Skip to content

No-Git GitOps

The experimental No-Git GitOps workflow enables GitOps principles without requiring Git. Instead of Git as the source of truth, formae becomes the only system of record since it automatically captures every change, regardless of its origin. Combined with its ability to extract and apply/destroy resources at any granularity, GitOps divorces itself from the file-based approach towards clear semantics.

⚠️ Experimental: This capability is still in an early stage of development. For example, it is yet lacking user management, historic queries and the likes that would allow a full audit trail. We are working hard to add the missing functionality, because we truly believe that Git should be just one of the possible tools and teams deserve a simpler choice.

Prerequisites: Read Classic GitOps and Always up-to-date GitOps to understand reconcile mode, patch mode, and discovery before exploring this experimental workflow.

How No-Git GitOps works

Instead of storing forma files in Git and insisting on everybody to use it in a strict and often rigid way, you:

  1. Rely on formae's ability to capture, store and version every resource change
  2. Extract resources that you need to work with in any granularity your current situation requires
  3. Consider formae the only source of truth that keeps itself automatically up-to-date
  4. Don't work with files as artifacts, instead patch or reconcile from temporary files

Workflow example: Managing a web application stack

Day 0: Initial deployment

# Deploy the initial web app infrastructure
formae apply --mode reconcile --watch web-app-stack.pkl

# Extract and review what was created
formae extract --query 'stack:web-app-stack' ./day-0-infrastructure.pkl

Day 5: Add monitoring

# Add in monitoring via patch mode to seamlessly update your existing infrastructure
formae apply --mode patch --watch cloud-watch.pkl

Day 10: Add SSL certificate

# Extract current state including the new monitoring
formae extract --query 'type:AWS::CloudFront::Distribution' ./day-10-state.pkl

# Edit day-10-state.pkl to add:
# 1. Stack label and description
# 2. CertificateManager resource for SSL

# Apply the SSL certificate
formae apply --mode patch --watch day-10-state.pkl

Day 15: Update CloudFront configuration

# Extract CloudFront Distribution in its current up-to-date state
formae extract --query 'type:AWS::CloudFront::Distribution' ./day-15-state.pkl

# Edit day-15-state.pkl to:
# 1. Ensure stack label is present
# 2. Update CloudFront distribution with SSL settings

# Apply the updated CloudFront configuration
formae apply --mode patch --watch day-15-state.pkl

Day 20: Add backup and disaster recovery

# Extract S3 bucket in its current up-to-date state
formae extract --query 'type:AWS::S3::Bucket' ./day-20-state.pkl

# Edit day-20-state.pkl to add backup policies

# Apply the backup infrastructure
formae apply --mode patch --watch day-20-state.pkl

Day 25: Performance optimization

# Extract the CloudFront Distribution in its current up-to-date state
formae extract --query 'type:AWS::CloudFront::Distribution' ./day-25-state.pkl

# Edit day-25-state.pkl to add:
# - CloudFront caching rules
# - S3 transfer acceleration

# Apply the performance improvements
formae apply --mode patch --watch day-25-state.pkl

Git can still be used for audit purposes

This workflow doesn't prevent using Git - it just changes Git's role from system of record to audit trail. Security and compliance tools often require code to be auditable on disk. You can satisfy this requirement by:

  1. Periodically extracting resources from formae
  2. Committing the extracted formae to Git for audit purposes
  3. Using Git for code review and approval workflows
# Extract current state for audit
formae extract --query "stack:production" ./audit/$(date +%Y-%m-%d)-production.pkl

# Commit to Git for record keeping
git add audit/
git commit -m "Audit snapshot: production infrastructure"
git push

This gives you the flexibility of No-Git GitOps while maintaining an audit trail in Git.

What's next

You've explored the experimental No-Git GitOps workflow. Continue learning: