Architecture

Architecture diagram

Data source

Our data is sourced from a variety of sources, which we are looking to expand on over time.

OSV runs on Google Cloud Platform, with the following main components:

Cloud Datastore

All vulnerability data is stored in Cloud Datastore, with the models defined here.

Google Kubernetes Engine (GKE)

GKE is used for running workers to perform bisects and impact analysis. These workers consume tasks from a Cloud Pub/Sub topic.

Workers are Docker containers, which use gVisor for sandboxing untrusted workloads.

Cloud Run / Cloud Endpoints

The API server runs on Cloud Run, and is served by Cloud Endpoints.

Website

The main web UI also runs on Cloud Run, and is served through Cloud Load Balancing.