked Questions

What does the ArgoCD finalizer do?

The resources-finalizer.argocd.argoproj.io finalizer tells ArgoCD to delete all managed Kubernetes resources when the Application is deleted. Without it, deleting the Application in ArgoCD leaves all the deployed resources running in the cluster (orphaned). Always include it in production.

What's the difference between selfHeal and prune?

selfHeal: ArgoCD watches the cluster and reverts manual changes (kubectl edit, kubectl apply) to match Git. prune: when you delete a resource from Git, ArgoCD deletes it from the cluster. Both default to false for safety — enable both for full GitOps discipline.

How do I manage secrets with ArgoCD?

ArgoCD doesn't manage secrets directly — store encrypted secrets in Git using Sealed Secrets or SOPS, or use External Secrets Operator to pull secrets from Vault/AWS SSM. Never store plaintext secrets in your GitOps repo.

What is the App of Apps pattern?

Instead of creating ArgoCD Applications manually, create one 'root' Application that points to a folder containing other Application manifests. ArgoCD deploys the root, which then deploys all child apps. This lets you manage an entire cluster's applications from a single Git repository.