Deploy and Update Kubernetes Apps with ArgoCD, Git, and Helm – Step‑by‑Step Guide

Preface

ArgoCD is a GitOps‑based continuous delivery tool for Kubernetes. It synchronizes application deployment and updates directly from a Git repository and provides a visual UI.

Install ArgoCD

Prepare a Kubernetes cluster and apply the official YAML manifest.

# 创建命名空间
kubectl create namespace argocd

# 部署 ArgoCD
wget https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
kubectl apply -n argocd -f install.yaml

# 查看状态
kubectl get pod -n argocd -w

# 将 svc 调整为 NodePort（用于访问 UI）
kubectl -n argocd edit svc argocd-server

Access the UI; the address automatically redirects to HTTPS.

# 获取 UI 登录密码（默认管理员为 admin）
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

The default admin password is random; you can replace it with a bcrypt‑hashed value.

# 在线获取 bcrypt 加密后的密码值（例如 https://www.bejson.com/encrypt/bcrpyt_encode/）
# 将加密后的密文写入 admin.password
kubectl -n argocd patch secret argocd-secret \
  -p '{"stringData": {"admin.password": "$2a$10$dVCUtDIFah893qSLMMIReeyNa8vHx1112/kLYTbglAQMpbzBR5dbK", "admin.passwordMtime": "$(date +%FT%T%Z)"}}'

Prepare a Helm Chart

ArgoCD supports various configuration tools; this example uses Helm. Create a simple Helm chart to define the application manifests.

# 创建目录并初始化 Git 仓库
mkdir gitops && cd gitops && git init
mkdir -p {helm,argocd} && cd helm

# 添加 Helm chart 结构
# tree -L 2
app1/
├── Chart.yaml
├── templates/
│   ├── deployment.yaml
│   └── service.yaml
└── values.yaml

Chart.yaml

apiVersion: v2
appVersion: "1.0"
name: app1
description: app1 for kubernetes
type: application
version: 0.1.0

values.yaml

global:
  replicas: 2
image:
  repository: harbor.example.cn/public/nginx
  tag: stable-alpine

templates/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: app
  namespace: {{ .Release.Namespace }}
spec:
  replicas: {{ .Values.global.replicas }}
  selector:
    matchLabels:
      demo: app1
  template:
    metadata:
      labels:
        demo: app1
    spec:
      containers:
      - name: nginx
        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
        ports:
        - containerPort: 80
          name: http

templates/service.yaml

apiVersion: v1
kind: Service
metadata:
  name: app1-svc
  namespace: {{ .Release.Namespace }}
  labels:
    demo: app1
spec:
  type: ClusterIP
  selector:
    demo: app1
  ports:
  - port: 80
    name: http
    targetPort: http
    protocol: TCP

Define ArgoCD Manifests

ArgoCD uses declarative Application resources to manage deployments.

# 创建环境目录
cd gitops/argocd && mkdir {dev,test,pre,prod}

# 示例目录结构
.
├── dev
│   └── Application.yaml
├── test
│   └── Application.yaml
├── pre
│   └── Application.yaml
└── prod
    └── Application.yaml

Application.yaml (example)

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: demo-argocd
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://git.example.com/gitops/gitops1.git
    targetRevision: HEAD
    path: helm/app1
    helm:
      parameters:
      - name: image.repository
        value: harbor.example.cn/public/nginx
      - name: image.tag
        value: stable-alpine
      - name: global.replicas
        value: "2"
  destination:
    server: https://kubernetes.default.svc
    namespace: demo
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
    - Validate=false
    - CreateNamespace=true
    - PrunePropagationPolicy=foreground
    - PruneLast=true
  retry:
    limit: 5
    backoff:
      factor: 2
      maxDuration: 1m

Push the Repository

After preparing the resource files, create a Git repository and push the content.

# 整体目录结构（tree -L 3）
gitops/
├── argocd/
│   ├── dev/Application.yaml
│   ├── test/Application.yaml
│   ├── pre/Application.yaml
│   └── prod/Application.yaml
└── helm/app1/
    ├── Chart.yaml
    ├── templates/
    └── values.yaml

# 推送到 Git
git init
git add .
git commit -m "Add ArgoCD and Helm resources"
git remote add origin <your-repo-url>
git push -u origin master

Integrate ArgoCD

Log into the ArgoCD UI, add the Git repository, and create an application that points to the Helm chart.

After creating the application, manually sync it the first time because auto‑sync is not enabled yet.

Once synced, you can view the deployment status and Git synchronization status in the UI.

After confirming the deployment, enable automatic synchronization for the production environment.

Version Update

Two ArgoCD applications exist after the initial deployment:

demo-production : syncs with dev/Application.yaml to update version and configuration.

demo-argocd : deploys the service using the Helm resources from the Git repository.

To upgrade the service version, modify dev/Application.yaml (or the Helm values) and push the change to Git. ArgoCD will detect the change and apply it automatically.

# vim argocd/dev/Application.yaml
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: demo-argocd
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://git.example.com/gitops/gitops1.git
    targetRevision: HEAD
    path: helm/app1
    helm:
      parameters:
      - name: image.repository
        value: harbor.example.cn/public/nginx
      - name: image.tag
        value: v1.0.0   # update image tag
      - name: global.replicas
        value: "1"   # change replica count
  destination:
    server: https://kubernetes.default.svc
    namespace: demo
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
    - Validate=false
    - CreateNamespace=true
    - PrunePropagationPolicy=foreground
    - PruneLast=true
  retry:
    limit: 5
    backoff:
      factor: 2
      maxDuration: 1m

After a short wait, ArgoCD automatically synchronizes the updated configuration to the cluster.