FYI. This isn't ready yet but has been is in the work since the start of the month.

Problem

  • Different monitoring components pull in a lot of 3rd party dependencies. This can expose our engines to vulnerabilities which require a full engine upgrade to resolve

  • Because we want to be able to compile / validate rules from our workspace, our server also has a dependency on monitoring components. This means we're also pulling 3rd party dependencies into our web application / server

Solution

  • Break up components core into smaller plugins for specific applications technologies (i.e., Salesforce, Kubernetes, Docker, etc.)

  • Each plugin is dependent on a small components-core module which defines interfaces and shared classes

  • Plugins can pull in external dependencies as needed (e.g.Apache Camel)

  • Plugins can provide custom components and rules (e.g., Salesforce Event Monitor)

  • Plugins have their own version independent of Germain engines, so we can deploy patches to just the plugins if necessary