I have a deep and personal dislike for inefficiency.Tickets, portals, custom tools with “streamlined workflows” that require five logins and a blood sacrifice? No thanks. Unfortunately, big companies tend to love exactly those things.
At Ada, we decided to do things differently.
👉 We run more than 200 AI projects (and counting), each with its quirks, but also with a lot of overlap.
And since we care about security just as much as efficiency, we wanted a way to keep access tight without turning into gatekeepers or professional ticket-closers.
Our solution? Git.
Each AI project has its own resource group, where only the data scientists working on that project should have access. No “all you can eat” buffet of permissions, you only get what you need, nothing more. Traditionally this would mean endless tickets:
🗣️“Please add Bob to Project X.”
🗣️ “Please remove Alice from Project Y.”
🗣️ And let’s not even start about:
“Bob forgot he had access, but he doesn’t anymore, so now we need an audit trail.”
Bureaucracy at its finest.
Instead, we treat access like code. Want in?
- Open a pull request. (Never done so? No problem, the README tells you how.)
- You edit a YAML file, assign the roles you need (just enough, not too much), and submit a PR.
- Someone reviews it (because let’s face it, you can’t be trusted),
- and once approved, the pipeline does the rest. No tickets. No portals. No “please wait 10 business days.” It’s live as soon as the PR merges.
And the beauty? It’s all version-controlled. We have history. We have traceability. We know who gave Bob access to Project X on that rainy Tuesday in March 2024, because Git remembers everything, unlike your colleague who swears they never touched production.
The same goes for secret management. Secrets are catalogued in Git, distributed automatically to the right Key Vaults, and retrieved in a consistent way. Need to add a secret?
❌You don’t file a ticket and pray someone in another department copies it correctly into a magical portal with an interface that hasn’t been updated since 2006.
✅ Nope, you add its pointer to the repo, fill in the value and run the pipeline, and boom, it’s where it needs to be.
And if you mess up, Git is kind enough to keep the entire history so we can see when and how the mistake happened and can rollback to a previous version.
Even project setup itself is GitOps. Add a line to a CSV, and the pipeline creates all the Azure DevOps resources you need, repos, pipelines, service connections, while you sip your coffee. No one is copy-pasting names in a portal. No one is chasing down which dropdown means “give access” vs “delete everything.”
And the best part? We didn’t buy any special extra tools to “streamline your cloud workflows” for only €399 per user per month (and 12 months of onboarding). We already had GitHub. We already had Git. We just… used it, all of it.
👉 So yes, at Ada we do AI projects. Lots of them. But we do them without drowning in bureaucracy.
- Pull requests are our access requests.
- Our ticketing system is git log.
- Our audit trail is built-in.
- And our efficiency comes from not reinventing the wheel with custom tools nobody likes to use anyway.
GitOps isn’t just about deploying infrastructure. For us, it’s about keeping things efficient, secure, transparent, and simple.
Jan
Tech Lead
Proximus Ada