Dedicated Enterprise Cloud Guide
Interested in using Codecov Dedicated Enterprise Cloud?
Please reach out to our account management team.
What is Codecov Dedicated Enterprise Cloud?
Codecov Dedicated Enterprise Cloud is a paid add-on to Codecov's General Enterprise Cloud offering in which certain parts of the Codecov cloud infrastructure (general cloud) are used and certain parts are dedicated to a specific customer (single tenant).
It is typically used by customers who:
a.) Have on-prem / self-hosted repos via Github Enterprise Server, Gitlab Enterprise Edition, or Bitbucket Server/Data Center
b.) Have high end processing needs that are better served using standalone infrastructure
c.) Have additional security needs not provided by General Enterprise Cloud
Prerequisite List for a Successful Install
Prerequisite | |
---|---|
Basic Ingredients List | 1. Git-based code host (GitHub.com, Github Enterprise, Gitlab Community Edition, Gitlab Enterprise Edition, Bitbucket, Bitbucket Server) 2. Code coverage reports generation 3. A CI provider (all supported) |
Installation Lead | Installing Codecov Dedicated Cloud requires knowledge and deep access to your organizationโs Git-based code host (GH/GL/BB) and Security Configurations. Oftentimes these stakeholders reside on the developer platform or developer productivity teams. |
Access Controls | -- Administrator access to Git-based code host (GH/GL/BB) -- List of desired admins for Codecov account -- [If optional two-way dedicated IP address list allowlisting is used] List of static IP addresses for Codecov to allowlist |
Steps to a Working Implementation of Dedicated Enterprise Cloud
1. Creation of a Github / Gitlab / Bitbucket application
More detailed steps for Github installation here
- Install Lead creates a new application in their Github / Gitlab / Bitbucket
- Installation Lead provides app credentials to Codecov
2. Codecov sets up dedicated subdomain and links to application
- Installation Lead chooses a subdomain (e.g., [company]
.codecov.io). - Codecov's Infrastructure team creates the subdomain and dedicated infrastructure in the Codecov instance and connects the Github / Gitlab / Bitbucket app for the user
3. (Optional) Adding additional security features
- Install Lead and Codecov select which additional security features will be used to fit the Dedicated Cloud in question
- Optional security features for all customers
- Dedicated IP Address allowlisting (one-way or two-way)
- Login in Okta (mandatory as the only login or optional as one of the logins alongside Oauth from Github, Gitlab and Bitbucket)
- Optional security features for customers with infrastructure (CI runners and/or Git repos) hosted via a virtual private cloud / behind a firewall
- Passthrough / Reverse Proxy
- Site-to-site VPN
- Optional security features for all customers
4. Administering the Codecov application
- Installation Lead provides a list of desired internal administrators from customer, including email address and Git username
- Codecov pre-populates the administrators in the Codecov Dedicated Cloud instance
Outcome
-- Now [IP address-allowed] traffic / users can come to the new subdomain and log-in using your git provider's Oauth flow
-- Chosen administrators of your Codecov instance can add and remove Codecov seats
-- Codecov works as usual
FAQ
I self-host / have on-prem repositories via Github/Gitlab/Bitbucket, is this the only way I can use Codecov?
If you want to have a paid version of Codecov or need things like support or a legal agreement, yes this is the only way to use Codecov.
However, if you are willing to run Codecov on your own, you can always self-host the offering without support via Codecov Self-Hosted.
For the dedicated portions of infrastructure of Dedicated Enterprise Cloud (PostgresDB, Redis and GCS), how are they configured and separated?
Through Google Cloud Platform (GCP), Codecov creates new, dedicated PostgresDB, Redis and Google Cloud Storage (GCS) instances in which data is physically separated from other customer's data.
Updated about 2 months ago