Hello,<p>We are creating a b2b SaaS app that will need access to your codebase. As you might imagine not all companies are happy with sharing their codebases with third parties.<p>I was researching self-hosting options but honestly, all of them seem kind of complicated. So decided to borrow the wisdom of the HN crowd.<p>Here are a few options I came up with:<p>1) Use docker-compose -> This is probably a no-go. We are e2e testing app running headless Chrome with codebase access. So you would need to give us quite a huge VM.<p>2) Packaged Kubernetes - This could work but we would need to run everything including the database inside the k8 cluster. And figure out a way to somehow package it including all of the operators etc<p>3) Bring your own cloud - For a small startup like ours (3 people) this seems like the most realistic option. You will give us a GCP project and we will point our terraform there. In a few minutes, you should have your deployment ready.<p>I should also mention that I know for HIPAA and very security-conscious companies cloud approach is a no-go. But we would first target smaller startups (20-100 engineers).<p>For those who work in such environments would you be ok with that?<p>Bonus question:
Or would you share your codebase with a SaaS app that has SOC2 type II compliance?
If a customer has such stringent requirements, can’t you offer 2 & 3 then use the contract approval / signing period to get ready? Potentially even having the customer fund #2?<p>If you already have terraform it should be low-ish effort to do #3 as it is.