Skip to main content
Meshery enables visual and collaborative GitOps, transforming traditional YAML-based GitOps workflows into visual, diagram-based infrastructure management. Combine the benefits of version control, audit trails, and declarative infrastructure with the power of visual design and collaboration.

Overview

Meshery’s GitOps capabilities provide:
  • Visual Infrastructure as Code: Design infrastructure visually, store as code
  • GitHub Integration: Connect repositories for automated snapshots
  • Pull Request Snapshots: Visual previews of infrastructure changes in PRs
  • Version Control: Full Git-based version history for all designs
  • GitOps Workflows: Deploy from Git repositories to Kubernetes clusters
  • Change Visualization: See infrastructure changes before merging

Freedom from YAML

Design infrastructure visually while maintaining GitOps best practices

Visual Diffs

See visual representations of infrastructure changes in pull requests

Automated Snapshots

GitHub Action automatically generates snapshots for every PR

Audit Trail

Complete version history of all infrastructure changes

Visual GitOps Workflow

Meshery transforms the traditional GitOps workflow:

Traditional GitOps

1

Edit YAML files

Manually edit Kubernetes YAML manifests in a text editor
2

Commit to Git

Commit YAML changes to version control
3

Review text diff

Review YAML diffs in pull request - difficult to understand impact
4

Merge and deploy

Merge PR and GitOps operator applies changes

Meshery GitOps

1

Design visually

Use Kanvas to design infrastructure changes visually
2

Export to Git

Export design to YAML and commit to repository
3

Review visual snapshot

Review visual snapshot of changes in pull request
4

Merge and deploy

Merge PR and deploy through Meshery or GitOps operator
Meshery doesn’t replace your GitOps operator - it enhances the workflow with visual design and collaboration.

GitHub Integration

Connecting GitHub Repositories

Connect your GitHub repositories to enable snapshot functionality:
1

Navigate to Workspace Settings

Go to your Workspace settings in Meshery
2

GitHub Connection

Click “Connect GitHub” and authorize the Meshery GitHub App
3

Select Repositories

Choose which repositories to connect for snapshots
4

Configure Webhooks

Meshery automatically configures webhooks for PR events

Kanvas Snapshot GitHub Action

The Kanvas Snapshot GitHub Action generates visual infrastructure snapshots: Installation: 
name: Kanvas Snapshot
on:
  pull_request:
    types: [opened, synchronize, reopened]
    paths:
      - 'k8s/**'
      - 'helm/**'
      - 'deploy/**'

jobs:
  kanvas-snapshot:
    name: Generate Infrastructure Snapshot
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          fetch-depth: 2

      - name: Generate Kanvas Snapshot
        uses: layer5io/kanvas-snapshot@v0.7.0
        with:
          # Meshery instance URL
          meshery-url: ${{ secrets.MESHERY_URL }}
          
          # Meshery authentication token
          meshery-token: ${{ secrets.MESHERY_TOKEN }}
          
          # Provider token (e.g., Meshery Cloud)
          provider-token: ${{ secrets.PROVIDER_TOKEN }}
          
          # Type of application files
          application-type: 'Kubernetes Manifest'
          
          # Path to manifest files
          file-path: './k8s'
          
      - name: Comment PR
        uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: '## Kanvas Snapshot Generated\n\nView your infrastructure snapshot in Meshery.'
            })
Configuration Options:
ParameterDescriptionRequiredDefault
meshery-urlURL of Meshery instanceYes-
meshery-tokenMeshery authentication tokenYes-
provider-tokenRemote provider tokenYes-
application-typeType of files (Kubernetes Manifest, Helm Chart, Docker Compose)NoKubernetes Manifest
file-pathPath to infrastructure filesNo.
design-nameCustom name for the snapshotNoAuto-generated

Pull Request Snapshots

Snapshot Workflow

When a pull request is created or updated:
1

Trigger Action

GitHub Action is triggered by PR event (open, update, sync)
2

Parse Files

Action parses Kubernetes YAML, Helm charts, or Docker Compose files
3

Generate Design

Meshery converts files to visual design representation
4

Create Snapshot

Visual snapshot image is generated showing infrastructure
5

Post Comment

Snapshot is posted as PR comment with link to Meshery

Snapshot Features

Snapshots provide visual insight into infrastructure changes:
  • Component Visualization: All Kubernetes resources shown as visual components
  • Relationship Mapping: Dependencies and relationships between resources
  • Change Highlighting: Modified resources highlighted in the snapshot
  • Resource Counts: Summary of resources added, modified, or removed
  • Interactive View: Click snapshot to open full interactive view in Meshery

Reading Snapshots

Interpret snapshot information:

Green Components

Resources being added in this PR

Yellow Components

Resources being modified in this PR

Red Components

Resources being removed in this PR

Gray Components

Existing resources not changed

Design Versioning

Git-based Versioning

All Meshery designs can be version controlled: Exporting Designs: 
# Export design to YAML
mesheryctl pattern export <design-id> > infrastructure.yaml

# Export to Helm chart
mesheryctl pattern export <design-id> --format helm -o ./chart

# Export to Docker Compose
mesheryctl pattern export <design-id> --format compose > docker-compose.yml
Committing to Git: 
git add infrastructure.yaml
git commit -m "feat: add Redis cache to application stack"
git push origin feature/redis-cache

Design History

Track design evolution over time:
  • Version Tags: Tag designs with semantic versions
  • Change Log: Maintain changelog of design modifications
  • Branching: Use Git branches for design variants
  • Rollback: Easily revert to previous design versions

Deployment from Git

GitOps Deployment Patterns

Pattern 1: Meshery as Deployment Tool 
# Deploy design from Git repository
mesheryctl pattern deploy \
  --file https://github.com/org/repo/blob/main/infrastructure.yaml \
  --context production
Pattern 2: ArgoCD Integration 
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: my-app
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://github.com/org/repo
    targetRevision: main
    path: k8s
  destination:
    server: https://kubernetes.default.svc
    namespace: production
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
Pattern 3: Flux Integration 
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
  name: infrastructure
  namespace: flux-system
spec:
  interval: 1m
  url: https://github.com/org/repo
  ref:
    branch: main
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: infrastructure
  namespace: flux-system
spec:
  interval: 10m
  sourceRef:
    kind: GitRepository
    name: infrastructure
  path: "./k8s"
  prune: true

Collaboration in GitOps

Design Review Process

Collaborative design review workflow:
1

Create Design Branch

Create a new branch for infrastructure changes
2

Design in Kanvas

Make changes using Kanvas visual designer
3

Export and Commit

Export design to YAML and commit to branch
4

Open Pull Request

Create PR with description of changes
5

Team Review

Team reviews visual snapshot and YAML changes
6

Iterate

Make adjustments based on feedback
7

Approve and Merge

Approve PR and merge to trigger deployment

Comments and Annotations

Enhance collaboration with inline comments:
  • Design Comments: Add comments directly on Kanvas designs
  • PR Comments: Discuss changes in GitHub PR comments
  • Documentation: Include README with design rationale
  • Change Descriptions: Write clear commit messages and PR descriptions

Advanced GitOps Workflows

Multi-environment Promotion

Promote changes through environments: 
# Development environment
git checkout develop
mesheryctl pattern deploy -f design.yaml --context dev-cluster

# Staging environment (after dev testing)
git checkout staging
git merge develop
mesheryctl pattern deploy -f design.yaml --context staging-cluster

# Production environment (after staging approval)
git checkout main
git merge staging
mesheryctl pattern deploy -f design.yaml --context prod-cluster

Automated Testing

Integrate testing in GitOps pipeline: 
# .github/workflows/validate.yml
name: Validate Infrastructure
on:
  pull_request:
    paths:
      - 'k8s/**'

jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      
      - name: Validate Design
        run: |
          mesheryctl pattern validate -f k8s/design.yaml
          
      - name: Dry Run
        run: |
          mesheryctl pattern deploy -f k8s/design.yaml \
            --context test-cluster --dry-run
            
      - name: Policy Check
        run: |
          mesheryctl pattern check -f k8s/design.yaml \
            --policy ./policies/security.rego

Drift Detection

Detect when deployed infrastructure drifts from Git: 
# Compare deployed state with Git source
mesheryctl pattern diff \
  --deployed <design-id> \
  --source https://github.com/org/repo/blob/main/design.yaml

# Auto-remediate drift
mesheryctl pattern deploy -f design.yaml --force

Snapshot Extensions

Helm Kanvas Snapshot Plugin

Generate snapshots from Helm charts: 
# Install plugin
helm plugin install https://github.com/meshery/helm-kanvas-snapshot

# Generate snapshot of Helm chart
helm kanvas-snapshot mychart ./chart-directory

# Snapshot installed release
helm kanvas-snapshot release myrelease --namespace production

# Output snapshot to file
helm kanvas-snapshot mychart ./chart --output snapshot.png

kubectl Kanvas Snapshot Plugin

Generate snapshots from kubectl manifests: 
# Install via krew
kubectl krew install kanvas-snapshot

# Snapshot from file
kubectl kanvas-snapshot -f deployment.yaml

# Snapshot from directory
kubectl kanvas-snapshot -f ./k8s/

# Snapshot running resources
kubectl kanvas-snapshot --namespace production --all

# Snapshot with Kustomize
kubectl kanvas-snapshot -k ./overlays/production

Best Practices

Start with visual design in Kanvas, then export to YAML for Git. This ensures consistent, well-structured infrastructure.
Name branches descriptively: feature/add-redis, fix/ingress-timeout, refactor/optimize-resources
Follow conventional commits: feat:, fix:, refactor:, docs: prefixes help track changes.
Add Kanvas Snapshot action to all infrastructure repositories for consistent visual feedback.
Require PR reviews and passing checks before merging to main/production branches.
Tag important versions: v1.0.0, production-2024-03-01 for easy rollback reference.
Clearly document any breaking changes in PR descriptions and commit messages.