---
phase: 07-gitops-foundation
plan: 02
type: execute
wave: 2
depends_on: ["07-01"]
files_modified:
- helm/taskplaner/values.yaml
autonomous: false
must_haves:
truths:
- "Pushing helm changes triggers automatic deployment"
- "Manual pod deletion triggers ArgoCD self-heal"
- "ArgoCD UI shows deployment history"
artifacts:
- path: "helm/taskplaner/values.yaml"
provides: "Test change to trigger sync"
key_links:
- from: "Git push"
to: "ArgoCD sync"
via: "polling (3 min)"
pattern: "automated sync"
- from: "kubectl delete pod"
to: "ArgoCD restore"
via: "selfHeal: true"
pattern: "pod restored"
---
Verify GitOps workflow: auto-sync on Git push and self-healing on manual cluster changes.
Purpose: Confirm ArgoCD delivers on GitOps promise - Git is source of truth, cluster self-heals.
Output: Verified auto-deploy and self-heal behavior with documentation of tests.
@/home/tho/.claude/get-shit-done/workflows/execute-plan.md
@/home/tho/.claude/get-shit-done/templates/summary.md
@.planning/PROJECT.md
@.planning/ROADMAP.md
@.planning/STATE.md
@.planning/phases/07-gitops-foundation/07-CONTEXT.md
@.planning/phases/07-gitops-foundation/07-01-SUMMARY.md
@argocd/application.yaml
@helm/taskplaner/values.yaml
Task 1: Test auto-sync by pushing a helm change
helm/taskplaner/values.yaml
Make a visible but harmless change to helm/taskplaner/values.yaml and push to trigger ArgoCD sync.
1. Add or modify a pod annotation that won't affect functionality:
```yaml
podAnnotations:
gitops-test: "verified-YYYYMMDD-HHMMSS"
```
Use current timestamp to make change unique.
2. Commit and push:
```bash
git add helm/taskplaner/values.yaml
git commit -m "test(gitops): verify auto-sync with annotation change"
git push
```
3. Wait for ArgoCD to detect and sync (up to 3 minutes polling interval):
```bash
# Watch for sync
echo "Waiting for ArgoCD to detect change (up to 3 minutes)..."
for i in {1..36}; do
REVISION=$(kubectl get application taskplaner -n argocd -o jsonpath='{.status.sync.revision}' 2>/dev/null)
CURRENT_COMMIT=$(git rev-parse HEAD)
if [ "$REVISION" = "$CURRENT_COMMIT" ]; then
echo "Synced to commit: $REVISION"
break
fi
echo "Waiting... ($i/36)"
sleep 5
done
```
4. Verify the pod has the new annotation:
```bash
kubectl get pods -n default -l app.kubernetes.io/name=taskplaner -o jsonpath='{.items[0].metadata.annotations.gitops-test}'
```
```bash
# Verify sync revision matches latest commit
kubectl get application taskplaner -n argocd -o jsonpath='{.status.sync.revision}'
git rev-parse HEAD
# Should match
# Verify pod annotation
kubectl get pods -n default -l app.kubernetes.io/name=taskplaner -o jsonpath='{.items[0].metadata.annotations.gitops-test}'
# Should show the timestamp from values.yaml
```
Git push triggered ArgoCD sync within 3 minutes, pod shows new annotation.
Task 2: Test self-heal by deleting a pod
Verify ArgoCD's self-heal restores manual changes to match Git state.
1. Get current pod name:
```bash
POD_NAME=$(kubectl get pods -n default -l app.kubernetes.io/name=taskplaner -o jsonpath='{.items[0].metadata.name}')
echo "Current pod: $POD_NAME"
```
2. Delete the pod (simulating manual intervention):
```bash
kubectl delete pod $POD_NAME -n default
```
3. ArgoCD should detect the drift and restore (selfHeal: true in syncPolicy).
Watch for restoration:
```bash
echo "Waiting for ArgoCD to restore pod..."
kubectl get pods -n default -l app.kubernetes.io/name=taskplaner -w &
WATCH_PID=$!
sleep 30
kill $WATCH_PID 2>/dev/null
```
4. Verify new pod is running:
```bash
kubectl get pods -n default -l app.kubernetes.io/name=taskplaner
```
5. Verify ArgoCD still shows Synced (not OutOfSync):
```bash
kubectl get application taskplaner -n argocd -o jsonpath='{.status.sync.status}'
```
Note: The Deployment controller recreates the pod immediately (Kubernetes behavior), but ArgoCD should also detect this and ensure the state matches Git. The key verification is that ArgoCD remains in Synced state.
```bash
kubectl get pods -n default -l app.kubernetes.io/name=taskplaner -o wide
kubectl get application taskplaner -n argocd -o jsonpath='{.status.sync.status}'
kubectl get application taskplaner -n argocd -o jsonpath='{.status.health.status}'
```
Pod should be running, status should be Synced and Healthy.
Pod deletion triggered restore, ArgoCD shows Synced + Healthy status.
GitOps workflow with ArgoCD managing TaskPlanner deployment:
- Repository credentials configured
- Application registered and syncing
- Auto-deploy on Git push verified
- Self-heal on manual changes verified
1. Open ArgoCD UI: https://argocd.kube2.tricnet.de
2. Log in (credentials should be available)
3. Find "taskplaner" application in the list
4. Verify:
- Status shows "Synced" (green checkmark)
- Health shows "Healthy" (green heart)
- Click on the application to see deployment details
- Check "History and Rollback" tab shows recent syncs including the test commit
5. Verify TaskPlanner still works: https://task.kube2.tricnet.de
Type "approved" if ArgoCD shows TaskPlanner as Synced/Healthy and app works, or describe any issues.
Phase 7 completion checklist:
1. GITOPS-01: ArgoCD server running - ALREADY DONE (pre-existing)
2. GITOPS-02: ArgoCD syncs TaskPlanner from Git - Verified by sync test
3. GITOPS-03: ArgoCD self-heals manual changes - Verified by pod deletion test
4. GITOPS-04: ArgoCD UI accessible via Traefik - ALREADY DONE (pre-existing)
Success Criteria from ROADMAP.md:
- [x] ArgoCD server is running and accessible at argocd.tricnet.be
- [ ] TaskPlanner Application shows "Synced" status in ArgoCD UI
- [ ] Pushing a change to helm/taskplaner/values.yaml triggers automatic deployment within 3 minutes
- [ ] Manually deleting a pod results in ArgoCD restoring it to match Git state
- [ ] ArgoCD UI shows deployment history with sync status for each revision
- Auto-sync test: Git push -> ArgoCD detects -> Pod updated (within 3 min)
- Self-heal test: Pod deleted -> ArgoCD restores -> Status remains Synced
- Human verification: ArgoCD UI shows healthy TaskPlanner with deployment history
- All GITOPS requirements satisfied