Fleet GitOps is a declarative device management feature of the Fleet platform that enables IT and security teams to manage endpoints using infrastructure-as-code (IaC) principles via GitOps workflows. Instead of managing devices through a graphical console, administrators define the desired state of the Fleet UI and device configurations in YAML files stored in a Git repository. The fleetctl binary acts as the execution engine, running on a CI/CD runner (e.g., GitHub Actions). When YAML files are updated and pushed to the repository, the runner applies the changes to the Fleet server, which then propagates them to managed devices. Key capabilities include: - Peer-reviewed change management via pull requests, replacing traditional Change Advisory Board (CAB) processes - Version-controlled device configurations, enabling rollback to any previous state - Continuous enforcement of device profiles, OS updates, software deployments, and security controls - Prevention of configuration drift by continuously reconciling device state against declared code - A reusable library of known-good configurations that can be copied and adapted for new management objects The approach is intended to reduce manual, repetitive tasks associated with GUI-based device management and increase auditability, collaboration, and operational speed. Fleet also offers free in-person GitOps workshops to assist teams with adoption.