GitOps and Spinnaker Rollbacks

I had a question about using GitOps coupled with Spinnaker’s rollbacks either via the UI or a stage in the pipeline.

I had envisioned a pipeline something like this:

  1. Release system triggers a Jenkins job to build the manifest using the approved docker image digest
  2. Job uses helm template + kustomize to generate the manifest and commits it to git
  3. Spinnaker pipeline would be triggered on the manifest file change in git

So the question, we are ‘GitOps-ish’ here where the repo would be the source of truth. However, if we were to leverage the Spinnaker rollback workflow we could be out of sync. Ie, the git would contain the ‘latest’ approved release but not the fact it was rolled back via Spinnaker.

I realize we could have the release system have the rollback logic but was hoping to use Spinnaker. Has anyone come up with a good solution? Or have any advice?

I’m not sure how GitOps can work in practice with controllers (like operators) applying changes within the cluster… think HPA, vertical pod scaling, pod creation/destroy, etc, etc.
Not sure how Weave Flux and the like handle this as haven’t used them.

You can always revert in Git and use Git triggers or some subsequent CI system trigger Spinnaker pipeline. It would be like rolling forward but with previous manifests so achieving the same thing?
This is what we do now. The custom CRD’s we use are not versioned.