Lingoport Suite Product Security

From Lingoport Wiki
Revision as of 20:20, 9 December 2019 by Olibouban (talk | contribs) (Resource Manager)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Here is general information about the security setup for the Lingoport Suite. This covers a description of the different Lingoport Suite components, and the data path between them.

Components

Globalyzer

Scans code and detects internationalization (i18n) issues

  • Globalyzer Server:
    • Stores regex pattern-based 'rule sets' used to detect i18n issues and filter out false positives.
    • The Globalyzer server can either be hosted by Lingoport at Globalyzer.com or run by the customer.
    • The Globalyzer server can be eliminated and the rulesets can be located in the repo or on the Continuous Globalization Server.
  • Globalyzer Clients:
    • Connects to the Globalyzer server and logs in.
    • Downloads rule sets from server, or uses local rulesets.
    • Uses rule set to scan code (no code is sent to the server!).
    • May push rule set changes to the server.
    • Displays the i18n issues.
    • Can run on developer machines in an Integrated Development Environment
    • Also runs on the Continuous Globalyzation System - these results are displayed on Lingoport Dashboard (see Data Path)

Resource Manager

Manages resource files as they are sent to and returned from the translation management system.

  • Detects issues in resource files (duplicate or missing keys, parameter mismatch in text for different languages, etc.)
  • Detects changes to base resource files. Then sends relevant changes out to the translation vendor for translation into other languages.
  • Automatically retrieves translations from translation vendors and checks those changes into the source control repository.
  • Runs on Continous Globalization System to populate the Lingoport Dashboard.

Lingoport Dashboard

  • Displays the overview and details of Globalyzer scans and the Resource Manager translation status
  • Users may view Globalyzer and Resource Manager issues in context within the source code.
  • Runs on the Continuous Globalization System

Jenkins (not a Lingoport program)

Lingoport uses Jenkins to automate running of Globalyzer scan, Resource Manager operations and reports, and updating of the Lingoport Dashboard for all projects. It also has a number of helper jobs used throughout the process.

  • Runs on the Continuous Globalization System.

Data Path

Lingoport Access

It's most convenient if Lingoport can have SSH access to the Linux system where Lingoport suite is configured. Otherwise, a Lingoport employee can guide an customer's employee through the setup using a videoconferencing program such as WebEx or GoToMeeting.

Globalyzer

Rule sets (regex data) are transferred between Globalyzer Server and Globalyzer Clients; It requires username/password based login.

Server at Globalyzer.com

  • Generates xml reports that will be read by the Lingoport Dashboard.
  • Clients are run on Lingoport Suite Linux system.
  • Clients are run on developer machines.

Resource Manager

Translation resource file updates sent to translation vendor, typically over SFTP. Resource file updates received from translation vendor, also typically over SFTP. Updates are checked for consistency (various in-depth checks), and then committed to source control if the checks pass.

  • Emails are sent to a list of email contacts defined in a configuration file.
  • Notifications for sent / received resource files
  • Error notifications
  • Translation status weekly email
  • Stores data in MySQL database
  • Run on linux system (light-blue box at bottom of graphic)
  • Generates xml reports that will be read by the Lingoport Dashboard.

Lingoport Dashboard

  • Resource Manager and Globalyzer are run on a server internal to Customer's network. Each generates an XML report.
  • Dashboard Client reads source code, and these XML reports.
  • Dashboard Client processes this data, and sends it to the Dashboard Server
  • Data sent over HTTP/HTTPS.
  • Most often, the Dashboard Client and Dashboard Server are hosted on the same machine (light-blue box at bottom of graphic), so network communication is internal to this machine.
  • Requires a either a username/password or a user token, which will be stored in configuration files.
  • Stores data in MySQL database
  • Dashboard Server is a web application

Jenkins (not a Lingoport program)

  • Used to automate running of Globalyzer Client, Resource Manager and updating of the Lingoport Dashboard
  • Various security options available, username/password is most common. LDAP is another option.
  • Run on Linux system (light-blue box at bottom of graphic)
  • Web application

Installation data path requirements for the Continuous Globalization Server

  • Ability to install/update programs via 'yum'.
  • Ability to download installer .zip file from lingoport.net via sftp
  • The download does not have to be directly to the target machine. It can be downloaded by another machine and then transferred.
  • The Jenkins application should be within Customer's firewall
  • The Lingoport Dashboard should be accessible within Customer's firewall
  • The Continuous Globalization system needs access to https://globalyzer.com

Recommended, but not required

Linux system access to: