SDD-001: Technology Stack - Software Design Document
Version: 1.0.0 Status: Approved Last Updated: 2025-12-28 Author: Hal Casteel
1. Executive Summary
This Software Design Document defines the complete technology stack for the CODITECT Document Management System. The stack is optimized for:
- High-performance semantic search with vector embeddings
- Multi-tenant SaaS architecture with complete isolation
- Async-first design for I/O-bound operations
- Enterprise-grade reliability with 99.9% uptime target
- Scalability from 10 to 10,000+ concurrent users
Context
The current situation requires a decision because:
- Requirement 1
- Constraint 2
- Need 3
Status
Accepted | YYYY-MM-DD
2. Architecture Overview
┌─────────────────────────────────────────────────────────────────┐
│ CLIENT LAYER │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────────────┐ │
│ │ React 18.2+ │ │ Mobile │ │ Third-Party APIs │ │
│ │ TypeScript │ │ (Future) │ │ (REST/GraphQL) │ │
│ └──────────────┘ └──────────────┘ └──────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ API GATEWAY LAYER │
│ ┌──────────────────────────────────────────────────────────┐ │
│ │ Cloud Run / GKE │ │
│ │ • Load Balancing • SSL Termination │ │
│ │ • Rate Limiting • Request Routing │ │
│ └──────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ APPLICATION LAYER │
│ ┌────────────────────────────────────────────────────────────┐ │
│ │ FastAPI (Python 3.11+) │ │
│ │ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │ │
│ │ │ Routes │ │ Services │ │ Background │ │ │
│ │ │ (REST) │ │ (Business) │ │ (Celery Tasks) │ │ │
│ │ └─────────────┘ └─────────────┘ └─────────────────────┘ │ │
│ └────────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ DATA LAYER │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────────────┐ │
│ │ PostgreSQL │ │ Redis │ │ Cloud Storage │ │
│ │ + pgvector │ │ (Cache) │ │ (Documents) │ │
│ │ + TimescaleDB│ │ │ │ │ │
│ └──────────────┘ └──────────────┘ └──────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ EXTERNAL SERVICES │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────────────┐ │
│ │ OpenAI │ │ Anthropic │ │ Stripe │ │
│ │ (Embeddings) │ │ (Voyage) │ │ (Billing) │ │
│ └──────────────┘ └──────────────┘ └──────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
3. Technology Stack Details
3.1 Backend Layer
Primary Framework: FastAPI
| Attribute | Value |
|---|---|
| Framework | FastAPI 0.109+ |
| Python Version | 3.11+ (required for performance) |
| ASGI Server | Uvicorn with Gunicorn workers |
| Validation | Pydantic V2 |
| ADR Reference | ADR-024: FastAPI Web Framework |
Selection Rationale:
- Native async/await for non-blocking I/O
- Automatic OpenAPI documentation
- Pydantic integration for type-safe validation
- High performance (15,000+ req/s)
- Production-proven at Netflix, Uber, Microsoft
Key Dependencies:
fastapi>=0.109.0
uvicorn[standard]>=0.27.0
pydantic>=2.5.0
python-jose[cryptography]>=3.3.0
passlib[bcrypt]>=1.7.4
python-multipart>=0.0.6
ORM & Database Access
| Component | Technology | Purpose |
|---|---|---|
| ORM | SQLAlchemy 2.0+ | Async ORM with type hints |
| Driver | asyncpg | Native async PostgreSQL driver |
| Migrations | Alembic | Database schema versioning |
| Vector | pgvector | Vector similarity operations |
Key Dependencies:
sqlalchemy>=2.0.25
asyncpg>=0.29.0
alembic>=1.13.0
pgvector>=0.2.4
Background Processing
| Component | Technology | Purpose |
|---|---|---|
| Task Queue | Celery 5.3+ | Distributed task processing |
| Broker | Redis | Message broker |
| Result Backend | Redis | Task result storage |
| Scheduler | Celery Beat | Periodic tasks |
Key Dependencies:
celery>=5.3.0
redis>=5.0.0
flower>=2.0.0 # Monitoring
3.2 Database Layer
PostgreSQL 15+
| Feature | Configuration |
|---|---|
| Version | PostgreSQL 15 |
| Extensions | pgvector, TimescaleDB, uuid-ossp |
| Connection Pooling | PgBouncer (production) |
| Replication | Streaming (HA environments) |
pgvector Configuration:
-- Vector similarity search
CREATE EXTENSION vector;
-- Embedding dimensions
-- OpenAI text-embedding-3-small: 1536
-- OpenAI text-embedding-3-large: 3072
-- Voyage-3: 1024
CREATE INDEX idx_chunk_embedding_ivfflat
ON chunk USING ivfflat (embedding vector_cosine_ops)
WITH (lists = 100);
TimescaleDB Configuration:
-- Time-series metrics
CREATE EXTENSION timescaledb CASCADE;
-- Hypertables for metrics
SELECT create_hypertable('document_metric', 'recorded_at');
SELECT create_hypertable('search_metric', 'recorded_at');
Redis 7.0+
| Use Case | Configuration |
|---|---|
| Caching | TTL-based document cache |
| Sessions | JWT blacklist, user sessions |
| Rate Limiting | Sliding window counters |
| Distributed Locks | Redlock algorithm |
| Celery Broker | Task queue messaging |
Memory Configuration:
- Development: 1 GB
- Staging: 2 GB
- Production: 5+ GB (HA)
3.3 Frontend Layer
React 18.2+
| Component | Technology |
|---|---|
| Framework | React 18.2+ |
| Language | TypeScript 5.3+ (strict mode) |
| State Management | TanStack Query (server state) + Zustand (client state) |
| Routing | React Router 6+ |
| UI Components | Radix UI + Tailwind CSS |
| Build Tool | Vite |
| Testing | Vitest + React Testing Library |
Key Dependencies:
{
"react": "^18.2.0",
"react-dom": "^18.2.0",
"typescript": "^5.3.0",
"@tanstack/react-query": "^5.0.0",
"zustand": "^4.4.0",
"react-router-dom": "^6.20.0",
"@radix-ui/react-*": "latest",
"tailwindcss": "^3.4.0"
}
3.4 Infrastructure Layer
Google Cloud Platform (GCP)
| Service | Purpose | Configuration |
|---|---|---|
| Cloud Run | API deployment | Auto-scaling, 0-100 instances |
| Cloud SQL | PostgreSQL hosting | Private IP, SSL required |
| Memorystore | Redis hosting | 1-5 GB, HA optional |
| Cloud Storage | Document storage | Regional, versioned |
| Secret Manager | Credentials | Automatic rotation |
| Cloud Build | CI/CD | Triggered on push |
| Cloud Monitoring | Observability | Prometheus + Grafana |
Infrastructure as Code
| Tool | Purpose |
|---|---|
| Terraform/OpenTofu | Infrastructure provisioning |
| Kubernetes (GKE) | Container orchestration (production) |
| Helm | Kubernetes package management |
3.5 External Integrations
Embedding Providers
| Provider | Model | Dimensions | Cost/1K tokens |
|---|---|---|---|
| OpenAI | text-embedding-3-small | 1536 | $0.00002 |
| OpenAI | text-embedding-3-large | 3072 | $0.00013 |
| Anthropic/Voyage | voyage-3 | 1024 | $0.00006 |
| Cohere | embed-english-v3.0 | 1024 | $0.0001 |
Primary Selection: OpenAI text-embedding-3-small (best cost/performance)
Payment Processing
| Service | Purpose |
|---|---|
| Stripe | Subscription billing |
| Stripe Elements | Payment UI |
| Stripe Webhooks | Event processing |
4. Security Stack
Authentication & Authorization
| Component | Technology |
|---|---|
| Token Format | JWT (RS256) |
| Session Management | Redis-backed |
| Password Hashing | bcrypt |
| MFA | TOTP (future) |
| RBAC | Custom implementation |
Network Security
| Layer | Protection |
|---|---|
| Transport | TLS 1.3 |
| API Gateway | Cloud Armor (DDoS) |
| Rate Limiting | Redis sliding window |
| CORS | Allowlist origins |
5. Observability Stack
Monitoring
| Component | Technology |
|---|---|
| Metrics | Prometheus + Grafana |
| Logging | Google Cloud Logging |
| Tracing | OpenTelemetry + Jaeger |
| Alerting | PagerDuty/Slack |
Key Metrics
# API Metrics
api_request_duration_seconds
api_request_total
api_error_total
# Search Metrics
search_query_duration_seconds
search_results_count
embedding_generation_duration_seconds
# Database Metrics
db_connection_pool_size
db_query_duration_seconds
6. Development Tools
Local Development
| Tool | Purpose |
|---|---|
| Docker Compose | Local services |
| Pre-commit | Git hooks |
| pytest | Testing |
| mypy | Type checking |
| ruff | Linting + formatting |
CI/CD Pipeline
| Stage | Tools |
|---|---|
| Build | Docker, Cloud Build |
| Test | pytest, vitest |
| Lint | ruff, eslint |
| Security | Snyk, trivy |
| Deploy | Terraform, kubectl |
7. Version Requirements Summary
Backend
| Package | Minimum Version | Notes |
|---|---|---|
| Python | 3.11+ | Required for performance |
| FastAPI | 0.109+ | Pydantic V2 support |
| SQLAlchemy | 2.0+ | Async ORM |
| Pydantic | 2.5+ | V2 with improved performance |
| Celery | 5.3+ | Redis 7 support |
Database
| System | Minimum Version | Notes |
|---|---|---|
| PostgreSQL | 15+ | pgvector compatibility |
| pgvector | 0.5+ | HNSW index support |
| TimescaleDB | 2.13+ | Continuous aggregates |
| Redis | 7.0+ | Function support |
Frontend
| Package | Minimum Version | Notes |
|---|---|---|
| Node.js | 20 LTS | Current LTS |
| React | 18.2+ | Concurrent features |
| TypeScript | 5.3+ | Decorators, const enums |
| Vite | 5.0+ | Build performance |
8. Related Documents
- ADR-024: FastAPI Web Framework
- ADR-010: Clean Architecture
- TDD-001: API Layer Technical Design
- 009: Database Schema
9. Revision History
| Version | Date | Author | Changes |
|---|---|---|---|
| 1.0.0 | 2025-12-28 | Hal Casteel | Initial SDD creation |