ArgoCd does not trigger on GitOps repo update?

Question

After pushing a new Docker image to Docker hub and committing on a GitOps repo, I expected ArgoCD to refresh either after 3 minutes or a manual trigger. It does not. Only after deleting a deployment in the ArgoCD user interface, ArgoCD fetches a new Docker image. I can easily track when the Docker image is (not) pulled from Docker hub.

Of course, this is only valuable during development. For production you need a solid tag for each Docker image version.

After updating the GitOps repo and manually refresh ArgoCD, I can see that the Sync status correctly mentioning the HEAD, but the lastSync is from a prior commit.

Performing a manual Sync gives also an updated last sync status, BUT the image is not pulled from the Docker hub.

As far as I know, the deployment config "imagePullPolicy: Always" should to the update.

How can I trigger ArgoCD to refresh / resync on any update of the GitOps repo?

This is my Application:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: argocd-systeemtester-app
  namespace: argocd
spec:
  destination:
    namespace: default
    server: "https://kubernetes.default.svc"
  project: default
  source:
    path: systemtester
    repoURL: "https://github.com/abcdef/argocd-demo.git"
    targetRevision: HEAD
  syncPolicy:
    automated:
      prune: true
      selfHeal: true

The repo consists of a helm chart. I can see that the specific repo and deployment file is commited / pushed.

An example of a Deployment file is:

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    io.kompose.service: {{.Values.systemtester.name}}
  name: {{.Values.systemtester.name}}
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: {{.Values.systemtester.name}}
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        io.kompose.network/devhome-default: "true"
        io.kompose.service: {{.Values.systemtester.name}}
    spec:
      containers:
        - env:
            - name: a
              value: "b"
          image: {{.Values.systemtester.image.name -}}:{{- .Values.systemtester.image.version}}
          imagePullPolicy: Always
          name: {{.Values.systemtester.name}}
          ports:
            - containerPort: {{.Values.systemtester.service.internalPort}}
          resources: {}
      restartPolicy: Always

Refreshing manually does not help. Syncing manually does not help. Only after removing a Deployment in the ArgoCD app I see that the image is pulled from Docker hub.

GBlodgett · Accepted Answer

It sounds like your use case is that you have a snapshot image that you are pushing updates to during development to the same image tag. You would like this image to be automatically pulled whenever a new SHA is available. Because there is no change to the manifests, ArgoCD will not automatically do this for you.

You can explore their auto image updater, which seems to be what you are after:

The Argo CD Image Updater can check for new versions of the container images that are deployed with your Kubernetes workloads and automatically update them to their latest allowed version using Argo CD.

Ref: https://argocd-image-updater.readthedocs.io/en/stable/

If you would not like to go down that route you can either use a kubectl rollout on the deployment (Or do a rollout from the ArgoCD UI) which will restart every pod. With the image pull policy set to Always this will always pull the latest image with that tag.

If you want to just roll the pods with every deploy, you could add something like rollme: {{ randAlphaNum 5 | quote }} to the annotations, which will replace the deployment every time helm apply is run.

Ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments

ArgoCd does not trigger on GitOps repo update?

Answers (2)

Related Questions