GitOps at scale with ArgoCD App of Apps. Organize applications by projects (devops, observability, frontend, backend). Deploy internal or external Helm charts via git - just add the reference, commit, and ArgoCD syncs. Zero manual kubectl operations.
Get a complete Kubernetes stack with observability in minutes:
# 1. Install ArgoCD
cd bootstrap
./bootstrap.sh argocd
# 2. Configure GitHub Access
./bootstrap.sh configure-github
# 3. Deploy Root Manifest (deploys all applications automatically)
kubectl apply -f argocd-manifest/root-manifest.yamlThat's it! ArgoCD will automatically deploy:
- β cert-manager (SSL/TLS certificates)
- β ingress-nginx (Ingress controller)
- β metrics-server (Resource metrics)
- β SigNoz (Complete observability: APM, Logs, Metrics, Traces)
- β k8s-infra (Kubernetes logs & metrics collection)
This repository implements a scalable GitOps workflow using:
- ArgoCD for continuous deployment
- Helm for package management
- App of Apps pattern for managing dozens of applications
- Project-based organization for clean separation of concerns
root-manifest (App of Apps)
βββ devops (Project)
β βββ cert-manager # SSL/TLS certificate management
β βββ ingress-nginx # Ingress controller
β βββ metrics-server # Kubernetes metrics API
β βββ signoz # Observability platform (APM, metrics, traces)
β βββ k8s-infra # Kubernetes logs & metrics collection
βββ frontend (Project)
βββ app1
βββ app2
.
βββ argocd-manifest/ # Helm chart that generates ArgoCD resources
β βββ Chart.yaml
β βββ values.yaml # Root configuration - enables/disables projects
β βββ root-manifest.yaml # Bootstrap file to deploy to ArgoCD
β βββ templates/
β βββ projects.yaml # Generates AppProjects
β βββ applications.yaml # Generates Applications
β βββ applicationsets.yaml # Generates ApplicationSets
βββ projects/ # Project-based organization
β βββ devops/
β β βββ root.yaml # Defines devops project + all tools
β β βββ cert-manager/
β β β βββ values.yaml # Cert-manager helm values
β β βββ ingress-nginx/
β β β βββ values.yaml # Ingress-nginx helm values
β β βββ metrics-server/
β β β βββ values.yaml # Metrics-server helm values
β β βββ signoz/
β β β βββ values.yaml # SigNoz observability platform
β β βββ k8s-infra/
β β βββ values.yaml # K8s logs & metrics collection
β βββ frontend/
β βββ root.yaml # Defines frontend project + all apps
β βββ app1/
β βββ values.yaml
βββ charts/ # Custom Helm charts (optional)
βββ bootstrap/ # Bootstrap scripts
β βββ bootstrap.sh
β βββ components/
β βββ argocd.sh
β βββ configure-github.sh
βββ config.env # Configuration
When you run kubectl apply -f argocd-manifest/root-manifest.yaml:
- Root Manifest Application is created in ArgoCD
- Root manifest reads
argocd-manifest/values.yamland creates Project Applications - Each Project Application reads its
projects/<project>/root.yaml - Each root.yaml creates the AppProject and all its child ApplicationSets
- ApplicationSets generate individual Applications for each tool
- ArgoCD syncs everything automatically using GitOps π
-
Root Level (
argocd-manifest/values.yaml):Applications: devops: enable: true # Enable/disable entire project valueFiles: - $values/projects/devops/root.yaml
-
Project Level (
projects/devops/root.yaml):Projects: devops: enable: true description: DevOps tools ApplicationSets: cert-manager: enable: true # Enable/disable individual app chartVersion: v1.13.2 valueFiles: - $values/projects/devops/cert-manager/values.yaml
-
Application Level (
projects/devops/cert-manager/values.yaml):installCRDs: true replicaCount: 1 resources: limits: cpu: 100m
-
Create values directory:
mkdir -p projects/devops/my-new-tool
-
Create values file:
cat > projects/devops/my-new-tool/values.yaml <<EOF # My tool helm values replicaCount: 1 EOF
-
Add to project's root.yaml:
ApplicationSets: my-new-tool: enable: true syncWave: 4 name: my-new-tool project: devops namespace: my-new-tool generators: - list: elements: - cluster: in-cluster url: https://kubernetes.default.svc chartVersion: 1.0.0 sources: - chart: my-new-tool repoURL: https://charts.example.com targetRevision: '{{.chartVersion}}' helm: valueFiles: - $values/projects/devops/my-new-tool/values.yaml - repoURL: git@github.com:adiii717/k8s-gitops.git targetRevision: main ref: values
-
Commit and push - ArgoCD syncs automatically!
-
Create project structure:
mkdir -p projects/backend
-
Create root.yaml:
cat > projects/backend/root.yaml <<EOF global: argocdNamespace: argocd Projects: backend: enable: true syncWave: -1 name: backend description: Backend services destinations: - namespace: '*' server: https://kubernetes.default.svc sourceRepos: - '*' Applications: api-service: enable: true syncWave: 1 name: api-service namespace: backend project: backend sources: - repoURL: git@github.com:adiii717/k8s-gitops.git targetRevision: main path: charts/api-service helm: valueFiles: - $values/projects/backend/api-service/values.yaml - repoURL: git@github.com:adiii717/k8s-gitops.git targetRevision: main ref: values EOF
-
Enable in root manifest (
argocd-manifest/values.yaml):Applications: backend: enable: true syncWave: 102 name: backend sources: - repoURL: git@github.com:adiii717/k8s-gitops.git targetRevision: main ref: values - repoURL: git@github.com:adiii717/k8s-gitops.git targetRevision: main path: argocd-manifest helm: releaseName: backend valueFiles: - $values/projects/backend/root.yaml
Edit config.env:
# ArgoCD Configuration
ARGOCD_NAMESPACE=argocd
ARGOCD_CHART_VERSION=5.51.4
# GitHub Configuration
GITHUB_REPO_URL=git@github.com:adiii717/k8s-gitops.git
GITHUB_SSH_KEY_PATH=~/.ssh/id_ed25519
# GitOps Configuration
ARGOCD_MANIFEST_PATH=argocd-manifest
ROOT_MANIFEST_NAME=root-manifest
PROJECTS_PATH=projects# Get password
cat .env
# Port forward
kubectl port-forward svc/argocd-server -n argocd 8080:443
# Access at https://localhost:8080
# Username: admin
# Password: (from .env)β Scalable: Add dozens of applications by just adding values files
β Project-Based: Clean separation (devops, frontend, backend, etc.)
β Hierarchical: Three-level structure (Root β Project β Application)
β Version Control: Chart versions defined in root.yaml
β Enable/Disable: Toggle entire projects or individual apps
β Sync Waves: Control deployment order with syncWave
β Multiple Sources: Support for Helm repos and Git repos
β ApplicationSets: Parameterize deployments across environments
Control deployment order:
syncWave: 1 # Deploy first
syncWave: 2 # Deploy second
syncWave: 3 # Deploy thirdDeploy same app to multiple clusters/environments:
ApplicationSets:
my-app:
generators:
- list:
elements:
- cluster: dev
url: https://dev-cluster
chartVersion: 1.0.0
- cluster: prod
url: https://prod-cluster
chartVersion: 1.0.1Place custom Helm charts in charts/ directory and reference them:
sources:
- repoURL: git@github.com:adiii717/k8s-gitops.git
targetRevision: main
path: charts/my-custom-app# Remove all ArgoCD resources
bash ~/devops/scripts/cleanup-argocd.shFollow Semantic Commit Messages:
feat(devops): add prometheus monitoring
fix(frontend): resolve nginx configuration
docs(readme): update installation steps
chore(deps): bump cert-manager to v1.14
kubectl get applications -n argocd
kubectl describe application <app-name> -n argocdkubectl get appprojects -n argocdkubectl patch application <app-name> -n argocd \
--type merge -p '{"operation":{"initiatedBy":{"username":"admin"},"sync":{"revision":"main"}}}'- Enable Gradually: Start with
enable: false, test, then enable - Use Sync Waves: Define clear deployment order
- Version Everything: Pin chart versions in root.yaml
- Small Commits: One app/change per commit
- Test Locally: Use
helm templateto validate before committing - Document Values: Comment your values files
Current production applications:
| Application | Purpose | Status |
|---|---|---|
| cert-manager | Automatic SSL/TLS certificate management | β Running |
| ingress-nginx | Kubernetes ingress controller | β Running |
| metrics-server | Resource metrics API (CPU/Memory) | β Running |
| signoz | Complete observability (APM, Logs, Metrics, Traces) | β Running |
| k8s-infra | Kubernetes cluster logs & metrics collection | β Running |
kubectl port-forward -n platform svc/signoz 3301:8080
# Open: http://localhost:3301SigNoz over Prometheus/Grafana/Jaeger:
- β Unified platform: Metrics, Logs, Traces, APM in one UI
- β Lower operational overhead: Single deployment vs 4+ tools
- β Better performance: ClickHouse is faster than traditional TSDB
- β OpenTelemetry native: Future-proof observability
- β Cost-effective: No separate storage for logs/traces/metrics
Created with β€οΈ by adilm717@gmail.com
Built for freelance Kubernetes infrastructure projects. Feel free to use it, fork it, and adapt it for your needs.
If you find this repository helpful:
- β Star it on GitHub
- π Fork it and customize for your infrastructure
- π¬ Reach out for consulting or collaboration
Philosophy: Clean, scalable, production-ready GitOps that's easy to understand and extend.