Version controlling your infrastructure is a starting point. The real power comes from automating the deployment pipeline. Teams using GitOps deploy faster and recover from downtime and incidents faster, but this requires the right tools.
Git provides the foundation for GitOps, but teams need specialized tools to put it into practice. This article highlights five open-source projects that help with different parts of a GitOps workflow: feature management, infrastructure automation, and database migrations.
Flagsmith: Feature Flags
Flagsmith lets teams manage feature flags, and it integrates with GitOps workflows using Terraform. Feature flags can be stored in Git, ensuring changes go through the same review process as infrastructure updates.
from flagsmith import Flagsmith
flagsmith = Flagsmith(
environment_key="your_key",
default_flag_handler=lambda flag: False
)
# Fetch and embed flag states at runtime
flags = flagsmith.get_environment_flags()
In a GitOps setup, feature flags should be stored in Git and deployed alongside other code changes. Teams can enforce flag updates only when a corresponding application version is deployed. CI/CD pipelines (e.g., GitHub Actions, GitLab CI, or Terrateam) handle these updates.
With GitOps, every feature flag change is tracked in Git, making it easy to see what changed and roll back if needed.
Terrateam: Infrastructure Automation
Terrateam integrates Terraform and OpenTofu directly into pull request workflows. It validates infrastructure changes before merging and applies them after approval.
workflows:
- tag_query: "dir:infrastructure/staging"
plan:
- type: env
name: TF_VAR_example
cmd: ["echo", "Set custom environment variable"]
- type: init
- type: plan
apply:
- type: run
cmd: ["echo", "Running custom apply script"]
- type: init
- type: apply
parallel_runs: 3
cost_estimation:
enabled: true
Terrateam integrates with GitHub Actions and Secrets, providing plan outputs and cost estimates directly in pull requests. It ensures ordered execution to prevent dependency-related failures and maintains a full audit trail of infrastructure changes.
ArgoCD: Kubernetes Deployment
ArgoCD brings GitOps to Kubernetes by continuously monitoring and syncing cluster states with Git.
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: guestbook
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/argoproj/argocd-example-apps.git
targetRevision: HEAD
path: guestbook
destination:
server: https://kubernetes.default.svc
namespace: guestbook
ArgoCD helps maintain the desired state, with configurable sync policies. It supports PreSync, Sync, and PostSync hooks for deployment changes and allows rollbacks.
# Sync an application
argocd app sync guestbook
# Rollback to a previous version
argocd app rollback guestbook
FluxCD: Kubernetes Reconciliation
FluxCD runs as a Kubernetes controller, reconciling Git repositories with cluster states. It follows a pull-based model and scales across multiple clusters.
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
name: app-repository
namespace: flux-system
spec:
interval: 1m
url: https://github.com/org/repository
ref:
branch: main
FluxCD supports multi-tenant deployments using Kubernetes namespaces and Role-Based Access Control. It integrates with Helm and Kustomize.
Atlas: Database Schema Management
Atlas manages database schema changes in GitOps workflows using declarative schema definitions.
table "users" {
schema = schema.main
column "id" {
type = int
auto_increment = true
}
column "name" {
type = varchar(255)
}
primary_key {
columns = [column.id]
}
}
Atlas integrates with CI/CD pipelines for schema validation and migration:
atlas migrate diff \
--dir "file://migrations" \
--to "file://schema.hcl" \
--name "add_users_table"
Building a Complete GitOps Pipeline
These tools work together to create a full GitOps pipeline. Flagsmith manages feature releases via Terraform, while Terrateam handles infrastructure changes directly through GitHub (and possibly GitLab in the future). ArgoCD and FluxCD ensure reliable application deployments via Kubernetes, and Atlas integrates database schema migrations.
These tools help you build automated, secure, and scalable GitOps pipelines. They're open-source, shaped by real-world usage and community contributions.
If these tools make your life easier, drop them a star on GitHub!
Top comments (0)