DiscordSign up
SKILLS.SH

gitops-workflow

Declarative, Git-based continuous delivery for Kubernetes using ArgoCD or Flux CD. Supports both ArgoCD and Flux CD with installation, configuration, and repository structure guidance for each Covers core GitOps patterns including App of Apps, automated sync policies with pruning and self-healing, and progressive delivery strategies (canary, blue-green) Includes secret management approaches using External Secrets Operator and Sealed Secrets to keep credentials out of Git Provides sync policy configuration, troubleshooting commands, and ten best practices for production GitOps workflows

INSTALLATION
npx skills add https://github.com/wshobson/agents --skill gitops-workflow
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

GitOps Workflow

Complete guide to implementing GitOps workflows with ArgoCD and Flux for automated Kubernetes deployments.

Purpose

Implement declarative, Git-based continuous delivery for Kubernetes using ArgoCD or Flux CD, following OpenGitOps principles.

When to Use This Skill

  • Set up GitOps for Kubernetes clusters
  • Automate application deployments from Git
  • Implement progressive delivery strategies
  • Manage multi-cluster deployments
  • Configure automated sync policies
  • Set up secret management in GitOps

OpenGitOps Principles

  • Declarative - Entire system described declaratively
  • Versioned and Immutable - Desired state stored in Git
  • Pulled Automatically - Software agents pull desired state
  • Continuously Reconciled - Agents reconcile actual vs desired state

ArgoCD Setup

1. Installation

# Create namespace

kubectl create namespace argocd

# Install ArgoCD

kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# Get admin password

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

Reference: See references/argocd-setup.md for detailed setup

2. Repository Structure

gitops-repo/

├── apps/

│   ├── production/

│   │   ├── app1/

│   │   │   ├── kustomization.yaml

│   │   │   └── deployment.yaml

│   │   └── app2/

│   └── staging/

├── infrastructure/

│   ├── ingress-nginx/

│   ├── cert-manager/

│   └── monitoring/

└── argocd/

    ├── applications/

    └── projects/

3. Create Application

# argocd/applications/my-app.yaml

apiVersion: argoproj.io/v1alpha1

kind: Application

metadata:

  name: my-app

  namespace: argocd

spec:

  project: default

  source:

    repoURL: https://github.com/org/gitops-repo

    targetRevision: main

    path: apps/production/my-app

  destination:

    server: https://kubernetes.default.svc

    namespace: production

  syncPolicy:

    automated:

      prune: true

      selfHeal: true

    syncOptions:

      - CreateNamespace=true

4. App of Apps Pattern

apiVersion: argoproj.io/v1alpha1

kind: Application

metadata:

  name: applications

  namespace: argocd

spec:

  project: default

  source:

    repoURL: https://github.com/org/gitops-repo

    targetRevision: main

    path: argocd/applications

  destination:

    server: https://kubernetes.default.svc

    namespace: argocd

  syncPolicy:

    automated: {}

Flux CD Setup

1. Installation

# Install Flux CLI

curl -s https://fluxcd.io/install.sh | sudo bash

# Bootstrap Flux

flux bootstrap github \

  --owner=org \

  --repository=gitops-repo \

  --branch=main \

  --path=clusters/production \

  --personal

2. Create GitRepository

apiVersion: source.toolkit.fluxcd.io/v1

kind: GitRepository

metadata:

  name: my-app

  namespace: flux-system

spec:

  interval: 1m

  url: https://github.com/org/my-app

  ref:

    branch: main

3. Create Kustomization

apiVersion: kustomize.toolkit.fluxcd.io/v1

kind: Kustomization

metadata:

  name: my-app

  namespace: flux-system

spec:

  interval: 5m

  path: ./deploy

  prune: true

  sourceRef:

    kind: GitRepository

    name: my-app

Sync Policies

Auto-Sync Configuration

ArgoCD:

syncPolicy:

  automated:

    prune: true # Delete resources not in Git

    selfHeal: true # Reconcile manual changes

    allowEmpty: false

  retry:

    limit: 5

    backoff:

      duration: 5s

      factor: 2

      maxDuration: 3m

Flux:

spec:

  interval: 1m

  prune: true

  wait: true

  timeout: 5m

Reference: See references/sync-policies.md

Progressive Delivery

Canary Deployment with ArgoCD Rollouts

apiVersion: argoproj.io/v1alpha1

kind: Rollout

metadata:

  name: my-app

spec:

  replicas: 5

  strategy:

    canary:

      steps:

        - setWeight: 20

        - pause: { duration: 1m }

        - setWeight: 50

        - pause: { duration: 2m }

        - setWeight: 100

Blue-Green Deployment

strategy:

  blueGreen:

    activeService: my-app

    previewService: my-app-preview

    autoPromotionEnabled: false

Secret Management

External Secrets Operator

apiVersion: external-secrets.io/v1beta1

kind: ExternalSecret

metadata:

  name: db-credentials

spec:

  refreshInterval: 1h

  secretStoreRef:

    name: aws-secrets-manager

    kind: SecretStore

  target:

    name: db-credentials

  data:

    - secretKey: password

      remoteRef:

        key: prod/db/password

Sealed Secrets

# Encrypt secret

kubeseal --format yaml < secret.yaml > sealed-secret.yaml

# Commit sealed-secret.yaml to Git

Best Practices

  • Use separate repos or branches for different environments
  • Implement RBAC for Git repositories
  • Enable notifications for sync failures
  • Use health checks for custom resources
  • Implement approval gates for production
  • Keep secrets out of Git (use External Secrets)
  • Use App of Apps pattern for organization
  • Tag releases for easy rollback
  • Monitor sync status with alerts
  • Test changes in staging first

Troubleshooting

Sync failures:

argocd app get my-app

argocd app sync my-app --prune

Out of sync status:

argocd app diff my-app

argocd app sync my-app --force

Related Skills

  • k8s-manifest-generator - For creating manifests
  • helm-chart-scaffolding - For packaging applications
BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card