generated from coulomb/repo-seed
1.2 KiB
1.2 KiB
Pattern: GitOps with Guardrails
Status: seed Readiness target: RL3 production Primary owners: Railiance platform, product repos Genesis family: Kubernetes and platform
Problem
GitOps can make operations reproducible while still deploying unsafe state if review, policy, secrets, and provenance controls are weak.
Context
Use this pattern for platform and product deployment repositories, environment promotion, configuration changes, and operational rollbacks.
Forces
- Desired state should be reviewable and auditable.
- Secrets must not be exposed in Git.
- Policy checks need to run before reconciliation.
- Emergency changes need traceability.
Solution
Use Git as the reviewed desired-state source while enforcing branch protection, policy-as-code checks, encrypted secret references, signed artifact admission, and clear rollback procedures.
Verification
- Production changes enter through reviewed commits or documented emergency paths.
- Reconciliation rejects policy failures.
- Secret plaintext is absent from Git.
- Rollbacks preserve audit and policy evidence.
Related Patterns
- Protected Main Branch.
- Policy-as-Code Admission Control.
- Sealed Secret / Encrypted Git Secret.
- Signed Image Admission.