Team Server
Overview
Welcome to the Team Server documentation! Team Server is a comprehensive runtime security monitoring application that helps teams track and manage the security of their development pipelines and production deployments across multiple platforms.
What is Team Server?
Team Server is a full-stack application that provides centralized monitoring and management for your CI/CD pipelines and production deployments. It integrates with popular development platforms including GitHub, GitLab, Bamboo, TeamCity, and Jenkins, offering a unified view of your build processes, security violations, and team activities.
Key Features
- Multi-Platform Integration: Connect with GitHub, GitLab, Bamboo, TeamCity, Jenkins, and more
- Pipeline Monitoring: Real-time tracking of builds, deployments, workloads, and pipeline status
- Security Violation Tracking: Monitor and manage security policy violations across your projects
- Team Management: Slack integration for team notifications and collaboration
- OAuth2 Authentication: Secure authentication with support for Google, Microsoft, Oracle, and CyberArk
- Real-time Dashboard: Live updates on pipeline status and metrics
User Roles
Team Server uses role-based access control to manage user permissions. When a user first accesses Team Server, they are automatically assigned the Viewer role by default. Administrators can then promote users to higher roles as needed.
| Role | Description |
|---|---|
| Administrator | Full access to all features including user management, system configuration, and role assignment |
| Operator | Manage deployments, sensors, pipelines, builds, violations, and policies. Cannot modify user roles |
| Viewer | Read-only access to view dashboards, pipelines, builds, and violations. Cannot make any changes |
After deploying Team Server, you will need to promote at least one user to the Administrator role. See the deployment guides below for instructions on setting up your first Administrator.
Deployment Options
Team Server offers both managed and self-hosted deployment models to meet different organizational needs.
1. Managed Deployment (Recommended)
Let Endura Security handle the infrastructure so you can focus on security operations. The managed service provides:
- Zero infrastructure management
- Automatic updates, maintenance, and monitoring
- Global deployment across 10 regions
- 24/7 operational support
2. Docker & Docker Compose
Deploy Team Server using Docker containers with Docker Compose for orchestration. This method is ideal for:
- Development environments
- Small to medium deployments
- Teams familiar with Docker workflows
3. Podman & Podman Compose
Use Podman as a Docker alternative with Podman Compose for container orchestration. This option is suitable for:
- Organizations requiring rootless container execution
- Environments where Podman is the preferred container runtime
- Security-conscious deployments
4. Kubernetes
Deploy Team Server on Kubernetes for enterprise-scale operations. Kubernetes deployment offers:
- High availability and scalability
- Advanced orchestration capabilities
- Enterprise-grade monitoring and logging
- Integration with existing Kubernetes infrastructure
Prerequisites
Before deploying Team Server, ensure you have the following prerequisites in place:
Container Registry Access
- The Team Server container images are hosted at
ghcr.io/endurasecurity/container/endura-team-server - Container images are publicly available and do not require authentication
Database Requirements
- PostgreSQL database (version 16 or higher recommended)
- Database credentials with appropriate permissions for:
- Creating and modifying tables
- Reading and writing data
- Running database migrations
- Network connectivity between Team Server and the PostgreSQL instance
Administrative Access
Sufficient administrative privileges for your chosen deployment method:
For Docker/Docker Compose:
- Docker installation and configuration permissions
- Network configuration access for container networking
- Volume/storage management permissions
For Podman/Podman Compose:
- Podman installation and configuration permissions
- Network and storage management capabilities
- SELinux configuration (if applicable)
For Kubernetes:
- Kubernetes cluster access with appropriate RBAC permissions
- Ability to create and manage:
- Deployments, Services, and ConfigMaps
- Persistent Volume Claims (for database storage)
- Ingress resources (for external access)
- Secrets (for sensitive configuration)
- Helm installation (if using Helm charts for deployment)
Getting Started
Once you have the prerequisites in place, you can proceed with deploying Team Server using your preferred method:
- Choose your deployment method based on your infrastructure and requirements
- Prepare your configuration including database connections and OAuth2 settings
- Deploy the application following the specific deployment guide
- Configure integrations with your CI/CD platforms
- Set up user authentication and team access
Next Steps
Choose your deployment method and follow the corresponding guide:
- Managed Deployment Guide (Recommended)
- Docker Deployment Guide
- Podman Deployment Guide
- Kubernetes Deployment Guide
For configuration details and integration setup, see: