System requirements
The self-hosted version of GitGuardian is a Kubernetes application. The deployment is powered by Replicated using KOTS. We use the latest KOTS version available to validate our releases. You can find version compatibilities on the KOTS compatibility page.
Hardware requirements#
For both installation types:
- If you want to historical scan large repositories, consider temporarily increasing available root disk space.
- If you want additional workers, provision 1 CPU core per additional worker.
Embedded Kubernetes cluster installation#
| Component | Required Capacity |
|---|---|
| CPU | 8 cores |
| Memory | 32GB |
| Root disk space | 100GB |
| Second disk space | 200GB |
danger
The second raw storage is required for the installation. Do not install any filesystem on this block device or mount any partition. For the root storage, do not forget to also follow partitioning recommendations from kURL documentation too.
Existing Kubernetes cluster installation#
| Component | Required Capacity |
|---|---|
| CPU | 8 cores |
| Memory | 32 GB |
| Ephemeral disk space | 50GB |
| Persistent disk space | 200GB |
Software requirements#
Operating System#
For both types of installation, please be careful to follow Replicated and kURL requirements.
note
We highly recommend that you install the latest patches available for your distribution before starting the installation.
PostgreSQL#
GitGuardian version 2023.01.0 supports PostgreSQL 13 or higher.
You'll need to install the following extensions:
| Extension | Minimal Version |
|---|---|
| pg_trgm | 1.4 |
| plpgsql | 1.0 |
Depending on your installation, extensions may already be installed. To install
these extensions, you must run the following commands while connected as a
superuser on the database instance:
CREATE EXTENSION IF NOT EXISTS pg_trgm;CREATE EXTENSION IF NOT EXISTS plpgsql;For large-scale deployment, we highly recommend using an external PostgreSQL. It is a better configuration when you have 2 000 developers and/or 10 000 repositories or more.
For PostgreSQL, you should use the replication mechanism your provider offers. We recommend an instance with at least 2 vCPU, 8GB RAM and 200GB disk.
High Availability usage and databases
We recommend using external databases for GitGuardian as the embedded ones are not configured for High Availability and performance.
Redis#
GitGuardian currently supports Redis 6.
note
GitGuardian will function with Redis 5, but we strongly advise using version 6 as our support of the former is deprecated.
For large-scale deployment, we highly recommend using an external Redis. It is a better configuration when you have 2 000 developers and/or 10 000 repositories or more.
For Redis, you should use a master-slave setup for High Availability. We recommend an instance with at least 2 vCPU, 4GB RAM and 20GB disk.
Kubernetes for Existing Clusters#
In case of installation on an Existing Cluster, GitGuardian requires Kubernetes 1.23. We recommend using one of the versions supported by the latest version of KOTS.
GitGuardian needs a dedicated namespace. The KOTS admin console will have full control over this namespace. The following role needs to be created:
Name: kotsadm-roleLabels: kots.io/kotsadm=trueAnnotations: <none>PolicyRule: Resources Non-Resource URLs Resource Names Verbs --------- ----------------- -------------- ----- *.* [] [] [*]We are using the following objects:
- PersistentVolumeClaims: we are using persistent volume claims for KOTS, workers and the embedded databases.
- IngressController: we can provide a default ingress, an Ingress Controller is needed to handle it.
You need to have the appropriate controllers and operators to handle them.
Domain Name requirements#
You will need a Fully Qualified Domain Name (FQDN) to install the application
(ex: gitguardian.mycorp.local). This cannot be an IP.
You will also need a TLS certificate for HTTPS access or use the default
self-signed certificates.