Structured, Immutable Release Management for Kubernetes
Kokumi separates build intent from immutable artifacts and active state — so your platform team ships with confidence, every time.
Get Started View on GitHub
Built for Confidence at Scale
Immutable Artifacts
Every render produces a content-addressed OCI artifact. A Preparation is created once and never modified — giving you a permanent, reproducible history of everything ever shipped.
Instant Rollback
Roll back by pointing the Serving at any previous Preparation. The artifact already exists in the registry — no re-render, no rebuild, no waiting.
Approval Gates
Rendering and deployment are fully decoupled. Inspect the complete rendered manifest in the built-in UI before promoting, or require explicit human sign-off between environments.
Drift Detection
The deployed SHA-256 digest is compared on every sync. Any mismatch between desired and running is a concrete, actionable signal — not an ambiguous diff.
Air-Gap Ready
The entire pipeline runs offline. All dependencies are OCI artifacts that can be mirrored into your private registry in advance — no external connectivity required at deploy time.
GitOps Native
Kokumi delegates runtime deployment to Argo CD. It feeds your existing GitOps workflow rather than replacing it, so your Argo CD dashboards, policies, and RBAC stay intact.