graph LR;
q[Quality] --> s[Security];
q --> u[Upgradeability]
q --> e[Extendability]
q --> p[Performance]
q --> o[Observability]
s --> sa[Authentication and Authorization]
sa --> sa01[SA01 OpenID Connect Integration]
sa --> sa02[SA02 UME Integration]
sa --> sa03[SA03 mTLS]
s --> sd[Dependency Vulnerability]
sd --> sd01[SD01 Build Time Scanning]
sd --> sd02[SD02 Run Time Scanning]
s --> sb[Bugs and secure coding]
sb --> sd01
sb --> sd02
sb --> sb01[SB01 Secure Design]
u --> ud[Dependency Management]
ud --> ab01
u --> uc[Code organization]
u --> us[Replaceable External Services]
e --> a
e --> em[Modularization]
e --> es[Common Approach for External Services]
p --> pl[Core Libraries]
p --> pm[Module Libraries]
p --> ps[External Services]
o --> ol[Logging]
ol --> ol01[OL01 Central Log Collection]
o --> or[Reporting]
or --> or02[OR02 Dashboarding]
or --> or01[OR01 Interval Reporting]
o --> om[Monitoring]
om --> or01
om --> om01[OM01 Metrics]
om01 --> or
om --> om02[OM02 Alerting]
s --> a[Automation]
u --> a
a --> ab[Build Automation]
ab --> ab01[AB01 Maven]
ab --> ab03[AB03 OCI Container]
ab --> as01
ab --> ab04[AB04 Helm Charts]
a --> as[Security Scanning]
as --> as01[AS01 OWASP Scan]
a --> ad[Continuous Deployment]
ad --> ab04
ad --> ad01[AD01 ArgoCD]
ad --> ad02[AD02 Maven Repository]
ad --> ad03[AD03 Kubernetes]
ad --> ai02
a --> ai[Continuous Integration]
ai --> ai02[AI02 Quay.IO]
ai --> ai01[AI01 Github Actions]
ID | Description |
---|---|
AB01 | Maven. Build automation via Maven to build all Java Artifacts. |
AB03 | OCI-Container. Executable services are delivered as OCI-Container plus Helm charts (AB04). |
AB04 | Helm. Executable services are delivered as OCI-Container (AB03) plus Helm Charts. |
AD01 | ArgoCD. Active service components are delivered to service via ArgoCD. |
AD02 | Maven Repository. Java Artifacts are delivered via a maven repository. |
AD03 | Kubernetes. Active Services are provided via kubernetes are runtime environment. |
AI01 | Github Actions. The build is automated on Github via GH actions. |
AI02 | Quay.IO. Containers and Helm Charts are provided via the container registry quay.io |
AS01 | OWASP-Scan. During build an OWASP based security scan and report is delivered. |
OM01 | Metrics are collected via a central metric harvesting. |
OM02 | Alerting is based on metric collection provided by OM01. |
OR01 | Interval Reporting. |
OR02 | Dashboarding. |
SA01 | OpenID Connect is used for network based user authentication |
SA02 | UME is used for managing user provided content with a permission management. |
SA03 | mTLS is used for service to service authentication. |
SB01 | Secure Design is the basis for providing secure software. |
SD01 | Build Time Scanning. |
SD02 | Run Time Scanning. |