Make ArgoCD fully automatic — sync on every git change, revert manual cluster edits with self-heal, and prune resources removed from git, so the cluster always matches the repo.
Why: manual sync is fine to start, but the point of GitOps is automation. An automated sync policy makes ArgoCD apply changes as soon as they land in git — no human step. Add syncPolicy.automated to the Application and every merged commit deploys itself.
spec:
syncPolicy:
automated: {} # auto-apply git changes as they appearWhy: someone running kubectl edit on a live resource creates drift from git. With selfHeal: true, ArgoCD notices the cluster no longer matches git and reverts the manual change back to the committed state. Git stays the only way to change things — out-of-band edits are undone automatically.
spec:
syncPolicy:
automated:
selfHeal: true # revert any drift from git, automaticallyWhy: by default ArgoCD will not delete resources you remove from git — a safety net against accidental wipes. With prune: true, deleting a manifest from the repo also removes it from the cluster, so git fully describes what exists. Turn it on once you trust your repo as the source of truth.
spec:
syncPolicy:
automated:
prune: true # remove cluster resources deleted from git
selfHeal: trueWhy: with self-heal on, prove it. Manually scale a deployment ArgoCD manages; within moments ArgoCD detects the cluster no longer matches git and scales it back. You changed reality, git did not change, so ArgoCD undoes your change — the whole GitOps promise in one demo.
Manually drift the cluster away from git
kubectl scale deployment guestbook-ui -n guestbook --replicas=5Watch ArgoCD revert it back to the git-defined count
argocd app get guestbook --refreshkubectl get deployment guestbook-ui -n guestbook