awesome-kubernetes/v2-docs/argo.md

Argo

!!! info "Architectural Context" Detailed reference for Argo in the context of Engineering Pipeline.

Application Delivery

GitOps

AWS EKS

• (2023) dev.to/devsatasurion: Deploying Applications with GitHub Actions and ArgoCD to EKS: Best Practices and Techniques 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Walkthrough for building a secure deployment pipeline connecting GitHub Actions, Argo CD, and AWS EKS. Live Grounding: Focuses on modern identity protocols like OIDC for IAM role assumption, minimizing the need for static credentials inside CI/CD workflows, and boosting security posture.

Architectural Patterns

• (2023) akuity.io: How many do you need? - Argo CD Architectures Explained [ADVANCED LEVEL] 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: Compares and contrasts different deployment topologies for Argo CD, including mono-cluster, hub-and-spoke, and fully decentralized models. Live Grounding: Essential for cloud architects designing multi-tenant platforms, detailing scaling limits, networking requirements, and blast radius control for high-scale GitOps systems.

Argo CD ApplicationSet

• (2024) ==argoproj-labs/applicationset: Argo CD ApplicationSet Controller== ⭐ 583 [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Curator Insight: The standard orchestrator that extends Argo CD to support multicluster application distribution templates. Live Grounding: Key component that processes multi-source configurations, automates environment scaling, and drastically reduces the maintenance overhead of managing distinct Application manifests.
• (2024) developers.redhat.com: Enhance Kubernetes deployment efficiency with Argo CD and ApplicationSet 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: An authoritative Red Hat guide detailing the features and performance metrics of the Argo CD ApplicationSet controller. Live Grounding: Outlines practical implementations of Git, List, and Matrix generators to deploy standardized applications to hundreds of target environments using declarative, single-file templates.

Bootstrapping

• (2024) ==argoproj-labs/argocd-autopilot: Argo-CD Autopilot== ⭐ 1117 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Curator Insight: An official Argo project opinionated tool designed to structure, install, and update Argo CD setups automatically. Live Grounding: Uses a clean directory structure separating infrastructure from application manifests, enabling rapid multi-project bootstrap with built-in version tracking and disaster recovery features.

CI-CD Integration

• (2023) dev.to: Extending GitOps: Effortless continuous integration and deployment on Kubernetes 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Examines the convergence of Continuous Integration (CI) and GitOps (CD) loops on Kubernetes clusters. Live Grounding: Covers the integration of automated code generation tools like Amplication with declarative Kubernetes pipelines, simplifying lifecycle paths from commit to live release.

Infrastructure as Code

• (2023) seraf.dev: ArgoCD Tutorial — (with Terraform) 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Illustrates the bootstrap process of Argo CD onto a Kubernetes cluster utilizing the Terraform Helm provider. Live Grounding: Highlights the orchestration boundary between infrastructure provisioning and application GitOps adoption, establishing a reliable continuous delivery baseline.

Multi-Cluster

• (2022) piotrminkowski.com: Manage Multiple Kubernetes Clusters with ArgoCD 🌟 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: Hands-on walk-through for registering and managing multiple target Kubernetes clusters via a single control-plane Argo CD instance. Live Grounding: Provides practical manifests and CLI examples to manage cluster resources and application distributions efficiently across hybrid cloud boundaries.

Operator Lifecycle

• (2023) piotrminkowski.com: Manage Kubernetes Operators with ArgoCD [ADVANCED LEVEL] 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Practical analysis of orchestrating Operator lifecycles and Custom Resource Definitions (CRDs) inside Argo CD synchronization loops. Live Grounding: Explores strategies to prevent the typical race conditions and out-of-sync loops that happen when Argo CD manages system Operators alongside application manifests.

Plugins

• (2024) github.com/crumbhole/argocd-lovely-plugin: argocd-lovely-plugin ⭐ 487 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: A highly flexible custom config management plugin (CMP) for Argo CD designed to combine Helm, Kustomize, and raw YAML seamlessly. Live Grounding: Solves the 'nested tooling' dilemma by processing multiple layers of templating without resorting to complex shell scripts inside the repo, simplifying enterprise GitOps chains.

Reference Architectures

• (2021) github.com/myspotontheweb/gitops-workloads-demo 🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Comprehensive demo repository showcasing real-world GitOps workload configurations, structuring apps and infra dependencies. Live Grounding: Excellent structural blueprint for organizing multi-tenant environments, demonstrating how to decouple cluster-wide configurations from individual application manifests.

Secret Management

• (2024) ==argoproj-labs/argocd-vault-plugin== ⭐ 965 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Curator Insight: An indispensable Argo CD plugin built to inject secrets dynamically from HashiCorp Vault, AWS Secrets Manager, or GCP Secret Manager. Live Grounding: Replaces custom templating hacks by decrypting and injecting secret values directly into workloads at synchronization time, ensuring zero plaintext secrets enter the Git repository.
• (2022) dev.to: Argo CD and Sealed Secrets is a perfect match 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Explores the integration of Bitnami Sealed Secrets with Argo CD for safe GitOps secret workflows. Live Grounding: Demonstrates how public cryptography allows storing encrypted secrets safely in Git, which are decrypted only within the target Kubernetes cluster by the Sealed Secrets controller.
• (2021) github.com/crumbhole/argocd-vault-replacer ⭐ 109 🌟🌟 [COMMUNITY-TOOL] — Curator Insight: A specialized replacement utility designed to pull secrets from HashiCorp Vault during the Argo CD rendering phase. Live Grounding: Acts as a lightweight precursor/alternative to full plugin integrations, enabling targeted placeholder substitutions within native Kubernetes manifest streams.

Infrastructure as Code (1)

Terraform Components

• (2024) AWS EKS Argo CD Terraform Component 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Enterprise-ready Terraform submodule designed to deploy, configure, and bootstrap Argo CD onto an existing AWS EKS cluster. Live Grounding: Standardizes complex security configuration flags, integrates smoothly with AWS IAM roles for service accounts (IRSA), and provisions preconfigured Helm-based releases.

Progressive Delivery

Argo Rollouts

• (2026) ==argoproj.github.io/argo-rollouts/== [ADVANCED LEVEL] [DOCUMENTATION] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Curator Insight: Main structural index for implementing automated Canary promotions and instant Rollbacks using Prometheus metrics. Live Grounding: Essential for platform engineers aiming to achieve high-availability delivery paradigms with zero downtime by managing precise traffic routing controls.
• (2023) codefresh.io: Progressive delivery for Kubernetes Config Maps using Argo Rollouts 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Investigates strategies for applying progressive delivery steps directly to Kubernetes ConfigMaps and environment secrets. Live Grounding: Explains how to trigger rollouts upon configuration-only shifts, eliminating the risk of misconfigured environment variables breaking applications silently.
• (2022) infracloud.io: Progressive Delivery with Argo Rollouts : Blue-Green Deployment 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Conceptual and step-by-step technical guide for configuring high-performance Blue-Green deployments with Argo Rollouts. Live Grounding: Explores the implementation of manual approval gates, automated smoke tests, and fallback protocols to transition production workloads safely.
• (2022) infracloud.io: Progressive Delivery with Argo Rollouts: Canary Deployment 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Comprehensive guide analyzing step-based canary traffic weight shifting with Argo Rollouts. Live Grounding: Explains the integration of real-time monitoring query metrics (such as latency or error rate) to trigger automated canary rollbacks when anomalies are discovered.

Traffic Management

• (2023) infracloud.io: How to Setup Blue Green Deployments with DNS Routing 🌟 [ADVANCED LEVEL] 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: Highly technical tutorial showcasing Blue-Green deployment strategies relying on external DNS routing configurations rather than standard Kubernetes Service routing. Live Grounding: Solves edge-case scenarios for non-HTTP traffic, providing patterns for high-performance multi-region workload transitions.

Security

Vulnerabilities

• (2022) threatpost.com: Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers [ADVANCED LEVEL] 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Discloses CVE-2022-24348, a high-severity path traversal flaw allowing unauthorized access to arbitrary cluster repositories in Argo CD. Live Grounding: Essential post-mortem detailing how custom Helm chart parameter configurations bypassed sanity validation, proving the critical need for constant dependency scanning.
• (2022) thehackernews.com: New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps [ADVANCED LEVEL] 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: News analysis of the zero-day path traversal vulnerability in Argo CD's repository rendering process. Live Grounding: Explores structural exploits where malicious manifests loaded by the server could leak other application values, highlighting the immediate need to restrict repository access parameters.
• (2022) armosec.io: CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes [ADVANCED LEVEL] 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Detailed technical analysis of CVE-2022-24348, breaking down the exact mechanism of the path traversal payload. Live Grounding: ARMOSec offers explicit remediation actions, network policy guidance, and best practices to isolate and secure Argo CD controller components against credential theft.
• (2022) infoworld.com: How to protect your Kubernetes infrastructure from the Argo CD vulnerability 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Actionable playbook detailing operational steps to patch and mitigate the path traversal vulnerability in enterprise clusters. Live Grounding: Stresses the significance of continuous configuration auditing, disabling unauthorized repository creation, and using read-only service accounts for the GitOps agent.
• (2022) securityaffairs.co: Argo CD flaw could allow stealing sensitive data from Kubernetes Apps [ADVANCED LEVEL] 🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Coverage of the architectural flaw in Argo CD that exposed critical internal server state and target configuration values. Live Grounding: Emphasizes the risk of multi-tenant environments where shared instances lack sufficient namespace isolation and RBAC constraints, making path traversal exploitation viable.

Workflow Orchestration

Argo Workflows

• (2022) blog.argoproj.io: Architecting Workflows For Reliability [ADVANCED LEVEL] 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: Investigates patterns to ensure high-scale reliability when running millions of tasks inside Argo Workflows. Live Grounding: Analyzes garbage collection strategies, rate limiting, retry policies, and how to scale the underlying workflow-controller Pods to avoid etcd exhaustion.
• (2022) blog.argoproj.io: What’s new in Argo Workflows v3.3 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Outlines the major architectural enhancements and UI features released in Argo Workflows version 3.3. Live Grounding: Highlights key security patches, multi-template updates, and visual enhancements designed to streamline the debugging of complex cloud-native data-processing pipelines.
• (2022) dev.to: The three meanings of "template" in Argo Workflows 🌟🌟🌟 [COMMUNITY-TOOL] — Curator Insight: Decodes the highly overloaded concept of 'templates' inside the Argo Workflows architecture, defining Container, Script, and Resource types. Live Grounding: Provides solid structural patterns for reusable components, enabling platform engineers to build clean, maintainable, and dry workflow definitions.

Security (1)

• (2022) blog.argoproj.io: Practical Argo Workflows Hardening 🌟 [ADVANCED LEVEL] 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: An authoritative security hardening guide designed to lock down Argo Workflows inside shared multi-tenant environments. Live Grounding: Focuses on strict RBAC roles, container security contexts, namespace network policies, and the isolation of high-privilege service accounts to prevent cluster escapes.

Developer Platforms

Platform Engineering

Architectural Strategy

• (2021) dev.to: Towards a Modular DevOps Stack [COMMUNITY-TOOL] — Analyzes the rise of custom developer platforms. Details how standardizing Kubernetes configuration tools builds resilient, decoupled internal cloud services.

GitOps (1)

Continuous Delivery

AWS Ecosystem

• (2021) aws.amazon.com: Cloud Native CI/CD with Tekton and ArgoCD on AWS [ADVANCED LEVEL] [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Describes combined cloud-native continuous integration using Tekton alongside declarative GitOps via Argo CD on AWS, demonstrating a unified high-performance DevOps pipeline.

Architectural Strategy (1)

• (2021) Why and when do you need Argo CD? [COMMUNITY-TOOL] — Strategic evaluation explaining the architectural differences between pushing configurations via CI and pulling them via declarative GitOps operators, positioning Argo CD's reconciliation loops.

Argo CD

• (2026) ==argoproj.github.io: Argo CD - Declarative GitOps for Kubernetes== [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Argo CD is a declarative GitOps engine that automates Kubernetes deployments. By continually matching the live cluster state to git specifications, it guarantees robust security and rapid rollback features.

Argo CD Features

• (2022) blog.argoproj.io: New sync and diff strategies in ArgoCD [ADVANCED LEVEL] [COMMUNITY-TOOL] — Examines advanced diff and sync customization in modern Argo CD versions, clarifying sync waves and resource skip behaviors for complex helm-based applications.

Automation

• (2021) opensource.com: Automatically create multiple applications in Argo CD [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Demonstrates automated resource creation setups in Argo CD. Guides administrators in defining dynamic generators to instantiate isolated tenant clusters without human manual action.

Industry Insights

• (2022) thenewstack.io: Why ArgoCD Is the Lifeline of GitOps [COMMUNITY-TOOL] — An industry report outlining why Argo CD became a central standard for cloud-native delivery, highlighting its UI, multi-cluster reach, and powerful declarative configuration matching.
• (2021) devops.com: The Argo Project: Making GitOps Practical [COMMUNITY-TOOL] — Reviews the strategic goals of the CNCF Argo ecosystem (CD, Workflows, Rollouts, Events), detailing how unified toolchains implement clean production GitOps architectures.

Infrastructure Orchestration

• (2022) piotrminkowski.com: Manage Kubernetes Cluster with Terraform and Argo CD. Create Kakfa Cluster using GitOps 🌟 [ADVANCED LEVEL] [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Detailed guide on using Terraform for primary cloud resources alongside Argo CD for application workloads, presenting a complete hybrid IaC and GitOps blueprint.

Multi-Tenancy

• (2022) blog.argoproj.io: Best Practices for Multi-tenancy in Argo CD [ADVANCED LEVEL] [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Official best practices outlining multi-tenant cluster boundaries in Argo CD, explaining AppProjects configurations to isolate resources and limit cluster access vectors safely.
• (2021) openshift.com: Getting Started with ApplicationSets [ADVANCED LEVEL] [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Introductory guide to Argo CD ApplicationSets. It demonstrates how to templating multi-cluster deployments, generating child resources programmatically from dynamic Git configurations.

Practices

• (2021) thenewstack.io: Applied GitOps with ArgoCD [COMMUNITY-TOOL] — A detailed operational study of applied GitOps. Discusses directory designs, environment divisions, and secrets management when deploying production containers using Argo CD.

Red Hat Ecosystem

• (2021) openshift.com: OpenShift Authentication Integration with ArgoCD [ADVANCED LEVEL] [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Highlights secure integration of OpenShift OAuth mechanisms with Argo CD. Allows platform engineers to enforce central enterprise identities and granular RBAC profiles directly on the gitops console.

Security and Governance

• (2023) datree.io: ArgoCD Best Practices You Should Know [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Datree's policy-as-code guide for Argo CD configurations. Illustrates automatic linting mechanisms inside development environments to filter out schema violations.
• (2021) itnext.io: ArgoCD: users, access, and RBAC [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Security implementation guide for Argo CD. Illustrates custom user accounts, SSO hookups, and high-fidelity policy-based RBAC enforcement for large cloud-native engineering groups.
• (2021) cloud.redhat.com: How to Use ArgoCD Deployments with GitHub Tokens [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Presents security best practices for token management between GitHub and Argo CD deployments, ensuring repository integrations minimize vector attacks.

Tool Evaluation

• (2022) thenewstack.io: GitOps on Kubernetes: Deciding Between Argo CD and Flux [COMMUNITY-TOOL] — A critical analysis of Argo CD versus Flux. Compares Argo CD's visual multi-cluster design against Flux's low-footprint git-reconciling architecture to optimize strategic platform choices.

Tutorials

• (2022) digitalocean.com: How to Deploy to Kubernetes using Argo CD and GitOps [GUIDE] [COMMUNITY-TOOL] [GUIDE] — An easy-to-follow guide from DigitalOcean explaining the deployment of microservices onto managed Kubernetes environments using Argo CD GitOps models.
• (2022) kubebyexample.com: Argo CD Overview 🌟 [COMMUNITY-TOOL] — An educational course from KubeByExample. Explains progressive modules detailing Argo CD setups, manifest synchronizations, and self-healing cluster features.
• (2020) blog.risingstack.com: Argo CD Kubernetes Tutorial [GUIDE] [COMMUNITY-TOOL] [GUIDE] — A detailed step-by-step tutorial introducing Argo CD deployment mechanics. Walks engineers through application creation, manual syncs, and automated reconciliation rules.
• (2020) blog.getambassador.io: GitOps in Kubernetes with ArgoCD [GUIDE] [COMMUNITY-TOOL] [GUIDE] — Details GitOps mechanics using Ambassador Edge Stack for ingress and routing alongside Argo CD, ensuring cluster endpoints synchronize with application status definitions.

Video Tutorials

• (2021) youtube: GitOps with Argo-CD & Kubernetes [COMMUNITY-TOOL] — A structured step-by-step video tutorial covering Argo CD installations, git hook linkages, and real-time reconciliation operations for local cloud deployments.

Event-Driven Automation

Argo Ecosystem

• (2026) ==argoproj.github.io: Argo Events - The Event-driven Workflow Automation Framework== [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Argo Events is an enterprise-grade, event-driven workflow automation framework. It triggers scalable Kubernetes actions from diverse external inputs (webhooks, storage, message queues), serving as a crucial modern CI/CD cornerstone.

GitOps and Continuous Delivery

GitOps (2)

Argo CD (1)

• (2025) ==feat(ui): Add AppSet to Application Resource Tree in Argo CD== ⭐ 22950 [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — The official GitHub pull request introducing ApplicationSet rendering directly inside the Argo CD UI Resource Tree. This highly demanded improvement provides cluster administrators with superior visibility into generated application topologies and dependencies directly from the dashboard.

Platform Engineering (1)

Internal Developer Platforms

Argo CD (2)

• (2023) itnext.io: Build a Lightweight Internal Developer Platform with Argo CD and Kubernetes Labels 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — Curator Insight: Proposes an innovative model for constructing a lightweight IDP by utilizing simple Kubernetes label configurations mapped to Argo CD ApplicationSets. Live Grounding: Demonstrates how platform teams can abstract direct Kubernetes complexity for application developers, promoting self-service deployment without security compromises.

---

💡 Explore Related: Registries | Jenkins Alternatives | Jenkins