ArgoCD GitOps 同步與回滾工作流程

DevOps
7 個節點 · 6 條連接devops
視覺化
在編輯器開啟
ex-argocd-gitops.osop.yaml
# ArgoCD GitOps Workflow
# Git commit triggers ArgoCD sync, health check, rollback on failure
osop_version: "2.0"
id: argocd-gitops
name: "ArgoCD GitOps 同步與回滾工作流程"

nodes:
  - id: git_commit
    type: git
    purpose: Detect new commit pushed to the GitOps config repo
    runtime:
      action: webhook
      repository: "git@github.com:org/k8s-manifests.git"
      branch: main
    outputs: [commit_sha, changed_files]

  - id: manifest_validate
    type: system
    purpose: Validate Kubernetes manifests before sync
    runtime:
      action: validate
      tool: kubeval
      schemas: kubernetes-json-schema
    inputs: [changed_files]
    outputs: [validation_result]
    timeout_sec: 60
    explain: |
      Runs kubeval against all changed manifest files to catch
      schema errors before ArgoCD attempts to sync them.

  - id: argocd_sync
    type: infra
    purpose: Trigger ArgoCD application sync
    runtime:
      tool: argocd
      action: sync
      app_name: production-app
      revision: "{{commit_sha}}"
      prune: true
    inputs: [commit_sha, validation_result]
    outputs: [sync_status]
    timeout_sec: 300

  - id: health_check
    type: api
    purpose: Verify application health after sync completes
    runtime:
      endpoint: app-health
      method: GET
      url: "https://argocd.internal/api/v1/applications/production-app"
    inputs: [sync_status]
    outputs: [health_status]
    retry_policy:
      max_retries: 5
      backoff_sec: 20
    timeout_sec: 120

  - id: notify_success
    type: api
    purpose: Send deployment success notification to Slack
    runtime:
      endpoint: slack-webhook
      method: POST
      url: "{{SLACK_WEBHOOK_URL}}"
    inputs: [health_status, commit_sha]

  - id: rollback
    type: infra
    purpose: Rollback to previous ArgoCD revision on failure
    runtime:
      tool: argocd
      action: rollback
      app_name: production-app
      steps: 1
    outputs: [rollback_status]
    explain: |
      Automatically rolls back to the previous healthy revision.
      This is triggered only when the health check fails.

  - id: notify_failure
    type: api
    purpose: Alert team about failed deployment and rollback
    runtime:
      endpoint: slack-webhook
      method: POST
      url: "{{SLACK_WEBHOOK_URL}}"
    inputs: [rollback_status, commit_sha]

edges:
  - from: git_commit
    to: manifest_validate
    mode: sequential

  - from: manifest_validate
    to: argocd_sync
    mode: conditional
    condition: "validation_result.valid == true"

  - from: argocd_sync
    to: health_check
    mode: sequential

  - from: health_check
    to: notify_success
    mode: conditional
    condition: "health_status.status == 'Healthy'"

  # Fallback: if health check fails, trigger rollback
  - from: health_check
    to: rollback
    mode: fallback
    condition: "health_status.status != 'Healthy'"

  - from: rollback
    to: notify_failure
    mode: sequential
上一個
Ansible Playbook 執行管線
下一個
Docker 建置與推送管線