This comprehensive technical guide provides in-depth documentation for developers, system administrators, and contributors working with the Sentinel platform.
- Architecture Overview - System design and components
- Service Components - Detailed service documentation
- Agent Implementation - AI agent architecture and algorithms
- Database Design - Schema, models, and migrations
- Configuration Management - Settings and environment management
- Security Architecture - Authentication, authorization, and security measures
- Observability Stack - Logging, metrics, and tracing
- Message Broker Integration - Asynchronous communication
- Rust Core Integration - High-performance agent execution
- Development Guide - Contributing and extending Sentinel
Sentinel follows a microservices architecture pattern with the following key principles:
- Service Independence: Each service has its own database and deployment lifecycle
- API-First Design: All communication through well-defined REST APIs
- Asynchronous Processing: Message broker for long-running tasks
- Horizontal Scalability: Services can be scaled independently
- Fault Tolerance: Circuit breakers and retry mechanisms
| Layer | Technologies |
|---|---|
| Frontend | React, Redux Toolkit, React Query, Tailwind CSS |
| Backend Services | Python 3.10+, FastAPI, Pydantic |
| Agent Core | Rust, ruv-swarm, WebAssembly |
| Database | PostgreSQL 14+ with pgvector |
| Message Broker | RabbitMQ |
| Observability | Prometheus, Jaeger, structlog |
| Container | Docker, Docker Compose |
| CI/CD | GitHub Actions, GitLab CI, Jenkins |
┌─────────────────────────────────────────────────────────┐
│ API Gateway (8000) │
│ (Authentication, Routing) │
└─────────────┬───────────────────────────────────────────┘
│
┌─────────┴─────────┬──────────┬──────────┬──────────┐
│ │ │ │ │
┌───▼────┐ ┌──────▼────┐ ┌───▼────┐ ┌──▼───┐ ┌────▼────┐
│ Auth │ │ Spec │ │ Orch │ │ Exec │ │ Data │
│Service │ │ Service │ │Service │ │ Svc │ │Service │
│ (8005) │ │ (8001) │ │ (8002) │ │(8003)│ │ (8004) │
└────────┘ └───────────┘ └───┬────┘ └──────┘ └─────────┘
│
┌──────▼──────┐
│ Rust Core │
│ (8088) │
└─────────────┘
-
API Specification Upload
Client → API Gateway → Spec Service → Database -
Test Execution
Client → API Gateway → Orchestration → Message Broker → Rust Core → Execution Service → Database -
Results Retrieval
Client → API Gateway → Data Service → Database → Analytics Processing → Client
-
Network Security
- TLS/SSL encryption
- Network segmentation
- Firewall rules
-
Application Security
- JWT authentication
- Role-based access control
- Input validation
- SQL injection prevention
-
Data Security
- Encryption at rest
- Encryption in transit
- Sensitive data masking
- Audit logging
# Multi-level caching
L1: In-memory cache (Redis) # Hot data, <100ms
L2: Database cache (PostgreSQL) # Warm data, <500ms
L3: Object storage (S3) # Cold data, <2s-
Horizontal Scaling
- Stateless services
- Load balancing
- Auto-scaling policies
-
Vertical Scaling
- Resource optimization
- Database tuning
- Query optimization
- Normalization: 3NF for transactional data
- Denormalization: Read-optimized views for analytics
- Partitioning: Time-based partitioning for test results
- Indexing: Strategic indexes for query performance
-- Core entities
specifications -- API specifications
test_suites -- Test suite definitions
test_cases -- Individual test cases
test_runs -- Test execution instances
test_results -- Test execution results
-- Analytics
test_metrics -- Performance metrics
test_trends -- Historical trends
anomalies -- Detected anomalies
-- Security
users -- User accounts
roles -- Role definitions
permissions -- Permission mappings
audit_logs -- Security audit trailstateDiagram-v2
[*] --> Created: Agent instantiated
Created --> Initialized: Load configuration
Initialized --> Ready: Validate dependencies
Ready --> Executing: Receive task
Executing --> Completed: Task finished
Executing --> Failed: Task error
Completed --> [*]: Cleanup
Failed --> [*]: Cleanup
| Agent | Responsibility | Key Algorithms |
|---|---|---|
| Functional-Positive | Valid test cases | Schema analysis, data generation |
| Functional-Negative | Invalid test cases | Boundary value analysis, fuzzing |
| Functional-Stateful | Workflow testing | SODG construction, state management |
| Security-Auth | Auth vulnerabilities | BOLA detection, privilege escalation |
| Security-Injection | Injection attacks | Payload generation, pattern matching |
| Performance-Planner | Load test scenarios | Workload modeling, script generation |
| Data-Mocking | Test data generation | Faker, schema-aware generation |
-
CI/CD Platforms
- GitHub Actions
- GitLab CI
- Jenkins
- CircleCI
-
Monitoring Systems
- Prometheus
- Grafana
- ELK Stack
- Datadog
-
Notification Services
- Slack
- Email (SMTP)
- Webhooks
- PagerDuty
# Clone repository
git clone https://github.com/proffesor-for-testing/sentinel-api-testing.git
# Set up Python environment
cd sentinel_backend
poetry install
# Set up Rust environment
cd sentinel_rust_core
cargo build
# Start services
docker-compose up -d
# Run tests
pytest
cargo testsentinel_backend/
├── api_gateway/ # API Gateway service
├── auth_service/ # Authentication service
├── spec_service/ # Specification management
├── orchestration_service/
│ └── agents/ # Python agent implementations
├── execution_service/ # Test execution
├── data_service/ # Data and analytics
├── config/ # Configuration management
├── tests/ # Test suites
└── alembic/ # Database migrations
sentinel_rust_core/
├── src/
│ ├── agents/ # Rust agent implementations
│ ├── types.rs # Type definitions
│ └── main.rs # Service entry point
└── Cargo.toml # Rust dependencies
| Operation | P50 | P95 | P99 |
|---|---|---|---|
| Spec Upload | 150ms | 500ms | 1s |
| Test Execution | 2s | 10s | 30s |
| Results Query | 50ms | 200ms | 500ms |
| Analytics | 200ms | 1s | 3s |
- API Gateway: 10,000 req/s
- Test Execution: 100 concurrent tests
- Data Processing: 1M results/hour
- Analytics: Real-time for <100K records
-
Logging
# Structured logging with correlation IDs logger.info("Processing request", correlation_id=request.correlation_id, user_id=user.id, action="test_execution")
-
Tracing
# Distributed tracing with Jaeger with tracer.start_span("test_execution") as span: span.set_tag("test_type", "functional") # ... execution logic
-
Metrics
# Prometheus metrics test_execution_duration.observe(duration) test_execution_counter.inc()
All services expose health check endpoints:
# Basic health check
GET /health
# Detailed health check
GET /health/ready
# Liveness probe
GET /health/live{
"status": "healthy",
"version": "1.0.0",
"timestamp": "2025-01-08T10:00:00Z",
"checks": {
"database": "healthy",
"message_broker": "healthy",
"dependencies": "healthy"
}
}- API Reference - Complete API documentation
- Deployment Guide - Production deployment
- Contributing Guide - How to contribute
- Architecture Decision Records - Design decisions
For technical questions:
- Check the FAQ
- Search GitHub Issues
- Join our Developer Discord
- Contact the core team
Ready to dive deeper? Start with the Architecture Overview →