II.
Workflow overview
Reference · liveworkflow:gitops-config-drift-audit
GitOps Config Drift Audit overview
Audits the convergence state of GitOps-managed clusters and services -- comparing desired state in Git repositories against live cluster state, identifying resources modified out-of-band (kubectl edits, manual console changes), categorizing drift by severity and blast radius, auto-reconciling safe drifts, escalating risky drifts for manual review, and tracking drift trends to identify systemic process gaps. Excludes Terraform drift (covered separately) and initial GitOps adoption.
Attributes
displayName
GitOps Config Drift Audit
workflowKind
operational
triggerType
scheduled
typicalCadence
weekly
complexity
single-team
description
Audits the convergence state of GitOps-managed clusters and services --
comparing desired state in Git repositories against live cluster state,
identifying resources modified out-of-band (kubectl edits, manual console
changes), categorizing drift by severity and blast radius, auto-reconciling
safe drifts, escalating risky drifts for manual review, and tracking drift
trends to identify systemic process gaps. Excludes Terraform drift (covered
separately) and initial GitOps adoption.
Outgoing edges
applies_to_domain2
- domain:devops·DomainDevOps
- domain:cloud-infra·DomainCloud Infrastructure
involves_role2
performed_by_org_unit2
- org-unit:platform-team·OrgUnitPlatform Team
- org-unit:infra-engineering·OrgUnitInfrastructure Engineering
requires_skill_area2
- skill-area:gitops·SkillArea
- skill-area:k8s-rbac·SkillArea
triggers_responsibility2
- responsibility:terraform-state-mgmt·ResponsibilityTerraform state management
- responsibility:runbook-authoring·ResponsibilityRunbook authoring
Incoming edges
follows_workflow1
- stack-profile:gitops-deployment·StackProfile