Plugin Policy

Introduction

Your application workflow should follow certain standards and precautions to ensure reliability and a smooth release. For example, mandating load testing for production deployments might help you identify performance bottlenecks early rather than face possible outages, unhappy users, or revenue loss.

The Plugin Policy feature in Devtron lets you enforce the presence of specific plugins at various stages in your application's build and deployment pipelines, such as pre-build, post-build, pre-deployment, or post-deployment. Therefore, if the required plugins do not exist in the specified stage(s), you can decide the action (whether to allow or block the pipeline trigger).

Figure 1: How Plugin Policy Works

Tutorial


Creating a Plugin Policy

Who Can Perform This Action?

  1. Go to Global Configurations → Plugin Policy.

    Figure 2: Plugin Policy
  2. Click + Create Profile.

    Figure 3: Create Profile Button
  3. Give a name to the profile, e.g., check-jira, and add a description (optional) preferably explaining what it does.

    Figure 4: Choosing a Pipeline Type
  4. Choose whether the profile should apply to the Build pipeline or the Deployment pipeline.

Note

  1. Under Mandatory Plugin(s), click Add Plugin.

    Figure 5: 'Add Plugin' Option
  2. A list of plugins will appear for you to choose from. Select one or more plugins to make them mandatory for the pipeline you selected in step 4.

    Figure 6: Finding and Choosing Plugins

Tip

There is a search box for you to quickly find the plugins. Moreover, since plugins are classified by tags, you can use the tag filter to find your intended plugins.

  1. Click Done.

  2. Use the dropdown menu to choose the stage (pre or post) at which you wish to enforce your chosen plugin(s). You can select mixed stages too.

    Figure 7: Finding and Choosing Plugins

    Here, Pre means before and Post means after.

  3. Decide the action that the system should take in case your policy is not followed by the intended pipelines in your application workflow.

    Figure 8: Taking Action
    • Allow respective triggers with warning - This will allow the non-compliant pipeline to run. However, it will display an 'Action required' warning at the intended stage (pre/post) of the pipeline in the application's workflow.

    • Block respective triggers immediately - This will not allow the non-compliant pipeline to run (whether manual execution or automated) effective immediately, unless the user configures the mandatory plugins.

    • Block respective triggers from date/time - This will allow the non-compliant pipeline to run only till a given date and time. After that, it will block the non-compliant pipeline unless the user configures the mandatory plugins.

  4. Click Save Changes.


Applying a Plugin Policy

Who Can Perform This Action?

  1. After you create a policy, you can apply it. Click Apply Profile on the same screen.

    Figure 9: Apply Profile Button
  2. From the Select profiles to apply dropdown, choose the policy you wish to apply. You also have the option to select more than one policy (if they exist) using the checkbox.

    Figure 10: Selecting Profiles
  3. Under Apply selected policies to all pipelines:

    • Global - Select this option to apply your chosen policies to all application workflows across all clusters.

    • By Match Criteria - Select this option to use a combination of filters to decide the target pipelines fulfilling your criteria. Your policy will only apply to such target pipelines.

    Figure 11: Choosing Scope
  4. (Skip this if you chose Global in the previous step) Upon choosing the By Match Criteria option, the following match criteria are available for you:

    • Project

    • Application

    • Cluster

    • Environment

    • Branch fixed

    • Branch regex

    Once you select the criteria, choose the value displayed to you in the dropdown list as shown below.

    Figure 12: Deciding Matching Criteria for Pipelines
  5. (Optional) You may also write a note for your other team members to understand the intent and context of your policy.

    Figure 13: Deciding Matching Criteria for Pipelines
  6. Click Save Changes.

Once you apply the plugin policy, you can view the pipelines that are not adhering to your policy as shown below. Clicking on the non-compliant pipeline will take you directly to the application workflow prompting you to take action.

Figure 14: Non-compliant Pipelines

Results

Since we created a policy that blocks the trigger of non-compliant deployment pipelines, no user can trigger the deployment unless the mandatory plugins are configured as shown below.

Figure 15: Blocked Non-compliant CD Pipeline

On the other hand, if you selected Build pipeline in step 4 of Creating Plugin Policy, the build trigger would get blocked as shown below.

Figure 16: Blocked Non-compliant CI Pipeline

Last updated

Was this helpful?