What Is GitOps?

GitOps is a paradigm that helps automate application deployment and infrastructure

provisioning. It typically involves using Git, an open source version control system, as a
single source of truth for declarative infrastructure and applications. Here is how the
GitOps process generally works:

• Automation—the GitOps process is triggered by changes in a Git repository and

automatically deploys applications and infrastructure.

• Auditability—a Git repository is a source of truth representing the full system

state, with a detailed audit trail of changes.

GitOps aims to improve the developer experience by letting teams use their familiar
software development tools to manage application and infrastructure changes. While
GitOps does not require specific tools, dedicated tools can help developers adopt GitOps
faster and more easily. In addition, GitOps tools relevant to a team’s scenario can provide
additional benefits, which otherwise might require heavy customization of existing tools.

Why Are GitOps Tools Important?

GitOps tools can help you with the following scenarios:

Continuous deployment (CDep) for Kubernetes—enables you to push applications

rapidly and eliminates the need for several deployment management systems.

• Continuous delivery (CDel) for Kubernetes—enables you to rapidly build, test, and
deploy software via incremental updates.

• Runtime pipelines—enable you to read and write files to Git, load container
images, and update container repositories.

• Continuous Monitoring–GitOps tools can continuously monitor for configuration

drift and automatically reconcile any changes that differ from the Git repository.
They help you gain control over application and configuration changes while
helping you easily roll back to previous working versions.

• Visibility–provide insights into status of the GitOps application, their synced

status, and reconciliation processes

Related content: Read our guide to GitOps branching strategy

6 Common GitOps Tools

Argo CD

Deployment model: on-premises

License: open source

Repo URL: https://github.com/argoproj/argo-cd

Argo is a set of open source tools for Kubernetes, helping developers quickly and securely
deliver software in a GitOps pattern. Argo CD simplifies application deployment and
lifecycle management by automating deployment. It also makes rollbacks easier and more
auditable for troubleshooting purposes.

Argo CD is a Kubernetes-native continuous deployment tool built for GitOps. It keeps all
configuration logic in Git to enable developers to use existing code development, review,
and approval workflow already connected to Git-based repositories.

Argo CD offers the following key capabilities:

• Automatically deploys applications to their target environments.

• Manages and handles multi-cluster deployments

• Supports multiple configuration management and templating tools, including Helm,

Kustomize, Ksonnet, plain-YAML, and Jsonnet.

• Supports SSO integration with OIDC, OAuth2, SAML 2.0, LDAP, GitHub, GitLab,
LinkedIn, and Microsoft.

• Enforces strong authorization with RBAC and multi-tenancy policies.

• Rolls back applications to any configuration in the Git commit history.

• Analyzes resource health status.

 • Automatically detects and visualizes configuration drift.

• Automatically syncs applications to their desired state.

• Offers real-time visibility into application activity via the web UI.

• Supports webhook integration with GitHub, GitLab, and BitBucket.

• Supports rollouts of complex deployments with PreSync, Sync, and PostSync

hooks.

• Provides access tokens.

• Maintains audit trails for API calls and application events.

• Overrides Ksonnet and Helm parameters in Git.

Codefresh

Deployment model: cloud, hybrid, and on-premises

License: commercial, based on the open source Argo project

Codefresh is a modern Kubernetes and GitOps solution powered by Argo, bringing the
best open-source tools to a reliable enterprise-grade DevOps toolchain. Codefresh
provides a secure and thoroughly validated runtime allowing you to fully tap the power of
Argo Workflows, Events, CD, and Rollouts. The best practices of GitOps are built into
Codefresh while still giving teams the flexibility and control they need.

Codefresh provides unrivaled visibility from code-to-cloud into your entire continuous
integration and continuous delivery workflows. It offers a streamlined, automated
approach to advanced deployments like canary, blue-green, and experimental releases.
Codefresh has a unified user interface for all of your builds and deployments as well as a
centralized management control plane for your Codefresh Argo runtimes. It integrates
with your best-of-breed tools to give you the best possible software delivery process.

Here are some of the key features Codefresh offers:

• All of the benefits of Argo (see above)

• Enterprise-grade Argo runtime with all Argo components

• Optional hosted runtime for Argo CD

• Centralized management control plane for all Argo runtimes

• Customized Argo Workflows and Events for CI and CD

• Integrated dashboard for Dora metrics

• Unified Argo user interface with end-to-end traceability

• Comprehensive dashboards for tracking releases and deployments

• Insights into images, build artifacts, and their environment usage

• Detailed performance breakdown of resource usage during workflows

• Codefresh Hub for Argo Workflows for reusable Workflows templates

• Native integration with popular secret management tools

• Cross-application single sign on with centralized management

• Integration with issue management like Jira

• Integration with other CI systems such as Jenkins, Github actions etc.

• GitOps Argo Autopilot runtime installer

• Additional security validation and intercompatibility testing for Argo components

• Award-winning support and professional services

Flux CD

Deployment model: cloud

License: open source

Repo URL: https://github.com/fluxcd/flux

Flux can automatically ensure that the state of a Kubernetes cluster matches the
configuration in Git. It employs a cluster operator to trigger deployments in Kubernetes,
eliminating the need to use a separate CD tool.

Flux monitors your image repositories, detects new images, triggers deployments. It uses
this data and a configurable policy to update the running configuration to the desired
state. Here are key features of Flux:

• Deployments—you can use Flux to deploy apps using various methods, including
canaries, A/B rollouts, and feature flags.

• Resources management—Flux includes built-in infrastructure and workload

dependency management and can manage all Kubernetes resources.

• Integration—Flux works with various Git providers, including GitHub, Bitbucket,

GitLab, CI workflow providers, and container registries.

• Multi-tenancy—Flux supports multiple Git repositories and uses Kubernetes

RBAC through impersonation. It uses Cluster API to offer out-of-the-box multi-
cluster infrastructure and apps.

Flux does not require CI access to Kubernetes clusters. Changes are atomic and
transactional, and Git keeps an audit log.
Jenkins X

Deployment model: on-premises

License: open source

Repo URL: https://github.com/jenkins-x

Jenkins X is an opinionated open source CI/CD and automated testing tool for cloud
native applications deployed with Kubernetes. It offers various features, including built-in
GitOps, pipeline automation, and preview environments.

Jenkins X uses Jenkins as the core CI/CD engine and the Jenkins pipeline to automate CI.
Jenkins can only assemble CD with custom scripts, isolated release operations, and
manual configuration. Jenkins X automates this process, adding complete support for
automating CD, including staging and production environments in Kubernetes.

CloudBees offers a commercial CI/CD solution powered by Jenkins X and based on

Google Cloud Platform.

Weave GitOps Core

Deployment model: cloud

License: open source

Repo URL: https://github.com/weaveworks/weave-gitops

Weave GitOps Core is an open source CD tool for Kubernetes and cloud native
applications. Weave GitOps is a CD runtime for GitOps based on the CNCF Flux project.
Here are key features of Weave GitOps:

• Git-based CD—all cluster changes are based on PR and Commit to enable effective
and auditable delivery using instant rollbacks.

• Kubernetes-native—Weave GitOps is designed to work with Kubernetes.

• Declarative automation—helps ensure that the cluster state is continuously

reconciled according to the required configuration.

• Integration—Weave GitOps includes built-in integrations for various tools,

including Helm, Github, Github Actions, Kustomize, and Gitlab.

WeaveWorks provides Weave GitOps Enterprise, a commercial solution based on the

open source Weave GitOps Core.

Werf

Deployment model: cloud

License: open source

Repo URL: https://github.com/werf/werf

werf is an open source command-line interface (CLI) tool written in Go. It aims to simplify
and speed up the application delivery process. It facilitates GitOps by letting developers
describe the configuration of an application and storing this file in a Git repository that
serves as a single source of truth.

Here are key features of werf:

• Builds Docker images—werf uses Dockerfiles or an alternative built-in builder

based on custom syntax.

• Deletes unused images—werf ensures the Docker registry does not contain
unused images.

• Deploys applications to Kubernetes—werf uses a Helm-compatible chart with

customizations, rollout tracking, log output, and error detection.

werf does not cover all CI/CD needs. Instead, it helps create pipelines you can embed into
existing CI/CD systems.