I'm relatively new to ArgoCD and Kubernetes, and I'm looking for some guidance on best practices for managing my Git repository while using ArgoCD. My setup involves using Kustomize, where I have a base directory with overlays for dev, staging, and production environments. I'm utilizing the ArgoCD Image Updater, although I'm considering switching to Kargo. The idea is to auto-sync the dev environment, but perform manual syncs for staging and production.
My main question is, what's the best way to promote changes from dev to staging and then to production? For instance, if I make a change to a ConfigMap in the dev environment, how do I safely replicate that change to staging? Should I copy the ConfigMap from dev to staging overlays? After testing in staging, do I then copy it again for production and manually sync? Also, how does this workflow integrate with the Image Updater or Kargo, especially if the new ConfigMap depends on specific image tags that could break older versions? Any insights would be greatly appreciated!
5 Answers
We run our tests and promotions automatically for everything until just before production. The last step is a manual sync to ensure everything is thoroughly validated.
In my pipeline, I automate the image build process, which updates the Kustomization overlay for the new image tag and commits this back to the repo. Since I'm not using 'latest' tags, ArgoCD detects the changes and auto syncs accordingly, making the Image Updater unnecessary in my case.
You might want to create separate ArgoCD applications for each environment. This way, each can sync its own instance or Kustomization separately. Set up Argo Workflows to handle deployments on each push, with a confirmation step before going to production. If you're using trunk-based development, it's crucial to have automated tests and checks in your workflow.
If you're leaning towards Kustomize, take a look at the ArgoCD Autopilot. It simplifies the setup and management of your applications. Check it out here: argocd-autopilot.readthedocs.io/en/stable/
Consider using the app-of-apps pattern for better management between your environments. I do the same with my ArgoCD setup using Kustomize. I write my base configuration and reference it in the dev overlay for testing. Once I'm satisfied with the changes, I move them to the production overlay. It's wise to keep auto-sync for dev and manual sync for production, as this reduces the chance of deploying untested changes.
Exactly, app-of-apps is super helpful for organizing multiple environments!