Architecture¶
Components¶
DeepTracy is composed of several components described in the following diagram:
Name |
Description |
|---|---|
User |
A system capable of requesting new vulnerability analysis and retrieving results |
BuildBot |
Dependency extraction |
Hasura |
Provides data API for the user |
PostgreSQL |
Persistence layer |
DeepTracy Server |
Task orchestration through control API |
Interactions¶
The following activity diagram summarizes the normal interaction among the components of the system.
Note
This conceptual diagram describe the type of interactions but not how they are performed. In other words, this diagram does not describe if the interactions are synchronous nor asynchronous.
Name |
Description |
|---|---|
Request Vulnerability Scan |
User request to schedule a vulnerability scan over a source repository |
Schedule Dependency Extraction |
Ask buildbot to perform the dependency extraction process in the given repository/commit |
Dependency Extraction Task |
Use washer docker containers to extract dependencies |
Extract Dependencies |
Launch docker containers with the appropiate environments and extract project(s) dependencies |
Report Dependencies |
Report dependency list to DeepTracy Server |
Vulnerability Scan |
Scan for vulnerabilities on the retrieved dependencies using vulnerability providers |
User Feedback |
The provided webhook is called back to acknowledge the user that the scan is finished |
Request Results |
Using GraphQL© query language the user request the scan information |
Retrieve Results |
Results are queried and retrieved from the database |
Consume Results |
:) |