Submit Feedback
Cloud Native Experience Kubernetes Ready

CNE Kubernetes Ready: GitOps with Argo CD

Kubernetes Ready deployments use GitOps to manage Helm values, Kubernetes manifests, and environment configurations through a Git repository. Instead of applying changes manually with kubectl or running Helm commands from a workstation, a GitOps controller reconciles the desired state into the cluster.

The liferay-default Helm chart fits this model because all inputs are declarative: Helm values, ConfigMaps, Secrets, and mounted configuration files.

Kubernetes Ready supports GitOps workflows through controllers such as Argo CD and Flux.

Repository Structure

A standard GitOps repository structure separates shared configurations from environment-specific values.

This layout shows a standard repository structure:

gitops/
├── base
│   ├── liferay-values.yaml
│   ├── search-config.yaml
│   └── storage-config.yaml
├── environments
│   ├── dev
│   │   └── values.yaml
│   ├── staging
│   │   └── values.yaml
│   └── production
│       └── values.yaml
└── applications
    └── liferay-application.yaml

Managing Helm Releases

Kubernetes Ready deployments reconcile the liferay-default chart through Argo CD.

The deployment workflow stores Helm values and chart versions in Git while continuously reconciling configurations into the cluster.

Apply this manifest in the argocd namespace. Argo CD pulls the Helm chart from the OCI registry and reconciles it against the values files in your repository:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: liferay
  namespace: argocd
spec:
  destination:
    namespace: liferay
    server: https://kubernetes.default.svc

  sources:
    - repoURL: us-central1-docker.pkg.dev/liferay-artifact-registry/liferay-helm-chart
      chart: liferay-default
      targetRevision: 0.6.0
      helm:
        valueFiles:
          - $values/environments/production/values.yaml

    - repoURL: https://git.example.com/platform/gitops.git
      targetRevision: main
      ref: values

  syncPolicy:
    automated:
      prune: true
      selfHeal: true

Referencing Secrets in GitOps Workflows

GitOps repositories must not store plaintext credentials directly in Git.

Instead, you must synchronize Kubernetes Secrets from external secret management systems and reference them through Kubernetes Ready configuration patterns such as customEnvFrom and mounted Secrets.

Environment Configuration

GitOps repositories separate configurations by environment.

Environment-specific differences include:

  • Database endpoints
  • Ingress hostnames
  • Replica counts
  • Resource requests and limits
  • Search endpoints
  • Storage configurations

Rollbacks and Drift Management

GitOps controllers continuously compare live cluster states against the desired state stored in Git.

When differences appear, controllers reconcile drift automatically and restore resources to the committed deployment state.

Rolling back a deployment involves reverting the Git-managed configuration so the controller reconciles the previous state automatically.

Capability:
Cloud
DXP Self-Hosted Installation, Maintenance, and Administration
Resource Type:
Official Documentation
Deployment Approach:
Liferay PaaS
Liferay Self-Hosted