This repository demonstrates a complete DevOps/SRE workflow for deploying a Golang application. It implements Infrastructure as Code (IaC) using Terragrunt/Terraform on Google Kubernetes Engine (GKE), adopts GitOps principles with ArgoCD, and utilizes Progressive Delivery (Canary) via Argo Rollouts.
- Application: Golang (REST API) packaged in a distroless container for security.
- Infrastructure: Google Kubernetes Engine (Regional Cluster for HA).
- IaC: Terraform & Terragrunt (DRY principle).
- CI/CD: GitHub Actions (CI) + ArgoCD (CD).
- Deployment Strategy: Canary Deployment (Argo Rollouts) with automated Analysis.
- Configuration Management: Kustomize.
- Observability & Cost: Resource Labeling for precise GCP billing visibility.
.
├── app/ # Golang source code & Dockerfile (Multi-stage)
├── infrastructure/ # Terraform modules & Terragrunt configurations
│ ├── environments/ # Environment-specific config (production)
│ └── modules/ # Reusable Terraform modules (GKE, VPC)
├── k8s/ # Kubernetes manifests
│ ├── base/ # Base manifests (Rollout, Service, Analysis)
│ └── overlays/ # Environment patches (Kustomize)
├── platform/ # Helm values for Platform tools (ArgoCD, Rollouts)
├── argocd/ # ArgoCD Application manifests (App of Apps pattern)
└── .github/workflows/ # CI Pipeline definition
Ensure you have the following installed:
- Google Cloud SDK (
gcloud) - Terraform & Terragrunt
- Kubectl
gke-gcloud-auth-plugin
We use Terragrunt to manage GKE clusters. The setup includes a Regional Cluster (3 zones) with Cost-Optimized VMs (n2d-standard).
# Initialize and Apply Infrastructure
make infra-init
make infra-apply
# Verify connectivity
make connect-cluster
kubectl get nodes
Note: The infrastructure includes
resource_labelsfor granular cost tracking (e.g.,cost_center=devops-team).
Deploy ArgoCD and Argo Rollouts to the cluster.
# Install ArgoCD
make install-argocd
# Install Argo Rollouts
make install-rollouts
Apply the ArgoCD application manifest to start the GitOps synchronization.
kubectl apply -f argocd/production.yaml
ArgoCD will detect the manifests in k8s/overlays/production and deploy the application.
The pipeline is fully automated using GitHub Actions and GitOps:
- Code Change: Developer pushes code to
main. - CI (GitHub Actions):
- Builds the Go binary.
- Builds Docker image using caching.
- Pushes image to Registry (tagged with SHA).
- Updates Kustomize: Automatically updates the image tag in
k8s/overlays/production/kustomization.yamland commits the change back to the repo.
- CD (ArgoCD): Detects the configuration change and syncs the cluster state.
- Progressive Delivery (Argo Rollouts):
- Rollout starts.
- Step 1: Traffic shift to 20% -> Pause 30s.
- Analysis: Runs
smoke-test(curl check). - Step 2: Traffic shift to 50% -> Pause 30s.
- Step 3: Traffic shift to 100%.
-
Distroless Image: The app runs as a non-root user (
USER 65532) in a container with no shell. -
High Availability: Regional GKE cluster spans 3 zones.
-
Cost Management:
-
Uses Spot/Preemptible friendly config (though currently on-demand for stability).
-
Full resource labeling for billing reports.
-
Zero-Downtime:
lifecycle { create_before_destroy = true }is used where applicable to prevent outages during infra updates.
Resources are tagged for billing allocation. You can filter GCP Billing Reports using:
project: assignment-interviewcost_center: devops-teamenv: production