GitGuardian Architecture

The GitGuardian application is built on a flexible cloud-native architecture. It leverages Helm charts for streamlined deployment, offering two primary methods: the KOTS admin interface (KOTS-based deployment) or the Helm CLI (Helm-based deployment).

Key Features of GitGuardian Architecture

Explore the enhanced capabilities of the GitGuardian architecture below:

Scalable and Modular Architecture

GitGuardian employs a modular architecture, where each core component is deployed as an independent service. This design enhances scalability and allows for greater flexibility:

• Replica Scaling: Adjust the number of replicas for each service to meet demand.
• Resource Configurations: Fine-tune resource requests and limits. These settings can be configured via Helm during installation or within the KOTS UI with some restrictions.
• Dedicated Workers: Create dedicated worker pods to handle high-demand queues (available in Helm-based deployments).
• Autoscaling: Leverage Horizontal Pod Autoscaling to automatically adjust worker pod counts based on load.

For more details on deployment configurations, pod types, and usage, check the GitGuardian Application Topology page. For scaling guidelines, visit Scaling GitGuardian.

Helm Command Line Support

The helm install feature enables streamlined deployment and management via the widely adopted Helm package manager. This integration simplifies installation, upgrades, and configuration as code.

Looking ahead, future releases will extend support for GitOps tools like ArgoCD and introduce more advanced configuration options, including:

• External Secrets Operator
• Istio Service Mesh & Gateway
• Certificate Manager

Learn More: Install on an Existing Cluster using Helm.

Enhanced Security with Chainguard Integration

The GitGuardian architecture incorporates Chainguard, a next-generation security tool that helps mitigate Common Vulnerabilities and Exposures (CVEs) in self-hosted container images.

With Chainguard, GitGuardian strengthens its security posture by:

• Reducing vulnerability risks in container images.
• Implementing FIPS-approved cryptographic modules for secure encryption of sensitive data both at rest and in transit.

This integration reinforces GitGuardian’s commitment to meeting the highest security and compliance standards.

Read More: Common Vulnerabilities and Exposures.