What is ArgoCD?

What ArgoCD does

ArgoCD is an open-source Kubernetes controller that implements the GitOps pattern: it takes a Git repository containing manifests (YAML, Helm charts, Kustomize overlays) and guarantees that cluster state always matches that repository. If an operator modifies a resource directly on the cluster, ArgoCD detects the drift and either proposes, or automatically applies, a return to the desired state.

The project comes from Intuit, was donated to the CNCF in 2020, and reached Graduated status in December 2022. It is today the most deployed GitOps controller in enterprise Kubernetes environments, with an estimated market share above 60% according to CNCF Annual Survey reports.

Why ArgoCD instead of a CI/CD script

Before ArgoCD, the dominant pattern was push: a CI job ran kubectl apply or helm upgrade after every merge. That model has two major weaknesses.

First, the CI must hold administrative credentials on the target cluster, which opens a non-trivial attack surface if the CI runner is compromised. With ArgoCD, the controller pulls changes from Git; no external machine needs write access to the cluster.

Second, push does not detect drift. If an operator applies an emergency patch from a console, that patch is not in Git and the next PR risks silently overwriting it. ArgoCD reconciles continuously and surfaces any divergence.

Operator experience

ArgoCD exposes three interaction modes:

• Web UI: graphical visualisation of the application, Kubernetes resources, sync status, deployment history. Particularly valued for debugging.
• argocd CLI: commands for common operations (sync, rollback, list).
• Kubernetes CRDs: Application and AppProject can be versioned in Git for an app-of-apps pattern (ArgoCD manages itself via GitOps).

ArgoCD vs Flux

The two CNCF Graduated controllers cover the same need. ArgoCD has a richer UI, ideal for teams that want visual visibility; Flux is more modular and lighter, suited for purely code/CRD usage with no UI. On Hidora engagements, we recommend ArgoCD for teams under 30 engineers (UI = autonomy gain) and Flux for organisations managing more than 100 clusters (modularity = scale).

In practice on a Hidora engagement

A typical ArgoCD rollout takes 2 to 5 days depending on existing complexity:

1. Install the controller via the official Helm chart
2. Configure authentication (OIDC to your IdP)
3. Bootstrap a first Git repository with a per-environment tree
4. Migrate existing deployments in tracking mode (no auto-sync) to measure drifts
5. Progressively flip to auto-sync once drifts are resolved

Known limitations

ArgoCD only handles Kubernetes resources well. For Terraform, dedicated products (Atlantis, Terraform Cloud) remain more appropriate. ArgoCD does not replace a CI either: it deploys what the CI has built, but does not build images itself.

Related Hidora services

• Consulting: ArgoCD vs Flux selection, multi-cluster architecture design, training.
• Managed Services: operation of ArgoCD controllers with 24/7 monitoring.
• GitOps, Kubernetes, Helm: associated technical building blocks.