GitHub, GitOps & DevOps for Beginners - maifors/agile GitHub Wiki

GitHub, GitOps & DevOps for Beginners

1. Intro to Git & GitHub

Git is a distributed version control system (VCS) designed to handle everything from small to very large projects with speed and efficiency. It allows multiple developers to work on the same codebase simultaneously without overwriting each other's work.

GitHub is a web-based platform that provides hosting for Git repositories. It adds many collaboration features on top of Git, such as issue tracking, pull requests, code review, and project management tools. It's a central place for teams to manage their code and DevOps workflows.

2. Core GitHub Concepts for DevOps

Key GitHub features used in DevOps:

  • Repositories (Repos): Where your project's code and files live.
  • Branches: Independent lines of development. Developers typically create branches to work on new features or fixes without affecting the main codebase (e.g., main or master branch).
  • Commits: Snapshots of your changes at a specific point in time.
  • Pull Requests (PRs): A way to propose changes to a branch. PRs allow for code review, discussion, and automated checks before merging code.
  • GitHub Actions: An automation platform that allows you to build, test, and deploy your code directly from GitHub. Workflows are defined in YAML files within your repository.
  • Issues: Used for tracking tasks, enhancements, and bugs.

3. What is GitOps?

GitOps is an operational framework that takes DevOps best practices used for application development and applies them to infrastructure automation. It uses Git as the single source of truth for declarative infrastructure and applications.

Core Principles of GitOps:

  • Declarative: The desired state of the system is declared in Git (e.g., Kubernetes manifests, Terraform configurations).
  • Versioned and Immutable: The desired state is version-controlled in Git, and changes are made via commits.
  • Pulled Automatically: Approved changes to the desired state in Git are automatically applied to the system by an agent.
  • Continuously Reconciled: Software agents ensure the actual state of the system converges to the desired state declared in Git.

4. How GitOps Works with GitHub

GitHub plays a central role in a GitOps workflow:

  1. Source of Truth: The GitHub repository stores the declarative configuration for your applications and infrastructure.
  2. Change Management via Pull Requests: Any change to the system (e.g., deploying a new version, scaling an application) is proposed via a Pull Request to the configuration repository.
  3. Automated Validation: PRs can trigger automated checks (linting, testing, policy checks) using GitHub Actions or other CI tools.
  4. Approval & Merge: After review and approval, the PR is merged into the main branch, updating the desired state.
  5. Automated Deployment: A GitOps agent (like Argo CD or Flux for Kubernetes) running in the cluster detects the change in the Git repository and automatically pulls and applies the changes to the live environment.

This creates a transparent, auditable, and automated way to manage infrastructure and application deployments.

5. GitHub Actions for CI/CD

GitHub Actions allows you to automate your software development workflows in the same place you store your code and collaborate on pull requests and issues.

  • Workflows: Automated processes defined by YAML files in the .github/workflows directory of your repository.
  • Events: Workflows can be triggered by various events, such as a push to a branch, creation of a pull request, or a schedule.
  • Jobs: A workflow consists of one or more jobs, which run in parallel by default.
  • Steps: Each job contains a sequence of steps, which can run commands or use pre-built 'actions'.
  • Actions: Reusable units of code that can perform complex tasks (e.g., checking out code, setting up a Node.js environment, building a Docker image, deploying to a cloud provider).

GitHub Actions can be used for CI (building and testing code) and CD (deploying applications), often integrating with GitOps tools for the deployment part.

6. Best Practices & Pitfalls

Best Practices for GitHub & GitOps:

  • Use clear branching strategies (e.g., GitFlow, GitHub Flow).
  • Enforce code reviews via Pull Requests.
  • Automate checks (linting, testing, security scans) in PRs using GitHub Actions.
  • Keep your declarative configurations in Git DRY (Don't Repeat Yourself).
  • Ensure your GitOps agent has appropriate, least-privilege access.
  • Monitor the GitOps reconciliation process.

Common Pitfalls:

  • Storing sensitive secrets directly in Git (use solutions like Sealed Secrets, HashiCorp Vault, or cloud provider secret managers).
  • Complex merge conflicts in configuration repositories if not managed well.
  • Overly complex GitHub Actions workflows that are hard to maintain.
  • Drift between the desired state in Git and the actual state if reconciliation fails or is too slow.
  • Not properly securing your Git repositories and GitHub Actions.