+
+ If you are trying to access the API documentation: The API documentation is
+ not available in your current environment. It is only available via the
+ documentation of Collaboration Manager instances. It is not available on:
+
+
+
GitHub Pages
+
Local non-cluster development environments
+
ReadTheDocs
+
+
+ If you believe this is an error, please contact your system administrator.
+
+
+
+
Alerts can be used to inform users about changes, news or maintenance work. The
+alerts are displayed to each user.
+
+
+
+
Navigate to Menu → Settings
+
+
Fill in all required fields in the Create an alert form.
+
+
+
What does the alert level mean?
+
The alert level specifies the background color of the alert. You can
+choose one of the following options:
+ primary
+ secondary
+ success
+ danger
+ warning
+ info
+
+
+
Which scopes are available?
+
Currently, there is only one scope. Please enter t4c in the scope field.
+
+
+
Hint
+
Simple HTML tags can be used in the alerts description.
+For example, a link can be created with:
+
<ahref="example.com">Link description</a>
+
+
+
+
The alert is now created and is displayed to all users:
+
The build images are tagged with the revision they were build with (e.g., when
+running for main the tag would be :main) All characters matching the regex
+[^a-za-z0-9.] will be replaced with -.
+
You have to add the following environment variables on repository level. Make
+sure to enable the "Expand variable reference" flag.
+
+
PRIVATE_GPG_PATH: Path to the private GPG key used to decrypt the
+ secret.docker.json file (More about this file below)
+
Variables speciying how to name each image:
+
FRONTEND_IMAGE_NAME (defaults to capella/collab/frontend)
+
BACKEND_IMAGE_NAME (default to capella/collab/backend)
+
DOCS_IMAGE_NAME (defaults to capella/collab/docs)
+
GUACAMOLE_IMAGE_NAME (defaults to capella/collab/guacamole)
+
+
In addition you can adjust the following variables when running a pipeline:
+
+
Variables specifying whether to build an image (default to 1):
+
FRONTEND: Build the frontend image?
+
BACKEND: Build the backend image?
+
DOCS: Build the docs image?
+
GUACAMOLE: Build the guacamole image?
+
TARGET: The target for which you want to build the images (More information
+ why this is important below)
+
+
This is the (minimal) configuration. For more advanced configuration options,
+please refer to the
+image-builder
+Gitlab template.
+
Docker SOPS File
+
We make use of Mozilla SOPS files to store
+secrets used in the image builder template. Therefore you need to have a
+directory $TARGET for each target with a secret.docker.json inside. You can
+create the secret.docker.json by running the following command:
Any time you update the .sops.yaml (i.e., adding or removing a fingerprint)
+you will have to run sops updatekeys ./<target>/secret.docker.json to ensure
+that only authorized persons can decrypt the secret file.
+
Lastly, please ensure that your Gitlab runners GPG fingerprint is present in
+the .sops.yaml such that it can use the secret values.
You have to add the following environment variables on repository level. Make
+sure to enable the "Expand variable reference" flag.
+
+
PRIVATE_GPG_PATH: Path to the private GPG key used to decrypt the
+ secret.k8s.json files.
+
GRAFANA_HELM_CHART: (Optional) - This variable is used to set the URL for
+ the Grafana Helm chart. It is useful if your deployment environment has
+ limited access, so you can specify a URL that is accessible for you.
+
+
In addition you can adjust the following variables when running a pipeline:
+
+
TARGET: The target for which you want to build the images (More information
+ why this is important below)
+
REVISION: The revision of the capella collab manager repository you want to
+ use
+
+
Docker and Kubernetes SOPS Files
+
For the k8s-deploy.yml you need to have some secret sops files in place.
+First of all, you need a secret.docker.json file as described
+here. In addition, you need to have a secret.k8s.json in
+each target directory created by a json file having the following structure:
In addition, you need to have a general.values.yaml containing all the
+values.yaml values that do not have to be encrypted and a
+secret.values.yaml only containing the values that should be encrypted
+(Please do not use YAML anchors in the secret.values.yaml file and do not use
+the _unencrypted suffix in the variable names).
+
Please delete the plain text files containing secrets directly after encrypting
+them.
+
Gitlab Repository Tree
+
The tree inside of your Gitlab repository should look like:
The Collaboration Manager repository contains a few tools that may come in
+handy when you're an administrator of a Collaboration Manager setup.
+
The CLI (Command Line Interface) tool allows you to backup and restore user's
+workspaces.
+
For the tools to work you'll need access to the Kubernetes cluster the
+Collaboration manager is running on. In particular the namespace used to spawn
+sessions.
+
Installation
+
In order to use the CLI tooling, you'll need to have a local copy of the
+collab-manager application and Python 3.11 installed.
Once your environment is set up, you can use the CLI tooling. The tooling is
+located in a module:
+
python-mcapellacollab.cli--help
+
+
This gives you the help information. The CLI tool currently has one subcommand:
+ws, short for workspace.
+
Usage: python -m capellacollab.cli [OPTIONS] COMMAND [ARGS]...
+
+Options:
+ --install-completion [bash|zsh|fish|powershell|pwsh]
+ Install completion for the specified shell.
+ --show-completion [bash|zsh|fish|powershell|pwsh]
+ Show completion for the specified shell, to
+ copy it or customize the installation.
+ --help Show this message and exit.
+
+Commands:
+ ws
+
+
You can discover the CLI on your own by printing the help messages of the
+subcommands
This guide describes the steps to get started with the Capella Collaboration
+Manager.
+
Before you start, make sure you have a running environment. For instructions on
+how to set up such an environment, please refer to the
+Development installation guide.
+
First open a browser and go to http://localhost:8080.
+
You will be welcomed by a friendly screen and you can log in. The default setup
+is running an OAuth mock service for authentication.
+
+
As username, provide the admin for the admin user. If you have changed the
+username or want to test another user, enter your custom username.
+
+
You'll be returned to the Collaboration manager. Now you can start a session.
+Select Persistent Workspace and hit Request Session.
+
+
The system will now schedule and start a fresh workspace. Wait a bit for the
+workspace to be available
+
+
Once the session is ready, click Connect to Session and a new tab should
+open. After a few seconds you should see the Capella splash screen and a
+workspace will be shown in your browser.
+
+
What's Next
+
This introduction only scratches the surface of what's possible with the
+Collaboration Manager.
+
More advanced features include:
+
+
Read-only models from Git
+
Connect to a Team4Capella server (commercial product)
Are you interested in the platform and want to integrate it into your
+environment? We like to know more about the use case so that we can take it
+into account in future development. Please feel free to contact us:
+set@deutschebahn.com
+
You can also try out the platform locally. The README provides instructions for
+this. For production deployments you can learn more here:
+Production installation
This guide will help you set up the Capella Collaboration Manager on a
+Kubernetes cluster. The setup of the basic installation is straightforward, but
+we'll also delve into the more complex TeamForCapella support that requires
+building custom Docker images.
+
During development, we also took into account that the application can be
+installed in highly restricted environments. An internet connection is not
+necessarily required.
+
Step 1: Set up a Kubernetes Cluster
+
Kubernetes allows us to make operations as simple as possible later on. Updates
+can be fully automated. In addition, Kubernetes allows us to ensure a secure
+operation through standardized security hardening.
+
You can use an existing cloud service to create a Kubernetes cluster. We have
+running production deployments on Microsoft AKS and Amazon EKS. The application
+is designed in such a way that no cluster scope is necessary. All operations
+run at the namespace level, so it even runs in shared OpenShift clusters. But
+also if you simply have a Linux server at your disposal, this is no obstacle.
+
If you already have a running cluster, have kubectl up and running and can
+reach the cluster, then you can skip this step.
+
We provide instructions for some environments. If you set up the application in
+a different environment, please document the installation and obstacles that
+you find and we would be happy to receive a PR to help other users in the
+future.
+
+
+
+
+
Info
+
We have tested the instructions with Ubuntu Server 22.04.
+
+
+
+
Run steps 1-4 of the official microK8s Getting started guide.
+
+
+
Enable all required add-ons:
+
microk8senablehostpath-storage# For persistent storage
+microk8senablerbac# For role-based access control
+microk8senableingress# For load balancing
+
+
+
If you don't have any external registry available and TeamForCapella support is required, enable the registry:
+
Copy the kubectl configuration to the host, so that helm can pick it up:
+
mkdir-p$HOME/.kube
+microk8sconfig>$HOME/.kube/config
+chmod600$HOME/.kube/config# Nobody else should be able to read the configuration
+
+
+
Optional, but recommended: Set up a NFS for workspaces and Juypter file-shares.
+ The default hostpath-storage of microK8S doesn't enforce the specified capacity on PVCs.
+ This can be exploited by a user uploading so much data to their workspace that
+ the server goes out of disk storage.
Make sure to update the backend.storageClassName in the values.yaml in step 6 to nfs-csi.
+All new Jupyter file-shares and personal workspaces will use the new storage class then.
+
+
User mapping for non-root containers
+
If you want to run the session containers as non-root, you can set the runAsUser value in the podSecurityContext of the values.yaml.
+In the default configuration, runAsUser is set to 1004370000.
+
Unfortunately our setup NFS does not respect the fsGroup option. Therefore, all volumes are mounted with nobody:nogroup per default.
+This will lead to permission errors and crashing session containers.
+
To fix it, change the /etc/exports file and modify the options for the create file-share to:
+
Replace <user-id-of-session-containers> with the value of the runAsUser value of the Kubernetes Pod security context.
+
Then, apply the new configuration by running exportfs -ra.
+
+
+
+
+
+
We are constantly working on expanding our documentation. This installation method is currently not documented. If it is relevant, please feel free to contact us at set@deutschebahn.com or open an issue in this repository.
+
+
+
We are constantly working on expanding our documentation. This installation method is currently not documented. If it is relevant, please feel free to contact us at set@deutschebahn.com or open an issue in this repository.
+
+
+
+
Step 2: Validate the Available Resources
+
The minimum required resources are 3
+Kubernetes CPU cores
+and around 2,5GiB of memory for the management platform. Depending on the load,
+the instance can scale up and is limited to 10 Kubernetes CPU cores cores and
+~8GiB of memory.
+
Each session requires a minimum of 0.4 Kubernetes CPU cores and 1.6Gi of
+memory. A session can scale up until it reaches 2 Kubernetes CPU cores and 6Gi
+of memory.
+
Step 3: Set up the Required Namespaces (Optional)
+
The Collaboration Manager requires two different namespaces. For security and
+overview reasons, they are separated:
+
+
+
+
Capella Collaboration Manager control namespace: In this namespace, we run
+ the core application. It has full control over the sessions namespace and consists of the following services:
+
+
Frontend
+
Backend
+
Documentation
+
Guacamole
+
Prometheus
+
Grafana (Loki), can be disabled in the values.yaml
+
+
+
+
Sessions namespace. The namespace is controlled by the control namespace and you won't need to touch it. In the session namespace, the following services run:
+
+
Storage for persistent workspaces
+
Storage for Juypter file-shares
+
Pipeline jobs for nightly TeamForCapella to Git synchronisation
kubectlcreatenamespacecollab-manager# If you use another name, please update the following commands and use your namespace name.
+kubectlcreatenamespacecollab-sessions# If you use another name, please update the `values.yaml` accordingly.
+
+
+
+
Set the collab-manager as default namespace in the default context (optional):
Step 6: Configure the Environment / Create the values.yaml
+
Copy the
+values.yaml
+to a persistent and secure location on your server or deployment environment.
+The local directory in the Collaboration Manager is gitignored. We recommend
+to put the custom values.yaml in this directory.
+
Make sure to set restrictive permissions on the values.yaml:
+
chmod600values.yaml
+
+
Adjust all values according to your needs.
+
Step 7: Install the Application in the Cluster
+
Run the following commands in the root directory of the repository:
Click on the guacadmin user at the top-right corner of the screen, then
+ select "Settings".
+
Select the tab "Preferences"
+
In the "Change password" section, enter guacadmin as current password.
+ Generate a secure password and enter it for "New password" and confirm it.
+ Then, click "Update password"
+
Log out and verify that the combination guacadmin / guacadmin no longer
+ works.
+
Update the key guacamole.password in the values.yaml and repeat step 7.
+
+
Step 9: Check the Application Status
+
Run kubectl get pods to see the status of all components. Once all containers
+are running, verify the installation state by running:
If a value is false, check the backend logs for more information.
+
Step 10: Add TeamForCapella Support
+
+
+
TeamForCapella server required
+
The setup of the TeamForCapella server and license server itself will
+not be part of this tutorial. To process, you'll need to have a running and
+reachable TeamForCapella server.
+
+
+
+
Container registry required
+
For the TeamForCapella support, you'll need to build own Docker images. In order to use this in the cluster, an external or internal container registry is required.
exportPUSH_IMAGES=1# Auto-push images to the container registry after build
+exportDOCKER_REGISTRY=<your-registry># Location of your remote or local container registry
+exportCAPELLA_BUILD_TYPE=offline# Don't download Capella during each build
+exportCAPELLA_VERSIONS="5.2.0 6.0.0 6.1.0"# Space separated list of Capella versions to build
+exportCAPELLA_DROPINS=""# Command separated list of dropins
+
+
+
+
Then, build the t4c/client/remote images (the one that we'll use in the
+ Collaboration Manager):
+
maket4c/client/remote
+
+
+
+
In the Collaboration Manager UI, change the docker image of the tool to
+ <registry>/t4c/client/remote:<capella-version>-latest
With Git instances, administrators can restrict the location of Git
+repositories.
+
No Git Instance Defined
+
When you don't want to define Git instances, users can use any location for
+their repositories. Some features, which require a specific instance, e.g.,
+Gitlab, are not available.
+
Define a Git Instance
+
+
Please navigate to Menu > Settings
+
Select Git below Model sources
+
+
You can see all existing instances (if any). To add a new integration,
+ please use the form below "Add new integration". You have to enter the
+ following information:
+
+
+
Git Type
+
General: Works with every Git server that supports the Git protocol. Features like the diagram cache are not available.
+
Gitlab: Only works with Gitlab instances (self-hosted / SaaS). With Gitlab, the diagram cache integration can be used.
+
Github: Works with the public Github instance. With Github, the diagram cache integration can be used.
Gitlab: The API URL to the Gitlab REST API. In most of the cases: {base_url}/api/v4, e.g., https://gitlab.com/api/v4.
+
Github: The API URL to the Github REST API. The url is https://api.github.com.
+
+
+
+
+
+
+
+
Warning
+
New repositories have to match at least one instance. Otherwise,
+they can not be added as model source to models.
+
+
Matching between Models and Instances
+
Models are matched with instances with a longest prefix match of the URL.
+
Let's construct a short example. We have two Git instances:
+
+
Instance one with the URL https://git.example.com/
+
Instance two with the URL https://git.example.com/test
+
+
A model with the path https://git.example.com/test/test2.git is now
+associated with instance two. A model with the path
+https://git.example.com/test2/test2.git would be associated with instance
+one.
You can see all existing instances (if any). To add a new instance, click
+ on the "Add an instance" card. You have to enter the following information:
+
+
Name: Any name to identify the instance
+
Capella version: Capella version that corresponds to the instance
+
License configuration: License key of your license server
+
Protocol: Protocol that should be used to communicate between
+capella sessions and the T4C server
+
Host: Hostname of the T4C server
+
Port, CDO Port, and HTTP Port Corresponding ports of your server
+
License server API: License server API url
+
REST API: REST API URL of the T4C server
+
Username: Username with access to the REST API, required for communication
+with the REST API
+
Password: Password corresponding to username
+
+
+
+
Archive a T4C Instance
+
+
Please navigate to Menu > Settings
+
Select T4C bewlow Model sources
+
Click on the instance that you want to archive
+
Click on the Archive button. When everything worked you should see a
+ messages stating "Instance updated: The instance name is now archived"
+
+
An archived instance can no longer be selected when creating a new T4C model
+and is highlighted with a gray background and an Archived tag in the bottom
+right in the T4C instance overview. Existing linked T4C models and all
+repositories corresponding to the archived instance will continue to work as
+before.
Tools are a central element of the Collaboration Manager. While Capella remains
+a core tool of the platform, we have generic tool support. This not only allows
+administrators to use additional tools such as Eclipse, pure::variants or
+Papyrus, but also to expand the platform with their own tools.
+
A tool can be added if it can run in a Docker container and can be reached via
+RDP. General web-based tool support is on our roadmap; currently only Jupyter
+can be used as a web-based tool.
+
Tools can be found in various places on the platform:
+
+
Models in projects are always assigned to a specific tool.
+
Sessions are always started for a specific tool.
+
+
Each tool has different versions and natures, which can be configured
+individually. Since different versions can be enabled in parallel, it helps to
+carry out complex migrations step by step.
+
Managing Tools
+
Tools are managed by the platform administrator. The tools management page
+allows the administrator to add, edit, and delete tools.
+
The tool management page can be found at Menu > Settings > Tools. Here,
+you'll find several YAML editors.
+
To change the configuration, edit the YAML configuration in the corresponding
+editor. Once you're done, click Save. We run several validation rules during
+saving to avoid configuration errors. You'll be notified about the save result
+in the bottom left corner via a notification.
+
The id entry is only displayed for reference and cannot be changed, any
+changes of the id are ignored. When creating a new version or a new nature,
+the ID will be auto-assigned.
+
To see all available options, please refer to the API documentation. A link to
+the corresponding route of the API documentation is provided on the tools
+management page.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/admin/settings/tools/model_restrictions.png b/admin/settings/tools/model_restrictions.png
new file mode 100644
index 0000000000..95a85c6610
Binary files /dev/null and b/admin/settings/tools/model_restrictions.png differ
diff --git a/admin/settings/tools/model_restrictions.png.license b/admin/settings/tools/model_restrictions.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/settings/tools/model_restrictions.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/settings/tools/model_restrictions_pv.png b/admin/settings/tools/model_restrictions_pv.png
new file mode 100644
index 0000000000..b911a18a0a
Binary files /dev/null and b/admin/settings/tools/model_restrictions_pv.png differ
diff --git a/admin/settings/tools/model_restrictions_pv.png.license b/admin/settings/tools/model_restrictions_pv.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/settings/tools/model_restrictions_pv.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/settings/tools/pure_variants/index.html b/admin/settings/tools/pure_variants/index.html
new file mode 100644
index 0000000000..98b85ba138
--- /dev/null
+++ b/admin/settings/tools/pure_variants/index.html
@@ -0,0 +1,3232 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ pure::variants - Capella Collaboration Manager Documentation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Select pure::variants in the Integrations section.
+
Modify the floating license server URL and confirm with Update.
+
Upload the license.lic license file.
+
+
Add the pure::variants Tool to your Instance
+
+
Navigate to Menu > Settings
+
Select Tools in the Core functionality section.
+
Click Add a tool
+
Enter any tool name, e.g., Capella + pure::variants
+
Specify the image for the persistent workspace. More information in the
+ Capella Docker images documentation:
+ Capella + pure::variants
+
Read-only workspaces and backup images are not supported. Leave the fields
+ empty.
+
Click on Create
+
Enable the pure::variants integration and additional integrations if
+ applicable.
+
Add tool versions (if using Capella + pure::variants, please use the the
+ Capella version for a proper matching with the TeamForCapella server
+ version.)
+
Add tool natures if applicable. If not tool nature is applicable, use a
+ placeholder.
+
+
Whitelist a Model for pure::variants
+
+
Open the project perspective of a selected project.
+
If you don't have model with the pure::variants tool yet,
+ create one.
+
Click on the model restrictions icon:
+
+
Enable Allow the usage of pure::variants.
+
+
All members of the project should now have access to the pure::variants
+ license server.
+
+
Get Access to the pure::variants License as User
+
You have to get access to a project with at least one pure::variants
+whitelisted model. More information:
+Get access to a project. If you need
+a new pure::variants whitelisted model, please ask your administrator.
Link a Git repository
+ if you have not done so already. It's required for the backup pipelines as
+ well as for the diagram cache and model complexity badge.
+
Make sure that the right version and nature is configured for the tool
+ model! If they are not configured properly, you would not see the
+ TeamForCapella repository in the later export step.
How to Update a Capella Model to a Higher Version (in TeamForCapella)
+
+
+
Warning
+
Please create backups (e.g., in a Git repository) before you start the update process.
+A downgrade of Capella models is not possible.
+
+
+
Open a new persistent session with the old Capella version.
+
Import the model from the TeamForCapella server via the Import wizard from
+ TeamForCapella into your local workspace:
+ Import a model from TeamForCapella
For all actions, you need to navigate to Projects, and select the model
+sources button for the model.
+
+
Link a TeamForCapella Repository to a Project Model
+
+
Click on Use existing repository in the T4C Models section.
+
Select the TeamForCapella instance, the repository and enter a project name.
+ It is recommended to have the same name for the repository and the Capella
+ project.
+
Click on Save reference
+
+
The TeamForCapella reference should appear in the list of T4C Models.
+
+
+
Info
+
Users, who are members of the project,
+will get access to the repository during the next session start.
+The session token will not be updated for existing/open sessions.
+
+
+
+
Unlink a TeamForCapella Repository from a Project Model
+
+
Select the TeamForCapella reference/integration from the list.
+
Click on Unlink and confirm.
+
+
The TeamForCapella integration should not be listed anymore.
+
+
+
Info
+
Users, who are members of the project,
+don't have to access to the repository anymore.
+In addition, it is not listed in the dropdown menu anymore.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/admin/teamforcapella/project-integration/project-integration/index.html b/admin/teamforcapella/project-integration/project-integration/index.html
new file mode 100644
index 0000000000..e0c38c74de
--- /dev/null
+++ b/admin/teamforcapella/project-integration/project-integration/index.html
@@ -0,0 +1,15 @@
+
+
+
+
+
+ Redirecting...
+
+
+
+
+
+
+Redirecting...
+
+
diff --git a/admin/teamforcapella/project-integration/screenshots/open-modelsources.png b/admin/teamforcapella/project-integration/screenshots/open-modelsources.png
new file mode 100644
index 0000000000..6bc7283e63
Binary files /dev/null and b/admin/teamforcapella/project-integration/screenshots/open-modelsources.png differ
diff --git a/admin/teamforcapella/project-integration/screenshots/open-modelsources.png.license b/admin/teamforcapella/project-integration/screenshots/open-modelsources.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-integration/screenshots/open-modelsources.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png b/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png
new file mode 100644
index 0000000000..886a07e6f0
Binary files /dev/null and b/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png differ
diff --git a/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png.license b/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-integration/screenshots/use-existing-repository.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/activate-t4c-administration-guide.png b/admin/teamforcapella/project-management/activate-t4c-administration-guide.png
new file mode 100644
index 0000000000..71b58bdce7
Binary files /dev/null and b/admin/teamforcapella/project-management/activate-t4c-administration-guide.png differ
diff --git a/admin/teamforcapella/project-management/activate-t4c-administration-guide.png.license b/admin/teamforcapella/project-management/activate-t4c-administration-guide.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/activate-t4c-administration-guide.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/add-new-cdo-session.png b/admin/teamforcapella/project-management/add-new-cdo-session.png
new file mode 100644
index 0000000000..c5aad820ae
Binary files /dev/null and b/admin/teamforcapella/project-management/add-new-cdo-session.png differ
diff --git a/admin/teamforcapella/project-management/add-new-cdo-session.png.license b/admin/teamforcapella/project-management/add-new-cdo-session.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/add-new-cdo-session.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/delete-t4c-project.png b/admin/teamforcapella/project-management/delete-t4c-project.png
new file mode 100644
index 0000000000..63d11a7572
Binary files /dev/null and b/admin/teamforcapella/project-management/delete-t4c-project.png differ
diff --git a/admin/teamforcapella/project-management/delete-t4c-project.png.license b/admin/teamforcapella/project-management/delete-t4c-project.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/delete-t4c-project.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/find-out-repository-host.png b/admin/teamforcapella/project-management/find-out-repository-host.png
new file mode 100644
index 0000000000..03f5380fb3
Binary files /dev/null and b/admin/teamforcapella/project-management/find-out-repository-host.png differ
diff --git a/admin/teamforcapella/project-management/find-out-repository-host.png.license b/admin/teamforcapella/project-management/find-out-repository-host.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/find-out-repository-host.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/index.html b/admin/teamforcapella/project-management/index.html
new file mode 100644
index 0000000000..280ae9ccf2
--- /dev/null
+++ b/admin/teamforcapella/project-management/index.html
@@ -0,0 +1,3158 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ TeamForCapella Project Management - Capella Collaboration Manager Documentation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
This page describes how to manage T4C projects in T4C repositories. It does not
+cover the management of T4C repositories. For the management of T4C
+repositories, refer to the
+TeamForCapella repository management
+guide.
Create an empty Capella project in your workspace. Then, export it to the
+ T4C repository. For more information, refer to the
+ TeamForCapella project export
+ guide.
+
+
Delete a TeamForCapella Project
+
+
+
Open a persistent Capella session and connect to it.
+
Enable the TeamForCapella administration capability: Window >
+ Preferences > General > Capabilities:
+
+ Then close the dialog.
+
Open the Capella search and search for CDO Sessions (CDO) and open it.
+
Add a new CDO connection:
+
+
+
Enter the connection string for the TeamForCapella server. There two ways to
+ find the correct one. Make sure that the host is prefixed with tcp://.
+
+
Global administrators can navigate to Menu > Settings >
+ Model sources > TeamForCapella > Select the instance > Host.
+
Project managers can use the TeamForCapella connection flow described in
+ the Connect to a TeamForCapella repository
+ guide. In the Connect to Shared Project dialog, select the repository,
+ expand "Connection information" and copy the "Repository host".
+
+
+
+
+
Enter the repository name and confirm with "Ok".
+
+
+
Open a CDO session transaction:
+
+
Expand the transaction, select the project to delete, right click, and select "Delete...":
+
+
Confirm the deletion with "Ok" and wait until the transaction is finished.
+ This can take a few minutes.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/admin/teamforcapella/project-management/open-cdo-session.png b/admin/teamforcapella/project-management/open-cdo-session.png
new file mode 100644
index 0000000000..5fa77e48b9
Binary files /dev/null and b/admin/teamforcapella/project-management/open-cdo-session.png differ
diff --git a/admin/teamforcapella/project-management/open-cdo-session.png.license b/admin/teamforcapella/project-management/open-cdo-session.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/open-cdo-session.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/open-cdo-transaction.png b/admin/teamforcapella/project-management/open-cdo-transaction.png
new file mode 100644
index 0000000000..1fb23b9d61
Binary files /dev/null and b/admin/teamforcapella/project-management/open-cdo-transaction.png differ
diff --git a/admin/teamforcapella/project-management/open-cdo-transaction.png.license b/admin/teamforcapella/project-management/open-cdo-transaction.png.license
new file mode 100644
index 0000000000..7ea22469b1
--- /dev/null
+++ b/admin/teamforcapella/project-management/open-cdo-transaction.png.license
@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors
+SPDX-License-Identifier: Apache-2.0
diff --git a/admin/teamforcapella/project-management/project-management/index.html b/admin/teamforcapella/project-management/project-management/index.html
new file mode 100644
index 0000000000..e0c38c74de
--- /dev/null
+++ b/admin/teamforcapella/project-management/project-management/index.html
@@ -0,0 +1,15 @@
+
+
+
+
+
+ Redirecting...
+
+
+
+
+
+
+Redirecting...
+
+
diff --git a/admin/teamforcapella/repository-management/index.html b/admin/teamforcapella/repository-management/index.html
new file mode 100644
index 0000000000..003b57d8a0
--- /dev/null
+++ b/admin/teamforcapella/repository-management/index.html
@@ -0,0 +1,3158 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ TeamForCapella Repository Management - Capella Collaboration Manager Documentation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
For all actions, you have to navigate to Menu > Settings > TeamForCapella
+(below Model sources). Select your instance. On the right side, you should
+see a card with the name Manage T4C repositories. In this card, you can see
+all existing repositories with their status.
+
Add a new TeamForCapella Repository
+
+
Enter the name of the repository in the Repository name field.
+
Click on Add T4C repository
+
The status should be INITIAL. Please wait until the status changes to
+ ONLINE
+
+
Start/Stop a TeamForCapella Repository
+
+
Select the repository from the list
+
Click the Start repository or Stop repository button on the bottom
+ right.
+
+
Remove a TeamForCapella Repository
+
+
+
Danger
+
Deleted TeamForCapella repositories can not be restored.
+If you don't have backups, the models in the repository are not recoverable!
+
+
+
Select the repository from the list
+
Click the Remove <repository-name> button.
+
Another dialog opens where you have to manually type in the name of the
+ repository. Copy&Paste doesn't work here. You have to confirm the deletion.
+
The repository should not appear in the list anymore if the deletion was
+ successful.
To add a tool to the Collaboration Manager, it must fulfill the following
+requirements:
+
+
The tool must run in a single Docker container (no sidecar containers).
+
The Docker container has to run with a non-root user.
+
The Docker image has to be deployed to a Docker registry, which is accessible
+ from the Collaboration Manager server environment.
+
The tool must be exposed via RDP or HTTP/HTTPS.
+
If the tool is exposed via RDP, it must accept basic authentication. For
+ HTTP-based tools, authentication is handled automatically via
+ pre-authentication.
+
The container must expose a /metrics endpoint with an idletime_minutes
+ gauge metric in the OpenMetrics format, which returns the time in minutes
+ since the last user interaction. The metric is used to determine if the
+ session is idle and can be terminated.
+
If you want to capture session logs and make them accessible via Grafana
+ Loki, they have to be written to disk (stdout/stderr are not persisted).
+
+
YAML Configuration
+
For a full documentation of all available options, refer to the
+API documentation.
+
Resources
+
For each tool, you can define the resources which sessions of the tool can use.
+This is a significant option because it impacts cost and performance.
+ Token, which the tool has to use to authenticate the user.
+
+
+
+
CAPELLACOLLAB_SESSION_ID
+
tctszsirxuoohabwnhyhmzjdh
+
+ Unique Session ID of the session, can be used for API request to the Collaboration Manager API.
+
+
+
+
CAPELLACOLLAB_SESSION_CONNECTION_METHOD_TYPE
+
guacamole
+
http or guacamole, depending on the requested connection method.
+
+
+
CAPELLACOLLAB_SESSION_REQUESTER_USERNAME
+
janedoe
+
The username of the user who has requested the session.
+
+
+
CAPELLACOLLAB_SESSION_CONTAINER_PORT
+
8080
+
+ The port that the application has to serve on.
+
+ HTTP port if connection method is http and RDP port if the connection method is guacamole.
+
+
+
+
CAPELLACOLLAB_SESSIONS_SCHEME
+
https
+
+ HTTP scheme, can be http or https
+
+
+
+
CAPELLACOLLAB_SESSIONS_HOST
+
sessions.example.com
+
+ The hostname of the sessions environment.
+
+
+
+
CAPELLACOLLAB_SESSIONS_PORT
+
443
+
+ The port of the sessions environment. Can be different to the port in CAPELLACOLLAB_ORIGIN_HOST if the sessions run on a different port (e.g. in our local non-cluster development environment).
+
+
+
+
CAPELLACOLLAB_SESSIONS_BASE_PATH
+
/session/2037430
+
+ The base path that the session application has to serve requests on.
+
+ Only available if CAPELLACOLLAB_SESSION_CONNECTION_METHOD_TYPE is http.
+
+
+
+
CAPELLACOLLAB_ORIGIN_BASE_URL
+
https://frontend.example.com:443
+
+ The origin host of the Collaboration Manager.
+ The tool has to set the Content-Security-Policy header to frame-ancestors self {CAPELLACOLLAB_ORIGIN_HOST}. Otherwise, the session viewer can't be used with the tool!
+
+
+
+
+
TeamForCapella variables
+
In addition, the following variables are mounted if the TeamForCapella
+integration is enabled for the tool and the session type is persistent.
JSON containing all repositories the user has access to. The format is described in the Capella Docker images documentation.
+
+
+
T4C_USERNAME
+
+ admin
+
+
+ Username of the session requester on the TeamForCapella server.
+ Can be used to authenticate against the repositories the user has access to.
+
+
+
+
T4C_PASSWORD
+
+ adfaw34rfqadsc
+
+
+ Session token to authenticate against the TeamForCapella server.
+ The token is auto-created and valid for all TeamForCapella repositories the user has access to.
+
+
+
+
Definition of custom environment variables
+
If you don't have the possibility to set environment variables in your tool,
+you can also define custom variables. You can also derive variables from
+pre-defined values.
In this example, we map the MY_TOOL_USERNAME variable to the
+MY_TOOL_USERNAME_WITH_PREFIX environment variable and add the test_ prefix.
+This is a powerful feature because you can use f-string formatting with all
+pre-defined environment variables, but also define static variables.
+
Connection methods
+
Each tool can support different connection methods. A connection methods
+defines how the user connects to a session of the tool. You can define up to 10
+connections methods for each tool. The user can select the preferred connection
+method in the session request form.
+
Guacamole
+
To connect to RDP based tools, you can use our integration of
+Apache Guacamole. The Collaboration Manager
+will interact with the Guacamole API to create users and connections.
+
Guacamole will try to authenticate with the following credentials against the
+RDP server. The RDP server has to run in the container and has to accept those
+credentials:
Since version 3.1.0 of the Collaboration Manager, it is no longer necessary for
+the tool itself to handle the authentication. Instead, the Collaboration
+Manager automatically authenticates all users via pre-authentication with
+session tokens.
+
Configuration examples
+
To help you configuring your tools, we provide some examples for the tools,
+which we provide as part of our
+Capella Docker images repository
We're sorry to see you go If you have any suggestions for us to
+improve, please share them with us. Either privately via set@deutschebahn.com
+or via a
+Github issue.
+
+
+
+
If you want to uninstall the management portal, you can run the following
+ comment:
+
helmuninstall<release-name>-n<namespace>helm
+
+
or delete the management portal namespace:
+
kubectldeletenamespace<namespace>
+
+
+
+
The previous command doesn't clean the sessions namespace. Please clean it
+ manually by running (this does also remove all persistent workspaces!):
Our API is designed to be simple and easy to use. It is based on RESTful
+principles and uses standard HTTP methods. This means that you can use the API
+to automate tasks such as creating and managing projects, sessions, and users.
+
+
Warning
+
We try to keep the API as stable as possible, but we cannot guarantee that
+it will not change in the future. If you are using the API, make sure to
+check our release notes
+for any breaking changes.
+
+
API Documentation
+
+
Note
+
The API documentation is only available via the documentation of Collaboration
+Manager instances. Only in this case you'll be able to open the links below.
+You'll see the API documentation matching the version of the Collaboration Manager
+instance you are using.
+
It is not available on:
+
+
GitHub Pages
+
Local non-cluster development environments
+
ReadTheDocs
+
+
+
Please use these links to access the API documentation:
To authenticate against the API you can use Personal Access Tokens (PAT).
+
PAT Creation
+
To create a personal access token (PAT) you can go to Menu > Tokens. Every
+token requires a description and expiration date.
+
+
Info
+
The token which is generated will disappear after leaving the page.
+Make sure you save it - you won't be able to access it again.
+
+
PAT Scope
+
Personal access tokens have the same scope as the user who created it. It is
+therefore important that you do not share them with others or publish them. All
+requests are made in the name of the user who issued the token and are logged
+accordingly. If you lose, share, or publish a token you must revoke it
+immediately and inform your system administrator team.
+
Revoke a PAT
+
In order to revoke a token go to Menu > Token. There you can see a list of
+all tokens that are associated with your account. By clicking on the delete
+button, you can delete a token, which will no longer be valid for
+authentication.
+
PAT Usage
+
You can use the token in place of a password for basic authentication against
+the API as in the following examples.
+
Example with Python
+
importrequests
+
+base_url="example.com"# Replace with the base URL of your Collaboration Manager instance
+username="..."
+token="..."
+
+requests.get(
+ f"https://{base_url}/api/v1/projects",
+ auth=(username,token)
+)
+
+
Example with cURL
+
With cURL you can use the following command to fetch the list of projects:
Another example is working with the diagram cache of py-capellambse. The
+implementation of the Capella modelling tool capellambse uses Python and lets
+you read and write models. For more information have a look at the
+documentation or the
+Github repository.
+
importcapellambse
+
+base_url="example.com"# Replace with the base URL of your Collaboration Manager instance
+username="..."
+token="..."
+path_to_aird="..."
+
+model=capellambse.model.MelodyModel(
+ path=path_to_aird,
+ diagram_cache={
+ "path":f"https://{base_url}/api/v1/projects/{project_slug}/models/{model_slug}/diagrams/%s",
+ "username":username,
+ "password":token,
+ }
+)
+