How Gitops Workflow fits into a Paperclip company.

Gitops Workflow drops into any Paperclip agent that handles this kind of work. Assign it to a specialist inside a pre-configured PaperclipOrg company and the skill becomes available on every heartbeat — no prompt engineering, no tool wiring.

SaaS FactoryPaired

Pre-configured AI company — 18 agents, 18 skills, one-time purchase.

$27$59

Explore pack

Source file

SKILL.md289 linesmarkdown

Expand

1---2name: gitops-workflow3description: Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes deployments with continuous reconciliation. Use when implementing GitOps practices, automating Kubernetes deployments, or setting up declarative infrastructure management.4---5 6# GitOps Workflow7 8Complete guide to implementing GitOps workflows with ArgoCD and Flux for automated Kubernetes deployments.9 10## Purpose11 12Implement declarative, Git-based continuous delivery for Kubernetes using ArgoCD or Flux CD, following OpenGitOps principles.13 14## When to Use This Skill15 16- Set up GitOps for Kubernetes clusters17- Automate application deployments from Git18- Implement progressive delivery strategies19- Manage multi-cluster deployments20- Configure automated sync policies21- Set up secret management in GitOps22 23## OpenGitOps Principles24 251. **Declarative** - Entire system described declaratively262. **Versioned and Immutable** - Desired state stored in Git273. **Pulled Automatically** - Software agents pull desired state284. **Continuously Reconciled** - Agents reconcile actual vs desired state29 30## ArgoCD Setup31 32### 1. Installation33 34```bash35# Create namespace36kubectl create namespace argocd37 38# Install ArgoCD39kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml40 41# Get admin password42kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d43```44 45**Reference:** See `references/argocd-setup.md` for detailed setup46 47### 2. Repository Structure48 49```50gitops-repo/51├── apps/52│   ├── production/53│   │   ├── app1/54│   │   │   ├── kustomization.yaml55│   │   │   └── deployment.yaml56│   │   └── app2/57│   └── staging/58├── infrastructure/59│   ├── ingress-nginx/60│   ├── cert-manager/61│   └── monitoring/62└── argocd/63    ├── applications/64    └── projects/65```66 67### 3. Create Application68 69```yaml70# argocd/applications/my-app.yaml71apiVersion: argoproj.io/v1alpha172kind: Application73metadata:74  name: my-app75  namespace: argocd76spec:77  project: default78  source:79    repoURL: https://github.com/org/gitops-repo80    targetRevision: main81    path: apps/production/my-app82  destination:83    server: https://kubernetes.default.svc84    namespace: production85  syncPolicy:86    automated:87      prune: true88      selfHeal: true89    syncOptions:90      - CreateNamespace=true91```92 93### 4. App of Apps Pattern94 95```yaml96apiVersion: argoproj.io/v1alpha197kind: Application98metadata:99  name: applications100  namespace: argocd101spec:102  project: default103  source:104    repoURL: https://github.com/org/gitops-repo105    targetRevision: main106    path: argocd/applications107  destination:108    server: https://kubernetes.default.svc109    namespace: argocd110  syncPolicy:111    automated: {}112```113 114## Flux CD Setup115 116### 1. Installation117 118```bash119# Install Flux CLI120curl -s https://fluxcd.io/install.sh | sudo bash121 122# Bootstrap Flux123flux bootstrap github \124  --owner=org \125  --repository=gitops-repo \126  --branch=main \127  --path=clusters/production \128  --personal129```130 131### 2. Create GitRepository132 133```yaml134apiVersion: source.toolkit.fluxcd.io/v1135kind: GitRepository136metadata:137  name: my-app138  namespace: flux-system139spec:140  interval: 1m141  url: https://github.com/org/my-app142  ref:143    branch: main144```145 146### 3. Create Kustomization147 148```yaml149apiVersion: kustomize.toolkit.fluxcd.io/v1150kind: Kustomization151metadata:152  name: my-app153  namespace: flux-system154spec:155  interval: 5m156  path: ./deploy157  prune: true158  sourceRef:159    kind: GitRepository160    name: my-app161```162 163## Sync Policies164 165### Auto-Sync Configuration166 167**ArgoCD:**168 169```yaml170syncPolicy:171  automated:172    prune: true # Delete resources not in Git173    selfHeal: true # Reconcile manual changes174    allowEmpty: false175  retry:176    limit: 5177    backoff:178      duration: 5s179      factor: 2180      maxDuration: 3m181```182 183**Flux:**184 185```yaml186spec:187  interval: 1m188  prune: true189  wait: true190  timeout: 5m191```192 193**Reference:** See `references/sync-policies.md`194 195## Progressive Delivery196 197### Canary Deployment with ArgoCD Rollouts198 199```yaml200apiVersion: argoproj.io/v1alpha1201kind: Rollout202metadata:203  name: my-app204spec:205  replicas: 5206  strategy:207    canary:208      steps:209        - setWeight: 20210        - pause: { duration: 1m }211        - setWeight: 50212        - pause: { duration: 2m }213        - setWeight: 100214```215 216### Blue-Green Deployment217 218```yaml219strategy:220  blueGreen:221    activeService: my-app222    previewService: my-app-preview223    autoPromotionEnabled: false224```225 226## Secret Management227 228### External Secrets Operator229 230```yaml231apiVersion: external-secrets.io/v1beta1232kind: ExternalSecret233metadata:234  name: db-credentials235spec:236  refreshInterval: 1h237  secretStoreRef:238    name: aws-secrets-manager239    kind: SecretStore240  target:241    name: db-credentials242  data:243    - secretKey: password244      remoteRef:245        key: prod/db/password246```247 248### Sealed Secrets249 250```bash251# Encrypt secret252kubeseal --format yaml < secret.yaml > sealed-secret.yaml253 254# Commit sealed-secret.yaml to Git255```256 257## Best Practices258 2591. **Use separate repos or branches** for different environments2602. **Implement RBAC** for Git repositories2613. **Enable notifications** for sync failures2624. **Use health checks** for custom resources2635. **Implement approval gates** for production2646. **Keep secrets out of Git** (use External Secrets)2657. **Use App of Apps pattern** for organization2668. **Tag releases** for easy rollback2679. **Monitor sync status** with alerts26810. **Test changes** in staging first269 270## Troubleshooting271 272**Sync failures:**273 274```bash275argocd app get my-app276argocd app sync my-app --prune277```278 279**Out of sync status:**280 281```bash282argocd app diff my-app283argocd app sync my-app --force284```285 286## Related Skills287 288- `k8s-manifest-generator` - For creating manifests289- `helm-chart-scaffolding` - For packaging applications

Related skills

Accessibility Compliance

This walks you through implementing proper WCAG 2.2 compliance with real code patterns for screen readers, keyboard navigation, and mobile accessibility. It cov

Airflow Dag Patterns

If you're building data pipelines with Airflow, this skill gives you production-ready DAG patterns that actually work in the real world. It covers TaskFlow API

Angular Migration

Migrating from AngularJS to Angular is notoriously painful, and this skill tackles the practical stuff that makes or breaks these projects. It covers hybrid app