Services

GitOps

Git-driven delivery patterns for Kubernetes and platform operations


GitOps is an operating model where desired state is stored in Git, reviewed through pull requests, and reconciled into runtime environments by controllers. This guide introduces the concepts and points to implementation references for Argo CD, Flux, and Argo Workflows.

Core principles#

Declarative configuration

Infrastructure, Kubernetes manifests, policies, and application configuration are described declaratively so the target state can be reviewed and reproduced.

Version-controlled desired state

Git becomes the audit trail for operational changes. Pull requests provide review, history, and rollback context.

Automated reconciliation

Controllers pull approved state from Git and continuously compare it with the runtime environment.

Drift detection and recovery

When a cluster differs from the committed desired state, GitOps tooling can report drift or automatically restore the expected configuration.

Tooling references#

Repository design checklist#

  • Separate platform, application, and environment concerns clearly.
  • Keep promotion paths explicit so changes move through environments intentionally.
  • Use branch protection, CODEOWNERS, and required checks for sensitive paths.
  • Store secrets through a documented encryption or external-secrets workflow; do not commit plaintext secrets.
  • Define rollback expectations before enabling automated sync on critical workloads.
  • Monitor reconciliation health, sync failures, controller errors, and drift alerts.