Skip to main content

Overview

First-party applications are services you build and deploy, like the go-backend example in the kit. This page covers how to make changes and deploy them through the GitOps pipeline.

Deployment Flow

Changes flow through staging first, then to production after verification:
Each step is detailed in the sections below.

Make Code Changes

1

Edit your service code

Make changes to your application in services/:
2

Test locally

Use the local development environment to test:
Tilt automatically rebuilds and redeploys when you save changes.
3

Commit and push

What Happens After Push (Staging)

1. CI Build Workflow

The CI workflow (.github/workflows/ci-build-push.yml):
  1. Detects which services changed using path filters
  2. Generates a version tag (e.g., 0.2.2-rc0029-g1234567)
  3. Builds the Docker image
  4. Pushes to ECR
  5. Triggers the GitOps workflow

2. GitOps Update Workflow

The GitOps workflow (.github/workflows/gitops-update-manifests.yml):
  1. Updates the image tag in values files (e.g., kubernetes/src/services/go-backend-helm/values.yaml)
  2. Renders the Kubernetes manifests
  3. Commits and pushes to main
The image tag is identified by a comment marker:

3. ArgoCD Sync

ArgoCD watches the repository and automatically syncs when manifests change. You can monitor the sync in the ArgoCD UI or CLI:

Version Tagging Strategy

Pre-release Versions (Staging)

When you push to main, the version is generated as:
  • Base: last release tag + 1 patch (e.g., 0.2.20.2.3)
  • Suffix: -rcNNNN-gSHA where NNNN is commits since last tag
This ensures every commit has a unique, sortable version.

Release Versions (Production)

To deploy to production, create a release tag:
This triggers the same build workflow but:
  • Uses the exact version from the tag (0.2.3)
  • Sets environment to production

Deploy to Production

1

Verify staging deployment

Ensure the change works correctly in staging before promoting to production.
2

Merge the Release Please PR

The Release Please workflow (.github/workflows/release-please.yml) automatically creates a release PR when changes are pushed to main. The PR:
  • Bumps the version based on conventional commit messages
  • Updates the CHANGELOG
  • Shows all changes since the last release
When you merge the release PR:
  1. A GitHub release is created with the new version tag
  2. The CI workflow (.github/workflows/ci-build-push.yml) builds and pushes the production image
  3. The GitOps workflow (.github/workflows/gitops-update-manifests.yml) updates production manifests
  4. ArgoCD syncs to the production cluster
You can also create a release manually by pushing a tag:
3

Monitor the deployment

Watch the CI workflow and ArgoCD sync:

Manual Deployment

For debugging or hotfixes, you can trigger deployments manually:
Build and push an image without deploying:

Update Kubernetes Configuration

To change Kubernetes configuration (replicas, resources, etc.) without changing application code:
1

Edit the configuration

For Helm-based services, edit the values file:
For Kustomize-based services, edit the overlay:
Example changes:
2

Render manifests

3

Commit and push

ArgoCD syncs the new configuration without rebuilding the image.

Rollback

To rollback to a previous version:
Update the image tag to a previous version:

Next Steps