DevOps by Default Blog

accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes
linux logging mariadb mfa monitoring mount multi-tenancy mysql network networking ntfs observability open-source opentofu operations otrs performance platform-engineering playwright plugins postgresql prometheus quality repo ruby
scripting secrets security sigstore slsa sql supply-chain sustainability tailwind terraform terraform101 testing themes ticketing tutorial ux vault vulnerabilities wasm windows workflow year-review yum
accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes
linux logging mariadb mfa monitoring mount multi-tenancy mysql network networking ntfs observability open-source opentofu operations otrs performance platform-engineering playwright plugins postgresql prometheus quality repo ruby
scripting secrets security sigstore slsa sql supply-chain sustainability tailwind terraform terraform101 testing themes ticketing tutorial ux vault vulnerabilities wasm windows workflow year-review yum
accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes

GitOps with ArgoCD: Making Kubernetes Declarative

352 words · 2 min read

After years of imperative deployment scripts and kubectl commands in CI pipelines, we adopted GitOps. The shift was more cultural than technical, and the benefits exceeded expectations.

The Problem

Deployment scripts grew organically. Each application had slight variations. Some used Helm, others Kustomize, a few just raw manifests. CI pipelines became deployment engines—complex, stateful, and difficult to debug.

Drift was constant. Someone would kubectl apply a hotfix directly. Another would scale a deployment manually and forget to update the manifests. The running state diverged from what Git described. Nobody knew the actual configuration anymore.

Rollbacks were nerve-wracking. Which commit was production running before? Did the rollback need the same environment variables that existed then? The deployment script might have changed since.

Our Solution

ArgoCD became our deployment engine. It watches Git repositories and reconciles cluster state to match. No deployment scripts, no kubectl in CI, no imperative commands.

Application manifests in Git became the single source of truth. Want to know what’s running in production? Read the main branch. Want to deploy? Open a pull request.

Sync policies control automation level. Some applications auto-sync—merge to main, and they deploy. Others require manual sync for additional human review. Production environments typically need explicit approval.

Health checks and rollback are built-in. ArgoCD understands Kubernetes health. If a deployment fails its readiness probe, the sync shows degraded status. Rolling back means reverting a Git commit.

Multi-cluster management from a single ArgoCD instance. One dashboard shows all environments, all applications, all sync statuses.

The Benefits

Deployments became boring—reliably boring. Merge the PR, watch the sync, confirm health. No surprises, no variations between environments.

Audit trails are complete. Git history shows who changed what, when, and why. Compliance reviews became straightforward: “Here’s the Git log for production changes.”

Drift disappeared. ArgoCD continuously reconciles. Manual changes get reverted. The cluster matches Git, always.

Developer experience improved. They don’t need cluster credentials to deploy. They don’t need to understand the deployment machinery. They update manifests and open PRs.

GitOps isn’t just a deployment strategy. It’s a forcing function for good practices: infrastructure as code, peer review, and immutable deployments.

Copyright © 2026 Gibbsoft Ltd. Company No. 06514595 registered in England. VAT No. 178377753.