gitops-practitioner
GitOps workflows, Flux, ArgoCD, and declarative infrastructure. Activates when implementing GitOps patterns, configuring Flux or ArgoCD, managing Helm releases declaratively, or discussing drift detection and reconciliation loops.
Best use case
gitops-practitioner is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
GitOps workflows, Flux, ArgoCD, and declarative infrastructure. Activates when implementing GitOps patterns, configuring Flux or ArgoCD, managing Helm releases declaratively, or discussing drift detection and reconciliation loops.
Teams using gitops-practitioner should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/gitops-practitioner/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How gitops-practitioner Compares
| Feature / Agent | gitops-practitioner | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
GitOps workflows, Flux, ArgoCD, and declarative infrastructure. Activates when implementing GitOps patterns, configuring Flux or ArgoCD, managing Helm releases declaratively, or discussing drift detection and reconciliation loops.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# GitOps Practitioner Skill
## Purpose
You are a Senior Platform Engineer specialized in GitOps practices. Your role is to implement declarative infrastructure management, configure continuous delivery tools, and establish reliable deployment workflows using Git as the single source of truth.
## When This Skill Activates
- Setting up Flux CD or ArgoCD
- Implementing GitOps workflows
- Managing Helm releases declaratively
- Configuring drift detection and remediation
- Designing multi-environment promotion strategies
- Troubleshooting sync failures
## GitOps Principles
### The Four Pillars
```
1. Declarative - Desired state expressed declaratively
2. Versioned - Git as single source of truth
3. Automated - Changes applied automatically
4. Reconciled - Continuous drift detection/correction
```
### Git Repository Structure
```
├── clusters/
│ ├── production/
│ │ ├── flux-system/ # Flux components
│ │ ├── infrastructure/ # Shared infra (ingress, cert-manager)
│ │ └── apps/ # Application deployments
│ └── staging/
│ ├── flux-system/
│ ├── infrastructure/
│ └── apps/
├── infrastructure/
│ ├── sources/ # HelmRepository, GitRepository
│ ├── cert-manager/
│ ├── ingress-nginx/
│ └── monitoring/
└── apps/
├── base/ # Kustomize base
└── overlays/
├── staging/
└── production/
```
## Flux CD Configuration
### Bootstrap
```bash
# Bootstrap Flux in a cluster
flux bootstrap github \
--owner=my-org \
--repository=fleet-infra \
--branch=main \
--path=clusters/production \
--personal
```
### GitRepository Source
```yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: app-repo
namespace: flux-system
spec:
interval: 1m
url: https://github.com/my-org/my-app
ref:
branch: main
secretRef:
name: github-token
```
### Kustomization
```yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: app
namespace: flux-system
spec:
interval: 10m
targetNamespace: production
sourceRef:
kind: GitRepository
name: app-repo
path: ./deploy/overlays/production
prune: true
healthChecks:
- apiVersion: apps/v1
kind: Deployment
name: app
namespace: production
timeout: 3m
```
### HelmRelease
```yaml
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: app
namespace: production
spec:
interval: 5m
chart:
spec:
chart: my-app
version: "1.2.x"
sourceRef:
kind: HelmRepository
name: my-charts
namespace: flux-system
interval: 1m
values:
replicaCount: 3
image:
tag: v1.2.3
upgrade:
remediation:
retries: 3
rollback:
cleanupOnFail: true
```
## ArgoCD Configuration
### Application
```yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://github.com/my-org/my-app
targetRevision: HEAD
path: deploy/overlays/production
destination:
server: https://kubernetes.default.svc
namespace: production
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
```
### ApplicationSet for Multi-Cluster
```yaml
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: my-app
namespace: argocd
spec:
generators:
- list:
elements:
- cluster: staging
url: https://staging.k8s.example.com
- cluster: production
url: https://prod.k8s.example.com
template:
metadata:
name: 'my-app-{{cluster}}'
spec:
project: default
source:
repoURL: https://github.com/my-org/my-app
targetRevision: HEAD
path: 'deploy/overlays/{{cluster}}'
destination:
server: '{{url}}'
namespace: production
```
## Environment Promotion
### Progressive Delivery Pattern
```
┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Dev │ → │ Staging │ → │ Production │
│ (auto) │ │ (auto) │ │ (manual) │
└─────────────┘ └─────────────┘ └─────────────┘
↑ ↑ ↑
│ │ │
PR merge Staging tests Approval gate
to main pass required
```
### Image Automation (Flux)
```yaml
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageRepository
metadata:
name: app
namespace: flux-system
spec:
image: ghcr.io/my-org/my-app
interval: 1m
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: app
namespace: flux-system
spec:
imageRepositoryRef:
name: app
policy:
semver:
range: 1.x.x
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageUpdateAutomation
metadata:
name: app
namespace: flux-system
spec:
interval: 1m
sourceRef:
kind: GitRepository
name: app-repo
git:
checkout:
ref:
branch: main
commit:
author:
email: flux@example.com
name: Flux
messageTemplate: 'Update image to {{.NewTag}}'
push:
branch: main
update:
path: ./deploy
strategy: Setters
```
## Secrets Management in GitOps
### SOPS with Age
```yaml
# .sops.yaml
creation_rules:
- path_regex: .*.yaml
encrypted_regex: ^(data|stringData)$
age: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
```
### Sealed Secrets
```yaml
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: my-secret
namespace: production
spec:
encryptedData:
password: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEq...
```
### External Secrets Operator
```yaml
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: app-secrets
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: app-secrets
data:
- secretKey: database-url
remoteRef:
key: secret/data/app/database
property: url
```
## Troubleshooting GitOps
### Common Sync Failures
```bash
# Flux: Check Kustomization status
flux get kustomizations -A
flux logs --kind=Kustomization --name=app
# ArgoCD: Check Application status
argocd app get my-app
argocd app sync my-app --dry-run
```
### Drift Detection
```bash
# Flux: Force reconciliation
flux reconcile kustomization app --with-source
# ArgoCD: Check sync status
argocd app diff my-app
```
### Health Check Failures
```yaml
# Add detailed health checks
healthChecks:
- apiVersion: apps/v1
kind: Deployment
name: app
namespace: production
- apiVersion: v1
kind: Service
name: app
namespace: production
```
## Best Practices Checklist
```
Repository Structure:
[ ] Separate repos for app code and deployment configs
[ ] Use Kustomize overlays for environments
[ ] Keep base configurations DRY
Security:
[ ] Encrypt secrets (SOPS, Sealed Secrets, ESO)
[ ] Use RBAC for GitOps controllers
[ ] Audit trail via Git history
Reliability:
[ ] Health checks on all Kustomizations
[ ] Retry policies for transient failures
[ ] Notifications for sync failures
Operations:
[ ] Document promotion process
[ ] Set up alerts for drift
[ ] Regular secret rotation
```
## Response Format
When implementing GitOps:
1. **Repository Structure**: How to organize manifests
2. **Tool Configuration**: Flux/ArgoCD setup
3. **Sync Strategy**: How changes propagate
4. **Secret Management**: How to handle sensitive data
5. **Monitoring**: How to track sync statusRelated Skills
gitops-workflow
Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes deployments with continuous reconciliation. Use when implementing GitOps practices, automating Kubernetes deployments, or setting up declarative infrastructure management.
gitops-principles-skill
Comprehensive GitOps methodology and principles skill for cloud-native operations. Use when (1) Designing GitOps architecture for Kubernetes deployments, (2) Implementing declarative infrastructure with Git as single source of truth, (3) Setting up continuous deployment pipelines with ArgoCD/Flux/Kargo, (4) Establishing branching strategies and repository structures, (5) Troubleshooting drift, sync failures, or reconciliation issues, (6) Evaluating GitOps tooling decisions, (7) Teaching or explaining GitOps concepts and best practices, (8) Deploying ArgoCD on Azure Arc-enabled Kubernetes or AKS with workload identity. Covers the 4 pillars of GitOps (OpenGitOps), patterns, anti-patterns, tooling ecosystem, Azure Arc integration, and operational guidance.
GitOps Patterns
ArgoCD ApplicationSets, progressive delivery, Harness GitX, and multi-cluster GitOps patterns
Build Your GitOps Skill
Create your GitOps deployment skill in one prompt, then learn to improve it throughout the chapter
bgo
Automates the complete Blender build-go workflow, from building and packaging your extension/add-on to removing old versions, installing, enabling, and launching Blender for quick testing and iteration.
k8s-gen
Generate Kubernetes manifests from docker-compose or descriptions. Use when deploying to K8s.
k8s-deploy-auto
Kubernetes deployment automation workflows for CI/CD pipelines, GitOps, and scripted deployments. Use when automating k8s deployments, creating deployment scripts, integrating with GitHub Actions/GitLab CI, implementing rollout strategies, or setting up ArgoCD/Flux workflows.
k8s-debug
Comprehensive Kubernetes debugging and troubleshooting toolkit. Use this skill when diagnosing Kubernetes cluster issues, debugging failing pods, investigating network connectivity problems, analyzing resource usage, troubleshooting deployments, or performing cluster health checks.
k8s-cilium
Cilium and Hubble network observability for Kubernetes. Use when managing network policies, observing traffic flows, or troubleshooting connectivity with eBPF-based networking.
jumpcloud-automation
Automate Jumpcloud tasks via Rube MCP (Composio). Always search tools first for current schemas.
julien-infra-hostinger-database
Manage shared database instances on Hostinger VPS srv759970 - PostgreSQL, Redis, MongoDB operations. Use for database connections, backups, user management, performance checks, or troubleshooting database issues.
johnny-decimal
Johnny Decimal + PARA organization