GitOps and provide an efficient method for managing Kubernetes environments. GitOps uses Git as a central source of truth for declarative infrastructure and application management, while automates deployment processes. This blog outlines the setup of a Kubernetes management system with GitOps principles and

GitOps and

  • GitOps is a modern approach that applies Git's version control system to manage infrastructure and applications. Changes in the infrastructure are implemented through pull requests, ensuring accountability and reviewability.
  • is a Continuous Integration/Continuous Deployment (CI/CD) platform that automates your software delivery process, enhancing both the efficiency and reliability of your deployments.


Organize Kubernetes Configurations in Git

  • Initialize Your Git Repository: Keep all Kubernetes YAML configuration files in a dedicated Git repository. This includes deployments, services, and other Kubernetes objects.
  • Structure Your Configuration: Organize your repository for clarity. Separate configurations for different environments (like production and staging) into different directories.

In this tutorial, we will be using the DigitalOcean Kubernetes CDKTF workflow. The DigitalOcean workflow is a PaaS workflow with GitOps / ChatOps features that support DO K8S, VPC, Spaces, LetEncrypt TLS, Container Registry & CDN via CDKTF.

Set up DigitalOcean Infrastructure

The DigitalOcean workflow is open-source on GitHub, and you can install it by cloning the repository.

git clone [email protected]:workflows-sh/do-k8s-cdktf.git

cd do-k8s-cdktf

Before starting, you must create your API and SPACES keys on DigitalOcean. These keys will be required for your workflow when writing your ops.yml file. In setting up the DigitalOcean Infrastructure, we’ll create five keys, the DigitalOcean Token from the Application API, the Terraform Token from your Terraform workspace, DigitalOcean Spaces Access, and the Secret key from the spaces token on the DigitalOcean UI, and the GitHub Token from GitHub. will use these API keys to authenticate, request, and create your DigitalOcean Workflow.

  • Next, after creating your API keys and Tokens, add them to your secrets vault on
  • Next, you can set up your DigitalOcean Infrastructure using ops run -b .  and set up your DigitalOcean resources. You can see all the stacks and packages created when you set up your DigitalOcean Infrastructure in the infrastructure repo src directory.

Using the predefined commands and configurations on, teams can automate the setup of their Kubernetes infrastructure on DigitalOcean. Below is a snippet of a configuration that aims to define commands for setting up, deploying, and managing services on DOKS.


  • Configuration: In your Git repository, create an ops.yml file. This file defines the CI/CD processes in

  • Define Jobs and Workflows: Your ops.yaml should include jobs for Kubernetes deployments. Use kubectl within these jobs to apply your configurations. A simple example:
version: "1"
- name: kubernetes-deployment-pipeline:0.2.5
description: Deploy Kubernetes configurations using
- DEBIAN_FRONTEND=noninteractive
- STACK_TYPE=k8s-deployment
- ORG=cto-ai
- GH_ORG=workflows-sh
- REPO=kubernetes-configs
- BIN_LOCATION=/tmp/tools
- KUBE_CONFIG_BASE64= # Your base64 encoded kubeconfig file
- "github:workflows-sh/kubernetes-configs:pull_request.opened"
- "github:workflows-sh/kubernetes-configs:pull_request.synchronize"
- "github:workflows-sh/kubernetes-configs:pull_request.merged"
- name: kubernetes-deployment-job
description: Apply Kubernetes configurations
- git
- wget
- tar
- mkdir -p $BIN_LOCATION
- ls -asl $BIN_LOCATION
- KUBECTL_DL_URL='$(curl -s' # Get latest kubectl
- chmod +x $BIN_LOCATION/kubectl
- echo $KUBE_CONFIG_BASE64 | base64 --decode > $BIN_LOCATION/kubeconfig
- export KUBECONFIG=$BIN_LOCATION/kubeconfig
- $BIN_LOCATION/kubectl version
- git clone https://oauth2:[email protected]/$GH_ORG/$REPO
- cd $REPO && ls -asl
- git fetch -a && git checkout "${REF}"
- $BIN_LOCATION/kubectl apply -f k8s-configs/staging/
- name: kubernetes-service:0.1.6
description: Kubernetes deployment service
run: node /ops/index.js
port: ['8080:8080']
sdk: off
domain: ""
- PORT=8080
- "github:workflows-sh/kubernetes-configs:pull_request.opened"
- "github:workflows-sh/kubernetes-configs:pull_request.synchronize"
- "github:workflows-sh/kubernetes-configs:pull_request.merged"
- build
- publish
- start

Implement GitOps Workflow

  • Branching Strategy: Use a feature branching strategy for development. New features are developed in branches and merged into the main branch when ready.
  • Pull Requests: Implement changes in the Kubernetes environment through pull requests for code review.
  • Automated Deployment: Merging changes to the main branch triggers to automatically deploy them to Kubernetes, as defined in ops.yml file.


Integrating GitOps with for Kubernetes management creates an automated, transparent deployment pipeline. This method enhances operational efficiency and deployment security, making Kubernetes management more effective and adaptable. Every change is tracked in Git and deployments automated through, resulting in a well-organized, scalable Kubernetes environment.

Ready to introduce to your team and enhance your workflows? Book a demo today!