Gitops with multiple repositories

[ludopaquet]

Problem

Today, one single repository is used for storing configuration files. Even if you could split them across folders, different teams would need to manage them with the same rights.

Ideal Solution

It could be nice to define in a repository a list of namespaces and git urls. Thus each namespace could be populated by one git project. Consequently, we could share the responsability of managing a namespace easily across teams.

Search

• [X] I searched for other open and closed issues before opening this

Additional Context

ref : https://community.flipt.io/t/gitops-with-multiple-repositories/15/3

[GeorgeMac]

This is a great idea! Makes sense from the security perspective. There is always mechanisms like CODEOWNERS in GitHub, but its a bit of a blunt instrument for this kind of control. Only really helps with adding review to making changes.

Using namespaces makes total sense too, in order to not require a change to the API as we need a way to address one repository source from another. Similarly, you could imagine this extending to the other declarative sources too (i.e. object (different buckets), OCI (different registry/repositories) and local (different directories)).

Needs a bit of thought as to how we might iterate there. Off the top of my head:

• configuration changes: need a backwards compat way to say 1 repo for all namespaces or N repos for specific ones
• namespace to source mapping in storage layer:
  • we need a way to model multiple live snapshots for the different sources
  • we need each source to have its own polling routine
  • we need the store to map namespaces onto snapshots
  • this needs to work in concert with revisions and the cache