Version: 0.5 (Next)

Default Pipeline Template

Field	Value
Repository URL	`https://github.com/konstructio/konstruct-templates`
Path	`templates/workflows`
Branch	`main`

The default pipeline template provides two GitHub Actions workflows for building, publishing, and deploying applications.

Overview

push to main
     │
     ▼
┌──────────┐     ┌─────────────────────┐
│ publish  │────▶│ deploy (manual)     │
│          │     │ pick an environment │
│ • build  │     │ • dispatches gitops │
│ • tag    │     │ • targets clusters  │
│ • push   │     └─────────────────────┘
└──────────┘

Every commit to main builds a container and publishes a Helm chart. Deployments are triggered manually by running the deploy workflow and selecting an environment.

Workflows

publish.yaml

Triggers on push to main or manual dispatch.

Checks out the repository
Builds a Docker image tagged with the short commit SHA
Pushes the image to AWS ECR
Updates Chart.yaml with an RC version ({base}-rc.{sha}) and the SHA as appVersion
Packages and pushes the Helm chart to ECR as an OCI artifact
Writes a summary with the published image and chart references

Artifacts produced:

Container image: {ecr-registry}/{org}/{repo}:{sha}
Helm chart: {chart-name}-{version}-rc.{sha} in oci://{ecr-registry}/{org}/charts

deploy.yaml

Triggered manually via workflow_dispatch with three inputs:

Input	Description
`environment`	Target environment (dropdown populated from your environment list)
`app_version`	Chart version to deploy
`app_name`	Application name (defaults to your app)

Generates a GitHub App token with access to the GitOps repository
Dispatches the update-environment.yaml workflow in the GitOps repository
The GitOps workflow updates targetRevision in Argo CD Application manifests for all clusters in the environment

How Deployment Works

The deploy workflow does not apply Kubernetes manifests directly. It updates the GitOps repository, and Argo CD handles the actual deployment:

deploy workflow
     │
     ▼ (dispatch)
GitOps repository: update-environment.yaml
     │
     ▼ (commit)
registry/environments/{env}/{cluster}/{app}.yaml
     │  targetRevision: {new-version}
     │
     ▼ (sync)
Argo CD deploys to cluster

Prerequisites

AWS IAM OIDC: Trust policy for repo:{org}/{repo}:ref:refs/heads/main
ECR repositories: For container images and Helm charts
GitHub App: With access to both the app repository and GitOps repository (secrets: APP_ID, APP_PRIVATE_KEY)
GitOps repository: With update-environment.yaml workflow and Argo CD Application manifests

Helm Chart Structure

Konstruct generates a chart at charts/{org}/{repo}/ with:

Standard deployment, service, ingress, HPA, and service account templates
CHART_VERSION and IMAGE environment variables injected into the container for runtime version visibility
Values for probes, resources, auto-scaling, and security contexts

When to Use This Template

The default template works well for:

Applications with simple deployment needs
Teams that want full control over when each environment is updated
Projects where environment count and names vary per organization
Getting started quickly — two workflows cover the full lifecycle

Overview​

Workflows​

publish.yaml​

deploy.yaml​

How Deployment Works​

Prerequisites​

Helm Chart Structure​

When to Use This Template​