feat: LikeC4 architecture diagrams first pass BED-7493

[superlinkx]

Description

Adds LikeC4 architecture as code for our project. These were crafted with AI assistance (multiple iterations), followed by my own combing through the results for accuracy checks. This is not the end all of our architecture documentation, but it should provide a solid starting point for us to continue to improve our architecture documentation and understanding. Proper notation and color differentiation is included to make it easier to understand what a viewer is looking at.

Motivation and Context

Resolves BED-7493

We've long been lacking good, consolidated architecture documentation. This is an attempt to treat architecture artifacts as code so we can continue to improve our documentation and understanding of our systems.

How Has This Been Tested?

All views were manually vetted in the LikeC4 web app:

• Run just view-architecture
• A webpage should open automatically when the server finishes spinning up
• Click on the view selector in the top left to go look at other views

Screenshots (optional):

Types of changes

• Chore (a change that does not modify the application functionality)

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed

Summary by CodeRabbit

• Documentation

  • Added comprehensive architecture documentation: system context, container/component views, API server and auth flows, data pipeline, UI component diagrams, and a shared architecture specification.

• Chores

  • Added configuration and tooling to generate interactive architecture visualizations.
  • New command to launch/explore the interactive architecture diagrams.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9fbf415 and a189ce6.

📒 Files selected for processing (4)

• architecture/model/bloodhound.c4
• architecture/model/relationships.c4
• architecture/views/containers.c4
• architecture/views/data-pipeline.c4

🚧 Files skipped from review as they are similar to previous changes (4)

• architecture/views/data-pipeline.c4
• architecture/model/bloodhound.c4
• architecture/model/relationships.c4
• architecture/views/containers.c4

---

📝 Walkthrough

Walkthrough

Adds LikeC4 architecture artifacts for BloodHound CE: project config and DSL, system/container models, API server/component/daemon/service models, UI components, external collectors, relationship mappings, multiple views, and a justfile target.

Changes

Cohort / File(s)	Summary
Configuration & Build architecture/likec4.config.json, justfile	Add LikeC4 project config (schema, name, title) and a just target to run the LikeC4 CLI.
Specification architecture/specification.c4	Introduce DSL/specification: element kinds, relationship kinds, and tags with visual styling defaults.
System & Containers architecture/model/bloodhound.c4, architecture/views/containers.c4, architecture/views/context.c4	Declare BloodHound system boundary and container-level views (API Server, Web UI, PostgreSQL, Graph stores, external actors) with styles.
API Server Model & Views architecture/model/api-server.c4, architecture/views/api-server.c4, architecture/views/auth.c4	Define API Server internals: HTTP/router/auth layer, REST API, daemons, core services, data-access clients; add component and auth-flow views and grouping/styles.
UI Model & View architecture/model/ui.c4, architecture/views/ui.c4	Add Web UI components (App Shell, Redux Store, Graph Explorer, API client, feature views) and a UI components view with per-component styling.
External Systems & Data Pipeline architecture/model/external.c4, architecture/model/relationships.c4, architecture/views/data-pipeline.c4	Add external actors/collectors (SharpHound, AzureHound, AD, Azure AD), comprehensive relationship mappings across actors/services/daemons/datastores, and a data-pipeline view describing ingestion and processing.
Views: Auth & Misc architecture/views/auth.c4, architecture/views/api-server.c4, architecture/views/ui.c4	Add focused views for authentication/authorization, API server components, and UI modules with visual groupings and color styling.

Sequence Diagram(s)

sequenceDiagram
  participant SharpHound as SharpHound
  participant API as API Server\n(httpRouter → authMiddleware → restApi)
  participant DataPipe as DataPipe Daemon
  participant Graphify as Graphify Service
  participant GraphDB as Graph DB (DAWGS / Neo4j)

  SharpHound->>API: Upload collector payload (HTTP REST)
  API->>API: authMiddleware → authenticator / authorizer
  API->>DataPipe: Dispatch ingestion job
  DataPipe->>Graphify: Submit graphification task
  Graphify->>GraphDB: Write graph data
  GraphDB-->>Graphify: Ack / indexes
  Graphify-->>DataPipe: Completion status
  DataPipe-->>API: Job result / status update

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested reviewers

• urangel

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly identifies the main change: adding LikeC4 architecture diagrams as a first pass implementation, with the associated ticket reference.
Description check	✅ Passed	The description is comprehensive and follows the template structure. All required sections are present: description, motivation/context with ticket reference, testing instructions, change type, and completed checklist.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch BED-7493

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@architecture/model/relationships.c4`:
- Line 54: Change the relationship so the Security Operator actor consumes the
user-facing UI component instead of the internal apiClientLib: replace the
target bloodhound.ui.apiClientLib with a UI component (e.g., bloodhound.ui.webUI
or bloodhound.ui.userInterface) in the relationship `securityOperator -[sync]->
...` and keep a separate relationship from that UI component to
bloodhound.ui.apiClientLib to show the implementation detail (UI ->
apiClientLib).

In `@justfile`:
- Around line 180-182: The justfile target view-architecture currently runs "npx
-y likec4 start" which pulls the latest likec4 and can cause non-reproducible
output; update the target to pin a specific likec4 CLI version (e.g. replace
"npx -y likec4 start" with a pinned invocation like "npx -y likec4@<version>
start" or use an installed devDependency and run the pinned binary) so the
command always uses the same CLI version; adjust any CI or local docs to
reference the chosen <version> and ensure the change targets the
view-architecture entry.

---

ℹ️ Review info

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e80426f and a28c6da.

📒 Files selected for processing (14)

• architecture/likec4.config.json
• architecture/model/api-server.c4
• architecture/model/bloodhound.c4
• architecture/model/external.c4
• architecture/model/relationships.c4
• architecture/model/ui.c4
• architecture/specification.c4
• architecture/views/api-server.c4
• architecture/views/auth.c4
• architecture/views/containers.c4
• architecture/views/context.c4
• architecture/views/data-pipeline.c4
• architecture/views/ui.c4
• justfile

[coderabbitai]

🧹 Nitpick comments (1)

architecture/model/relationships.c4 (1)

14-20: Consider reducing duplicated collector upload edges to avoid drift.

Line 14 + Line 15 (and Line 18 + Line 19) model the same upload path at two levels. This is valid, but it can diverge over time when only one edge gets updated. Consider keeping a single authoritative edge per interaction level or adding a short intentional duplication note here.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@architecture/model/relationships.c4` around lines 14 - 20, The diagram
contains duplicated upload edges for the same interactions (sharpHound ->
bloodhound.apiServer and sharpHound -> bloodhound.apiServer.restApi; same for
azureHound), which risks drift; pick a single authoritative edge per interaction
(e.g., keep the specific restApi edges bloodhound.apiServer.restApi and remove
the broader bloodhound.apiServer upload edges) or, if you intentionally want
both, add a short comment like "intentional duplication" next to the paired
edges (sharpHound, azureHound, bloodhound.apiServer,
bloodhound.apiServer.restApi) so reviewers know the duplication is deliberate.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@architecture/model/relationships.c4`:
- Around line 14-20: The diagram contains duplicated upload edges for the same
interactions (sharpHound -> bloodhound.apiServer and sharpHound ->
bloodhound.apiServer.restApi; same for azureHound), which risks drift; pick a
single authoritative edge per interaction (e.g., keep the specific restApi edges
bloodhound.apiServer.restApi and remove the broader bloodhound.apiServer upload
edges) or, if you intentionally want both, add a short comment like "intentional
duplication" next to the paired edges (sharpHound, azureHound,
bloodhound.apiServer, bloodhound.apiServer.restApi) so reviewers know the
duplication is deliberate.

---

ℹ️ Review info

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a28c6da and 9fbf415.

📒 Files selected for processing (2)

• architecture/model/relationships.c4
• justfile

🚧 Files skipped from review as they are similar to previous changes (1)

• justfile