Skip to main content

GitOps With AI

5 min read
DevopsSreCloud Eng

Devops

GitOps is declarative. AI loves declarative. Your job: keep the declared state sane.

Sre

AI can generate K8s YAML. It can't decide your SLOs or rollback triggers.

GitOps With AI

TL;DR

  • GitOps = git as source of truth. AI excels at generating and updating YAML: manifests, Helm values, Kustomize overlays.
  • AI doesn't understand your environments, your promotion strategy, or why you split staging and prod repos. You do.
  • Use AI to draft changes. Always diff, always validate. Drift happens when AI "fixes" something you didn't ask it to fix.

GitOps was built for automation. AI fits naturally—until it starts "improving" your structure. Your job is to keep the model clean and the workflow predictable.

What AI Handles in GitOps

  • Manifest generation. "Create a Deployment for service X with 3 replicas, env from ConfigMap." Done.
  • Helm value tweaks. Updating resources, adding sidecars, changing image tags. AI is good at structured edits.
  • ArgoCD / Flux sync fixes. "Sync failed because of X" → AI suggests patches. Usually correct for common errors.
  • Documentation. CHANGELOG entries, README updates. Low risk, high time-saver.

What AI Breaks

  • Environment parity. AI might "optimize" prod by copying staging config. Now staging and prod diverge in subtle ways. Bad.
  • Secret management. AI loves to suggest inline secrets or hardcoded values. Never. Use external secrets, Vault, or sealed-secrets. You enforce this.
  • Promotion flows. Staging → prod. Manual approval? Auto? AI doesn't know your governance. It guesses.
  • Namespace and RBAC. AI generates permissive defaults. Your security team will not thank you.

Prompting for GitOps

Good: "Update the ingress in staging/manifests/ to add path /api/v2. Use our existing ingress template. Don't change TLS or annotations."

Bad: "Update our Kubernetes config."

Be specific. Reference existing files. Constrain the scope. AI will try to "help" by refactoring. Tell it not to.

Manual process. Repetitive tasks. Limited scale.

Click "With AI" to see the difference →

Quick Check

What remains human when AI automates more of this role?

Do This Next

  1. Document your GitOps rules in a one-pager: what goes in git, what doesn't, how promotions work. Share with your team. Use this as AI prompt context.
  2. Run one AI-generated manifest change through your normal PR process. Note what reviewers caught that AI missed. Add those to your AI-review checklist.