CI/CD Pipeline with GitHub Actions
CI And CD With GitHub Actions
Section titled “CI And CD With GitHub Actions”This guide explains how CI runs in GitHub Actions and how CD flows through ArgoCD and the docs image build.
Step 1: Review the workflows
Section titled “Step 1: Review the workflows”These workflows live in .github/workflows/:
ci.yamlruns pre-commit, kubeconform validation, a docs build check, and pushes the docs image on changes underdocs/.cluster-smoke.yamlis a manual and scheduled workflow that connects to the tailnet and runskubectl get nodesandkubectl get pods -A.
Step 2: Configure GitHub secrets
Section titled “Step 2: Configure GitHub secrets”Add these repository secrets for the tailnet-enabled workflow:
TS_OAUTH_CLIENT_IDTS_OAUTH_SECRETKUBECONFIG_B64
KUBECONFIG_B64 should be a base64-encoded kubeconfig that can reach the cluster API on the tailnet.
Step 3: Understand what each check covers
Section titled “Step 3: Understand what each check covers”CI validation focuses on the Kubernetes and GitOps manifests in this repo.
| Area | Coverage | Workflow |
|---|---|---|
apps/ | YAML lint, schema validation (excluding app.yaml) | ci.yaml |
infrastructure/ | YAML lint, schema validation | ci.yaml |
bootstrap/ | YAML lint, schema validation | ci.yaml |
docs/ | Docusaurus build and image push | ci.yaml |
Step 4: Trigger a cluster smoke test
Section titled “Step 4: Trigger a cluster smoke test”Run the workflow manually when you want to validate the live cluster health over Tailscale.
- Workflow:
Cluster Smokein GitHub Actions - Checks:
kubectl get nodes,kubectl get pods -A, and ArgoCD app status
The workflow also runs every six hours via a scheduled trigger.
Step 5: Rely on ArgoCD for CD
Section titled “Step 5: Rely on ArgoCD for CD”ArgoCD watches this repo and applies changes via ApplicationSets. GitHub Actions validates and builds artifacts, while ArgoCD handles the deployment and reconciliation in-cluster.