Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Quick links: redhat.com, Customer Portal, Red Hat's developer site, Red Hat's partner site.

  • You are here

    Red Hat

    Learn about our open source products, services, and company.

  • You are here

    Red Hat Customer Portal

    Get product support and knowledge from the open source experts.

  • You are here

    Red Hat Developer

    Read developer tutorials and download Red Hat software for cloud application development.

  • You are here

    Red Hat Partner Connect

    Get training, subscriptions, certifications, and more for partners to build, sell, and support customer solutions.

Products & tools

  • Ansible.com

    Learn about and try our IT automation product.
  • Red Hat Ecosystem Catalog

    Find hardware, software, and cloud providers―and download container images―certified to perform with Red Hat technologies.

Try, buy, & sell

  • Red Hat Hybrid Cloud Console

    Access technical how-tos, tutorials, and learning paths focused on Red Hat’s hybrid cloud managed services.
  • Red Hat Store

    Buy select Red Hat products and services online.
  • Red Hat Marketplace

    Try, buy, sell, and manage certified enterprise software for container-based environments.

Events

  • Red Hat Summit and AnsibleFest

    Register for and learn about our annual open source IT industry event.

Automate CI/CD on pull requests with Argo CD ApplicationSets

April 5, 2022
Christian Hernandez Natale Vinto
Related topics:
Automation and managementCI/CDGitOpsKubernetes
Related products:
Red Hat OpenShiftRed Hat OpenShift Container Platform

Share:

Share on twitter Share on facebook Share on linkedin Share with email
  • The pull request generator in OpenShift GitOps 1.4
  • Feature branching
  • Automate builds in a CI/CD pipeline
  • Conclusion

The ongoing quest for greater and greater automation of building, testing, and deployment has recently inspired several new features in Argo CD, Kubernetes, Red Hat OpenShift, and other tools. This article shows how to improve feature testing by automating builds and the creation of Kubernetes environments.

Red Hat OpenShift GitOps includes an opinionated deployment of Argo CD that provides a way to manage continuous development or delivery cluster-wide, or even in a multi-tenant cluster configuration. This Operator also provides many toolsets that can help you fit your GitOps workflows into your CI/CD (continuous integration/continuous delivery) processes. One of these tools is called ApplicationSets.

ApplicationSets mass-produces Argo CD applications and deploys them onto a cluster or multiple clusters. ApplicationSets accomplishes this task by using generators. Generators vary from use case to use case and depend on things like the Git repository structure, configuration files, key/value lists, and cluster names.

Generators take these inputs and mass-produce Argo CD applications in the manner of a factory. To find out more about ApplicationSets, read this guide and take a look at the official documentation.

The pull request generator in OpenShift GitOps 1.4

The pull request generator in OpenShift GitOps 1.4

The latest release of OpenShift GitOps offers the powerful pull request generator, one of the newest generators. Whenever there is a pull request in the GitHub repository associated with this generator, it creates an Argo CD application reflecting the changes in the pull request. This automation is especially useful to help you check how the change looks in your environment before merging the change into the parent branch.

Let's take a look at an example:

apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
  name: bgd-pr-testing
  namespace: argocd
spec:
  generators:
  - pullRequest:
      github:
        owner: christianh814
        repo: bgd
        labels:
        - preview
      requeueAfterSeconds: 300
  template:
    metadata:
      name: 'bgd-{{branch}}-{{number}}'
    spec:
      source:
        repoURL: 'https://github.com/christianh814/bgd'
        targetRevision: '{{head_sha}}'
        path: app/overlays/default/
      project: default
      syncPolicy:
        automated:
          prune: true
          selfHeal: true
        syncOptions:
          - CreateNamespace=true
      destination:
        server: https://kubernetes.default.svc
        namespace: 'bgd-{{branch}}-{{number}}'
Copy snippet

The .spec.generators.pullRequest property contains the information needed for the generator to work in the GitHub repository. The generator invokes the GitHub API to target the specified account or organization and the specified repository. The optional labels property allows you to tell the generator to create applications only for pull requests specifying the labels in that property (preview in this example).

The requeueAfterSeconds option tells how many seconds to wait before checking whether another pull request has been submitted. The default is 30 minutes.

The generator has access to the following variables in GitHub:

  • number: The ID of the pull request
  • branch: The name of the branch of the pull request head
  • head_sha: The SHA of the head of the pull request

The variables appear in the YAML between {{ }} braces and are used in the .spec.template section of the file to create a tailored Argo CD application.

With this YAML file in place, any time someone makes a pull request with the label preview to the repository, Argo CD creates a corresponding application on your cluster. You can then test the application to see how the change in the pull request affects your application as a whole.

Feature branching

Feature branching

The pull request generator is convenient for feature branches, a popular development pattern in source code repositories. Developers create and test new features independently from the stable branch by creating a new branch, which can be merged when the feature is validated. Argo CD and the pull request generator can generate a new Kubernetes environment from a template like the one in the previous section.

To show the versatility of the generator, we'll run BGD, an example web application that just shows a color (blue by default). We'll create a new application by switching the color.

Deploy the Argo application in your cluster, pointing to the application's manifests:

$ kubectl apply -f \
https://raw.githubusercontent.com/christianh814/bgd/main/manifests/applications/bgd-app.yaml
Copy snippet

Verify that the application has been deployed to the bgd namespace, which represents our main branch:

$ kubectl get apps -n argocd
NAME   SYNC STATUS   HEALTH STATUS
bgd    Synced        Healthy

$ kubectl get pods -n bgd
NAME                   READY   STATUS    RESTARTS      AGE
bgd-788cb756f7-6lths   1/1     Running   0             10s

$ kubectl describe pod bgd-788cb756f7-6lths -n bgd | grep COLOR
COLOR:  blue
Copy snippet

Now deploy the ApplicationSet using the pull request generator listed in the previous section:

$ kubectl apply -f \
https://raw.githubusercontent.com/christianh814/bgd/main/manifests/applicationsets/bgd-pr-appset.yaml

$ kubectl get appsets -n argocd
NAME             AGE
bgd-pr-testing   51s
Copy snippet

To change the color from blue to green, you need to change the COLOR environment variable. Because this application was managed through Kustomize, you can just create a pull request that changes this YAML file to specify green instead of blue:

- op: replace
  path: /spec/template/spec/containers/0/env/0/value
  value: green
Copy snippet

Create a new feature branch containing this change and open a pull request. The pull request generator will create a new Argo CD application representing the feature branch, assigning a name following the property's value in the template: 'bgd-{{branch}}-{{number}}'.

You can test your change before merging it into the main branch as follows:

$ kubectl get apps -n argocd
NAME          SYNC STATUS   HEALTH STATUS
bgd           Synced        Healthy
bgd-green-1   Synced        Healthy

$ kubectl get pods -n bgd-green-1
NAME                   READY   STATUS    RESTARTS      AGE
bgd-55ff677658-zlccd   1/1     Running   0             5s

$ kubectl describe pod bgd-55ff677658-zlccd -n bgd-green-1 | grep COLOR
COLOR:  green
Copy snippet
Automate builds in a CI/CD pipeline

Automate builds in a CI/CD pipeline

The method shown in this article to generate an environment for each new feature is very powerful and can allow both continuous testing and continuous delivery. We'll take the next step by automating the builds in a CI/CD pipeline that can be implemented with Red Hat OpenShift Pipelines together with OpenShift GitOps. OpenShift Pipelines is built around Tekton, a Kubernetes-native CI/CD implementation that integrates with many DevOps tools, including Argo CD.

As an example, to automate feature branch testing by creating a pull request for each change, build a Tekton pipeline like the one shown in Figure 1 containing the following Tasks:

  • git-clone: A ClusterTask that downloads the application source code
  • create-image: A ClusterTask that creates a new container image containing the feature
  • update-manifests: A Task that uses Kustomize to update the Kubernetes manifests controlled by Argo CD
  • create-pr: A Task that creates a pull request using the GitHub command-line interface (CLI)
A pipeline can create a build for each pull request.
Figure 1: A pipeline can create a build for each pull request.

For each change to the application, a new feature branch is created together with a pull request, and Argo CD's pull request generator creates a new environment to test the pull request.

Here's an example for the update-manifests Task:

apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  annotations:
    tekton.dev/pipelines.minVersion: 0.12.1
    tekton.dev/tags: git
  name: update-manifests
  labels:
    app.kubernetes.io/version: '0.2'
    operator.tekton.dev/provider-type: community
spec:
  description: >-
    This Task can be used to update image digest in a Git repo using kustomize and push changes into a feature branch.
    It requires a secret with credentials for accessing the git repo.
  params:
    - name: GIT_REPOSITORY
      type: string
    - name: FEATURE
      type: string
      default: feature
    - name: CURRENT_IMAGE
      type: string
    - name: NEW_IMAGE
      type: string
    - name: NEW_DIGEST
      type: string
    - name: KUSTOMIZATION_PATH
      type: string
  results:
    - description: The commit SHA
      name: commit
  steps:
    - image: 'docker.io/alpine/git:v2.26.2'
      name: git-clone
      resources: {}
      script: >
        rm -rf git-update-digest-workdir

        git clone $(params.GIT_REPOSITORY)
        git-update-digest-workdir
      workingDir: $(workspaces.workspace.path)
    - image: 'quay.io/wpernath/kustomize-ubi:latest'
      name: update-digest
      resources: {}
      script: >
        cd git-update-digest-workdir/$(params.KUSTOMIZATION_PATH)

        kustomize edit set image
        $(params.CURRENT_IMAGE)=$(params.NEW_IMAGE)@$(params.NEW_DIGEST)


        echo "##########################"

        echo "### kustomization.yaml ###"

        echo "##########################"

        cat kustomization.yaml
      workingDir: $(workspaces.workspace.path)
    - image: 'docker.io/alpine/git:v2.26.2'
      name: git-commit
      resources: {}
      script: |
        cd git-update-digest-workdir

        git config user.email "tektonbot@redhat.com"
        git config user.name "My Tekton Bot"

        git status

        feature=$(params.FEATURE)
        if [ "$feature" = "feature" ];
            feature="$feature-$RANDOM"
        fi
        git checkout -b $feature
        git add $(params.KUSTOMIZATION_PATH)/kustomization.yaml
        git commit -m "[ci] Image digest updated"

        git push

        RESULT_SHA="$(git rev-parse HEAD | tr -d '\n')"
        EXIT_CODE="$?"
        if [ "$EXIT_CODE" != 0 ]
        then
          exit $EXIT_CODE
        fi
        # Make sure we don't add a trailing newline to the result!
        echo -n "$RESULT_SHA" > $(results.commit.path)
      workingDir: $(workspaces.workspace.path)
  workspaces:
    - description: The workspace.
      name: workspace
Copy snippet
Conclusion

Conclusion

This article introduced a way to use Argo CD ApplicationSets and Tekton to create a CI/CD system that includes feature branch testing. You can use OpenShift Pipelines to compose and define the level of automation you want when creating new features with feature branches and feature environments. All these tools are available "out of the box" (i.e., "batteries included") with the OpenShift Container Platform.

Interested in more Argo CD goodness with a GitOps twist? Make sure to tune in to GitOps Guide To The Galaxy, which streams on YouTube and Twitch every other Thursday at 3:00 p.m U.S. Eastern time. You can also get some free hands-on training with Argo CD and Tekton at the interactive portal.

Last updated: October 31, 2023

Related Posts

  • Building modern CI/CD workflows for serverless applications with Red Hat OpenShift Pipelines and Argo CD, Part 1

  • The present and future of CI/CD with GitOps on Red Hat OpenShift

  • Why should developers care about GitOps?

  • Modern Fortune Teller: Using GitOps to automate application deployment on Red Hat OpenShift

  • Prevent auto-reboot during Argo CD sync with machine configs

Recent Posts

  • LLM Compressor: Optimize LLMs for low-latency deployments

  • How to set up NVIDIA NIM on Red Hat OpenShift AI

  • Leveraging Ansible Event-Driven Automation for Automatic CPU Scaling in OpenShift Virtualization

  • Python packaging for RHEL 9 & 10 using pyproject RPM macros

  • Kafka Monthly Digest: April 2025

What’s up next?

Getting GitOps e-book card

Learn how to navigate the complex world of modern container-based software development and distribution with Getting GitOps: A Practical Platform with OpenShift, Argo CD, and Tekton.

Download the e-book
Red Hat Developers logo LinkedIn YouTube Twitter Facebook

Products

  • Red Hat Enterprise Linux
  • Red Hat OpenShift
  • Red Hat Ansible Automation Platform

Build

  • Developer Sandbox
  • Developer Tools
  • Interactive Tutorials
  • API Catalog

Quicklinks

  • Learning Resources
  • E-books
  • Cheat Sheets
  • Blog
  • Events
  • Newsletter

Communicate

  • About us
  • Contact sales
  • Find a partner
  • Report a website issue
  • Site Status Dashboard
  • Report a security problem

RED HAT DEVELOPER

Build here. Go anywhere.

We serve the builders. The problem solvers who create careers with code.

Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

Sign me up

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility

Report a website issue