Kubernetes Deployment Image Update From GitHub Action

When using FluxCD, ArgoCD or any other Git-based deployment strategy, automatic image updates really smooth out the release workflow. In my own personal opinion however, the automatic image update that FluxCD provides (and maybe Argo) seem a bit overkill for my own personal use cases.

After all, each image update requires a imagerepository resource continuously polling and a imagepolicy continuously applying. If I already know when my new release is created, why poll and apply it from the image-automation-controller within the cluster?

Keep It Simple, commit the new image tag directly from the release workflow

GitHub Workflow

Using only Git, Sed and Bash: I can automate applying the new image tag to the Kubernetes deployment manifest controlled by FluxCD.

I the following example: I grab the version tag from github.event.release.tag_name, checkout the flux repo fluxcd using a token named ‘FLUXCD_GITHUB_TOKEN’ that has permission to pull, commit and push.

The flux-update job can run directly after the image release job:

...

  flux-update:
    needs: [build]
    runs-on: ubuntu-latest
    env:
      VERSIONTAG: ${{ github.event.release.tag_name }}
    steps:
      - name: Checkout flux repository
        uses: actions/checkout@v4
        with:
          repository: username/fluxcd
          token: ${{ secrets.FLUXCD_GITHUB_TOKEN }}
          path: flux-repo
          fetch-depth: 0

      - name: Fetch repository content
        run: |
          cd flux-repo
          git fetch origin
          git checkout main

      - name: Update Deployment image tag
        run: |
          DEPLOYMENT_FILE="flux-repo/apps/cluster/app/deployment.yaml"
          OLD_IMAGE=$(grep "image:" "$DEPLOYMENT_FILE" | awk '{print $2}')
          NEW_IMAGE="ghcr.io/username/app:$VERSIONTAG"

          # Update the image tag
          sed -i "s|image:.*|image: $NEW_IMAGE|" "$DEPLOYMENT_FILE"

          # Create commit message
          echo "Update image: $OLD_IMAGE -> $NEW_IMAGE" > commit_message.txt

      - name: Commit and Push Flux Deployment Update
        run: |
          cd flux-repo
          git config --local user.email "[email protected]"
          git config --local user.name "GitHub Actions"
          git add apps/cluster/app/deployment.yaml
          git commit -F ../commit_message.txt
          git push

Once the commit is pushed, FluxCD handles the rest as usual