GitOps Implementation: Lessons from Production | Nebinfra Technologies
    Back to Blog
    DevOps

    GitOps Implementation: Lessons from Production

    December 28, 20256 min read

    What GitOps Actually Means

    GitOps uses Git as the source of truth for declarative infrastructure and applications. The core principles:

  1. **Declarative**: Describe the desired state, not the steps to get there
  2. **Versioned**: All changes tracked in Git
  3. **Automated**: Agents ensure actual state matches desired state
  4. **Reconciled**: Continuous correction of drift

    5. Choosing Your Tool

    The two main options:

    ArgoCD: Better UI, application-centric model, good for teams that want visibility into deployments.

    Flux: More composable, better for GitOps-native workflows, integrates well with other controllers.

    Both work. Pick based on your team's preferences and existing tooling.

    Repository Structure

    How you organize Git repositories affects maintainability.

    Monorepo: All configuration in one repository

  5. Easier to manage initially
  6. Can become unwieldy at scale
  7. Simpler cross-cutting changes

    8. Polyrepo: Configuration split across repositories

  8. Better access control
  9. More complexity in coordination
  10. Scales better for large organizations

    11. Hybrid: Application repos separate from infrastructure

  11. Common pattern
  12. Balances concerns

    13. Start simple. Restructure when you hit actual problems.

    Handling Secrets

    Secrets in Git is the most common GitOps challenge. Options:

    External Secrets Operator: Sync secrets from external stores (Vault, cloud providers)

    SOPS: Encrypt files in Git with various key management backends

    Pick one approach and standardize on it.

    Managing Multiple Environments

    Common patterns:

    Directory per environment: Simple, explicit, some duplication

    Kustomize overlays: Base configuration with environment-specific patches

    Helm values files: If you're already using Helm

    Avoid: Complex templating that makes it hard to understand what's deployed where.

    Drift Detection and Reconciliation

    GitOps agents detect when actual state differs from desired state. Configure:

  13. Sync policies (automatic vs. manual)
  14. Prune policies (delete resources removed from Git)
  15. Health checks (when is a deployment successful?)

    16. Start with manual sync to understand the workflow, then automate as confidence builds.

    Common Challenges

    Slow feedback: Changes in Git don't appear immediately. Set appropriate expectations.

    Debugging failures: When sync fails, developers need visibility into why.

    Emergency changes: Sometimes you need to change production immediately. Have a process that gets changes back into Git.

    What GitOps Doesn't Solve

    GitOps is an operational model, not a complete solution. You still need:

  16. CI pipelines to build and test
  17. Observability to understand what's running
  18. Incident response processes

    19. References & Further Reading

    Back to All Articles