GitOps has taken the DevOps world by storm. GitOps is a DevOps strategy where teams use files in Git to declaratively define the desired state of an environment. An automated reconciler is powerful and applies changes to that state to whatever is being managed, typically application environments and infrastructure. GitOps is so powerful because it meets developers where they are, provides audit trails of changes, and with pull-requests, generates a layer of approvals.
Challenges
As attractive as GitOps is, it isn’t without challenges. For example, the automated reconcilers tend to be domain-specific with tools like ArgoCD and Flux targeting applications in Kubernetes and infrastructure-as-code tools like Terraform operating at infrastructure levels. If you want to create a cluster and deploy an application to it, multiple automation tools need to be stitched together.
There is also a heavy governance burden pushed down to developers. When reviewing that PR, how do I know how well this version performed in tests? Are there security defects? If we’re manipulating infrastructure, how would I understand the cost implications?
Developers either have to go digging to review each change in painstaking detail or approve after a cursory check and hope for the best. Neither approach is great.
Visibility and reporting can also be a challenge when you need to check multiple instances of multiple tools to understand the current state. The definitions in Git can help, but they can be tricky to display together in an easy-to-digest way.
Bootstrapping environments and managing GitOps infrastructure can be tricky as well. How many ArgoCD instances should we have? How will they be maintained?
A healthy approach for GitOps
In the five-minute video below, we demonstrate one approach to addressing these challenges. We have it baked into our Harness platform.
Challenges addressed:
Multiple reconcilers: While still using ArgoCD for the application and Terraform for the infrastructure, Harness orchestrates between them, simplifying the experience.
Governance: Harness decorated the pull request with key quality telemetry, including checks of organizational standards defined in OPA. This simplified the checking for the developer.
Views and reporting: Harness provided a single reporting interface, making it clear what is deployed where.
Bootstrapping: The ArgoCD reconciler is installed alongside the environment creation, minimizing the effort required to run a GitOps approach at scale.
Conclusion: Harness as a DevOps Game-Changer
As we've seen in the video demonstration, Harness's capabilities in managing infrastructure as code, integrating with GitOps workflows, and ensuring compliance and governance standards position it as a game-changer in the DevOps landscape. Its ability to streamline and automate processes not only saves time but also helps in maintaining high standards of efficiency and security, making it a powerful tool for any forward-thinking DevOps team.
.svg)
.svg){kind=small}
