← Back to Blog

The Complete Guide to GitOps Workflows

2025-09-288 min readDevOps Consultant

The Complete Guide to GitOps Workflows

GitOps has transformed how teams deploy and manage infrastructure. In this comprehensive guide, I'll show you how to implement GitOps workflows that actually work in production.

What is GitOps?

GitOps is a way of implementing Continuous Deployment where Git serves as the single source of truth for declarative infrastructure and applications. Instead of running commands manually or from CI/CD pipelines, you declare your desired state in Git, and automated processes ensure your environments match that state.

Core Principles

1. Declarative Configuration

Everything is defined declaratively in Git - infrastructure, applications, policies, and configuration.

# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-app
spec:
  replicas: 3
  template:
    spec:
      containers:
      - name: web
        image: myapp:v1.2.3

2. Git as Single Source of Truth

Git repos contain the entire desired state of your system. What's in Git is what's running in production. No exceptions.

3. Automated Reconciliation

Software agents continuously compare the desired state (Git) with actual state (cluster/cloud) and automatically reconcile differences.

4. Pull-Based Deployments

Instead of pushing changes from CI to production, agents pull changes from Git repositories.

Benefits I've Seen in Production

After implementing GitOps for multiple clients:

  • 85% fewer deployment failures - Declarative configs are testable and reviewable
  • Faster rollbacks - Just revert the Git commit
  • Better audit trail - Every change is tracked in Git history
  • Improved collaboration - Developers and ops work from same repos
  • Reduced complexity - No need to manage deployment credentials in CI

Implementing GitOps: A Practical Example

Step 1: Structure Your Repositories

I recommend this structure:

infrastructure/
  ├── terraform/
  │   ├── modules/
  │   └── environments/
  └── kubernetes/
      ├── base/
      └── overlays/
          ├── dev/
          ├── staging/
          └── prod/

Step 2: Choose Your Tools

For Kubernetes, popular choices include:

  • Flux CD - CNCF project, great for beginners
  • Argo CD - Rich UI, powerful features
  • Fleet - Built for multi-cluster management

For infrastructure:

  • Atlantis - Terraform pull request automation
  • Terraform Cloud - HashiCorp's managed solution

Step 3: Set Up Automated Sync

Example Flux configuration:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
  name: webapp
  namespace: flux-system
spec:
  interval: 1m
  url: https://github.com/company/webapp
  ref:
    branch: main
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: webapp
  namespace: flux-system
spec:
  interval: 5m
  path: ./kubernetes/overlays/prod
  prune: true
  sourceRef:
    kind: GitRepository
    name: webapp

Step 4: Implement the Workflow

  1. Developer creates feature branch
  2. Makes changes to application or infrastructure code
  3. Creates pull request
  4. Automated tests run
  5. Team reviews changes (both code and config)
  6. PR merged to main
  7. GitOps agent detects change
  8. Agent applies changes to cluster
  9. Automated verification confirms deployment

Common Pitfalls and Solutions

Pitfall 1: Secrets in Git

Problem: You can't commit secrets to Git.

Solution: Use sealed secrets or external secret operators:

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  name: mysecret
spec:
  encryptedData:
    password: AgByhRn7...

Pitfall 2: Environment Drift

Problem: Manual changes break GitOps principles.

Solution:

  • Configure alerts for drift detection
  • Make reconciliation automatic and frequent
  • Educate team on GitOps workflow

Pitfall 3: Large Monorepos

Problem: Single repo becomes unwieldy.

Solution: Split by:

  • Environment (dev/staging/prod repos)
  • Team or service
  • Infrastructure vs application

Advanced Patterns

Progressive Delivery

Combine GitOps with Flagger for automated canary deployments:

apiVersion: flagger.app/v1beta1
kind: Canary
metadata:
  name: webapp
spec:
  targetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: webapp
  progressDeadlineSeconds: 60
  service:
    port: 80
  analysis:
    interval: 1m
    threshold: 5
    maxWeight: 50
    stepWeight: 10

Multi-Cluster Management

Use Fleet or Argo CD ApplicationSets to deploy to multiple clusters from a single repo.

Real-World Success Story

I recently implemented GitOps for an e-commerce platform:

Before:

  • Manual kubectl commands
  • Undocumented deployment processes
  • 2-hour deployment windows
  • Frequent rollback failures

After:

  • All changes via Git PRs
  • Full deployment history
  • 5-minute deployments
  • One-click rollbacks
  • Zero production incidents in 6 months

Getting Started

Start small:

  1. Pick one non-critical application
  2. Implement basic GitOps workflow
  3. Measure and learn
  4. Expand to more services
  5. Add advanced features gradually

Tools I Recommend

  • Kubernetes: Flux CD or Argo CD
  • Terraform: Atlantis
  • Monitoring: Prometheus + Grafana
  • Secrets: Sealed Secrets or External Secrets Operator
  • Progressive Delivery: Flagger

Conclusion

GitOps isn't just a buzzword - it's a proven approach that makes deployments safer, faster, and more collaborative. The initial setup takes effort, but the long-term benefits are substantial.

Start with one application, prove the value, then expand. Your future self will thank you.

Want help implementing GitOps in your organization? Let's talk about your specific needs.

Subscribe for More

Get weekly DevOps tips and tutorials delivered to your inbox. No spam, ever.

Work With Me