How To GitOps Your Terraform

TechOps Examples

Hey — It's Govardhana MK 👋

Welcome to another technical edition.

Every Tuesday – You’ll receive a free edition with a byte-size use case, remote job opportunities, top news, tools, and articles.

Every Thursday and Saturday – You’ll receive a special edition with a deep dive use case, remote job opportunities, and articles.

👋 Before we begin... a big thank you to today's sponsor ENTERPRET

How Canva, Perplexity and Notion turn feedback chaos into actionable customer intelligence

Support tickets, reviews, and survey responses pile up faster than you can read.

Enterpret unifies all feedback, auto-tags themes, and ties insights to revenue, CSAT, and NPS, helping product teams find high-impact opportunities.

→ Canva: created VoC dashboards that aligned all teams on top issues.
→ Perplexity: set up an AI agent that caught revenue‑impacting issues, cutting diagnosis time by hours.
→ Notion: generated monthly user insights reports 70% faster.

Stop manually tagging feedback in spreadsheets. Keep all customer interactions in one hub and turn them into clear priorities that drive roadmap, retention, and revenue.

Get a personalized demo

👀 Remote Jobs

• Supabase is hiring a Site Reliability Engineer

  Remote Location: Worldwide

• The Flex is hiring a Platform Engineer

  Remote Location: Worldwide

📚️ Resources

• 450+ Free Google Certificates and Badges

• What is Azure Kubernetes Service (AKS) Automatic?

• A smarter filter for Grafana Alerting: a new way to find your alerts

🔴 Get my DevOps & Kubernetes ebooks! (free for Premium Club and Personal Tier newsletter subscribers)

Looking to promote your company, product, service, or event to 52,000+ Cloud Native Professionals? Let's work together. Advertise With Us

🧠 DEEP DIVE USE CASE

How To GitOps Your Terraform

Typically, teams begin their DevOps journey with CI/CD pipelines to automate application builds, tests, and deployments. As scaling needs grow, infrastructure shifts to Kubernetes environments where GitOps becomes the natural evolution for managing continuous delivery with strong auditability and rollback safety.

Sooner or later, Terraform kind becomes part of daily operations as the standard Infrastructure as Code tool. At that point the real question emerges: how do we bring the same GitOps principles that work well for Kubernetes workloads into Terraform driven infrastructure?

Before getting into that context, let us understand how a typical GitOps CI/CD pipeline works. A GitOps controller watches for changes, and only then syncs the declared state to the cluster. Deployment decisions now come from version controlled Git commits, not scripts embedded in pipelines.

It’s time to understand how GitOps push and pull approaches handle deployments differently.

GitOps Push Approach

• The CI pipeline handles testing, image building, and deployment in one flow.

• After updating the manifest or Helm chart, the pipeline executes a deploy step using tools like kubectl or Helm.

• The CI system holds direct access to the Kubernetes cluster, often via service accounts or kubeconfig.

• Any pipeline error, script issue, or misconfiguration can directly affect live environments.

• Centralized control is achieved, but at the cost of higher security risk and tighter coupling.

• Scaling this model across multiple clusters or clouds requires complex secrets management and permissions setup.

GitOps Pull Approach

• The CI pipeline stops after updating the Git repository with new image versions or manifests.

• A GitOps agent (like ArgoCD or Flux) inside the cluster continuously monitors the Git repo.

• The cluster pulls changes when detected, then reconciles its state to match the repo.

• The CI system has no access to the cluster, reducing security risks and improving auditability.

• Each cluster acts independently, pulling from the same or environment-specific Git repos.

• Rollbacks are simplified by reverting commits in Git, and the system heals itself automatically.

Once the differences between push and pull are clear, the next question is GitOps with Terraform.

Become a paying subscriber to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In.

Paid subscriptions get you:

• • Access to archive of 200+ use cases
• • Deep Dive use case editions (Thursdays and Saturdays)
• • Access to Private Discord Community
• • Invitations to monthly Zoom calls for use case discussions and industry leaders meetups
• • Quarterly 1:1 'Ask Me Anything' power session