Complete GitOps Implementation for Manhattan Hotfix Automation
Our GitOps workflow transformed Manhattan configuration management from a manual, error-prone process into a fully automated pipeline. Here’s the complete architecture:
GitOps Workflow Structure:
We use a trunk-based branching model with environment-specific promotion branches:
- main: Production-ready configurations
- staging: Pre-production validation
- develop: Active development and testing
- hotfix/*: Emergency fixes that bypass normal flow
Each hotfix branch follows the naming convention hotfix/HF-2025-03-###-description and gets automatically tagged as it progresses through environments.
Automated Promotion Pipeline:
The pipeline orchestrates the entire promotion lifecycle:
-
Version Tagging and Validation: When a hotfix is committed, the pipeline automatically tags it with semantic version (e.g., v1.2.3-hotfix.1), runs Manhattan-specific validation scripts, and checks configuration compatibility against target environment baseline versions.
-
Configuration Export and Packaging: All Manhattan configurations - including database-stored workflow definitions, allocation rules, and runtime parameters - are exported as XML artifacts and packaged with version metadata. We maintain a manifest file that tracks which configurations changed in each hotfix.
-
Automated Testing: The pipeline deploys to our test environment first, runs automated integration tests against Manhattan APIs, validates workflow execution, and generates a test report. Only after all tests pass does it proceed to staging.
-
Approval Gates: For production promotion, we implemented approval gates that require sign-off from both technical leads and business owners. These approvals are tracked in Git pull requests and logged to our audit database.
-
Rollback Capability: Every deployment creates an automatic rollback tag. If issues are detected post-deployment, the pipeline can revert to the previous stable version within 5 minutes by applying the rollback tag and re-importing the previous configuration state.
Version Tagging and Rollback Strategy:
Our tagging strategy ensures complete traceability:
- Base tags: v{major}.{minor}.{patch} for regular releases
- Hotfix tags: v{major}.{minor}.{patch}-hotfix.{number}
- Environment tags: {version}-{env}-{timestamp}
- Rollback tags: {version}-rollback-{reason}
The rollback process is fully automated. If a deployment fails validation checks or if manual rollback is triggered, the pipeline:
- Identifies the last successful deployment tag for that environment
- Retrieves the configuration artifacts from that tag
- Executes Manhattan import utilities to restore previous state
- Validates the rollback was successful
- Notifies the team via Slack with rollback details
Key Technical Implementation Details:
We built custom scripts that integrate Manhattan’s export/import utilities with Git operations. For database-stored configurations, we schedule periodic exports that commit changes to Git, ensuring even manual configuration changes through Manhattan UI are captured in version control.
The pipeline uses Jenkins for orchestration, with Manhattan-specific plugins we developed for configuration validation. We also implemented health checks that run post-deployment to verify Manhattan services are functioning correctly with the new configuration.
Results After Six Months:
- Deployment time reduced from 4 hours to 30 minutes average
- Configuration errors dropped 85% (from ~12 per month to 1-2)
- Zero failed deployments in production (test environment catches issues)
- Complete audit trail covering 100% of production changes
- Rollback capability tested successfully 8 times during the period
- Team confidence in making configuration changes increased dramatically
The most valuable outcome has been the ability to promote hotfixes with confidence. Previously, we’d delay critical fixes because of deployment risk. Now we can push emergency fixes to production within an hour of validation, knowing we have automated rollback if needed.
For teams considering this approach: Start with a pilot environment, build confidence with the automation, and gradually expand. The upfront investment in pipeline development pays off quickly in reduced deployment overhead and improved reliability.