Updated Jun 30, 2026

Argo CD and GitOps

You ship a change to Kubernetes, and a week later nobody can say for sure what's actually running. Someone hot-patched a replica count by hand, a config map drifted, and the cluster no longer matches anything you can point at. GitOps fixes the trust problem: the desired state of your cluster lives in Git, and a controller named Argo CD watches that repo and quietly drags reality back into line whenever it wanders. This guide gives you the mental model and the muscle memory to run it without surprises.

How to read this

Read the three phases in order. Phase 1 builds the mental model so the rest stops feeling like magic. Phase 2 is the everyday loop: defining an app, syncing, rolling back. Phase 3 is where it bites - drift, sync waves, secrets, and the failures you'll actually be paged for. If you've never run Kubernetes, skim /guides/kubernetes-without-the-hype first; if "CI vs CD" is fuzzy, /guides/what-cicd-does sets the frame.

The phases

  1. The pull model: Git as the source of truth
  2. Your daily loop: apps, sync, and rollback
  3. When reconciliation bites: drift, waves, and secrets

Phase 1: The pull model: Git as the source of truth