espoautos/mdmz
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

No GitOps reconciler — CI updates manifests but nothing applies them #3

New issue
Open
opened 2026-04-22 22:10:44 +00:00 by opadmin · 0 comments
opadmin commented 2026-04-22 22:10:44 +00:00
Owner
Copy link

Problem

The CI pipeline (Forgejo Actions) builds images, pushes to registry, and commits updated k8s/deployment.yaml with the new image tag. However, there is no Flux, ArgoCD, or other GitOps operator running on the cluster to automatically apply these manifests.

This means after CI completes, someone must manually kubectl apply the updated deployment. This also means branding changes to deployment.yaml (like the ESPO | Chicago rename) don't take effect until manually applied.

Options

  1. Add kubectl apply step to CI — simplest, add a step after manifest commit that applies directly. Requires a kubeconfig/serviceaccount token in CI.
  2. Deploy Flux — watches Forgejo repos, auto-applies on commit. More robust but heavier.
  3. Deploy ArgoCD — similar to Flux, with a UI.
  4. Simple cron reconciler — a CronJob that polls repos and applies changes.

Recommendation

Option 1 is the quickest. Add a final step to the CI workflow that uses kubectl apply with a serviceaccount token. The op-api may already handle this — need to check.

## Problem The CI pipeline (Forgejo Actions) builds images, pushes to registry, and commits updated `k8s/deployment.yaml` with the new image tag. However, there is **no Flux, ArgoCD, or other GitOps operator** running on the cluster to automatically apply these manifests. This means after CI completes, someone must manually `kubectl apply` the updated deployment. This also means branding changes to deployment.yaml (like the ESPO | Chicago rename) don't take effect until manually applied. ## Options 1. **Add `kubectl apply` step to CI** — simplest, add a step after manifest commit that applies directly. Requires a kubeconfig/serviceaccount token in CI. 2. **Deploy Flux** — watches Forgejo repos, auto-applies on commit. More robust but heavier. 3. **Deploy ArgoCD** — similar to Flux, with a UI. 4. **Simple cron reconciler** — a CronJob that polls repos and applies changes. ## Recommendation Option 1 is the quickest. Add a final step to the CI workflow that uses `kubectl apply` with a serviceaccount token. The op-api may already handle this — need to check.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
No results found.
Labels
Clear labels   
auto-merge

Safe to auto-merge (Green tier)

  
blocked

Blocked - Red tier concern

  
claude

Changes authored by Claude

  
needs-review

Requires human review

  
upstream

Changes from upstream repos

No labels
auto-merge
blocked
claude
needs-review
upstream
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
espoautos/mdmz#3
No description provided.