Skip to main content
GitOps is a method of managing and deploying software applications using a version control system like Git. Think of it as a way to automate and streamline the process of updating and maintaining your applications. The key advantages of using Gitops - specially for production environments are the following:
  1. Source of Truth: In GitOps, Git repositories serve as the single source of truth for your infrastructure and application configurations. Everything needed to run your app is stored as code in these repositories.
  2. Version Control: Since everything is in Git, you have a complete history of changes. This makes it easy to track who made changes, revert to previous versions if needed, and collaborate with others.
  3. Automation: GitOps uses automation tools to continuously monitor your Git repositories. When changes are detected, these tools automatically update your applications and infrastructure to match the new configuration. This ensures that what you have in your Git repository is exactly what is running in your environment.
  4. Consistency and Reliability: By using Git as the source of truth and automating deployments, GitOps ensures that your environments are consistent and reduces the chance of human error, making deployments more reliable.
  5. Collaboration: Teams can collaborate more effectively since they can propose changes through pull requests, review code, and discuss potential impacts before deploying.
TrueFoundry provides first-class support for implementing Gitops and also provides a ready-to-use template using which you can implement Gitops using Github actions in your organization under 10 mins. Every resource in Truefoundry can be expressed as a YAML spec and can be created/updated by using the tfy apply command.
Truefoundry follows the same principles as Kubernetes for Infrastructure as Code. This is different than OpenTofu/Terraform way in which you need to learn OpenTofu/Terraform to be able to automate. It’s much simpler and easier to use - copy the YAML from the UI and paste it in your Git repository.

Organizing the Git repository containing the entire Truefoundry configuration

You can understand how to organize your Git repository for all Truefoundry configuration by looking at this sample repository: truefoundry/truefoundry-gitops-sample-repository. It primarily comprises of resources for both AI deployment and Gateway. You can focus on the specific resources in case you are only using AI Deployment or AI Gateway.
  1. clusters/ - contains the cluster configuration
  2. gateway/ - contains the gateway configuration
  3. integrations/ - contains the integration configuration
  4. teams/ - contains the team configuration
  5. virtualaccounts/ - contains the virtual account configuration
The folder structure is as follows: 
clusters/
├── cluster1/
│   ├── cluster1.yaml
│   └── workspaces/
│       └── workspace1/
│           ├── workspace1.yaml
│           └── applications/
│               └── app1.yaml
└── cluster2/
    ├── cluster2.yaml
    └── workspaces/
        └── workspace1/
            ├── workspace1.yaml
            └── applications/
                └── sample-app.yaml
gateway/
├── models/
│   └── openai-model.yaml
├── guardrails/
│   └── openai-guardrail.yaml
└── mcp-servers/
    └── mcp1.yaml
integrations/
└── custom.yaml
teams/
├── backend.yaml
└── frontend.yaml
virtualaccounts/
└── virtualaccount1.yaml
The spec for the cluster / workspace / application / gateway (models, guardrails, mcp-servers) / integration / team / virtual account can be copied from the UI by clicking on Edit -> Apply Using YAML.

Setup CI/CD

We also provide ready to use GithubActions/Bitbucket Pipelines scripts to setup CI/CD for your Git repository. You can use these scripts or modify them according to your needs.
The GitHub Actions workflows are available in the sample repo here: .github/workflows/.The template primarily implements two workflows:
  1. dry_run_on_pr.yaml - Runs on creation or update of a pull request. It validates the spec for all YAML files changed in the PR:
    1. Checks if the changed file is a valid YAML file
    2. Checks if the changed file name matches the name field inside the YAML
    3. Validates the spec using tfy apply --dry-run
  2. apply_on_merge.yaml - Runs on merges to the default branch. It runs tfy apply on all files changed in the PR and deletes configurations for files that were removed.
Configure the required repository secrets (for example, TFY_HOST and TFY_API_KEY) as described in the sample repo README: Truefoundry Sample Gitops Repo.