Technology stack
The stack is locked — changes require an architecture review. The table
below follows the architecture spec §3.
Frontend Backend Data Infra
Concern
Choice
UI framework
React 19 + TypeScript
Build tool
Vite
App shape
Single SPA with role-gated routes
BIM viewer
xeokit-sdk (open source), XKT tile pipeline
State
TanStack Query + Zustand
e2e
Playwright
Concern
Choice
Language / runtime
Python 3.12
HTTP framework
FastAPI
DB access
SQLAlchemy 2 + asyncpg, Alembic migrations
Validation
Pydantic v2
Workflow engine
Temporal (self-hosted on GKE), Temporal Python SDK
Document AI
Google Document AI (PDF OCR / layout), ezdxf (DWG), IfcOpenShell (IFC)
LLM
Vertex AI (Gemini) + Vertex AI Vector Search for RAG
Testing
pytest + pytest-asyncio, real dependencies via docker-compose
Concern
Choice
Transactional DB
AlloyDB for PostgreSQL — one instance per service, private IP, pgAudit + RLS
Object storage
Google Cloud Storage (CMEK-encrypted)
Event bus
Google Pub/Sub
Cache / sessions
Memorystore (Redis)
Search / RAG
Vertex AI Vector Search
Audit / BI
BigQuery (Pub/Sub → BQ sink)
Delayed jobs
Cloud Tasks (anything not a Temporal timer)
Concern
Choice
Cloud
Google Cloud Platform, Malaysia region (Singapore fallback until MY regions reach parity)
Compute
GKE Autopilot; separate node pool for AI / BIM workers
CityOS platform
GT Console (gc/) — identity, module-level RBAC, tenants, seat subscriptions, metering. See Platform integration .
Identity
GCP Identity Platform (OIDC / SAML federation) — reached via GT Console
Signing
Cloud KMS / HSM, PAdES via pyHanko
IaC
Terraform + Helm + ArgoCD / Cloud Deploy
Observability
OpenTelemetry → Cloud Trace, Cloud Logging, Cloud Monitoring
Edge
Cloud Load Balancer + Cloud Armor (WAF) + IAP
Service mesh
Anthos Service Mesh (or Istio) for mTLS between services
Key properties that follow from the stack
Managed wherever possible. Pub/Sub, AlloyDB, Vertex AI, Cloud KMS, GKE Autopilot, and Identity Platform are all managed — the team owns Temporal and the service code, not the data plane.Real dependencies in tests. docker-compose brings up Postgres, Redis, Pub/Sub emulator, Temporal, fake GCS, and an OpenTelemetry collector. No mocks for integration tests.Direct-to-GCS file upload. Large files (especially IFC) never traverse FastAPI — see BIM pipeline and Data .One region, one fallback. Malaysia-primary with Singapore fallback keeps data residency predictable for compliance.