Back to Home

GitRiver 1.0: self-hosted Git with CI/CD on Rust

GitRiver 1.0 — self-hosted platform on Rust for managing Git repositories, CI/CD, artifact registries. One 35 MB binary with low resource consumption. Support for import, mirroring, enterprise security and GitOps.

GitRiver 1.0: Compact Git platform with CI and registries
Advertisement 728x90

# GitRiver 1.0: Self-Hosted Git Platform on Rust with CI/CD and Registries

The self-hosted GitRiver 1.0 platform was released in March 2026. This Rust-based solution consists of a single 35 MB binary integrating 16 modules. It consumes 100 MB RAM at idle. Deployment via Docker Compose and PostgreSQL. Supports importing repositories from GitHub, GitLab, Bitbucket via URL, including issues, PRs, releases, labels, and milestones. Mirroring in pull/push modes with custom intervals.

Git Hosting and Collaboration

GitRiver provides full repository hosting with HTTP/SSH, LFS, and GPG support. The web editor allows batch commits. Pull requests include code review, CODEOWNERS, and threaded comments. Merge queue integrates with CI and creates temporary branches.

Issues are handled via Kanban boards, milestones, and templates. Branch protection by patterns requires reviews, CI checks, and signed commits.

Google AdInline article slot

CI/CD and Runners

CI/CD based on YAML/DAG with job matrices, artifacts, caching, retries, and web terminal. Remote runners with autoscaling in Kubernetes. GitOps deployment via RiverCD supports canary releases, blue-green, drift detection, and sync waves.

Artifact Registries

Built-in OCI v2 container registry with multi-architecture support, storage policies, and garbage collection. Package registry covers npm, PyPI, Cargo, Maven, NuGet, and Generic.

Releases store binary artifacts. Static sites via Pages, Wiki for documentation.

Google AdInline article slot

Security and Compliance

Secret scanning with 17 patterns + custom regex, SARIF integration, DORA metrics. License scanning via SPDX, CycloneDX SBOM. Authentication: OAuth2, SAML 2.0, SCIM 2.0, LDAP, 2FA (TOTP). Roles, IP restrictions, storage quotas.

Backup with AES-256-GCM, incremental, S3-compatible. Audit log records logins, impersonation, permission changes, licenses.

Webhooks with HMAC-SHA256, retry backoff, delivery history, and SSRF protection.

Google AdInline article slot

Integrations and API

Notifications via 8 channels: Email, Telegram, Slack, Discord, Teams, Matrix, webhooks, and built-in. REST API with 500+ endpoints, OpenAPI 3.1.

Setup wizard on first launch. Licensing with Ed25519, Pro Seats, Heartbeat. Branding: name, logo, CSS, footer.

Key Features List:

  • Git hosting: HTTP/SSH, LFS, GPG, web editor, batch commits;
  • PR: review, CODEOWNERS, threads;
  • CI/CD: YAML/DAG, artifacts, Kubernetes scaling;
  • Registries: OCI, npm/PyPI/Cargo/Maven/NuGet;
  • GitOps: RiverCD with canary/blue-green;
  • Security: secret scanning, SBOM, 2FA;
  • API: 500+ endpoints, OpenAPI;
  • Notifications: 8 channels.

Key Highlights

  • Single 35 MB binary combines Git, CI/CD, registries, issues;
  • Low consumption: 100 MB RAM at idle;
  • Full import/mirroring from external Git hosts;
  • GitOps with advanced deployment strategies;
  • Enterprise security: SCIM, audit logs, quota management.

— Editorial Team

Advertisement 728x90

Read Next