Skip to main content

Hybrid On-prem

The Git Activity Gatherer connects to Git providers (GitHub, GitLab, Bitbucket, Azure Repos), discovers and/or iterates repositories, optionally clones repositories, extracts analytics and metadata, and exports results to object storage (for example, S3) or SFTP. The service runs as a single containerized application on a Linux host.

Here are the following instructions for integrating our platform.

  • Instructions for creating a dedicated on-prem machine, including SSH access for setup and ongoing maintenance.
  • Access to Git provider and project management systems.

Dedicated On-prem machine specs

1. Hardware requirements (by deployment size)

These tiers are guidelines. Actual sizing depends on repo count, repo size/history depth, and concurrency.

Recommended

CPUMEMORYSTORAGE
16 vCPU32 GB RAM1 TB+ SSD

Disk breakdown

  • Application & images: ~10 GB
  • Cache/working clones: 100–800 GB (dominant, depends on repo sizes and concurrency)
  • Logs: 10–20 GB (rotate/retain as per policy)
  • Buffer/working headroom: +20–30% of the above

2. Operating system requirements (64‑bit only)

Supported

  • Ubuntu 20.04 LTS, 22.04 LTS
  • Debian 10/11 (or newer stable)
  • RHEL/Rocky 8+
  • CentOS Stream 8–9
  • Amazon Linux 2 / 2023

Required OS features

  • systemd (for service management)
  • 64‑bit kernel (≥ 3.10)
  • Working DNS and NTP
  • SSD storage recommended (high I/O)

3. Runtime requirements (Docker only)

  • Docker Engine: 20.10+ (24.x recommended)
  • User permissions: service user in docker group or sudo for Docker
  • Socket: /var/run/docker.sock accessible to the service user

4. Network & firewall requirements

The service is outbound‑only. No public inbound ports are required.

4.1 Outbound (required)
  • 443/TCP — HTTPS to provider APIs and Git operations over HTTPS (Git providers, object storage, analytics APIs), pulling Docker images from registries.
  • 53/TCP+UDP — DNS resolution.
4.2 Outbound (optional)
  • 22/TCP — SFTP upload to private SFTP storage (if used).
  • 80/TCP — HTTP to on‑prem/legacy endpoints (if applicable).
  • 8080/TCP or 3128/TCP — Proxy egress (corporate environments).
  • 123/UDP — NTP for time sync (recommended).
4.3 Inbound (optional)
  • 22/TCP — SSH admin (restrict to trusted IPs).
  • 8080/TCP — Local health endpoint (bind to 127.0.0.1 only; not internet‑exposed).
4.4 Destinations
  • Git providers: API + Git over HTTPS (FQDNs per organization policy).
  • Object storage: S3 or S3‑compatible endpoint over HTTPS.
  • Container registry.
  • Proxy: corporate egress proxy where applicable.
  • DNS & NTP: organization‑approved resolvers and time sources.

Granting PM tool & Git access

We need access to your PM and Git systems to initiate the integration process. Please follow these steps for each platform.

PM tool & Git access

Please provide us with the following information for PM provider and Git provider access:

  1. URL (link) to your PM and Git services.
  2. Username for both services.
  3. Password (or access token) for authentication for both.

Note: Regarding permissions, we only require read-access permissions.
If you have any additional questions about specific permissions to grant, please contact us.