argocd
ArgoCD
Critical Gotchas
Sync Behavior
selfHeal: truereverts manual cluster changes every 3 minutes (default)prune: truedeletes resources removed from Git—enable only when certainreplace: truein syncOptions does full replacement instead of patch (destructive)ServerSideApply=truerequired for CRDs with large specs to avoid annotation size limits
Application Targeting
destination.servermust match exactly what's registered in ArgoCD (checkargocd cluster list)- Use
https://kubernetes.default.svcfor in-cluster, notkubernetes.default destination.namespacedoesn't auto-create unlessCreateNamespace=truein syncOptions
Health Assessment
- ArgoCD has built-in health checks for standard resources
- Custom resources show "Progressing" indefinitely without custom health check in
argocd-cm - Ingress health requires actual endpoint check, not just resource existence
Non-Obvious Patterns
Sync Waves
metadata:
annotations:
argocd.argoproj.io/sync-wave: "-1" # Negative = earlier
- Waves are strings sorted numerically ("-1" < "0" < "1")
- Resources in same wave sync in parallel
- Use for: namespaces → secrets → deployments → ingress
ApplicationSet Generator Precedence
generators:
- matrix:
generators:
- clusters: {} # Outer loop
- list: # Inner loop
elements: [{env: prod}, {env: staging}]
- Matrix multiplies generators (clusters × environments)
- Merge combines generators with override precedence (later wins)
Helm Value Precedence
values (inline) < valueFiles (in order) < parameters (highest priority)
Troubleshooting
| Symptom | Likely Cause |
|---|---|
| OutOfSync but no diff | Ignored differences, resource hooks, or server-side defaulting |
| Sync succeeds but unhealthy | Missing health check, resource not ready, CRD issue |
| "already exists" error | Resource managed by another Application or created manually |
| Stuck "Progressing" | No health check for CRD, or resource genuinely not ready |
argocd app get <app> --hard-refresh # Force manifest re-read
argocd app diff <app> --local <path> # Compare local to live
More from kontrolplane/skills
kyverno
Kyverno Kubernetes policy engine for validation, mutation, and generation. Use when writing ClusterPolicies to enforce security standards, auto-mutate resources with defaults, generate companion resources, or verify container image signatures.
12prometheus
Prometheus metrics and PromQL queries. Use when writing PromQL queries, creating recording or alerting rules, debugging metric scraping issues, or understanding counter/gauge/histogram behavior.
4loki
Grafana Loki log aggregation and LogQL queries. Use when writing LogQL queries for log analysis, configuring Promtail scrape pipelines, debugging log ingestion issues, or creating Loki alerting rules.
3grafana
Grafana dashboard JSON configuration and alerting. Use when creating or editing dashboard JSON, configuring panels programmatically, setting up Grafana alerting rules, or troubleshooting visualization issues.
3kubernetes
Kubernetes resource configuration and troubleshooting. Use when debugging pod failures, configuring probes and resource limits, setting up RBAC or NetworkPolicies, or resolving common Kubernetes errors like CrashLoopBackOff or ImagePullBackOff.
3terraform
Terraform infrastructure as code with HCL. Use when writing Terraform configurations, debugging state issues, understanding count vs for_each behavior, managing modules, or troubleshooting plan/apply errors.
3