Versions Compared

Old Version 6

changes.mady.by.user dorte.hansen

Saved on

compared with

New Version 7

changes.mady.by.user John Schneider

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents

When hosting a Telemedicine Solution including a potential BFF on the eHealth platform for either an employee or patient solution , you will be given access to the following tools.

...

The deployment and configuration is defined in a dedicated git repository for each BFF applicationsolution.

The git repository is hosted on the eHealth infrastructure, and is named:

Code Block
languagebash
{Vendor Short Name}-{Application Short Name}/helmsman

This repository contains a values.yaml file for each environment that the application solution can be deployed to, containing the specific values for this environment, if any.

A deployment pipeline is connected to this repository, following the outline described in Development and deployment cycle .

Docker Image hosting

Each BFF application solution is given a docker repository hosted on the eHealth Platform. It is only possible and allowed to deploy images to the different environments from this docker repository.

This docker repository is not meant for all development builds, but only for images that the vendor has tested and validated internally, and that the vendor believes are ready for testing and QA.

All images in the BFF docker repository is scanned for known security problems. And when any new security problems are found it is the responsibility of the Vendor to build a new BFF image, push it, test it, and make sure it is deployed.

...

This repository contains the only helm chart that the vendor is allowed to use to deploy the BFF their applications on the platform. The chart should be complete enough to run any BFFthe application, with different configuration for values, health endpoints, resource usage etc.

...

All applications on the platform is hosted on Kubernetes. To enforce separation between BFF applications and to harden the security on the platform each BFF application will have it’s own Kubernetes namespace.

...

The vendor is given access to a central log collection where you can see any logs, audits and metrics collected from the BFFapplication. The vendor will not have access to logs for the rest of the platform services, or from other BFF applications.

When moving up through the different environments, the access will be less and less to protect against unwanted data disclosure.

...

A GUI presenting the collected data for i.e. exttest EXTTEST car be accessed here https://jaeger.admin.exttest.ehealth.sundhed.dk/search