GitOps is an operational framework that uses Git repositories as a single source of truth. Under GitOps, you describe the desired state of a Tanzu Service Mesh configuration using a declarative specification and place it in a Git repository.

In Git, you can define role-based access control (RBAC), version control, governance, audit trail, and any other operations that are required. A Git audit trail is totally acceptable for the organization's auditing purposes.

After changes to the configuration are made, approved, and merged, CI/CD pipelines are commonly triggered to apply them to the infrastructure.

GitOps automation overwrites any configuration drift caused by manual local changes and errors. As a result, the environment always uses the desired state defined in Git.

You can make Tanzu Service Mesh an integral part of your organization's GitOps workflow to deliver Git-central changes and updates to the Tanzu Service Mesh configuration and ensure the convergence of configuration between the Git repository and the clusters, by placing our declarative specifications in Git and applying them using the Tanzu Service Mesh CLI.