@@ -60,7 +60,7 @@ Licensing of products deployable by Big Bang are not covered by Big Bang or Plat
| Mattermost, Mattermost Operator | Self Hosted Chat (AddOn App) | [Mattermost is comprised of Multiple Licenses](<https://mattermost.org/licensing/>) | **Enterprise features of note:** HA, Additional SSO options, prometheus metrics integration, Elasticsearch integration to optimize searching/indexing, Compliance Reporting, Audit Logs, Advanced roles and permissions. **Free tier notes:** A non-HA deployment can quickly auto heal thanks to Kubernetes, the free tier can use Gitlab or P1's Keycloak implementation for Federated SSO. (MM Plugins don't need the paid version, but the need a single node instance or the paid HA for cluster awareness to prevent duplicate triggering of functions.) PartyBus uses the Enterprise E20 licensed version. [licensing](package-architecture/mattermost.md#licensing)<https://mattermost.org/licensing/><https://mattermost.com/pricing-self-managed/> |
| Minio, Minio Operator | Self Hosted S3 API compatible object storage (AddOn App) | Affero General Public License Version 3 (Free/OSS) | Commercial Support is Available: <https://min.io/pricing> |
| Nexus | Generic Artifact Repository (AddOn App) | Nexus Repository OSS: Eclipse Public License v1.0 Nexus Repository Pro: Paid Licensed product | **Enterprise features of note:** HA, SAML SSO, Auth Token Support **Free tier notes:** A non-HA deployment can quickly auto heal thanks to Kubernetes, AWS S3 blob storage. <https://www.sonatype.com/products/repository-oss-vs-pro-features><https://www.sonatype.com/products/pricing> |
| Gitlab, Gitlab Runners | GitRepo, Container Registry, and CICD Software Factory (AddOn App) | Gitlab Community Edition: MIT Expat license Gitlab Enterprise Edition: (multiple tiers) | **Premium features of note:** Release Controls, Project Management **Ultimate features of note:** Unlimited Guest Users, Advanced Security Testing (Note this functionality comes from container images that may not yet be in Iron Bank) **Free tier notes:** Free tier is fine for Proof of Concepts, but the Release Controls in Premium tier contain security controls that would be necessary for a cATO pipeline. Party Bus has multiple instances of Gitlab, most use Premium, a few use Ultimate. Party Bus's Gitlab pipelines integrate with additional licensed apps: Twistlock, Anchore, [Fortify](https://repo1.dso.mil/big-bang/apps/third-party/fortify), [SD Elements](https://www.securitycompass.com/sdelements/), and others. (This is offered as a data point, it doesn't mean these are required for a cATO pipeline, the Consumer of Big Bang's AO makes that call.) <https://about.gitlab.com/pricing/#self-managed><https://gitlab.com/gitlab-org/gitlab-foss/-/tree/master#editions> |
| Gitlab, Gitlab Runners | GitRepo, Container Registry, and CICD Software Factory (AddOn App) | Gitlab Community Edition: MIT Expat license Gitlab Enterprise Edition: (multiple tiers) | **Premium features of note:** Release Controls, Project Management **Ultimate features of note:** Unlimited Guest Users, Advanced Security Testing (Note this functionality comes from container images that may not yet be in Iron Bank) **Free tier notes:** Free tier is fine for Proof of Concepts, but the Release Controls in Premium tier contain security controls that would be necessary for a cATO pipeline. Party Bus has multiple instances of Gitlab, most use Premium, a few use Ultimate. Party Bus's Gitlab pipelines integrate with additional licensed apps: Twistlock, Anchore, [Fortify](https://repo1.dso.mil/big-bang/product/packages/fortify), [SD Elements](https://www.securitycompass.com/sdelements/), and others. (This is offered as a data point, it doesn't mean these are required for a cATO pipeline, the Consumer of Big Bang's AO makes that call.) <https://about.gitlab.com/pricing/#self-managed><https://gitlab.com/gitlab-org/gitlab-foss/-/tree/master#editions> |
| SonarQube Community Edition | Static Code Analysis (AddOn App) | SonarQube CE: GNU Lesser GPL License v3 (Community Edition is Free/OSS) | An Enterprise Edition Exists, but is not bundled by Big Bang |
| Anchore Enterprise Edition* | Vulnerability Scanner (AddOn App) | Anchore Enterprise Edition (Paid/Licensed) Anchore OpenSource Edition Apache License 2.0 (Free/OSS) | **Licensed features of note:** Proprietary Vulnerability Data Feeds for increased accuracy, NIST 800-190, Docker CIS Compliance, DoD container Policy Compliance, cATO Capable, RBAC, SSO **Free tier notes:** Big Bang's values file can be set to deploy the OSS version for Proof of Concept deployments. Party Bus and other Platform One services use the licensed version <https://docs.anchore.com/3.0/docs/faq/#2><https://anchore.com/pricing/>[licensing](package-architecture/anchore.md#licensing)<https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/main/docs/CHART.md#adding-enterprise-components> |
| Vault | Secret management (AddOn App) | Mozilla Public License 2.0 | |
