Skip to content

Implement Audit as a Service (AaaS) based on ADIT tool #85

New issue
New issue
Open
Feature
Open
Implement Audit as a Service (AaaS) based on ADIT tool#85
Feature
Labels
enhancementNew feature or request
@denifilatoff

Description

@denifilatoff
denifilatoff
opened on Jul 10, 2025

Is your feature request related to a problem? Please describe

Our current audit and validation processes are decentralized, leading to duplicated logic across multiple repositories and CI/CD pipelines. This creates several challenges:

  • Code Duplication: The same validation logic is repeatedly implemented and maintained, increasing overhead.
  • Inconsistent Updates: Propagating updates and bug fixes across all instances is complex and error-prone, resulting in version fragmentation.
  • CI/CD Bottlenecks: Synchronous audit tasks can significantly slow down build and deployment pipelines.
  • Limited Retrospective Analysis: The lack of a centralized audit data store makes it difficult to perform historical analysis across projects.
  • Web UI Performance: The existing web interface performs poorly when rendering large data tables (thousands of DOM elements), degrading the user experience.

Describe the solution you'd like

We propose developing a centralized Audit as a Service (AaaS) to act as a single, authoritative source for all validation tasks, accessible via a REST API.

Core Features:

  1. Centralized Repository Processing: The service will automatically fetch repositories based on configurable rules (e.g., release tags).
  2. Dependency Graph Management: It will generate a comprehensive dependency graph and cache it for performance. The graph will be updated on-demand via an API call when a project's codebase changes.
  3. Asynchronous CI/CD Integration: CI/CD pipelines will trigger the service via a non-blocking API call. Updates to the AaaS will be instantly available to all integrated systems without requiring changes to individual pipelines.

Architectural Vision:

We recommend a Unified Application approach:

  • Merge the CLI, Core, and a lightweight web component into a single repository and application.
  • Develop a shared core module responsible for graph generation, validation logic, and reporting.
  • Expose functionality through both a REST API for programmatic integration and a set of console commands for scripting and direct use.

Reporting and Visualization Strategy:

  • Static Reports: Continue generating static reports in Markdown (for Confluence) and plain HTML for archival and basic visualization.
  • Interactive Dashboards: For complex data analysis and interactive dashboards, we will leverage a specialized BI tool like Superset. This approach avoids the significant development and maintenance costs associated with a custom web UI and solves the current performance issues.

Describe alternatives you've considered

No response

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    Feature

    Projects

    qubership-observability

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions