General Information
The repository for this application (open on GitHub) has 1288 stars and was forked 1676 times. The codebase consists of 3990 lines of code and makes use of the following technologies:
Docker Docker Compose Eureka Grafana Hystrix Maven Prometheus Ribbon Spring Admin Spring Config Spring Gateway Zipkin
Data Flow Diagram
Download the following model file here. Other formats are provided below.
{
"services": [
{
"name": "config_server",
"stereotypes": [
"configuration_server",
"infrastructural"
],
"tagged_values": {
"Configuration Server": "Spring Cloud Config",
"Port": 8888
}
},
{
"name": "discovery_server",
"stereotypes": [
"service_discovery",
"infrastructural"
],
"tagged_values": {
"Service Discovery": "Eureka",
"Port": 8761
}
},
{
"name": "tracing_server",
"stereotypes": [
"tracing_server",
"infrastructural"
],
"tagged_values": {
"Tracing Server": "Zipkin",
"Port": 9411
}
},
{
"name": "admin_server",
"stereotypes": [
"administration_server",
"infrastructural"
],
"tagged_values": {
"Administration Server": "Spring Boot Admin",
"Port": 9090
}
},
{
"name": "prometheus_server",
"stereotypes": [
"metrics_server",
"infrastructural"
],
"tagged_values": {
"Metrics Server": "Prometheus",
"Port": 9090
}
},
{
"name": "grafana_server",
"stereotypes": [
"monitoring_dashboard",
"infrastructural"
],
"tagged_values": {
"Monitoring Dashboard": "Grafana",
"Port": 3000
}
},
{
"name": "customers_service",
"stereotypes": [
"in_memory_data_store",
"local_logging",
"internal"
],
"tagged_values": {
"Port": 8081,
"In-Memory Data Store": "HSQLDB",
"Logging Technology": "Lombok",
"Endpoints": [
"/owners",
"/owners/{ownerId}"
]
}
},
{
"name": "vets_service",
"stereotypes": [
"in_memory_data_store",
"internal"
],
"tagged_values": {
"Port": 8083,
"In-Memory Data Store": "HSQLDB",
"Endpoints": [
"/vets"
]
}
},
{
"name": "visits_service",
"stereotypes": [
"in_memory_data_store",
"local_logging",
"internal"
],
"tagged_values": {
"Port": 8082,
"In-Memory Data Store": "HSQLDB",
"Logging Technology": "Lombok"
}
},
{
"name": "api_gateway",
"stereotypes": [
"gateway",
"infrastructural",
"load_balancer"
],
"tagged_values": {
"Gateway": "Spring Cloud Gateway",
"Port": 8080,
"Load Balancer": "Spring Cloud",
"Endpoints": [
"/api/gatewayowners/{ownerId}",
"/api/gateway"
]
}
}
],
"external_entities": [
{
"name": "github_repository",
"stereotypes": [
"github_repository",
"entrypoint"
],
"tagged_values": {
"URL": "https://github.com/spring-petclinic/spring-petclinic-microservices-config"
}
},
{
"name": "user",
"stereotypes": [
"user_stereotype",
"entrypoint",
"exitpoint"
],
"tagged_values": {}
}
],
"information_flows": [
{
"sender": "github_repository",
"receiver": "config_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "tracing_server",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "tracing_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "admin_server",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "admin_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "prometheus_server",
"receiver": "grafana_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "customers_service",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "customers_service",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "customers_service",
"receiver": "tracing_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "customers_service",
"receiver": "prometheus_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "vets_service",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "vets_service",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "vets_service",
"receiver": "tracing_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "vets_service",
"receiver": "prometheus_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "visits_service",
"receiver": "discovery_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "visits_service",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "visits_service",
"receiver": "tracing_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "visits_service",
"receiver": "prometheus_server",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "discovery_server",
"receiver": "api_gateway",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "user",
"receiver": "api_gateway",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "user",
"stereotypes": [
"restful_http",
"load_balanced_link"
],
"tagged_values": {}
},
{
"sender": "config_server",
"receiver": "api_gateway",
"stereotypes": [
"restful_http"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "prometheus_server",
"stereotypes": [
"restful_http",
"load_balanced_link"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "vets_service",
"stereotypes": [
"restful_http",
"load_balanced_link"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "visits_service",
"stereotypes": [
"restful_http",
"load_balanced_link"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "customers_service",
"stereotypes": [
"restful_http",
"load_balanced_link",
"circuit_breaker_link"
],
"tagged_values": {}
},
{
"sender": "api_gateway",
"receiver": "tracing_server",
"stereotypes": [
"restful_http",
"load_balanced_link"
],
"tagged_values": {}
}
]
}
Model Items
The Application consists of a total of 129 elements:
| Element | Count |
|---|---|
| Services | 10 |
| External Entities | 2 |
| Information Flows | 28 |
| Annotations | 89 |
| Total Items | 129 |
Model Representations
Open the model in the following formats:
Traceability
Open the traceability information for all model items:
Security Rules
The following table shows the application’s adherence to the 17 architectural security rules. The last column provides model variants that adhere to the rule for each rule that is initially violated.
| Rule ID | Verdict | Evidence | Model Variant |
|---|---|---|---|
| R1 | Evidence | ||
| R2 | Evidence | Variant | |
| R3 | Evidence | Variant | |
| R4 | Evidence | Variant | |
| R5 | Evidence | Variant | |
| R6 | Evidence | Variant | |
| R7 | Evidence | Variant | |
| R8 | Evidence | Variant | |
| R9 | Evidence | Variant | |
| R10 | Evidence | Variant | |
| R11 | Evidence | Variant | |
| R12 | Evidence | Variant | |
| R13 | Evidence | ||
| R14 | Evidence | ||
| R16 | Evidence | ||
| R17 | Evidence | Variant | |
| R18 | Evidence | Variant |
Evidence and explanations for rule decisions
R1
This rule is unknown:
- Spring Cloud Gateway Routes defined in the YML-Configuration
- No authorization server present in this application, thus no authentication and authorization mechanism present,
- Also no @EnableResourceServer annotation is present.
Artifacts:
R2
Rule is violated: No authorization/authentication mechanism is deployed.
R3
Rule is violated: No authorization/authentication mechanism is deployed.
R4
Rule is violated: No authorization/authentication mechanism is deployed.
R5
Rule is violated: No validation of tokens as no tokens are issued.
R6
Rule is violated: As there is no authorization/authentications mechanisms, there are no login attempts possible.
R7
Rule is violated: No mention of SSL, TLS, key-store or trust store in the entire repository.
R8
Rule is violated: See Rule 7 arguments.
R9
Rule is violated: No central logging system is deployed.
R10
Rule is violated: No central logging system is deployed.
R11
Rule is violated: No central logging system is deployed.
R12
Rule is violated: No message broker is deployed and no logs are collected.
R13
Rule is adhered to:
- Circuit breaker bean defined
- Circuit breaker instantiated and started for specific route
Artifacts:
R14
Rule is adhered to: Route URI given with “lb://” for Spring Cloud LoadBalancer to resolve from discovery service to.
Artifacts:
R15
This rule is not applicable: Not a service mesh deployment.
R16
Rule is adhered to:
- Registry Service (Eureka) present with @EnableEurekaServer annotation,
- Started through Docker-Compose, should also be able to be deployed on dedicated server.
Artifacts:
R17
Rule is violated: No HTTP basic password listed in any YML-Configuration of format username:password@here-location-of-eureka-server at “eureka.client.serviceUrl.defaultZone”.
Artifacts:
- DiscoveryServerApplication.java: Line: 26
R18
Rule is violated: No secret manager is deployed.