About arc42
arc42, the template for documentation of software and system architecture.
Template Version 8.2 EN. (based upon AsciiDoc version), January 2023
Created, maintained and © by Dr. Peter Hruschka, Dr. Gernot Starke and contributors. See https://arc42.org.
1. Introduction and Goals
This project was created and developed by a development team composed of students from the Software Architecture course at the School of Computer Engineering of the University of Oviedo.
Last year, the company HappySw launched a project aimed at updating an experimental online version of a quiz competition similar to "Saber y Ganar" for the RTVE network.
This year, the company ChattySw wants to expand its functionality so that contestants can interact with the application by receiving hints about the answers.
This is the development team:
-
Enol Rodríguez Hevia: UO287935
-
Alberto Fernández Azcoaga: UO179637
-
David González González: UO291047
-
Zinedine Álvarez Sais: UO294258
-
Alejandro Vega García: UO294615
-
Ignacio Llaneza Aller: UO294914
-
Daniel Uría Edroso: UO282813
1.1. Requirements Overview
-
The system will include at least a web frontend that will display images and answers, as well as a hint system that will allow users to receive clues about the images.
-
Users will be able to register in the system and consult the history of their participation in the system: number of games, number of correct/failed questions, times, etc.
-
The website must be deployed and accessible via the web.
-
The question data will be automatically generated from Wikidata API.
-
Users will be able to interact with the application for each question to obtain hints. This will be achieved through a language model (LLM) accessed via a provided API.
-
There will be a time limit to answer each question.
-
The system will provide API access to user information, which must be properly documented.
-
The system will also provide API access to the generated questions.
-
Each question will have one correct answer and several incorrect (distracting) answers. All answers will be genereated automatically.
-
A technique must be implemented to generate hints from Wikidata data while mitigating incorrect answers and hallucinations during interactions.
1.2. Quality Goals
| Priority | Quality Goal | Expectations |
|---|---|---|
1 |
Usability |
All people should be able to enjoy and finish with success the application within a reasonable limit of time |
2 |
Maintainability |
The application should be easy to maintain, with clear, well-documented code and modular design that allows for future updates. |
3 |
Accessibility |
The application should be usable by people with various disabilities, meeting common accessibility standards |
4 |
Availability |
While the application initially aimed for a 99.9% availability target, this level of uptime typically requires production-grade infrastructure, including redundancy, autoscaling, and service-level agreements (SLAs) provided by cloud providers. Since this project is hosted on Microsoft Azure using student credits, it does not benefit from guaranteed SLAs or high-availability configurations. Therefore, a more realistic expectation for availability is in the range of 99.0% to 99.5%, which allows for occasional downtime due to maintenance, restarts, or limited resource allocations in the free tier. |
5 |
Reliability |
The application should operate consistently and recover quickly from failures |
| Role/Name | Contact | Expectations |
|---|---|---|
Teachers |
Jose Emilio Labra, Pablo González, Irene Cid, Diego Martín |
The teachers are the supervisors of the team and will help the team and should be accessible if the team needs them. |
Students |
Enol Rodríguez, Alberto Fernández, David González, Zinedine Álvarez, Alejandro Vega Ignacio Llaneza, Daniel Uría |
They are the development team. They should develop the application with success and learn through the process of the subject |
Users |
Anyone who interacts with the application |
They should be able to use the application without any problems and enjoy the experience. |
RTVE |
RTVE |
They are the primary stakeholders in the application, as they commissioned it to allow their viewers to use it. |
2. Architecture Constraints
2.1. Technical Constraints
| Constraint | Description |
|---|---|
Wikidata |
All visual and textual content related to questions must be automatically created using structured data from Wikidata. |
Git and GitHub |
The project will have version control through Git. The repository will be in GitHub, where issues, "project" and wiki will be useful for project tracking. |
LLM |
The application must have a bot chat to interact with it. The chat have to be made by an LLM. |
Deployment |
The complete system must be deployed on a public server or cloud platform, ensuring that users can access and use the application from anywhere via a URL, not just in local or development environments. |
Monitoring |
The deployed system must include monitoring and observability mechanisms, such as performance logging, error tracking, and health checks, to detect issues early and ensure system reliability over time. |
Automated Testing and Integration |
The project must adopt DevOps practices, including unit and integration testing, code linting, and automated CI/CD pipelines to ensure safe, consistent deployments and maintainable code. |
Documented REST API |
A unified, well-documented RESTful API must expose both user data (e.g., registration, scores, game history) and quiz data (e.g., questions, answers, metadata). |
2.2. Convention Constraints
| Constraint | Description |
|---|---|
Arc42 |
The project documentation will be done following the Arc42 template. Arc42 is a framework for documenting software architecture that provides a clear and structured approach to communicate architectural decisions, components, and requirements. |
Time |
The project deadline is May 5th, but there will be sprints during the process. Important dates are February 24th for the first verion of de documentation, March 17th for a prototype of the application, and April 7th for an almost finished application. |
Code Maintainability |
We follow Clean Code principles to ensure maintainability, making the code easy to read, modify, and extend over time. |
2.3. Organizational Constraints
| Constraint | Description |
|---|---|
Team |
The team is made up of seven members who never worked together. The members will reunite at least one time per week to catch up on work and establish next objectives. |
Technical knowledge |
The development team consists of students who are beginners with the technologies used. |
Testing |
Testing: The team has limited experience with automated testing, which may impact the speed and coverage of testing during development. |
3. Context and Scope
3.1. Business Context
| Communication partners | Inputs | Outputs |
|---|---|---|
WICHAT |
Data from Wikidata, Hints from LLM’s, User Answers, User Requests |
Questions to User, Feedback to User, Queries to Wikidata, Requests to LLM’s |
USER |
Answer questions, request hints |
Question Presentation, Answer Feedback, Hint Presentation |
WIKIDATA |
Data queries |
Question and Answer Data (JSON format) |
LLM’S |
Hint Generation Request using a text prompt |
Generated hints |
3.2. Technical Context
| Communication partners | Inputs | Outputs |
|---|---|---|
wikiquestionservice |
Question data-index |
Questions and answers |
apiservice |
User requests |
Backend data |
authservice |
Login info |
User info (account page) |
userservice |
New user info |
User info (account page) |
statsservice |
User name |
User’s history and stats |
llmservice |
User text inputs |
Hints about the question |
Users |
Questions and possible answers |
Interaction to log in and answer to questions |
Wikidata |
Request for question data with category |
Question sources |
MongoDB |
RAW data for questions, answers, and user information |
Structured data of questions answers, and user information |
Webapp |
User inputs |
Browser outputs |
4. Solution Strategy
We develop an application of questions, like 'Saber y Ganar', in which the main objetive is to comunicate with a chatbot to obtain some hints for answer correctly each question. Users can register to play and save their game statistics, they will also to be able to consult a ranking with the most remarkable games of all users .
4.1. Technologies used:
-
JavaScript: JavaScript is a very flexible programming language widely used in software development.
-
Node.js: Node.js is used to create server-side applications with JavaScript, so we decided to use it to make the back-end of our web app.
-
MongoDB: MongoDB is an open-source NoSQL database that uses a document-based data model for information storage and retrieval. We use MongoDB Atlas for running a Mongo database in the cloud.
-
React: It’s a framework widely used to create user interface components. Chosen for the large volume of documentation.
-
Wikidata: An open, collaborative database that stores structured information, allowing both humans and machines to access, share, and reuse knowledge efficiently.
-
Microsoft Azure: It’s a cloud computing platform and set of services provided by Microsoft that allows us to deploy, manage , and scale online applications and services.
-
Asciidoc: It’s a lightweight markup language for writing documentation in plain text, which can be converted to formats like HTML, PDF. We’ll use it for creating and managing our project’s documentation efficiently.
4.2. Decissions made to achieve quality goals
-
Usability: Although usability is already guaranteed by the developers of the base application, we will try to make interaction with the chatbot simple so that it remains that way.
-
Maintainability: The entire team is committed to making clean and well-structured code, along with adequate documentation to enable good maintainability of the project.
-
Accessibility: In the event of making any changes that affect the accessibility of the application, we will ensure that it complies with the appropriate accessibility standards.
4.3. Relevant organizational decisions
-
Communication between team members is mostly made through Github, using issues to create and assign tasks, Whatsapp, to ask the rest of the team for help if needed for quick advice, and meetings.
-
For the tasks to be performed, we have decided to implement an author-reviewer mechanic to avoid a single person being in charge of a part of the application and minimize large avoidable errors.
4.4. Testability
To ensure the correct functionality of the application, we performed extensive testing. This included load testing to evaluate performance under high demand, and coverage testing to verify that all critical parts of the code are properly tested. These efforts help guarantee a stable and reliable system.
5. Building Block View
5.1. Whitebox Overall System
- Motivation
-
This view describes the decomposition of the WIChat system into several building blocks, focusing on the web application, external API interactions, and data handling, in order to provide an interactive and efficient user experience.
- Contained Building Blocks
-
-
Webapp: Manages the user interface and game logic.
-
User Authentication Service: Handles user authentication by validating login credentials and issuing a JWT token upon successful verification.
-
User Stats Service: Handles user stats about the games played.
-
User Service: Handles user registration and manages API key generation and validation for secure access.
-
Question Service: Generates and retrieves questions.
-
LLM Service: Provides hints for users during the quiz.
-
API Gateway: Routes requests between the frontend and backend.
-
Database: Stores user data and question-related metadata.
-
- Important Interfaces
-
-
User API: Allows interaction with user data.
-
Question API: Provides access to questions and answers.
-
Hint API: Offers hints for the questions.
-
Both Question and Hint API will make use of external services (SONAR and Wikidata), and therefore will use their APIs.
| Name | Responsibility |
|---|---|
Webapp |
Main entry point for users. It renders the graphical interface and executes game logic in client. |
API Gateway |
Central request router between the Webapp and backend services. |
Question Service |
Generates and retrieves system questions, based on catrgory and difficulty level. |
User Authentication Service |
Verifies login credentials and issues secure tokens for authenticated access. |
User Service |
Registers new users and manages the lifecycle of API keys for client authorization. |
User Stats Service |
Collects and updates user performance data from played games. |
Hint Generation Service |
Generates hints for questions based on difficulty level, by means of a LLM. |
Database |
Stores user information and questions. Recieves requests to store questions and manages credentials. |
5.2. Level 2
5.2.1. WebApp
Composed of modules to handle the interface, game logic and API communication.
| Name | Responsibility |
|---|---|
UI Renderer |
Renders interface elements. |
Game |
Controls application logic rules. |
PlayView |
Controls the Game. |
API Client |
Manages calls to backend services. |
5.2.2. Question Service
Decomposed into modules for both managing questions and storing data.
| Name | Responsibility |
|---|---|
Question Repository |
Accesses and manipulates data in the database. |
Category Handler |
Generates questions for the specified categories. |
WikiData Fetcher |
Queries WikiData for relevant information. |
5.3. Level 3
5.3.1. Webapp - API Client
Encapsulates comunication with backend services.
| Name | Responsibility |
|---|---|
UserAuth Client |
Manages user authentication |
Question Client |
Retrieves questions from the backend. |
Hint Client |
Requests hints from the corresponding service. |
6. Runtime View
6.1. Initial Question Load
When the application runs, Wiki Question Service checks the number of questions of each of the five available thematics in database. There are two posible stages: A thematic has not enough questions: If a thematic does not reach a minimum of 60 questions in database, the service will use Wikidata API and SPARQL to generate as many questions as needed, and stores them in database.
A thematic has enough questions: If there are already enough questions, the service substitutes 10 questions of that tematic with another 10 different questions, in order to ensure their variety.
6.2. Sign Up
A user wants to create a new account. The user introduces the required information and clicks the "Sign Up" button. The system validates the information and creates a new account. If all the process runs correctly, the system displays a success message
6.3. Log In
A user wants to log in into the application. The user introduces the required information and clicks the "Log In" button. The system validates the information and if the user had already an account, redirects them to the main page.
6.4. Pre-game Question Retrieval
When a user asks to start a new game, the system is expected to retrieve 10/20/30 questions of the chosen thematics from its database, depending on the game mode. This will be done before starting the game.
6.5. Play a Game
Once the questions are retrieved from the database (previous diagram), the game starts. A user will send an answer to each of the questions of the game. The system validates them and computes the score depending on the time spent in answering the question. At the end of the game, the front-end sends a request to save user statistics in database.
6.6. ASK LLM for hints
A user wants to get a new clue for the current question. The request is redirected to the LLMService that handles the connection with the real LLM. Once it is processed, it is displayed in the game front-end.
6.7. Check Ranking
A user asks to see the ranking of the players with the 10 most high scores in a single game. The request is processed by the Stats Service and is returned and displayed to the user.
6.8. Check User Stats
A user asks to see another user’s game statistics (or their own). The request is then redirected to the stats service, which processes the request and sends a response for the specific user. This data is displayed in the profile view.
6.9. Ask for API Key
A developer user requests for a private API Key in order to integrate our services in their applications. The user provides an email and the system checks if it is registered in its database. If it is not, it displays an API key for the user to store in a safe place.
6.10. API Access - Ask for questions
The user wants to use the API in order to get game questions in return. The system processes the request and returns the questions to the user.
6.11. API Access - Ask for user records
A user wants to check the stats of a user through the API. The system loads the stats of the user asked for.
7. Deployment View
7.1. Infrastructure Level 1
- Motivation
-
The system is deployed on a virtual machine hosted on Microsoft Azure. This choice ensures high availability, simplified scaling, and seamless integration with Azure services, meeting the performance, maintainability, and security requirements of the application.
- Quality and/or Performance Features
-
-
Portability: Docker containers ensure consistent execution across various environments.
-
Maintainability: Isolation of services enables independent updates and minimizes downtime.
-
Security: Azure provides robust security features and network isolation, protecting both data and services.
-
- Mapping of Building Blocks to Infrastructure
-
The deployment maps the following building blocks:
-
User Interface: Delivered via a web application hosted on an Azure virtual machine.
-
Services: Packaged as Docker containers within the Azure VM, each responsible for distinct functionalities (e.g., user management or question generation).
-
Persistence Layer: A dedicated container hosting the database, accessible only to internal services.
-
External Services: Secure connections are established to external APIs (e.g., Wikidata) to fetch dynamic content.
-
Below is a diagram summarizing the infrastructure distribution:
7.2. Infrastructure Level 2
This section provides a detailed view of selected infrastructure elements from Level 1.
7.2.1. Azure Virtual Machine Hosting the Web Application
This element represents the Azure virtual machine that hosts the web application. The VM runs a supported operating system (e.g., Ubuntu) and includes the Docker engine to manage containerized services.
Explanation: The Azure VM was selected for its reliability and integrated security features. Hosting the web application in a Docker container on Azure facilitates quick scaling and streamlined management while leveraging Azure’s global network infrastructure.
7.2.2. Docker Container Environment
Within the Azure VM, the Docker engine orchestrates several containers, each encapsulating a service. This environment supports modular development and independent scalability.
Explanation: The Docker container environment isolates each service, enabling independent updates and robust fault tolerance. Internal communication is handled through the Docker network, ensuring efficient and secure interactions between services.
| Building Block | Infrastructure Mapping |
|---|---|
Web Application (UI) |
Runs in the Web Application Container on the Azure VM, accessible to users via HTTP. |
API Service |
Runs in an exposed Docker container. Requires an API key for doing requests, ensuring secure communication with the web application. |
Services (authservice, userservice, statsservice, llmservice, wikiquestionservice) |
Each service is packaged in its own Docker container within the Docker Engine on the Azure VM, communicating over an isolated internal network. |
Gateway Service |
Acts as a single entry point for client requests. Deployed in its own Docker container, it routes traffic to internal services. |
Persistence(mongodb) |
Deployed as a dedicated container, ensuring secure data storage and access limited to internal services. |
Monitoring (Prometheus, Grafana) |
Deployed as separate containers. Prometheus collects metrics from services; Grafana provides dashboards for visualization and analysis. Both are accessible internally for observability. |
8. Cross-cutting Concepts
8.1. Domain concepts
8.1.1. Domain model
8.1.2. Domain description
| Term | Description |
|---|---|
User |
Represents a user of the application. |
UserRecord |
Stores all the game sessions in which a user has participated and keeps their total score. |
GameSession |
Represents a game session played by a user, storing all the questions, the choices made, and the total score. |
Question |
Represents questions shown to the user by the application and stores the wrong choices, correct choices, and the text that is displayed. |
Choice |
Represents the choices that the user can make when answering a question. It stores the text of the choice and indicates if it was selected by the user. |
8.2. Service-oriented architecture
We have decided that our architecture will be based on microservices,but as the services are not fully decoupled at the data level it’s more accurate a service-oriented architecture, which means that every part of the aplication will be divided in a service that performs a specific function. The services can communicate witch eachother using their repective APIs or via the shared database.
8.3. Build, Test, Deploy
The project follows a CI/CD pipeline that automates build, test, and deployment processes using GitHub Actions. This ensures that the application is always up-to-date and functioning correctly.
We have performed both coverage testing to ensure that key parts of the application logic are tested, and load testing to verify performance under heavy use. These tests help ensure a stable and reliable system.
Deployment is handled in two environments: locally using Docker containers for development and testing purposes, and in the cloud via Microsoft Azure for production deployment. Each service runs in a container, and the frontend is exposed through a public IP address.
8.4. Usability
Usability is crucial for any application, as it directly impacts user interaction efficiency. To ensure our app’s usability, we conducted extensive user research, leading to an intuitive interface design. Employing a user-centric approach throughout development, we prioritized user experience, facilitating easy navigation.
8.5. Internationalization
We have implemented internationalization (i18n) to support both English and Spanish. This includes not only the user interface but also the question content, ensuring that the entire experience is localized based on the user’s language preference.
8.6. Monitoring
The application includes a monitoring setup using Prometheus and Grafana. Prometheus collects real-time metrics from different services, such as request rates, response times, and error counts. These metrics are visualized in Grafana through custom dashboards, which help the development team track performance and availability.
This setup allows early detection of anomalies or bottlenecks, ensuring a stable and responsive user experience.
9. Architectural decisions
9.1. Use Empathy Models as Large Language Models (LLMs) in the System
We need to integrate a Large Language Model (LLM) into our question-and-answer application to generate hints during the user’s turn. Therefore, we decided to use the LLM models associated with the API key provided by the teachers.
Decision:
It was decided to integrate Large Language Models (LLMs) through external APIs to generate real-time responses and hints.
The selected models are Mistral-7B-Instruct-v0.3 and Qwen2.5-Coder-7B-Instruct, both from Empathy AI
because it is the API key that has been provided to us and allows us to access both easily with the same API key, improving our resilience in case of external failure by any of the models .
Consequences
Consequently, we need a structured knowledge source, in our case Wikidata, from which we will extract and process the information to provide it to the user and also we must learn to create effective prompts.
To know more about Prompt Engineering Issue #4.
9.2. Using SPARQL to comunicate with Wikidata
We needed to use Wikidata, so we chose SPARQL to construct queries and retrieve the associated information.
Decision made in Acta 2 ‐ 10 02 2025.
Justification
-
Wikidata is an open knowledge base, and SPARQL is the most widely used method for retrieving information from it.
-
It enables flexible integrations with our backend systems.
Consequences
-
Optimal performance requires expertise in SPARQL query optimization.
-
Data updates are dependent on the Wikidata community.
To learn basic concepts about Wikidata and SPARQL Issue #6.
9.3. Choosing React for the Frontend
We require an efficient framework for frontend development so we decided to utilize
React for the user interface.
Decision made in Acta 2 ‐ 10 02 2025.
Justification
-
React’s declarative nature facilitates the construction of interactive user interfaces.
-
The integration of React with Wikidata is straightforward and user-friendly, simplifying data management and display.
As a consequence, most part of the team will require React training because it is a new technology for many of us.
To learn basic concepts about React Issue #7.
9.4. Using Node.js for Backend Development
We require an efficient and scalable technology for the backend so we will
utilize Node.js to solve this problem.
Decision made in Acta 2 ‐ 10 02 2025.
Justification
Node.js is highly efficient for asynchronous and high-traffic applications.
Furthermore, it is a great opportunity for many of us to learn how to use this important technology in the software development world.
New knowledge about Node.js Issue #3
9.5. Selecting MongoDB Atlas for the Database
Due to the requirement for flexible storage of structured and unstructured data,
we have chosen a NoSQL database over SQL.
Decision made in Acta 2 ‐ 10 02 2025.
Justification
-
Makes easier the storage of semi-structured data in JSON format.
-
It works very well with Node.js and is highly scalable.
-
With the online version of MongoDB we can easily manage the database and scale it as needed.
-
The online version increases disponibility and reduces the need for maintenance.
Consequences
Query optimization may be required for handling large data volumes. Although we
have had some exposure to NoSQL databases, further training and development in this area will be necessary to optimize their usage.
If we need a bigger version of the database, we will have to pay for it.
To learn basic concepts about MongoDb and practice examples Issue #9.
9.6. Selecting Docker for the Deployment
Considering the need for a dependable, scalable, and efficient deployment process, we chose Docker to containerize
our services. Docker allows us to define and package all the components of our application in a consistent and
repeatable manner, making it easy to deploy across various environments without issues.
Justification
-
Docker ensures a consistent environment for all our services, making sure they run the same way in both development and production. This greatly reduces potential problems that might arise due to configuration differences.
-
By using Docker Compose, we can define all the services in a single file, making it simpler to orchestrate and scale the application as needed.
Consequences
-
To make sure we’re deploying and troubleshooting containers effectively, we’ll need a solid understanding of Docker-specific tools (like Docker Compose) and networking.
9.7. Selecting JavaScript (Node.js) for the Backend
We chose JavaScript (Node.js) for the backend because using the same language on both
the frontend and backend simplifies development and improves team collaboration.
Decision made in Acta 2 ‐ 10 02 2025.
Justification
-
Unified Language: Using JavaScript across the stack makes development smoother and faster.
-
Rich Ecosystem: With npm, we have access to a vast library of packages that speed up development.
Consequences
-
Learning Curve: Developers will need to get comfortable with asynchronous programming and patterns like Promises or async/await.
-
Maintenance: While efficient, Node.js requires ongoing monitoring to maintain performance, especially as the app scales.
9.8. Implement the API service in a extra container
We need to implement an API service to provide access to user data and the questions generated. To achieve this, we will deploy it as a separate service in its own container.
Justification
-
Microservice independence: By isolating the API service in its own container, we can independently scale and manage it without affecting other services.
-
Easier access control: This separation allows for more granular access control and security measures, ensuring that only authorized services can interact with the API.
Consequences
-
More complicated deployment: We need to ensure that the API service is properly configured and can communicate with other services in the system.
-
Increased complexity: This separation may introduce additional complexity in terms of service discovery and inter-service communication.
9.9. Using Gatling to make the performance tests
We need to ensure that our application can handle a large number of concurrent users and requests. To achieve this, we will use Gatling to perform performance tests on our system.
Justification
-
Scalability: Gatling is designed to simulate a large number of users and can easily scale to test the performance of our application under heavy load.
-
Guide: we already have a guide in the course documentation that explains how to use Gatling for performance testing.
Consequences
-
Learning curve: Some team members may need to familiarize themselves with Gatling and its configuration.
-
Difficulty in interpreting results: Analyzing the results of performance tests can be complex, and we need to ensure that we have the necessary expertise to interpret the data correctly.
9.10. Using Graphana and Prometheus for monitoring
We need to monitor our application to ensure its performance and reliability. To achieve this, we will use Prometheus for data collection and Graphana for visualization.
Justification
-
Open-source: Both Prometheus and Graphana are open-source tools, which means we can use them without incurring additional costs.
-
Flexibility: Prometheus allows us to collect metrics from various sources, and Graphana provides a powerful visualization layer to analyze the data.
-
Guide: we already have a guide in the course documentation that explains how to use Prometheus and Graphana for monitoring.
Consequences - Learning curve: Some team members may need to familiarize themselves with Prometheus and Graphana and their configuration. - Integration: We need to ensure that works on local and remote environments, which may require additional configuration and testing.
9.11. Not using another proyect as base
Although we could have used an existing project as the foundation for our application, we chose to build it from scratch and instead use other repositories only as references.
Justification - Customization: By starting from scratch, we can tailor the application to our specific needs and requirements without being constrained by the limitations of an existing project. - Familiarity: It’s easier for the team to understand and maintain the codebase when we build it from the ground up, rather than trying to decipher someone else’s code.
Consequences - Higher initial effort: Starting from scratch requires more time and effort to set up the project and implement the necessary features.
9.12. Implementing an APIkey sistem to the API Service
We decided to implement an authentication system for the API service to ensure that only authorized users can access the data and functionalities it provides. Authentication is based on the user’s email, which is stored separately from gameplay data to avoid exposing sensitive information and to allow non-player users to access the API securely.
Justification - Security: By implementing an API key system, we can control access to the API and prevent unauthorized users from accessing sensitive data or services. - Improving the overall value of the API: By requiring an API key, we can track usage and monitor performance, which can help us identify potential issues and improve the overall quality of the API.
Consequences
-
Increased complexity: Implementing an API key system adds complexity to the API service, as we need to manage the generation, distribution (frontend), and validation of API keys.
-
User experience: Requiring an API key may create additional friction for users, as they need to obtain and manage the key to access the API.
9.13. Customicing our Build process to ensure the aplication keeps on a consistent state
Due to errors encountered during the deployment process, we decided to customize our build pipeline to ensure the application remains in a consistent state and that all tests are successfully completed before deploying to production. The default configuration only runs unit tests, but we also require all end-to-end tests to pass before any production deployment.
Justification
-
Quality assurance: By customizing the build process to include end-to-end tests, we can ensure that the application is functioning correctly and that all components are working together as expected.
-
Consistency: This approach helps maintain a consistent state across different environments, reducing the risk of deployment issues and ensuring that the application behaves as expected in production.
Consequences
-
Increased complexity: Customizing the build process adds complexity to the deployment pipeline, as we need to ensure that all tests are properly configured and executed.
-
Longer github actions duration: Including end-to-end tests in the build process may increase the time it takes to complete the build and deployment process, which could impact the speed of development and deployment cycles.
9.14. Azure as the deployment environment
We decided to use Azure as the deployment environment for our application.
Justification
-
Familiarity: All the team members have some experience with Azure due to SEW, which will make it easier to set up and manage the deployment process.
-
MVs customization: Azure allows us to customize the deployment process and configure the environment to meet our specific needs, which is important for our application.
-
Scalability: Azure provides a scalable infrastructure that can handle the expected load of our application, ensuring that it can grow as needed.
-
Free students plan: Azure offers a free plan for students, which allows us to deploy our application without incurring additional costs.
-
Disponibility: Azure provides a reliable and highly available infrastructure, ensuring that our application remains accessible to users at all times.
Consequences
-
Limited cost: The free plan has limitations on resources and usage, which may impact the performance and scalability of our application.
-
Limited exprience: we are no experts in Azure, so we may encounter challenges during the deployment process. However, we can rely on the knowledge gained from SEW and the documentation provided by Azure to overcome these challenges.
9.15. Preloading and Normalizing Question Sets at Application Startup
To ensure a consistent and balanced number of questions per category in the application, we decided to preload and normalize the question sets during application startup.
At the moment the application starts, each question category will be processed to ensure exactly 60 questions are available:
-
If a category contains fewer than 60 questions, new ones will be generated to reach 60.
-
If a category contains more than 60 questions, 4 from each theme will be removed at random and replaced with 4 newly generated ones.
Justification
This approach ensures that all categories offer a uniform and fair gameplay experience by maintaining a consistent number of questions, avoiding categories with too few or too many. It also guarantees regular content refreshment in overpopulated categories to prevent repeated questions and improve user engagement. Additionally, centralizing this logic at startup simplifies runtime operations and reduces delays during the user’s turn.
Consequences
-
We must implement logic to identify under and overpopulated categories and interface this with the question generation module.
-
Startup time may slightly increase, especially if many questions need to be generated.
-
No changes are required to the current data model or storage structure.
10. Quality Requirements
In order to make Wichat a satisfactory final product, we find it crucial to set some quality requirements to live up with. These aspects are to influence architectural decisions and hence include some measurable features:
-
Usability: Intuitive and easy interfaces, reducing the volume of help needed in order to use the application.
-
Mantainability: Long-term enhancement support requiring minimal effort.
-
Accesibility: Make the application usable to people with diverse disabilities.
Moreover, some other non-functional requirements, while less prioritary, are still relevant:
-
Performance: A smooth user experience, ensuring responsiveness and minimal delays.
-
Security: Basic measures, even if sensitive data is not handled.
10.1. Quality Tree
10.2. Quality Scenarios
ID |
QA |
Scenario |
Priority |
Q1.1 |
Usability |
The system must allow a player to start and quit a game without external help, within 3 minutes of opening the app, thanks to clear and simple interfaces. |
High |
Q1.2 |
Usability |
Users must be able to navigate between different app sections (ranking, profile, game, API, etc.) in no more than 2 taps. It should take under 10 seconds for an average user. |
High |
Q2.1 |
Maintainability |
The addition of new questions must be quick and simple. It should take approximately 15 minutes |
High |
Q2.2 |
Maintainability |
The system must allow the implementation of new game models with minimal changes to the existing codebase, which should not take more than 1 hour. There should not be any regression in existing game functionality. |
Low |
Q3.1 |
Accessibility |
The product must provide key listeners in every interactive element in the application. It must not take more than 30 seconds for an average user to find and use an interactive element in the website |
High |
Q3.2 |
Accessibility |
The application must support screen readers for users with visual impairments, guaranteeing as well buttons and answers that are simple to read. All interactive elements must have alternative text, and the screen reader should process the entire game in under 1 minute for each screen. |
High |
P1.1 |
Performance |
The product must respond to a player’s request in less than 1s. |
High |
P1.2 |
Performance |
The application should give support to approximately 100 simultaneous request without significant downgrade in performance |
Medium |
S1.1 |
Security |
It must be ensured that player personal data (especially credentials) is encrypted, even if no sensitive data is handled. 0 data breaches must be admitted |
Medium |
S1.2 |
Security |
The system must support private routes, which will lead to the authentication view in case of unauthorized access 100% of unauthorized access attempts must be blocked and logged. |
Medium |
S1.3 |
Security |
The system must log all user actions related to account creation and gameplay. Logs must be stored securely and retrievable within 5 seconds. |
Low |
11. Risks and Technical Debts
| Risk | Relevance | Considerations |
|---|---|---|
Limited expertise in specific tools or programming languages |
2 |
The team may encounter difficulties due to varying levels of familiarity with required tools and languages. To address this, we will prioritize the use of well-known technologies within the team while encouraging knowledge-sharing and individual learning efforts. |
Lack of prior collaboration within the team |
1 |
Since the team has not worked together before, there is a risk of inefficiencies in coordination. Establishing clear communication channels and regularly updating each other on progress will mitigate this issue. |
Large team size |
1 |
A higher number of contributors can complicate communication and workflow synchronization. Implementing structured meetings and documentation processes should help maintain efficiency. |
Potential delays in integrating external APIs |
2 |
Depending on external data sources, such as Wikidata, might introduce latency or downtime risks. Developing fallback mechanisms and caching strategies can help mitigate disruptions. |
Knowledge disparity among team members |
2 |
Some team members have prior experience, either from retaking the course or external knowledge, while others are learning these concepts for the first time. This can lead to uneven task distribution and communication gaps. Encouraging mentoring and pairing experienced members with those less familiar can help balance the workload and improve overall team efficiency. |
11.1. Technical Debts
| Technical Debt | Considerations |
|---|---|
Game logic is handled on the frontend instead of the backend |
Ideally, the game logic should reside on the backend to enhance security and maintainability. However, due to time constraints, it currently remains on the frontend. This introduces potential risks, as the logic can be easily bypassed or modified by users. Refactoring this component to the backend is planned for future iterations. |
Free MongoDB Atlas version |
The free version of MongoDB Atlas has limitations on the number of connections and data storage. As the project scales, we may need to upgrade to a paid plan or consider alternative database solutions. |
The project is not fully e2e tested |
The project lacks comprehensive end-to-end tests at some points as LLM interactions or API requests, which can lead to undetected issues in the user experience. We plan to implement e2e tests in future iterations to ensure a more robust application. |
Basic Graphana and Prometheus configuration |
The current configuration of Graphana and Prometheus is basic, we must improve it to ensure effective monitoring and alerting. This includes setting up more detailed dashboards, alerts, and performance metrics to better understand the application’s behavior and performance. |
Unable to update questions without restarting the server |
Currently, updating questions requires redeploying the server. This is usefull now, when we are constantly updating and redeploying the aplications. But in the future, we should implement a more dynamic solution that allows for real-time updates to questions without requiring a server restart. This will improve the user experience. |
12. Glossary
| Term | Definition |
|---|---|
LLM |
Large Language Model, a type of AI model that can generate human-like text. |
Chatbot |
It’s a computer programme that simulates human conversation with an end-user. |
Framework |
A framework is an outline that provides a basic structure for developing a project with specific objectives, a kind of template that serves as a starting point for the organisation and development of software. |
Front-end |
Front-end includes drop-down menus, images, icons, colours, graphic elements, animations and everything related to improving the user’s browsing experience. |
Back-end |
Back-end is responsible for the server, database and application logic. |
Container |
A container is a lightweight, standalone, executable package that includes everything needed to run a piece of software, including the code, runtime, libraries and system tools. |
Database |
A database is an organized collection of structured information or data, typically stored electronically in a computer system. |
API |
APIs are mechanisms that allow two software components to communicate with each other through a set of definitions and protocols. |
Wikidata |
A structured, free knowledge database containing information on a wide range of topics. The application retrieves questions and answers from this source. |
Question |
A statement generated by the application based on Wikidata. Once generated, it is stored in the database for future retrieval. Users must provide an answer, with the option to request hints. |
Answer |
A response generated and stored along with the question. For each question, there is one correct answer and three incorrect ones. The answers are stored in the database and are presented to the user as part of the question for them to choose from. |
Hint |
A suggestion or help provided by the LLM to assist the user in answering a question. It is generated in response to a prompt created by us, using the information from the saved question. |
Unit Tests |
Unit tests are used to test individual components of your code in isolation. They are typically small and fast, allowing you to run them frequently during development. |
Code Coverage |
Code coverage is a measure of how much of your code is executed during tests. It helps identify untested parts of your code and can be used to improve test quality. |
Security Hotspots |
Security hotspots are areas of your code that may be vulnerable to security issues. They are typically identified by static analysis tools and should be reviewed carefully. |
E2E Tests |
End-to-end tests are used to test the entire application from start to finish. They simulate real user interactions and verify that the application behaves as expected. |
Load tests |
Load tests are used to test the performance of your application under heavy load. They simulate multiple users interacting with the application simultaneously and measure response times and resource usage. |
13. Testing
Testing is an important part of the development process. It helps ensure that your code works as expected and that changes do not introduce new bugs. In this section, we will cover the tests used in this project and some concepts related to testing.
13.1. Unit Tests, Code Coverage & Security Hotspots
We can observe that the code coverage is ~82%, which is above the threshold of 80% set in the quality gate. This means that the code is well-tested and meets the quality standards. Also, 0.9% hotspots are presented, which means that the code does not contain any known big vulnerabilities.
13.2. E2E Tests
We have a total of 15 E2E tests, which cover various scenarios and user interactions, like login, logout, signup, access the profile, access the ranking and play both Single Player and Player VS AI game modes with different configurations.
We try to cover all the possible scenarios that a user can encounter while using the application. Ensure all the code is covered is almost imposible, though.
These tests are run automatically as part of the CI/CD pipeline to ensure that the application works correctly after each change.
13.3. Load Tests
We have done several tests to identify exactly the capacity that the app can support.
- 10 Ramp Users
-
We can observe that the application can handle 10 ramp users without any issues. The response times are low, and the system performs well.
- 50 Ramp Users
-
When we increase the number of ramp users to 50, we can see the questions service starts to fail.
More than 50% of requests end in failure
- 2000 Ramp Users
-
When we increase the number of ramp users to 2000, we can see that now the questions service fails every time. But the other services are still able to handle the load.
- 2200 Ramp Users
-
When we increase the number of ramp users to 2200, we can see that other services start to fail as well. The system is unable to handle the load, and response times increase significantly.
So this is where we’re going to stop and look at the graphs we get from the test results:
- Active users throughout the simulation
-
-
The rapid increase to ~2,000 users is observed, load maintenance and gradual decline at the end of the test.
-
- Distribution of response times
-
Two main peaks stand out:-
Fast responses (~300 ms)
-
Timeout responses (far right, ~60,000 ms)
-
- Response time percentiles (OK)
-
-
A pattern is observed where times initially increase and then stabilize.
-
There is a noticeable spike around 11:39:00 where even the fastest responses degraded, which could be due to many factors.
-
- Number of requests per second
-
-
Initial peak of ~180 requests/second.
-
Later stabilization around 50-100 requests/second.
-
Direct correlation between the number of active users and the volume of requests.
-
- Number of responses per second
-
-
An initial spike in traffic is observed around 11:37:00, with over 100 responses/second, followed by a plateau. The green-to-red ratio indicates a significant number of errors throughout the test.
-
These graphs reveal that the system experiences significant degradation under load, with specific points of failure at certain endpoints and response times deteriorating markedly as concurrency increases.
Furthermore, we can also conclude that the question service acts as a bottleneck in the application.
On the other hand, we see that in addition to the question service, the LLM begins to cause problems starting at about 750 users, as shown in the following table:
* The request_1 represents the OPTIONS request, while the request_2 represents the POST request.
13.4. Improvements
After obtaining this data and reviewing what the problem could be, we found that with each request to the '/questionsDB' endpoint, a new connection to the database was created, which obviously slowed down the response time significantly.
After solving this problem, we can see that, although slow, 1000 users are handled without problems.
