← All Use Cases

GitOps for Webhook Configuration

Manage webhook endpoints, targets, blueprints, and delivery flows as declarative configuration — version-controlled, reviewed, and applied through Git workflows.

The Problem

Webhook configuration is often managed through click-ops — creating endpoints, configuring targets, and wiring flows through a dashboard UI. This works for small setups but breaks down as your number of providers, environments, and delivery targets grows. Changes are untracked, unreviewed, and unrepeatable.

Why This Is Hard

Infrastructure-as-code patterns (Terraform, Pulumi, Kubernetes CRDs) don't usually extend to webhook configuration. When they do, they treat the webhook as an opaque URL rather than a structured delivery configuration with templates, signature verification, event filtering, and retry policies. You end up managing webhook state manually alongside your infrastructure code.

How Zen Mesh Helps

Zen Mesh models the entire delivery path as declarative configuration through the Zen Configuration Contract (ZCC). Templates, blueprints, endpoints, flows, and targets are all versionable YAML/JSON that lives in your repository alongside your infrastructure code. Changes go through your normal review pipeline before they take effect.

Configuration as Code

The ZCC schema defines every resource in the delivery chain:

1
Templates

Provider-specific defaults and validation rules (Stripe, GitHub, Shopify, Twilio, custom HTTP).

2
Blueprints

Delivery policies — which events, retry rules, DLQ configuration, header policies.

3
Endpoints

Public webhook receive URLs with provider-specific binding.

4
Targets

Private service addresses reachable through the Edge Plane.

5
Flows

Bindings that wire an endpoint, blueprint, and target into a working delivery route.

GitOps Reconciliation

Platform teams can manage delivery configuration declaratively and review changes before they affect runtime behavior. When you push changes to your repository, Zen Mesh validates each resource against its schema, checks authorization, and applies the diff. Failed validations produce actionable error messages in your CI/CD pipeline.

Runtime Path

1
ZCC Schema

Write your delivery configuration as YAML/JSON following the Zen Configuration Contract schema.

2
Configuration Validation

The schema is validated locally and against the control plane before any runtime changes are applied.

3
Delivery Route

Validated configuration is translated into active delivery routes — endpoints, blueprints, targets, and flows.

4
Status & Evidence

Delivery status, errors, and evidence receipts are available through the UI, API, and CLI.

Security & Evidence

GitOps configuration follows the same security model as all Zen Mesh resources. Each reconciled delivery produces tamper-evident evidence receipts. See Security and Evidence for scope and maturity of the underlying data-plane controls.

Current Status

The ZCC schema defines the delivery configuration model. The V1 release supports UI, CLI, and API-based management with the same underlying configuration model — so GitOps workflows will adopt the same resources and validation without migration. See the Current Status page and ZCC documentation for details.

Get started with GitOps-ready config

The same configuration model powers UI, CLI, API, and declarative workflows.