Introduction

NeoBee platform allows users to implement business processes with no or almost no code. Main goal of the Platform is to get fast from the idea to first working solution.

Platform

In order to be able to call it a Platform NeoBee had to implement different core components that can be combined into a solution. It also had to become easily customizable so it can solve specific problems.

State machine and Message Bus

NeoBee runs its own BPMN compatible state machine and in-house developed queue manager with support for FIFO, transactional transitions, AT-Least one execution and idempotency controls.

API Gateway

NeoBee enables other applications to create, read and modify resources on the platform using API Gateway (API GW). API GW is secured by access keys and controls access based on access and resource policies.

Form management

Comprehensive Form management allows read/write, required, visibility controls including complex conditions that can be attached in order to control how fields affect each other and which values are to be included or excluded from list options.

UI Designer

For use cases where automatic form rendering is not enough NeoBee platform offers custom UI designer that allows precise positioning of components including interaction between them. Components can be organized in higher level blocks and layouts that can be reused.

Storage

There are 3 ways to store data in platform and they are called spaces. Table, Json and Form space. Table is a typical relational table that can be connected with other tables while Json allows data to be stored in ad-hoc structures. Form space is a space of one Process instance only while Table and Json space can be per Tenant or per Project. In case of Json, storage can be used per Process instance too.

Functions

Functions are reusable pieces of code that can be combined into a program. Any Rest call can become a function. Functions have input parameters and output results that can be stored for further executions and validated for different conditions.

Software

All software used in NeoBee Platform is OpenSource and distributed under permissive licenses. NeoBee Software modules are written in Java 17 using Quarkus 3 framework from RedHat. Frontend is developed using VueJS framework.

NeoBee runs on MySQL 8 database and, using MySQL Kubernetes operator or AWS Aurora it can run in High Availability configuration with StandBy or Active Readers/Replicas.

OpenSearch 2.11 is a part of platform dedicated to document and general data indexing and search. It is optional.

Installation

NeoBee code runs 99% identical code in both On-Premises Kubernetes configuration and AWS Serverless.

On-premises / Kubernetes

For High Availability (HA) setups NeoBee requires at least 3 master and 3 worker Kubernetes nodes. It is possible to run NeoBee on a single machine in non-HA setup using Kubernetes distributions like Ubuntu MicroK8s.

Shared network storage has to be mapped to worker nodes in order to guarantee HA.  Three storages are required: database, file and log storage.

Database runs inside the Kubernetes cluster with automatic failover to Replicas running on other worker nods.

Kubernetes version runs on any Kubernetes platform from 1.18 and above including Open source Kubernetes, RedHat Openshift 3 and 4, VMWare Tanzu, Ubuntu MicroK8s.

Amazon Web Services (AWS) Cloud / Serverless

NeoBee runs natively in AWS cloud using Amazon Lambda functions instead of Kubernetes pods, SQS to queue messages between services, Amazon Aurora MySQL compatible database, Amazon Cognito for Identity management and S3 to store files. This allows NeoBee to scale fast as much as it is needed despite occasional traffic bursts or user overloads, while, at the same time, it spends close to zero resources when traffic is low. NeoBee runs inside user’s account.

Other clouds / Kubernetes

Oracle OCI, Microsoft Azure and Google Cloud installations use those cloud provider’s native Kubernetes installations. NeoBee is checked to run on these cloud providers and their latest Kubernetes versions on regular basis.

Integrations / Local

NeoBee directly connects to other services natively using

REST API

REST API editor that allows creating NeoBee Functions using REST API standards is included. It allows enabling any kind of API calls with any Authorization type. It includes Error handling, retry mechanisms, Response mapping using VTL language.

Active Directory

Login using Active Direcory including Single Sign On is supported in all versions. Also, Active Directory Group synchronization with automatic role mapping is included.

Database connections

It is possible to connect to any database (JDBC driver supported) and read and write data to and from it. Tables and views are mapped in the same way local Tables are mapped. It allows using external Tables in all functions in the same way as local tables including UI.

FILE connection

NeoBee allows direct mapping of remote file systems including windows file shares, sftp, web and cloud native storages like Amazon S3. It is possible to collect files and read them into process instances space, process and write them to a file storage.

Office 365 Integrations

Office 365 integrations are available as a part of the platform. It is possible to create and deactivate accounts, upload files, manipulate calendars, send messages to Teams and everything else available via Microsoft Graph API using secure tokens.

Security

Permission schemes

Permission schemes allow customers to make central rules for accessing project actions and reuse these rules on different projects.

Trail

NeoBee platform emits TRAIL logs including all activities on the platform. This log can be saved in specialized storage on the platform or shipped to customer’s own trail log servers.

GDPR

Fields can be marked as GDPR sensitive and any usage including read of these fields is restricted and monitored. Also, these fields can have expiry date assigned to them.

Code and Penetration test

NeoBee code is controlled by SonarQube Code Quality, Security & Static analysis tools. All NeoBee containers are checked by Docker security tools before they are published to production repository.

Regular penetrations tests are performed against the platform including white and black box tests.

Access policy / resource numbering

All resources have resource numbers and access policies can be assigned to them. Policies can be reviewed and deployed outside of the code.

Digital signature

Digital signatures are integral part of the platform. It is possible to sign documents in a process including scenarios with multiple signers and signatures. Platform supports Windows client signing as well as Cloud certificates. Timestamp and digital stamp are also supported.

Mobile application

Android and IOS applications are available for cloud and on-prem installations. Applications support additional branding and MDM software integration. Applications allow workflow approvals and notifications.

Document management and Knowledge Base

NeoBee document storage allows document versioning with restricted access according to archival standards. For document indexing, supporting PDF, all text and Microsoft Office document types, NeoBee integrates OpenSearch software. It allows not only search inside documents but also suggestions like similar documents and suggested answers to knowledge base queries.

Multitenancy and Multiple sites

One Installation can have multiple tenants. Although on separate clusters/servers Tenants can be configured to communicate with each other via https, email or files.

Typical scenario is a two cluster solution for external and internal users where one process extends from one cluster to another.

Different tenants on the same installation have different web site addresses but also separate user login and permission schemes.

There is no access and communication between Installations and Tenants is not possible until it is explicitly allowed.

Notifications

Platform supports creation of notification schemes that can be configured to send notifications via email, text messages, browser push notifications whenever a system event like Issue created happens. Recipients can be configured using standard and custom fields.