From cf89def1333192a1cf025f9b565dd612cceb3886 Mon Sep 17 00:00:00 2001 From: Maya Berdygylyjova Date: Tue, 26 Mar 2024 11:21:25 +0100 Subject: [PATCH] Adding GitLab to application architecture documentation --- .../application-architecture/README.md | 40 ++++++++++--------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/docs/development/application-architecture/README.md b/docs/development/application-architecture/README.md index bf329411039a..fc5e31efff3a 100644 --- a/docs/development/application-architecture/README.md +++ b/docs/development/application-architecture/README.md @@ -28,6 +28,7 @@ flowchart TD idp["Identity provider (idp)"] nex["Nextcloud (nex)"] gih["GitHub (gih)"] + gil["GitLab (gil)"] cal["Calendar (cal)"] O["API integrations (api)"] W["Outgoing webhooks"] @@ -57,25 +58,26 @@ end ## Involved services -| Service | Relationship to OpenProject | Communication interfaces and mechanisms | Access modes
(R - read)
(W - write) | References | -|-------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Web browser | Performs requests to the application | HTTPS | RW | n/a | -| Native client | Performs requests to the application | HTTPS | RW | n/a | -| SVN client | Performs SVN requests to the application web server | HTTPS | RW | [Repository integrations](../../user-guide/repository/) | -| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | RW | [Repository integrations](../../user-guide/repository/) | -| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | - | [Configuration for packaged installations](../../installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](../../installation-and-operations/installation/docker/#disabling-https-mode) | -| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](../../installation-and-operations/configuration/outbound-emails/)
[Integrations guide](../../system-admin-guide/integrations/) | -| Memcached / Redis / File cache | Application-level cache (if enabled) | TCP connections | RW | [Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options) | -| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
| -| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](../../installation-and-operations/configuration/outbound-emails/)
[Integrations guide](../../system-admin-guide/integrations/) | -| Attached storages or Object storage | Access for attachments for the OpenProject application.
Either directly (or networked) attached storages, or configuration of an S3-compatible Object store | Local filesystem access (local drives, NFS)
HTTPS (S3-compatible storage) | RW | [Configuration of the attachment storage](../../installation-and-operations/configuration/#attachments-storage) | -| Email gateways | Send emails (e.g., notifications) from OpenProject application | SMTP | W (deliver mails to relay) | [SMTP configuration](../../installation-and-operations/configuration/outbound-emails/) | -| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | R (Redirect and read user info) | [OpenID connect provider configuration](../../system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](../../system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](../../system-admin-guide/authentication/oauth-applications/) | -| Nextcloud | External bilateral integration | HTTPS | RW | [Nextcloud integration guide](../../system-admin-guide/integrations/nextcloud/) | -| GitHub | Pull Request / Issue referencing Integration into OpenProject | HTTPS (Webhooks) | R (Incoming webhook from GitHub) | [GitHub integration guide](../../system-admin-guide/integrations/github-integration/) | -| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | R (Outgoing calendar data) | [Calendar subscriptions configuration](../../system-admin-guide/calendars-and-dates/#calendar-subscriptions) | -| API integrations | Structural access to OpenProject through API endpoints. Optional access to users and third party organizations depending on authorized scopes | HTTPS | (Optional) R
(Optional) W
| [API configuration](../../system-admin-guide/api-and-webhooks/) | -| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | R (Outgoing webhook data) | [Webhook configuration an administration](../../system-admin-guide/api-and-webhooks/#webhooks) | +| Service | Relationship to OpenProject | Communication interfaces and mechanisms | Access modes
(R - read)
(W - write) | References | +| ----------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------------------------- | ------------------------------------------------------------ | +| Web browser | Performs requests to the application | HTTPS | RW | n/a | +| Native client | Performs requests to the application | HTTPS | RW | n/a | +| SVN client | Performs SVN requests to the application web server | HTTPS | RW | [Repository integrations](../../user-guide/repository/) | +| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | RW | [Repository integrations](../../user-guide/repository/) | +| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | - | [Configuration for packaged installations](../../installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](../../installation-and-operations/installation/docker/#disabling-https-mode) | +| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](../../installation-and-operations/configuration/outbound-emails/)
[Integrations guide](../../system-admin-guide/integrations/) | +| Memcached / Redis / File cache | Application-level cache (if enabled) | TCP connections | RW | [Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options) | +| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
| +| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](../../installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](../../installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](../../installation-and-operations/configuration/outbound-emails/)
[Integrations guide](../../system-admin-guide/integrations/) | +| Attached storages or Object storage | Access for attachments for the OpenProject application.
Either directly (or networked) attached storages, or configuration of an S3-compatible Object store | Local filesystem access (local drives, NFS)
HTTPS (S3-compatible storage) | RW | [Configuration of the attachment storage](../../installation-and-operations/configuration/#attachments-storage) | +| Email gateways | Send emails (e.g., notifications) from OpenProject application | SMTP | W (deliver mails to relay) | [SMTP configuration](../../installation-and-operations/configuration/outbound-emails/) | +| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | R (Redirect and read user info) | [OpenID connect provider configuration](../../system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](../../system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](../../system-admin-guide/authentication/oauth-applications/) | +| Nextcloud | External bilateral integration | HTTPS | RW | [Nextcloud integration guide](../../system-admin-guide/integrations/nextcloud/) | +| GitHub | Pull Request / Issue referencing Integration into OpenProject | HTTPS (Webhooks) | R (Incoming webhook from GitHub) | [GitHub integration guide](../../system-admin-guide/integrations/github-integration/) | +| GitLab | Merge Request / Issue referencing Integration into OpenProject | HTTPS (Webhooks) | R (Incoming webhook from GitLab) | [GitLab integration guide](../../system-admin-guide/integrations/gitlab-integration/) | +| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | R (Outgoing calendar data) | [Calendar subscriptions configuration](../../system-admin-guide/calendars-and-dates/#calendar-subscriptions) | +| API integrations | Structural access to OpenProject through API endpoints. Optional access to users and third party organizations depending on authorized scopes | HTTPS | (Optional) R
(Optional) W
| [API configuration](../../system-admin-guide/api-and-webhooks/) | +| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | R (Outgoing webhook data) | [Webhook configuration an administration](../../system-admin-guide/api-and-webhooks/#webhooks) | # Software