TL;DR
This isn’t a tutorial; it’s just a tip/recommendation. I’m not feeling up to reinventing the wheel right now, and you can easily find good content about it elsewhere (here’s a good starting point).
commit it, ship it, reconcile it
Every time I start a new project, I immediately think about how I’ll manage it using GitOps. If you’ve never heard about it, GitLab defines it as:
“Operational framework that takes DevOps best practices used for application development such as version control, collaboration, compliance, and CI/CD, and applies them to infrastructure automation”.
or
GitOps is when you have an external reconciliation loop enforcing your infrastructure state using your git state as the source of truth.
Well, it’s simpler than it sounds. You describe something as code and push it into a Git server (Gitea, Codeberg, GitLab, or… GitHub if you’re a masochist like me :D). Then you build a pipeline using Actions, Jenkins, Travis CI, etc. Your pipeline reacts to new commits, merges, or releases (whatever trigger you define) and does something about it.
This site is running on Cloudflare Pages for now, and it’s fully controlled using GitOps. Every time I want to change or add something, I commit my files; Cloudflare Workers fetch, build, and update everything :D
Win Win = Zero stress.
Let’s jump into a more complex example.
Managing a K8s cluster is really time-consuming when you have 10+ applications running. You must watch for resource drift, and every time you need to roll out an update, you end up doing a lot of manual work (kubectl/Helm, checking diffs, re-applying manifests, rollbacks, etc.). It’s easy to miss one small change and suddenly shit hits the fan and your production environment is fucked.
That’s why I really like to install ArgoCD in any K8s project that needs an elegance bump. This cool alien orange octopus is a GitOps-driven tool: it keeps track of K8s YAML manifest files in any Git repository you give it access to. It applies changes from those files to your cluster and continuously monitors things to make sure there’s no drift between your repository (the source of truth) and the live K8s resources—so no manual kubectl intervention becomes a “feature”, if you know what I mean.
ArgoCD does a lot more than I’m covering here — give it a spin if you’re into K8s.
Another cool GitOps example is Terraform (or OpenTofu). IaC is great if you need to maintain and wire up a lot of cloud resources, and you also want a solid disaster recovery story. Declare your infrastructure as code, push it into a Git server, trigger your Actions, and let CI run terraform apply for you. Push a new commit -> cloud resources change automatically (for the greater good).
This is a dummy Terraform pipeline example. Please add some guardrails if you plan to do something like this.
I’m writing this down because GitOps saves me a lot of time, many times over. Every hour I spend thinking about “how to maintain X using GitOps” gets compensated later. So if you’ve never tried it before, I highly recommend it.