Skip to content

Services

Eight microservices, each owning a single bounded context and its own AlloyDB instance. Events flow through Pub/Sub — see the event catalog for schemas and the end-to-end trail.

core-svc

Owns identity brokering (wraps GCP Identity Platform), the RBAC policy store, org / tenant records, and the audit stream fan-in.

Why it's central. Every other service delegates authorisation by attaching a signed policy-decision token from core-svc to each inter-service call.

flowchart LR
  IDP[GCP Identity Platform] --> CORE[core-svc]
  CORE -->|policy tokens| OTHERS[other services]
  CORE -->|audit events| BUS((Pub/Sub))

submission-svc

Owns the submission aggregate — metadata, pre-consultation checklist, file index, revisions, status, and dashboard read models.

Scale. Read replicas absorb dashboard load. Large files never enter FastAPI — PSPs PUT direct to GCS via V4-signed URLs.

flowchart LR
  SPA[SPA]
  SUB[submission-svc]
  GCS[(GCS<br/>siss-uploads)]
  BUS((Pub/Sub))

  SPA -->|POST /submissions| SUB
  SPA -->|signed PUT<br/>bypasses SUB| GCS
  SUB -.reads metadata.-> GCS
  SUB -->|submission.created<br/>submission.files.attached<br/>preconsult.checklist.passed| BUS

workflow-svc

Owns Temporal workflow definitions and activity routing. This is the service where the end-to-end KM Submission Workflow lives — see Workflows.

flowchart LR
  BUS((Pub/Sub)) --> WF[workflow-svc]
  WF -->|activities| SUB[submission-svc]
  WF -->|activities| AI[ai-svc]
  WF -->|activities| CMT[comment-svc]
  WF -->|activities| SIGN[signing-svc]
  WF -->|workflow.step.assigned<br/>workflow.sla.breaching| BUS

comment-svc

Owns inline markup, structured comment templates, the comment library, response tracker, and revision comparison.

Milestone. M2 ships the basic shape (aggregate comments for Kertas Perakuan). M3 activates inline markup, library reuse, and the revision diff UI.

ai-svc

Owns document extraction, compliance checking, comment drafting, risk-area highlighting, and revision diff summarisation. All AI is human-in-the-loop — see AI pipeline.

flowchart LR
  SUB[submission-svc] -->|submission.files.attached| AI[ai-svc]
  AI --> DOCAI[Document AI]
  AI --> VTX[Vertex AI<br/>Gemini + Vector Search]
  AI -->|ai.compliance.report.ready| BUS((Pub/Sub))

bim-svc

Owns IFC validation, metadata extraction, XKT tile generation, and zoning envelope comparison. Runs on a dedicated GKE node pool. See BIM pipeline.

Milestones. M4 ships validation + tile pipeline + viewer. M5 ships metadata extraction and zoning overlay / exceedance flagging.

signing-svc

Owns PAdES digital signatures for Kertas Perakuan, SIGL, and Surat Sokongan, backed by Cloud KMS / HSM. See Signing.

Why it's small and isolated. Tightest compliance surface in the platform; keeping it minimal and boundary-auditable matters more than sharing code with other services.

flowchart LR
  WF[workflow-svc] -->|signal| SIGN[signing-svc]
  SIGN --> KMS[Cloud KMS]
  SIGN --> TSA[RFC 3161 TSA]
  SIGN -->|perakuan.signed<br/>sigl.certificate.issued| BUS((Pub/Sub))

notification-svc

Owns email, SMS, and in-app notifications — driven by domain events.

flowchart LR
  BUS((Pub/Sub)) --> NOT[notification-svc]
  NOT --> MAIL[Email provider]
  NOT --> SMS[SMS provider]
  NOT --> INBOX[(In-app inbox)]

Seed roles and templates

notification-svc ships seed templates per event type with en-MY and ms-MY copies, rendered via Jinja2 and validated on dispatch.