diff --git a/README.md b/README.md
index c9c605f..ed879de 100644
--- a/README.md
+++ b/README.md
@@ -10,9 +10,9 @@ When you want to use this GitHub Action your GitHub repository should have a `de
 should use tags for
 releases.
 
-- For the `dev` branch we will change the files specified under `gitops-dev`.
-- For the `master` / `main` branch we will change the files specified under `gitops-stage`.
-- For a new tag the files under `gitops-prod` will be used.
+- For the `dev` branch we will change the files specified under `gitops-dev`. These changes are committed to the `dev` branch of the GitOps repository.
+- For the `master` / `main` branch we will change the files specified under `gitops-stage`. These changes are committed to the default branch (`main`) of the GitOps repository.
+- For a new tag the files under `gitops-prod` will be used. These changes are committed to the default branch (`main`) of the GitOps repository.
 
 This GitOps setup should be the default for all your repositories. However, if you have a special case, you can
 leave `gitops-dev`, `gitops-stage` and `gitops-prod` undefined, then those steps will be skipped.
diff --git a/scripts/lib/gitops-functions.sh b/scripts/lib/gitops-functions.sh
index 2b4f64b..74b2c5e 100755
--- a/scripts/lib/gitops-functions.sh
+++ b/scripts/lib/gitops-functions.sh
@@ -6,11 +6,13 @@
 #   INPUT_DOCKER_REGISTRY, INPUT_DOCKER_IMAGE, INPUT_TAG, INPUT_PUSH,
 #   INPUT_GITOPS_USER, INPUT_GITOPS_TOKEN,
 #   INPUT_GITOPS_ORGANIZATION, INPUT_GITOPS_REPOSITORY,
+#   GITOPS_BRANCH (target branch on the GitOps repo, e.g. main / dev),
 #   GITHUB_REPOSITORY, GITHUB_SHA, IMAGE
 
 push_to_gitops_repo() {
-  git pull --rebase "https://${INPUT_GITOPS_USER}:${INPUT_GITOPS_TOKEN}@github.com/${INPUT_GITOPS_ORGANIZATION}/${INPUT_GITOPS_REPOSITORY}.git"
-  git push "https://${INPUT_GITOPS_USER}:${INPUT_GITOPS_TOKEN}@github.com/${INPUT_GITOPS_ORGANIZATION}/${INPUT_GITOPS_REPOSITORY}.git"
+  local branch="${GITOPS_BRANCH:-main}"
+  git pull --rebase "https://${INPUT_GITOPS_USER}:${INPUT_GITOPS_TOKEN}@github.com/${INPUT_GITOPS_ORGANIZATION}/${INPUT_GITOPS_REPOSITORY}.git" "${branch}"
+  git push "https://${INPUT_GITOPS_USER}:${INPUT_GITOPS_TOKEN}@github.com/${INPUT_GITOPS_ORGANIZATION}/${INPUT_GITOPS_REPOSITORY}.git" "HEAD:${branch}"
 }
 
 commit_changes() {
diff --git a/scripts/update-gitops.sh b/scripts/update-gitops.sh
index f9037c7..07805d4 100755
--- a/scripts/update-gitops.sh
+++ b/scripts/update-gitops.sh
@@ -29,6 +29,11 @@ require_env INPUT_GITOPS_REPOSITORY
 # shellcheck disable=SC2034
 IMAGE="${INPUT_DOCKER_REGISTRY}/${INPUT_DOCKER_IMAGE}:${INPUT_TAG}"
 
+# Branch on the GitOps repo to commit & push to.
+# Defaults to "main"; DEV updates target the "dev" branch.
+# Consumed by push_to_gitops_repo() in lib/gitops-functions.sh.
+export GITOPS_BRANCH="main"
+
 # Configure git user
 git config --global user.email "${INPUT_GITOPS_EMAIL}" && git config --global user.name "${INPUT_GITOPS_USER}"
 
@@ -38,6 +43,9 @@ if [[ ( $GITHUB_REF == refs/heads/master || $GITHUB_REF == refs/heads/main ) &&
 
 elif [[ $GITHUB_REF == refs/heads/dev && -n "${INPUT_GITOPS_DEV:-}" ]]; then
   log_info "Run update for DEV"
+  export GITOPS_BRANCH="dev"
+  git fetch origin dev
+  git checkout -B dev origin/dev
   process_file_updates "$INPUT_GITOPS_DEV" "true"
 
 elif [[ $GITHUB_REF == refs/tags/* && -n "${INPUT_GITOPS_PROD:-}" ]]; then
diff --git a/tests/lib-gitops-functions.bats b/tests/lib-gitops-functions.bats
index 635cbba..ccbe523 100644
--- a/tests/lib-gitops-functions.bats
+++ b/tests/lib-gitops-functions.bats
@@ -17,6 +17,7 @@ setup() {
   export INPUT_GITOPS_TOKEN="fake-token"
   export INPUT_GITOPS_ORGANIZATION="Staffbase"
   export INPUT_GITOPS_REPOSITORY="mops"
+  export GITOPS_BRANCH="main"
   export IMAGE="registry.staffbase.com/my-service:main-abcdef12"
 
   # Create mock yq
diff --git a/tests/update-gitops.bats b/tests/update-gitops.bats
index 8f135df..20c0a96 100644
--- a/tests/update-gitops.bats
+++ b/tests/update-gitops.bats
@@ -113,6 +113,40 @@ teardown() {
   ! grep -q 'git commit' "${TEST_TEMP_DIR}/git_calls.log" 2>/dev/null || true
 }
 
+# --- GitOps target branch ---
+
+@test "DEV update fetches and pushes to dev branch on gitops repo" {
+  export GITHUB_REF="refs/heads/dev"
+  export INPUT_GITOPS_DEV="kubernetes/namespaces/svc/dev/de1/deploy.yaml spec.image"
+  run "$SCRIPT"
+
+  assert_success
+  assert_output --partial "Run update for DEV"
+  grep -q "git fetch origin dev" "${TEST_TEMP_DIR}/git_calls.log"
+  grep -q "git checkout -B dev origin/dev" "${TEST_TEMP_DIR}/git_calls.log"
+  grep -q "git pull --rebase .* dev$" "${TEST_TEMP_DIR}/git_calls.log"
+  grep -q "git push .* HEAD:dev" "${TEST_TEMP_DIR}/git_calls.log"
+}
+
+@test "STAGE update pushes to main branch on gitops repo" {
+  export GITHUB_REF="refs/heads/main"
+  export INPUT_GITOPS_STAGE="kubernetes/namespaces/svc/stage/de1/deploy.yaml spec.image"
+  run "$SCRIPT"
+
+  assert_success
+  grep -q "git push .* HEAD:main" "${TEST_TEMP_DIR}/git_calls.log"
+  ! grep -q "git checkout -B dev" "${TEST_TEMP_DIR}/git_calls.log"
+}
+
+@test "PROD update pushes to main branch on gitops repo" {
+  export GITHUB_REF="refs/tags/v1.0.0"
+  export INPUT_GITOPS_PROD="kubernetes/namespaces/svc/prod/de1/deploy.yaml spec.image"
+  run "$SCRIPT"
+
+  assert_success
+  grep -q "git push .* HEAD:main" "${TEST_TEMP_DIR}/git_calls.log"
+}
+
 # --- No files configured ---
 
 @test "does nothing when no gitops files are configured" {