categories.infrastructure-as-code Intermediate
What is GitOps? How does it differ from traditional CI/CD deployment?
GitOps Core Philosophy
Git is the single source of truth. The desired state of the system is entirely defined by the Git repository, and all changes are made through Git operations (PR/merge).
GitOps vs Traditional CI/CD
| Aspect | Traditional Push-based CI/CD | GitOps Pull-based |
|---|---|---|
| Deployment trigger | Pipeline actively pushes to cluster | Agent continuously pulls Git state |
| Cluster access | CI system needs cluster credentials | Cluster only needs Git read access |
| Drift detection | None | Agent auto-detects and reconciles drift |
| Audit trail | CI logs | Git commit history |
| Rollback method | Re-run old pipeline | git revert |
GitOps Workflow
- Developer modifies Kubernetes YAML or Helm values
- Submits Pull Request, reviewed and merged to main
- GitOps Agent (ArgoCD/Flux) detects the Git change
- Agent compares Git desired state vs current cluster state
- Automatically syncs the cluster to the state defined in Git
Popular Tools
ArgoCD: UI-friendly, good for visually managing multiple clusters
Flux: More Kubernetes-native, better for highly automated environments
Key Advantages
- Better security: CI systems don't need to hold cluster credentials
- Self-healing: Manual cluster modifications are automatically reverted by the agent
- Full audit trail: All changes have a Git commit record
✦ AI Mock Interview
Type your answer and get instant AI feedback
Sign in to use AI scoring