/ Каталог / Песочница / ArgoCD
← Все серверы ↗ GitHub
● Официальный argoproj-labs 🔑 Нужен свой ключ

ArgoCD

автор argoproj-labs · argoproj-labs/mcp-for-argocd

Inspect, diff, and sync ArgoCD applications from Claude — GitOps cluster state without kubectl context switching.

ArgoProj Labs' MCP wraps the ArgoCD API: list applications, view sync/health status, diff desired-vs-live, trigger syncs, and read app manifests. Scope tokens read-only for observability, writable only when you explicitly need to sync or override.

▶ Смотреть демо 📦 Установить 💡 Сценарии

Зачем использовать

Ключевые функции

Живое демо

Как выглядит на практике

argocd.replay ▶ готово
0/0

Установка

Выберите клиент

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "argocd": {
      "command": "uvx",
      "args": [
        "mcp-for-argocd"
      ]
    }
  }
}

Откройте Claude Desktop → Settings → Developer → Edit Config. Перезапустите после сохранения.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "argocd": {
      "command": "uvx",
      "args": [
        "mcp-for-argocd"
      ]
    }
  }
}

Cursor использует ту же схему mcpServers, что и Claude Desktop. Конфиг проекта приоритетнее глобального.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "argocd": {
      "command": "uvx",
      "args": [
        "mcp-for-argocd"
      ]
    }
  }
}

Щёлкните значок MCP Servers на боковой панели Cline, затем "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "argocd": {
      "command": "uvx",
      "args": [
        "mcp-for-argocd"
      ]
    }
  }
}

Тот же формат, что и Claude Desktop. Перезапустите Windsurf для применения.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "argocd",
      "command": "uvx",
      "args": [
        "mcp-for-argocd"
      ]
    }
  ]
}

Continue использует массив объектов серверов, а не map.

~/.config/zed/settings.json
{
  "context_servers": {
    "argocd": {
      "command": {
        "path": "uvx",
        "args": [
          "mcp-for-argocd"
        ]
      }
    }
  }
}

Добавьте в context_servers. Zed перезагружается автоматически.

claude mcp add argocd -- uvx mcp-for-argocd

Однострочная команда. Проверить: claude mcp list. Удалить: claude mcp remove.

Сценарии использования

Реальные сценарии: ArgoCD

Find ArgoCD apps that have drifted out of sync

👤 Platform / SRE teams running GitOps ⏱ ~20 min intermediate

Когда использовать: Weekly: which apps in which clusters are OutOfSync or Degraded, and why?

Предварительные требования
  • ArgoCD API token with read scope — argocd account generate-token --account <read-only-user>
  • ArgoCD server URLARGOCD_SERVER=argocd.my.company.com
Поток
  1. List apps with status
    List all ArgoCD apps. For each: name, project, sync status, health status, last sync time.✓ Скопировано
    → Full inventory
  2. Focus on drift
    Filter to apps with syncStatus != 'Synced' or health != 'Healthy'. Rank by time since last sync.✓ Скопировано
    → Problem apps list
  3. Diff a specific app
    For app <name>, show the diff between desired (git) and live. What resources are out of sync?✓ Скопировано
    → Resource-level diff

Итог: A weekly drift report identifying which apps need attention and why.

Подводные камни
  • Drift caused by a legitimate runtime-only resource (e.g. HPA scaled replicas) — Configure ignoreDifferences in the Application spec to exclude fields that change at runtime
Сочетать с: notion

Review and apply a sync for a specific application

👤 DevOps engineers promoting changes ⏱ ~15 min intermediate

Когда использовать: A PR merged to main; ArgoCD shows the app as OutOfSync pending your approval.

Предварительные требования
  • Token with sync permission on the target project — Role with applications, sync, <project>/* allowed
Поток
  1. Inspect the pending change
    For app <name>, show the diff. What resources change, what's the blast radius?✓ Скопировано
    → Concrete diff
  2. Check the source commit
    What commit SHA does the desired state point at? Show the GitHub commit message and PR.✓ Скопировано
    → Commit + PR context
  3. Sync with prune=false first
    Trigger sync for <name> with prune=false, dryRun=false. Wait for completion, show final status.✓ Скопировано
    → Sync Succeeded; health Healthy

Итог: A deploy with prior-review, not a surprise; deletion-by-prune only happens explicitly.

Подводные камни
  • Sync with prune=true can delete resources you still need — Always start with prune=false; only enable prune when you've confirmed no manually-created resources exist in the namespace
Сочетать с: github

Emergency rollback to a previous git revision

👤 SREs during a bad-deploy incident ⏱ ~15 min advanced

Когда использовать: A deploy went out, errors spiked, and you need to roll back to last known good.

Поток
  1. Get current + history
    For app <name>, show current revision and the last 5 deployed revisions with timestamps.✓ Скопировано
    → History table
  2. Pick the rollback target
    What was the revision 2 syncs ago? Confirm its SHA matches the git commit before the incident started.✓ Скопировано
    → Target SHA identified
  3. Rollback
    Sync <name> to revision <SHA> with prune=false. Watch until Healthy. Post in Teams when done.✓ Скопировано
    → App reverted + notification sent

Итог: A clean rollback with an audit trail, typically under 5 minutes.

Подводные камни
  • Rolling back only the app but DB migration already ran forward — DB migrations need their own rollback plan; sometimes 'roll forward' with a fix is safer than rolling back code against mutated schema
Сочетать с: sentry · ms-teams

Build a cross-cluster app inventory

👤 Platform teams managing many clusters ⏱ ~20 min intermediate

Когда использовать: You run ArgoCD in a hub-spoke model and want a flat list: 'which apps run where'.

Поток
  1. List clusters ArgoCD manages
    List all clusters registered in ArgoCD with their name and server URL.✓ Скопировано
    → Cluster inventory
  2. Map apps to clusters
    For each app, show its destination cluster and namespace. Group by cluster.✓ Скопировано
    → Per-cluster app list
  3. Flag unusual placements
    Any app deployed in an unexpected cluster (e.g. 'prod-only' app in a dev cluster)? Flag with reason.✓ Скопировано
    → Anomaly list

Итог: An up-to-date map of what runs where, useful for audits and capacity planning.

Подводные камни
  • Stale cluster entries — secrets removed but cluster still listed — Periodically verify each cluster is reachable; remove stale ones

Комбинации

Сочетайте с другими MCP — эффект x10

argocd + github

Cross-reference Argo sync with the PR that caused it

For app <name>, show the current revision SHA; fetch the GitHub PR that introduced it and summarize the change.✓ Скопировано
argocd + sentry

Correlate an Argo sync with a post-deploy error spike

App <name> synced at 14:02; did Sentry errors spike after that? If yes, show the top issue introduced.✓ Скопировано
argocd + ms-teams

Post sync/rollback events to a Teams channel

After any manual sync of app <name>, post a message to Teams #deploys with revision SHA and who triggered it.✓ Скопировано

Инструменты

Что предоставляет этот MCP

ИнструментВходные данныеКогда вызыватьСтоимость
list_applications project?, selector? Inventory apps free
get_application name Detailed state of a specific app free
get_application_diff name, revision? Preview what a sync would change free
sync_application name, revision?, prune?, dryRun?, resources? Apply pending changes free (triggers cluster work)
get_application_resource_tree name Inspect the live resources an app owns free
list_clusters Cross-cluster inventory free

Стоимость и лимиты

Во что обходится

Квота API
Bounded by your ArgoCD server capacity; practical limit ~10 req/s
Токенов на вызов
App list: 500–3000 tokens. Diff: up to 5000.
Деньги
Free — ArgoCD is open source, you only pay for the infra hosting it.
Совет
Cache app list; use selectors (project, label) to narrow queries rather than listing everything.

Безопасность

Права, секреты, радиус поражения

Минимальные скоупы: read on applications, clusters for read-only sessions
Хранение учётных данных: ARGOCD_AUTH_TOKEN and ARGOCD_SERVER in env
Исходящий трафик: Calls to your ArgoCD server only
Никогда не давайте: admin sync on all projects without reason account:update

Устранение неполадок

Частые ошибки и исправления

401 Unauthenticated

ARGOCD_AUTH_TOKEN expired or revoked. Regenerate via argocd account generate-token.

Проверить: argocd account get-user-info --auth-token $ARGOCD_AUTH_TOKEN
403 Permission denied on sync

Role lacks applications, sync, <project>/* permission. Update AppProject or account role.

Sync stuck in Progressing for >10 min

Usually a stuck resource — check resource-tree for a failing hook or a stuck controller; may need manual intervention in-cluster.

Diff shows unexpected drift on every sync

Controllers mutating fields at runtime. Add ignoreDifferences to the Application spec for those fields.

Альтернативы

ArgoCD в сравнении

АльтернативаКогда использоватьКомпромисс
Flux MCPYou use Flux instead of ArgoCD for GitOpsDifferent GitOps engine; CLI-first model
Kubernetes MCP (raw kubectl)You want direct cluster access without GitOps abstractionImperative — defeats the purpose of GitOps for managed apps

Ещё

Ресурсы

📖 Читать официальный README на GitHub

🐙 Открытые задачи

🔍 Все 400+ MCP-серверов и Skills