Application topology
GitGuardian application consists of several Kubernetes resources. Each nginx
pod runs an nginx
container serving the dashboard frontend and acting as a proxy for the backend, and a number of different containers serving all backend tasks.
Kind | Deployment Name | Usage |
---|---|---|
Front | nginx | Dashboard Frontend and proxy for backend |
Backend | webapp-app_exporter | Open Metrics Exporter for applicative metrics |
Backend | webapp-hook | VCS webhooks events receiver |
Backend | webapp-internal_api | Backend for the Dashboard |
Backend | webapp-internal_api_long | Backend for the Dashboard (no timeout) |
Backend | webapp-public_api | Public API and GGshield scans |
Backend | webapp-honeytoken | Backend for honeytoken |
Backend | ml-secret-engine | Machine Learning secret engine |
Scheduler | beat | Celery Beat task scheduler |
Worker | worker-email | Handles tasks related to email notifications and messaging (queues: email , notifier ). |
Worker | worker-long | Processes long-running tasks such as background validity checks and other extensive operations (queues: background_validity_check , celery_long ). |
Worker | worker-scanners | Performs historical scans for repositories, including basic, premium, and manual scans (queues: basic_repo_scan , premium_repo_scan , manual_repo_scan ). |
Worker | worker-scanners-ods | Executes non-VCS historical scans for productivity tools like Slack, Jira, Confluence, ... (queue: ods_scan ). |
Worker | worker-long-ods | Processes long-running tasks for productivity tools, such as Slack and Jira (queue: long_ods ). |
Worker | worker-long-ods-io | Focuses on IO-intensive long-running tasks for productivity tools (queue: long_ods_io ). |
Worker | worker-worker | General-purpose worker managing tasks such as real-time scans, retries, honeytoken tasks, reports, and more (queues: celery , check_run , realtime , realtime_retry , honeytoken , reports ). |
Worker | worker-realtime_ods | Handles real-time processing for non-VCS tools like Slack and Jira, including retry mechanisms (queues: realtime_ods , realtime_retry_ods ). |
Worker | worker-ml-api-priority | Prioritizes machine learning API-related tasks for fast processing (queue: ml_api_priority ). |
Job | pre-deploy | Pre-deployment job performing database migrations |
Job | post-deploy | Post-deployment job performing long data migrations |
Replicated | replicated | License management and usage data collection |
Replicated | kotsadm | KOTS Admin Console (KOTS-based installation only) |
info
We have set a 30-days TTL (Time To Live) for pre-deploy
and post-deploy
jobs to allow for log retrieval if needed. It is recommended not to delete these pods, as they can be useful for troubleshooting.