Search papers, labs, and topics across Lattice.
This paper presents a case study applying runtime monitoring with SyMon to a continuous deployment (CD) pipeline based on FluxCD, GitHub Actions, GitHub Container Registry (GHCR), and Kubernetes. The study aimed to verify the timely detection of new image deployments by FluxCD after pushes to GHCR. The key finding is that while FluxCD always detected new images within ten minutes, it failed to do so within five minutes in some instances, demonstrating the utility of runtime verification for identifying timing inconsistencies in CD processes.
FluxCD, a popular GitOps tool, sometimes misses image updates for up to 10 minutes, highlighting the need for runtime verification in continuous deployment pipelines.
We report our experience in applying runtime monitoring to a FluxCD-based continuous deployment (CD) process. Our target system consists of GitHub Actions, GitHub Container Registry (GHCR), FluxCD, and an application running on Kubernetes. We monitored its logs using SyMon. In our setting, we regard a deployment update as detected when FluxCD's polling log resolves the latest image tag. Through the case study, we found that FluxCD did not always detect a new image within five minutes after it was pushed to GHCR, whereas it always did so within ten minutes in the collected logs. Moreover, our results show that SyMon is fast enough for near-real-time monitoring in our setting.
