|
| 1 | +--- |
| 2 | +title: Plural Observers in Continuous Deployment |
| 3 | +description: Detect upstream changes and automatically trigger deployments, enabling fast, event-driven continuous delivery. |
| 4 | +--- |
| 5 | + |
| 6 | +Plural’s Observer framework implements the Observer Pattern, automatically watching external sources and triggering deployments |
| 7 | +based on detected changes. This eliminates the need for manual intervention when new versions of applications or dependencies are released. |
| 8 | + |
| 9 | +## Overview of Plural Observers |
| 10 | +Plural’s Observer CRD (Observer resource) defines: |
| 11 | + - What to watch: External targets like Git repositories, Helm registries, OCI registries, or Plural add-ons. |
| 12 | + - How often to poll: Using a crontab schedule. |
| 13 | + - What actions to perform: Launch a pipeline or open a pull request when changes are discovered. |
| 14 | + |
| 15 | +This event-driven model integrates tightly with GitOps practices, ensuring deployments stay in sync with upstream artifacts dynamically and safely. |
| 16 | + |
| 17 | +## Scraping OCI Registries with Observers |
| 18 | +Plural observers can scrape OCI-based repositories (e.g., container image repositories or Helm charts stored in OCI format). |
| 19 | +Here’s how this works: |
| 20 | + - Target Type: OCI |
| 21 | + - Configuration: |
| 22 | + - URL: The address of the OCI repository to scrape. |
| 23 | + - Optional authentication (BASIC, AWS, GCP, Bearer, Azure). |
| 24 | + - Polling: Using a cron schedule, the observer lists tags or artifacts. |
| 25 | + - Version Extraction: (Optional) A regex can be defined to match semantic versions (v1.2.3). |
| 26 | + |
| 27 | +The observer will detect newly published tags or versions, compare them with previously seen ones, and if a new version is found, it will trigger actions based on the configuration. |
| 28 | + |
| 29 | +### Setup |
| 30 | +You can configure an Observer resource to monitor an OCI Helm chart repository or container image registry. |
| 31 | +When a new artifact (matching a version format) appears, the Observer will trigger a Pipeline to handle the deployment. |
| 32 | + |
| 33 | +```yaml |
| 34 | +apiVersion: platform.plural.sh/v1alpha1 |
| 35 | +kind: Observer |
| 36 | +metadata: |
| 37 | + name: my-oci-observer |
| 38 | +spec: |
| 39 | + crontab: "*/15 * * * *" |
| 40 | + target: |
| 41 | + type: OCI |
| 42 | + order: SEMVER |
| 43 | + format: "v([0-9]+\\.[0-9]+\\.[0-9]+)" |
| 44 | + oci: |
| 45 | + url: "oci://ghcr.io/my-org/my-helm-chart" |
| 46 | + provider: BASIC |
| 47 | + auth: |
| 48 | + basic: |
| 49 | + username: "test" |
| 50 | + passwordSecretKeyRef: |
| 51 | + name: oci-auth-secret |
| 52 | + key: password |
| 53 | + actions: |
| 54 | + - type: PIPELINE |
| 55 | + configuration: |
| 56 | + pipeline: |
| 57 | + pipelineRef: |
| 58 | + name: my-deploy-pipeline |
| 59 | + context: |
| 60 | + version: "$value", |
| 61 | + releaseName: "my-app-release" |
| 62 | +``` |
| 63 | +
|
| 64 | +If the OCI registry requires authentication, create a Kubernetes secret: |
| 65 | +```yaml |
| 66 | +apiVersion: v1 |
| 67 | +kind: Secret |
| 68 | +metadata: |
| 69 | + name: oci-auth-secret |
| 70 | +type: Opaque |
| 71 | +stringData: |
| 72 | + password: mypassword |
| 73 | +``` |
| 74 | +
|
| 75 | +### Behavior Summary |
| 76 | + - The Observer polls the OCI repository every 15 minutes. |
| 77 | + - It extracts versions matching a semantic version regex. |
| 78 | + - When a new version is found, it triggers a pre-configured Pipeline. |
| 79 | + - The new version value is passed to the pipeline’s context dynamically. |
| 80 | + - |
0 commit comments