In this lab, we’ll connect the dots between GitLab CI/CD and ArgoCD. Unfortunately this would take us too long for today - you could do a full day workshop just for ArgoCD itself 😇 So for now, lets just try to understand what would be needed.
Until now, our pipeline has handled everything — from building images to deploying them directly to the cluster. But with ArgoCD in the picture, we can shift towards a GitOps approach: the pipeline builds and pushes, ArgoCD watches Git and takes care of the deployment.
There are a few common strategies to make that work:
Option 1: Update image tags in Git during the pipeline
✅ Fully Git-driven and traceable
❌ Requires Git access and commit permissions from the pipeline
Option 2: Trigger an ArgoCD sync from the pipeline
argocd app sync directly for the corresponding application.✅ Simple and fast
❌ Breaks the GitOps model — changes happen without Git updates
Option 3: Use the ArgoCD Image Updater
values.yaml).✅ Hands-off, automated, and GitOps-compliant
❌ Requires setup: Helm annotations, registry credentials, and Git write access
When looking a bit deeper into Option 3, the following steps would be neccessary:
The Image Updater gets installed in the cluster.
It runs as a Kubernetes deployment and checks for image updates on a schedule.
Important step here is to provide the Image Updater with access:
ArgoCD Applications are annotated to declare what images to track.
e.g. in our frontend application:
metadata:
name: frontend
namespace: argocd
annotations:
argocd-image-updater.argoproj.io/image-list: "frontend=registry.noisy-thunder-9457.gl.apps.muc1.de.bnerd.io/workshop/todo-app-<your namespace>/frontend"
argocd-image-updater.argoproj.io/frontend-image-tag: "$CI_COMMIT_SHORT_SHA"
Remove the deploy step from our pipeline As this is now done automatically by ArgoCD 🎉
As there is nothing to add, let’s continue for the very last lab and get some insights into cluster monitoring :)