l2-gitops-platform

by @luiscamaral in Development

# Install this skill:

npx skills add luiscamaral/k8s-cell-platform-skills --skill "l2-gitops-platform"

Install specific skill from multi-skill repository

# Description

Manages L2 core platform including Argo CD for GitOps, Kyverno for policy enforcement, and Linkerd for service mesh. Use for GitOps workflows, application sync, policy management, mTLS configuration, or service mesh operations.

# SKILL.md

name: l2-gitops-platform
description: Manages L2 core platform including Argo CD for GitOps, Kyverno for policy enforcement, and Linkerd for service mesh. Use for GitOps workflows, application sync, policy management, mTLS configuration, or service mesh operations.
allowed-tools: Read, Glob, Grep, Bash(kubectl:, argocd:)

L2 GitOps Platform Management

Manages the core platform layer: GitOps, Policy, and Service Mesh.

Layer Boundaries

L2 Owns:
- Argo CD (GitOps control plane)
- Kyverno (Policy enforcement)
- Linkerd (Service mesh, mTLS)
- SOPS + age (Secret encryption)

L2 Does NOT Own:
- Infrastructure (L0)
- Cluster services (L1)
- CI/CD pipelines (L3)

Key Directory

l2_core-platform/
├── argocd/              # Argo CD bootstrap
├── applications/        # App-of-Apps definitions
├── configs/             # Kyverno, Linkerd configs
├── secrets/             # SOPS encrypted secrets
├── helm/                # Helm charts
└── kustomize/           # Kustomize overlays

Component Details

Argo CD (v2.9.3)

Namespace: argocd
Pattern: App-of-Apps
UI: https://argocd.homelab.local

# Status
kubectl get pods -n argocd
kubectl get applications -n argocd

# App sync status
argocd app list
argocd app get <app-name>

# Sync an application
argocd app sync <app-name>

Kyverno (v1.11.0)

Namespace: kyverno
Mode: Enforce

# Status
kubectl get pods -n kyverno
kubectl get clusterpolicies
kubectl get policyreports -A

# Check policy violations
kubectl get policyreports -A -o jsonpath='{range .items[*]}{.metadata.namespace}/{.metadata.name}: {.summary.fail} failures{"\n"}{end}'

Linkerd (v2.14)

Namespace: linkerd, linkerd-viz
Features: mTLS, observability

# Status
linkerd check
kubectl get pods -n linkerd
kubectl get pods -n linkerd-viz

# Check meshed pods
linkerd viz stat deploy -n <namespace>

Implementation Phases

Current status tracked in l2_core-platform/L2_IMPLEMENTATION_PLAN.md:

Phase 1: GitOps Foundation (Argo CD, metrics-server)
Phase 2: Security & Policy (Kyverno, SOPS)
Phase 3: Service Mesh (Linkerd, HPA)

Common Operations

Read-Only (Auto-Execute)

kubectl get pods -n argocd
kubectl get applications -n argocd
argocd app list
linkerd check

Write Operations (Require Approval)

# Deploy Argo CD
kubectl apply -k l2_core-platform/argocd/

# Sync applications
argocd app sync <app-name>

# Apply policies
kubectl apply -f l2_core-platform/configs/kyverno/

Memory Files

meta/memory/current-state.md - L2 deployment status
l2_core-platform/L2_IMPLEMENTATION_PLAN.md - Phase details

Reference Documentation

reference/argocd-patterns.md - App-of-Apps patterns
reference/kyverno-policies.md - Policy templates

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

⚡ Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.