It provides visibility on how ur application is changing. It tracks every change made to ur application. Gitops helps in infrastructure management ( scaling pods, adding services.. ) with Git as a single source of truth.

Argocd

Lets u specify ur deployments, pods somewhere ( in a separate repo ) . It constantly checks for updates and pulls the latest files. It makes sure final state of K8s Cluster matches what you have describes in repo where ur manifest files lies.

It also provides audit logs of everything that has changed.

Disadvantage of using Gitops

Since all your files are publicly available that includes your secrets.yml file. If committed ur database credentials can be accessed by anyone. So you must commit your secrets in a sealed file called sealed-secret.yml using kubeseal

Gitops repo file cannot be overridden manually

When you say “you can’t override a GitOps repo file — it will be reversed”, it means:

Any manual or out-of-band change you make (for example, editing a Kubernetes manifest directly in the cluster or modifying a config file outside Git) will not persist — because Git is the single source of truth in GitOps.

In a GitOps workflow

1. Git repository holds the desired state of your system — e.g., Kubernetes manifests, Helm charts, or Terraform configs.
2. A GitOps operator (like Argo CD, Flux, etc.) continuously reconciles the actual cluster state with the Git repo.
3. If it detects that the live state differs from the repo, it automatically reverts the change to match Git.

So when you say

“You can’t override a GitOps repo file; it will be reversed”

You mean: