Hi,

so i am having the following riddle to solve:
We are using gcp souvereign cloud, which means i have no access to cloud build and cloud functions and all that.

So i want to have a ci/cd pipeline, but best case would to not have to maintain another third-party application, since we already have plenty of them due to the lack of services.
I've setup a bitbucket pipeline that builds the docker image and pushes it to gcp artefact registry. Good, halfway there.
My Apps are running in Compute Engine with COS-Images, so i'd simply like to trigger a new pull of the image and a fresh docker run.
As far as i have read, you can trigger pubsub events on the artefact registry pretty easily.
What i am looking for now, is a way to listen to this event in my Compute Engine. Is there some inbuild-mechanism that would simplify this? Or what would be a good way to achieve what i need ?
My first though was to run a pythonscript in the CE that simply listens to the topics and fires some cli-commands, but that feels pretty clunky and isn't that easy to achieve, since COS-Images have nothing usefull installed except for dockerstuff, not even apt install and so little options to make python run there and so on.
So some useful hint here would be really appreciated 🙂
Best regards

Robert