gitops-apply
GitOps Apply Skill
Purpose
Guide users through proper GitOps workflow when they attempt to mutate Kubernetes resources with kubectl. Replaces imperative kubectl commands with declarative manifests in git, ensuring all cluster changes are auditable, reviewable, and recoverable.
Why GitOps Over kubectl
kubectl apply/create/delete:
- ❌ No audit trail of who changed what
- ❌ No peer review process
- ❌ Difficult rollback (manual undo)
- ❌ Configuration drift (cluster != git)
- ❌ No disaster recovery story
- ❌ Imperative (how), not declarative (what)
GitOps workflow:
- ✅ Full audit trail in git log
- ✅ Peer review via pull requests
- ✅ Easy rollback via git revert
- ✅ Single source of truth (git)
- ✅ Disaster recovery via git clone
- ✅ Declarative manifests (desired state)
- ✅ Automatic sync via ArgoCD/Flux
- ✅ Drift detection and correction
Workflow Steps
Quick GitOps Workflow
- Identify Resource - Determine K8s resource to modify
- Locate Manifest - Find YAML in git (charts/, manifests/, k8s/)
- Edit Manifest - Update YAML file
- Commit Changes - Use conventional commits
- Sync via GitOps - ArgoCD/Flux syncs automatically OR trigger manually
For detailed step-by-step workflow with commands, verification, and examples, see references/WORKFLOW-STEPS.md.
Bootstrap Exception (ArgoCD Only)
When kubectl targets ArgoCD itself, normal GitOps cannot apply - ArgoCD cannot sync itself. Use the bootstrap workflow instead.
Decision Tree
ONE-OFF scenarios (skip bootstrap script):
- Temporary debugging
- One-time migration step
- Testing that won't be repeated
RECOVERY-NEEDED scenarios (MUST add to bootstrap):
- New cluster initialization
- Disaster recovery procedures
- Repeatable infrastructure setup
- Changes needed on future servers
Bootstrap Workflow
-
Edit bootstrap scripts:
scripts/bootstrap.sh- Run once during initial setupscripts/bootstrap-idempotent.sh- Safe to re-run anytime
-
Add kubectl command with idempotency pattern:
kubectl create namespace argocd 2>/dev/null || true kubectl apply -n argocd -f argocd/install.yaml kubectl wait --for=condition=available deployment/argocd-server \ -n argocd --timeout=300s || true -
Commit bootstrap script changes (conventional commit format)
-
Execute kubectl (now allowed after bootstrap update)
For detailed bootstrap patterns and examples, see references/BOOTSTRAP-WORKFLOW.md.
Related Skills
- check-history - Review git history before making changes
More from meriley/claude-code-skills
obs-cpp-qt-patterns
C++ and Qt integration patterns for OBS Studio plugins. Covers Qt6 Widgets for settings dialogs, CMAKE_AUTOMOC, OBS frontend API, optional Qt builds with C fallbacks, and modal dialog patterns. Use when adding UI components or C++ features to OBS plugins.
56vendure-developing
Develop Vendure e-commerce plugins, extend GraphQL APIs, create Admin UI components, and define database entities. Use vendure-expert agent for comprehensive guidance across all Vendure development domains.
36vendure-admin-ui-writing
Create Vendure Admin UI extensions with React components, route registration, navigation menus, and GraphQL integration. Handles useQuery, useMutation, useInjector patterns. Use when building Admin UI features for Vendure plugins.
33vendure-entity-writing
Define Vendure database entities extending VendureEntity, with TypeORM decorators, relations, custom fields, and channel-awareness. Use when creating database models in Vendure.
31vendure-graphql-writing
Extend Vendure GraphQL schema with custom types, queries, mutations, and resolvers. Handles RequestContext threading, permissions, and dual Shop/Admin API separation. Use when adding GraphQL endpoints to Vendure.
31vendure-plugin-writing
Create production-ready Vendure plugins with @VendurePlugin decorator, NestJS dependency injection, lifecycle hooks, and configuration patterns. Use when developing new Vendure plugins or extending existing ones.
29