GitOps

Deployment source control and syncing with Gitops

Seldon Deploy can recognise that certain namespaces are to be maintained using GitOps. It will look for the label seldon.gitops: enabled.

If the gitops label is not present or disabled then new deployments and modifications in the namespace will be pushed directly to the kubernetes cluster.

If the gitops label is present then deploy will look for an annotation named git-repo and a git URI. It uses a service account token for accessing the repo which is stored in a Secret installed with Seldon Deploy using the helm chart (along with username and email). Deploy will add metadata to any commits it makes, including recording which dex user took the action.

Seldon Deploy can display an Audit Log for each deployment where it reads back git commits and makes the changes and metadata visible:

deployauditlog

If the user is permitted then the state can also be restored to a previous commit.

See GitOps under Architecture for more on how GitOps works.