What is Nullstone GitOps?

Nullstone GitOps is a platform-agnostic GitOps implementation delivered as a SaaS product. The implementation has no dependence on a cloud provider (e.g. AWS, GCP) or container platform (e.g. Kubernetes, ECS).

Before diving deeper into Nullstone GitOps, it may be helpful to understand GitOps. Here is a key snippet taken from the official site describing GitOps.

The core idea of GitOps is having a Git repository that always contains declarative descriptions of the infrastructure currently desired in the production environment and an automated process to make the production environment match the described state in the repository.

Why use Nullstone GitOps?

Currently, the most popular GitOps tools are ArgoCD and FluxCD. These tools are great tools, but they are built for infrastructure engineers using Kubernetes. Instead, Nullstone GitOps was built for developers to build, deploy, and operate cloud-native applications.

1. Provides safe, automated tooling for injecting secrets in your applications.
2. Provides powerful and flexible workflows for DEV to PROD Propagation.
3. Platform-agnostic and supports Kubernetes/non-Kubernetes platforms.
4. Tracks the entire deployment lifecycle in a single activity: provisioning and syncing infrastructure, building the application, pushing the artifacts, deploying the application, and monitoring the deployment.
5. Out-of-the-box support for ephemeral/preview environments.
6. GitOps configuration is at the application level instead of configuring granular cloud resources.

Limitations of most GitOps implementations

Nullstone GitOps solves limitations with most GitOps implementations that are enumerated on the official GitOps site:

• How to get secrets into the environment without storing them in git?
• How does GitOps Handle DEV to PROD Propagation?
• I don’t use Kubernetes. Can I still use GitOps?

TIP

Nullstone GitOps can be used in conjunction with ArgoCD/FluxCD. Typically, an infra team manages base/shared infrastructure with ArgoCD/FluxCD. Developers use Nullstone GitOps for the application layer.

How does it work?

Nullstone operates by listening to webhooks from the Git repository. When a webhook is received, Nullstone orchestrates a pipeline of activities to perform a deployment based on the code for that Git commit.

During the infra update step, Nullstone merges the configuration from the Nullstone UI, .nullstone/config.yml, and .nullstone/<overrides>.yml. The final configuration is used to apply infra updates using Terraform or Kubernetes manifests (coming soon).

Bring-your-own CI tool

Nullstone provides automatic builds as part of its service. However, you can use GitHub Actions, CircleCI, or other CI providers to perform the build.

Custom infrastructure code

Nullstone provides compliant Terraform modules using vanilla Terraform to configure infrastructure. However, you can fork these open-source modules or create your own.

TIP

Native support for OpenTofu, Pulumi, Kubernetes yaml, and Helm are on the roadmap.

Agnostic to hosting platform and cloud provider

Nullstone relies on open-source tools like Terraform to provision infrastructure. For deployments, Nullstone maintains an open-source tool, nullstone-io/deployment-sdk.

This tool provides generic implementations to perform various application commands:

• Publishing artifacts
• Executing deployments
• Monitoring (and logging) deployments
• Accessing application logs
• Retrieving metrics for apps and datastores
• Performing remote commands against an app
• Gaining remote access to an app

This tool supports container apps, static sites, and serverless deployment patterns on AWS/GCP. It also supports multiple container platforms including Kubernetes and ECS.