A GitOps continuous delivery tool for Kubernetes

Nothing but the Truth

Git Webhooks

Argo CD supports Git webhooks, which can be used to trigger automated deployments whenever changes are pushed to your Git repository. In this way, Argo CD can react immediately to changes, ensuring that your cluster's state always matches the desired state defined in your Git repository. To use Git webhooks with Argo CD, you need to configure a webhook in your Git repository to send requests to the Argo CD API server whenever changes are pushed to the repository.

The exact steps to configure a webhook depend on your Git provider, but generally, you'll need to provide the URL of the Argo CD API server and a secret that Argo CD can use to validate the webhook requests. For example, to configure a webhook in GitHub:

  • Go to the Settings page of your GitHub repository.
  • Click Webhooks , then Add webhook .
  • In the Payload URL field, enter the URL of your Argo CD API server with the path /api/webhook (e.g., if your Argo CD API server is at https://argocd.example.com , you would enter https://argocd.example.com/api/webhook ).
  • In the Content type field, select application/json .
  • In the Secret field, enter a secret of your choice. You'll need to provide this secret to Argo CD so it can validate the webhook requests.
  • Select Just the push event to trigger the webhook only when changes are pushed to the repository.
  • Click Add webhook to save the webhook.

Once the webhook is configured, GitHub sends a POST request to the Argo CD API server whenever changes are pushed to your repository. To configure Argo CD to use the webhook, you need to create a webhook secret in the same namespace as the Argo CD API server. This secret should contain the same secret you used when configuring the webhook in your Git repository. For example:

kubectl create secret generic github-webhook-secret --from-literal=secret=<your-webhook-secret> -n argocd

Replace <your-webhook-secret> with the secret you used when configuring the webhook in your Git repository.

With the Git webhook and the Argo CD webhook secret configured, Argo CD automatically syncs your applications whenever changes are pushed to your Git repository, ensuring that your cluster's state always matches the desired state defined in your Git repository and providing a truly automated GitOps experience.

Resource Health

Argo CD provides a comprehensive system for monitoring and reporting the health status of application resources. This system allows you to identify issues quickly and take corrective action, ensuring that your applications remain healthy and functional. Argo CD uses health checks to determine the status of application resources. These health checks are based on the resource's status field, which is part of the standard Kubernetes resource specification.

By default, Argo CD includes built-in health checks for many common Kubernetes resource types, such as Deployments, StatefulSets, DaemonSets, and more. For these resource types, Argo CD can automatically determine the health status on the basis of the resource's status field.

For example, for a Deployment resource type, Argo CD considers the deployment healthy if the number of up-to-date replicas matches the number of desired replicas. In addition to the built-in health checks, Argo CD allows you to define custom health checks for other resource types. You can define a custom health check by creating a Lua script that checks the resource's status field and returns a health status. You can find an example of a custom health check for a hypothetical MyResource resource type in Listing 10.

Listing 10

Custom Health Check

hs = {}
if obj.status.phase == "Running" then
  hs.status = "Healthy"
elseif obj.status.phase == "Pending" then
  hs.status = "Progressing"
  hs.message = "Resource is in the Pending phase"
  hs.status = "Degraded"
  hs.message = "Resource is in an unknown phase"
return hs

The health check considers the MyResource resource healthy if its phase is "Running", progressing if its phase is "Pending", and degraded otherwise.

You can view the health status of your application resources in the Argo CD UI, which displays a health status icon for each resource, allowing you to identify any issues quickly. Additionally, you can use the argocd app get command to view the health status of an application:

argocd app get my-app

This command displays information about the my-app application, including the health status of its resources.

Monitoring Argo CD

The Argo CD monitoring features allow you to track the state of your applications in real time. The dashboard provides a visual overview of your applications, including their sync and health status. You can drill down into each application to see detailed information about the individual resources.

In addition to the dashboard, Argo CD exposes Prometheus metrics that you can use to monitor the state of your applications and the performance of Argo CD itself. These metrics can be scraped by a Prometheus server and visualized by a tool like Grafana.

To configure a Prometheus server to scrape metrics from Argo CD, use

  - job_name: 'argocd'
      - targets: ['argocd-metrics-service:8082']

In this example, the Prometheus server is configured to scrape metrics from the argocd-metrics-service on port 8082.

Argo CD supports notifications that alert you to changes in the state of your applications. Notifications in Argo CD are handled by the Argo CD Notifications plugin, which supports a variety of notification methods, including email, Slack, and more.

To set up notifications, you need to create a ConfigMap and a Secret that define your notification settings and credentials (Listing 11). The ConfigMap defines a Slack service with a webhook URL, and the Secret provides the Slack token.

Listing 11

Slack Notifications

apiVersion: v1
kind: ConfigMap
  name: argocd-notifications-cm
  service.slack: |
    - url: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX
apiVersion: v1
kind: Secret
  name: argocd-notifications-secret
  slack-token: 'your-slack-token'

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Native serverless computing in Kubernetes
    Knative transfers serverless workloads to Kubernetes and provides all the container components you need to build serverless applications and PaaS and FaaS services.
  • Secure and seamless server access
    The powerful Cloudflare Tunnel provides secure and seamless access to servers and applications, making it a convenient alternative to VPN for any modern IT infrastructure.
  • Users speak on Kubernetes in business practice
    Users in corporate and government agencies that have successfully switched to Kubernetes share their positive experiences and the stumbling blocks to be avoided.
  • Secure Kubernetes with Kubescape
    Kubescape checks Kubernetes container setups for security and compliance issues, making life easier for administrators.
  • Nested Kubernetes with Loft
    Kubernetes has limited support for multitenancy, so many admins prefer to build multiple standalone Kubernetes clusters that eat up resources and complicate management. As a solution, Loft launches any number of clusters within the same control plane.
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=