Ship It and Sleep Well: How GitGuardian Built Bulletproof Support for On-Prem Security

GitGuardian has developed an innovative support system for on-premises security by automating processes that traditionally required manual intervention, particularly in environments with limited access. Their approach relies on Replicated Support Bundles to standardize data collection, incorporating custom collectors to ensure comprehensive log gathering even when pods crash. They have further enhanced efficiency by integrating an AI system to analyze these bundles, identify root causes, and suggest solutions, thereby reducing reliance on advanced support tiers. To overcome the bottleneck of manual bundle generation, GitGuardian introduced a one-click support bundle creation within their admin UI, which automates the process and minimizes coordination needs across teams. This system uses a dedicated pod for bundle generation, secured by Kubernetes Validating Admission Policies to prevent unauthorized actions, ensuring that pods only run approved commands and configurations. This layered approach of automation, standardization, and strict security controls enables GitGuardian to provide effective support in high-stakes, access-restricted environments.