GitOps is an operational model that uses Git as the single source of truth for declarative infrastructure and application deployment, with automated reconciliation.
In a GitOps workflow, the desired state of infrastructure and applications is stored in a Git repository. An automated agent continuously compares the actual state of the system with the desired state in Git, and reconciles any differences.
This creates a pull-request-driven workflow where all changes are reviewed, approved, and audited through Git.
Traditional CI/CD pipelines push changes from a build system to production. GitOps inverts this model—a controller running in the target environment pulls the desired state and applies it. This "pull" model is more secure because the target environment doesn't need to expose credentials to the CI system.
Popular GitOps tools include Flux and ArgoCD for Kubernetes workloads, and Atlantis for Terraform workflows. When combined with infrastructure as code, GitOps provides a complete audit trail and rollback capability for infrastructure changes.
The companion to 'Terraform the Hard Way.' Same twenty-one crossroads, framed against what each one looks like under a framework that's already made the decisions. With concrete Atmos snippets at every step.
A guided checklist of every decision you'll make on the road from `terraform apply` to production. Not a recommendation — an education. Borrowed in spirit from Kelsey Hightower's 'Kubernetes the Hard Way.'
An internal developer platform is the icing on the cake — the reward for getting the foundation underneath into shape. Here's what I've learned about when the icing actually delivers, and why a framework matters more than the portal.
Teams keep telling themselves infrastructure is simple. 'It's just Terraform.' 'A contractor can clean it up.' Here's what those assumptions actually cost.
Open source Terraform module libraries are infrastructure's equivalent of npm and PyPI—battle-tested foundations that become even more critical when AI enters the picture.