This repository houses the core server and orchestration elements which are at the heart of the Datum cloud service. We have no plans to ever gate / silo elements of the code that may fall under our "enterprise licensing" (or any other commercial license we offer) and intend to keep the code Apache 2.0 licensed and free for use, forever. Given that, if you find value in anything we're doing here, our cloud services, or use this software yourself (for any purpose) - don't be afraid to become a contributor! If you have any questions please reach out to contribute@datum.net.
datum: a fixed starting point of a scale or operation
We’re on a mission to build a better, more sustainable world by providing digital leaders with open source solutions which help them innovate faster and remove massive toil. We believe that in order to change the world for good, we’ll benefit from having thousands of companies working at scale, not just a handful (the “hyperscalers”). Check out our documentation or reach out to get involved!
At it's core, Datum is a collection of services built on top of an entity framework which allows us to:
- Model database schemas as graph structures
- Define schemas as programmatic go code
- Execute complex database queries and graph traversals easily
- Extend and customize using templates and code generation utilities
- Type-safe resolvers and GraphQL schema stitching
- Code generated audit / history tables for defined schemas
On top of this powerful core we also have an incredible amount of pluggable, extensible services:
- Authentication: we today support password, OAuth2 / Social login providers (Github, Google), Passkeys as well as standard OIDC Discovery flows
- Multi-factor: built-in 2FA mechanisms, TOTP
- Authorization: extensible and flexible permissions constructs via openFGA based on Google Zanzibar
- Session Management: built-in session manaagement with JWKS key validation, encrypted cookies and sessions
- Robust Middleware: cache control, CORS, Rate Limiting, transaction rollbacks, and more
- Queuing and Scheduling: Task management and scheduling with Marionette
- External Storage Providers: store data in AWS S3, Google GCS, or locally
- External Database Providers: Leverage Turso, or other PostgreSQL / SQLite compatible vendors and libraries
- Data Isolation and Management: Heirarchal organizations and granular permissions controls
Developing against this repo involves a few mandatory tools; please read up on these and familiarize yourself if you're interested in making additions or changes!
- ent - insane entity mapping tool, definitely not an ORM but kind of an ORM (handles our relational data storage, mappings, codegen processes)
- atlas - Schema generation and migrations (can be disabled in lieu of migrations on disk)
- goose - Secondary database migration utility we also use for seeding data
- gqlgen - Code generation + GraphQL server building from from
entschema definitions - gqlgenc - Client building utilities with GraphQL
- openfga - Flexible authorization/permission engine inspired by Google Zanzibar
- echo - High performance, extensible, minimalist Go web framework
- koanf - Configuration management library which parses Go structs + creates our main configuration files
- viper - command line flags / management
We also leverage many secondary technologies in use, including (but not limited to!):
- taskfile - So much better than Make zomg
- redis - in-memory datastore used for sessions, caching
- sqlite - currently planned database system but also offer additional support for PostgreSQL
- golangci-lint - an annoyingly opinionated linter
- buildkite - our CI system of choice (with github actions providing some intermediary support)
- sonar - used for code scanning, vulnerability scanning
Lastly we're already ourselves using (and plan to support our customers usage in our cloud service) these third party integrations:
- turso/libsql - Turso is an edge-hosted, distributed database that's based on libSQL , an open-source and open-contribution fork of SQLite
- posthog - Product analytics
- sendgrid - Transactional email send provider
All of these components are bundled into our respective Docker images; for additional information / instructions, see the contributing guide in this repository. We're constantly adding and changing things, but have tried to list all the great open source tools and projects we rely on; if you see your project (or one you use) in here and wish to list it, feel free to open a PR!
The vast majority of behaviors of the system can be turned on or off by updating the configuration parameters found in config; in some instances, we've made features or integrations with third party systems which are "always on", but we're happy to receive PR's wrapping those dependencies if you are interested in running the software without them!
Setup Taskfile by following the instructions and using one of the various convenient package managers or installation scripts. After installation, you can then simply run task install to load the associated dependencies. Nearly everything in this repository assumes you already have a local golang environment setup so this is not included. Please see the associated documentation.
See the README in the config directory.
The only "supported" method of deploying today is locally, but we have a WIP Helm chart which can be found here
Please read the contributing guide as well as the Developer Certificate of Origin. You will be required to sign all commits to the Datum project, so if you're unfamiliar with how to set that up, see github's documentation.
This repository contains datum which is open source software under Apache 2.0. Datum is a product produced from this open source software exclusively by Datum Technology, Inc. This product is produced under our published commercial terms (which are subject to change), and any logos or trademarks in this repository or the broader datumforge organization are not covered under the Apache License.
Others are allowed to make their own distribution of this software or include this software in other commercial offerings, but cannot use any of the Datum logos, trademarks, cloud services, etc.
We take the security of our software products and services seriously, including all of the open source code repositories managed through our Github Organizations, such as datumforge. If you believe you have found a security vulnerability in any of our repositories, please report it to us through coordinated disclosure.
Please do NOT report security vulnerabilities through public github issues, discussions, or pull requests!
Instead, please send an email to security@datum.net with as much information as possible to best help us understand and resolve the issues. See the security policy attached to this repository for more details.
You can email us at info@datum.net, open a github issue in this repository, or reach out to matoszz directly.
![@renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=64&v=4){kind=small}
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
