CtrlK
BlogDocsLog inGet started
Tessl Logo

nitinjain999/platform-skills

Production-grade platform engineering handbook — Kubernetes, Terraform, Flux CD, GitHub Actions, AWS, and more.

67

Quality

84%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

README.mdexamples/fluxcd/

Flux CD Examples

This directory contains reference implementations for Flux CD GitOps patterns.

Status: Stable

Examples

ExamplePatternStatus
basic-monorepo/Single team, Kustomize overlays per environmentStable
multi-tenant/Multiple teams sharing a cluster, RBAC isolation per tenantBeta
helm-releases/Helm chart management via OCIRepository, environment value overlaysBeta
image-automation/Automated image tag updates — Git-based and gitless (OCIArtifactTag) side-by-sideBeta
flux-operator/Flux Operator + FluxInstance + gitless OCI sync + Cosign verificationBeta

Choosing the right pattern

NeedExample
Single team, simple environment promotionbasic-monorepo/
Multiple teams on one cluster, isolated blast radiusmulti-tenant/
Third-party Helm charts with environment value overrideshelm-releases/
Automate image tag updates from CI to clusterimage-automation/
Manage Flux itself via Kubernetes CRD, no bootstrap scriptflux-operator/
Gitless delivery — no Git credentials on clustersflux-operator/ + image-automation/gitless/

Prerequisites

  • Kubernetes 1.28+
  • Flux CLI 2.2+ (brew install fluxcd/tap/flux)
  • kubectl with cluster access
  • Flux Operator examples additionally require: helm CLI

Common commands

# Check all Flux resources across namespaces
flux get all -A

# Force immediate reconciliation of a Kustomization
flux reconcile kustomization <name> --with-source

# Suspend and resume reconciliation
flux suspend kustomization <name>
flux resume kustomization <name>

# Stream controller logs for a specific resource
flux logs --kind=HelmRelease --name=<name> --namespace=<namespace>

# Check cluster-wide health (Flux Operator only)
kubectl get fluxreport flux -n flux-system -o yaml

Shared best practices

Recommended conventions for new deployments (basic-monorepo uses legacy patterns; the newer examples follow all of these):

PracticeWhy
spec.prune: true on all KustomizationsRemoves orphaned resources when files are deleted from Git
spec.wait: true with timeoutBlocks dependent resources until health checks pass
dependsOn for ordered applyinfrastructure must be ready before apps
spec.chartRef (OCI) over spec.chart.spec (HTTPS)OCI charts are immutable and signable
install.strategy.name: RetryOnFailureModern remediation API
reconcile.fluxcd.io/watch: Enabled on valuesFrom ConfigMapsImmediate HelmRelease reconciliation when values change
Workload Identity over static credentialsNo long-lived tokens on clusters
SOPS or External Secrets for secretsNo plain secrets in Git

Troubleshooting

See references/fluxcd.md for the full CRD reference table, source selection decision matrix, Flux Operator patterns, ResourceSet patterns, common mistakes, and image automation models.

For live cluster debugging use /platform-skills:gitops debug. For repo auditing use /platform-skills:gitops audit.

examples

fluxcd

README.md

BEFORE_AFTER.md

CHANGELOG.md

CODE_OF_CONDUCT.md

COMMANDS.md

CONTRIBUTING.md

EDITOR_INTEGRATIONS.md

GETTING_STARTED.md

HOW_IT_WORKS.md

install.sh

INSTALLATION.md

LAUNCH.md

PROMPTS.md

QUICKSTART.md

README.md

renovate.json

SECURITY.md

SKILL.md

tessl.json

tile.json