There are currently three possible ways to install Appsurify, these differ in how Appsurify is hosted and how repositories are connected. Your security requirements will determine the best option for installation.
Option 1 – On-Premise Installation
- Contact Appsurify for details about this installation.
- A docker hub user will be created for you, giving access to our docker images.
- Install the docker images on 1-3 VM’s – details to be provided.
- The repository is then connected via any option i.e. via api, ssh, script, etc.
This is the most secure option as there is no connection back to Appsurify, so all data is secure on your server(s).
Benefits – No external access to the data or repository.
Disadvantages – Longer setup requiring VM setup.
Option 2 – Hybrid
This option involves running a script either on a VM or part of your CI to push information to Appsurify about the recent commits. The information collected is metadata from the commit, the same information that is found in the command git log and git blame. The script passes the metadata through our secure API’s to Appsurify on AWS. Essentially this installation means Appsurify has no access to your source control and the script can easily be audited for security sign off.
Benefits – Minimal setup. No repository access.
Option 3 – Cloud
In this option, Appsurify requires access to the repository either through ssh or github/bitbucket api’s. In this case, Appsurify will have read access to your repository, although we do not read but instead run the same commands as the script above to collect the metadata we require.
Advantages – Minimal setup.
Disadvantages – Requires read access to the repository.