Intent
Store configuration in Git so changes are versioned, reviewable, and deployable.
When to use
- Configuration changes require review and traceability.
- Multiple environments need consistent, reproducible setup.
- You need rollback capability for configuration drift.
Core mechanics
- Store config files in a dedicated Git repository.
- Validate configs before applying changes.
- Deploy configs through a sync job or CI pipeline.
- Record the applied commit hash for traceability.
Implementation checklist
- Define a config schema and validation rules.
- Establish review and approval workflow for changes.
- Implement a sync job that pulls from Git.
- Log the applied commit hash and timestamp.
- Document rollback and recovery steps.
Failure modes and mitigations
- Secrets committed by mistake -> use secret scanning and external secret stores.
- Merge conflicts -> enforce review and branch protection.
- Drift between Git and runtime -> re-apply on schedule and log drift.
Observability and validation
- Applied commit hash and sync timestamp.
- Validation error counts for config checks.
- Drift detection reports or sync status.
Artifacts
- Config templates and example files.
- Validation scripts and sync logs.