This reusable GitHub Actions workflow builds your Docker image, updates ArgoCD Helm values, and triggers deploy.
- π¨ Builds Docker image for your component
- π¦ Pushes it to
ghcr.io - βοΈ Updates ArgoCD GitOps repo Helm values
- π Triggers ArgoCD sync and waits for app health
- π§ Smart environment detection (
dev,stg,prod) based on branch name - 𧩠Conditional deploy based on
argocd/applications.yaml - π Supports multiple components and custom Dockerfile paths or contexts
- βοΈ Supports custom Docker build args via repository variables
- π² Telegram notifications on failure
β οΈ This repository must be public if you want to use the workflow in other public repositories.
GitHub does not allow calling workflows from private repositories in public workflows.
| Name | Required | Default | Description |
|---|---|---|---|
app_name |
β | β | Name of the application |
environment |
β | auto-detect | Target environment (dev, stg, prod) |
component_name |
β | app |
Component name in Helm values and image tag |
dockerfile_path |
β | Dockerfile |
Path to the Dockerfile |
docker_context |
β | . |
Docker build context |
vars.DOCKER_BUILD_ARGS |
β | β | Multiline string of KEY=VALUE pairs passed to docker build as --build-arg |
These secrets are required in the calling repository:
| Name | Description |
|---|---|
ARGOCD_SERVER |
ArgoCD server address (without https://) |
ARGOCD_USER |
ArgoCD username |
ARGOCD_PASSWORD |
ArgoCD password |
ARGOCD_PAT |
GitHub token to push updates to ArgoCD repo |
TELEGRAM_DEVOPS_CHAT |
Chat ID to send Telegram notifications (on failure) |
TELEGRAM_DEVOPS_TOKEN |
Telegram bot token |
Reference the reusable workflow from your application repository like this:
name: Build and Deploy VPN UI via ArgoCD
on:
push:
branches: ["master", "main", "staging", "stg", "develop", "dev", "**"]
paths:
- ".github/workflows/CI-CD-vpn_ui.yml"
- "vpn-ui/**"
workflow_dispatch:
inputs:
environment:
type: choice
description: Target k8s environment
required: false
options:
- dev
- stg
- prod
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
deploy:
uses: gear-foundation/argocd-workflow/.github/workflows/build-and-deploy-via-argocd.yaml@main
with:
environment: ${{ inputs.environment }}
app_name: vpnui
component_name: app
dockerfile_path: ./vpn-ui/Dockerfile
docker_context: ./vpn-ui
secrets:
ARGOCD_SERVER: ${{ secrets.ARGOCD_SERVER }}
ARGOCD_USER: ${{ secrets.ARGOCD_USER }}
ARGOCD_PASSWORD: ${{ secrets.ARGOCD_PASSWORD }}
ARGOCD_PAT: ${{ secrets.ARGOCD_PAT }}
TELEGRAM_DEVOPS_CHAT: ${{ secrets.TELEGRAM_DEVOPS_CHAT }}
TELEGRAM_DEVOPS_TOKEN: ${{ secrets.TELEGRAM_DEVOPS_TOKEN }}You can pass custom Docker --build-arg parameters by setting a GitHub variable (vars) named DOCKER_BUILD_ARGS.
This variable should contain a multi-line string of KEY=VALUE pairs. Each pair will be passed as --build-arg KEY=VALUE to the docker build command.
NODE_ENV=production
VERSION=1.2.3
API_URL=https://api.example.com
This will result in:
docker build \
--build-arg NODE_ENV=production \
--build-arg VERSION=1.2.3 \
--build-arg API_URL=https://api.example.com \
...This workflow expects your ArgoCD GitOps repo to have the following layout:
argocd/
βββ applications.yaml
βββ helm/
βββ charts/
βββ vpnui/
βββ dev-values.yaml
βββ stg-values.yaml
βββ prod-values.yaml
And the applications.yaml should look like this:
vpnui:
dev: false
stg: false
prod: truetrue for a given environment β deploy is skipped.
If the environment input is not provided, the workflow detects it from the branch name:
| Branch name | Interpreted environment |
|---|---|
main, master |
prod |
stg, staging |
stg |
| Anything else | dev |
If the deployment fails at any stage (build, ArgoCD update, or sync), you will receive a Telegram message in the specified chat with a direct link to the failed run.
| Job | Timeout |
|---|---|
context |
5 min |
check-deploy-enabled |
5 min |
build-and-commit |
60 min |
sync-and-wait |
15 min |
notify-on-failure |
5 min |