Skip to main content
This lesson explains Argo CD synchronization policies for an application: Auto‑Sync, Self‑Heal, and Prune Resources. These options determine how Argo CD keeps the cluster’s live state aligned with the desired state declared in Git (GitOps workflow). In the Argo CD application settings for health-check, you can enable sync policies:
  • Auto‑Sync: Argo CD watches the Git repository and automatically applies detected manifest changes to the cluster (no manual sync required).
  • Self‑Heal: If a resource is changed or deleted directly in the cluster (out‑of‑band), Argo CD will attempt to reconcile the resource back to the manifest in Git.
  • Prune Resources: When a resource is removed from Git, Argo CD will delete the corresponding resource from the cluster on the next sync.
When Auto‑Sync is enabled, Argo CD applies changes detected in Git automatically. Self‑Heal reconciles manual cluster changes to match Git. Prune removes cluster resources that were removed from Git. With Auto‑Sync + Self‑Heal + Prune enabled, resources present in Git will be recreated if manually deleted, while resources removed from Git will be deleted from the cluster.

1) Auto‑Sync — automatically apply updates from Git

To see Auto‑Sync in action, change the Deployment manifest in your Git repository (for example, increase replicas from 1 to 2). Example Deployment manifest: 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: random-shapes
spec:
  selector:
    matchLabels:
      app: random-shapes
  replicas: 2
  template:
    metadata:
      labels:
        app: random-shapes
    spec:
      containers:
        - name: random-shapes
          image: siddharth67/php-random-shapes:v1
          imagePullPolicy: Always
          envFrom:
            - configMapRef:
                name: moving-shapes-colors
  • Commit and push the change to the repository.
  • With Auto‑Sync enabled on the health-check application, Argo CD will detect the change and apply it automatically.
Verify the Deployment scaled to 2 replicas: 
$ kubectl -n health-check get deploy random-shapes
NAME            READY   UP-TO-DATE   AVAILABLE   AGE
random-shapes   2/2     2            2           10m
This output confirms Auto‑Sync applied the updated manifest from Git without requiring a manual sync in the Argo CD UI.

2) Self‑Heal — Argo CD reconciles manual cluster changes

If Self‑Heal is enabled and you manually delete or modify a resource in the cluster, Argo CD will detect the divergence and restore the resource to match the manifest in Git. Example sequence deleting a Service: 
$ kubectl -n health-check get svc
NAME                 TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
random-shapes-svc    NodePort   10.110.210.43   <none>        80:31366/TCP    5m

$ kubectl -n health-check delete svc random-shapes-svc
service "random-shapes-svc" deleted
After a short time (Argo CD reconciliation interval), the Service is recreated because the Service manifest still exists in Git: 
$ kubectl -n health-check get svc
NAME                 TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
random-shapes-svc    NodePort   10.110.210.43   <none>        80:31366/TCP    10s
This demonstrates Self‑Heal: Argo CD detected the manual deletion and re‑applied the resource from Git.

3) Prune Resources — remove resources from the cluster when removed from Git

When you remove a manifest from Git and have Auto‑Sync with Prune enabled, Argo CD will delete the corresponding cluster resource during the next sync. Example outcome after removing the Service manifest and allowing Auto‑Sync + Prune to take effect: 
$ kubectl -n health-check get svc
No resources found in health-check namespace.
Because the Service was removed from Git and Prune was enabled, Argo CD deleted it from the cluster.

Quick reference — behavior comparison

Sync OptionPurposeTypical behavior
Auto‑SyncApply Git changes automaticallyDetects Git commits and applies manifests without manual sync
Self‑HealReconcile manual cluster changesRestores resources modified or deleted in the cluster to match Git
PruneRemove cluster resources removed from GitDeletes resources from the cluster that no longer exist in Git
Use combinations of these options to match your operational model: continuous delivery with self‑correction (Auto‑Sync + Self‑Heal + Prune), or a more controlled/manual approach (disable Auto‑Sync and trigger syncs manually).

Summary

  • Auto‑Sync automatically applies Git changes to the cluster.
  • Self‑Heal reconciles and restores resources when manual modifications occur in the cluster.
  • Prune Resources removes cluster resources when they are deleted from Git.
  • Combine these policies to implement the GitOps workflow that fits your environment.

Watch Video