GitOps Workflows With GitHub Actions at Vonage

We recently redesigned our key build and deployment pipeline to support our Vonage Contact Center platform using a GitOps design that moves away from traditional DevOps methods. GitOps is a collaboration of best practices from DevOps and Security, focusing on Infrastructure as Code (IaC), Pull Requests (PRs), and Continuous Integration / Continuous Delivery (CI/CD) processes. We implemented a security-compliant pipeline that adheres to the principles of Least Privilege and Separation of Duties, providing timely deployment feedback to developers while reducing deployment friction and improving DevEx. Our architecture involves three distinct steps: processing GitHub repository_dispatch events, accepting or rejecting updates, and deploying applications. We created a CLI tool for seamless cloud infrastructure deployments and an in-house CI/CD framework to support Micro-FrontEnd projects, enhancing the developer experience and aiding in migrating existing components to the new pipeline.