InstallHub Overview
The package management system for BizFirstGO — export workflows, forms, and apps as installable bundles, distribute them across environments, and discover community packages in the marketplace.
What is InstallHub?
InstallHub is BizFirstGO's package management layer — the "app store" for your automation artifacts. It allows teams to bundle workflows, forms, rules, app definitions, and configuration into self-contained, versioned packages that can be installed into any BizFirstGO tenant.
Think of it as npm or NuGet for BizFirstGO artifacts: packages carry all their dependencies, declare their metadata through a manifest, and can be installed with a single API call. Integrity is guaranteed through SHA-256 checksums on every bundle.
Three-Phase Architecture
Phase 1 — Export COMPLETE
Create installable packages from your existing BizFirstGO artifacts. Select workflows, forms, and apps; the export pipeline resolves all dependencies automatically and bundles everything into a signed ZIP file with a manifest.
Phase 2 — Import PENDING
Install packages into any BizFirstGO tenant. The import pipeline validates the bundle, scans for security issues, remaps artifact IDs to avoid collisions, resolves conflicts, and commits the installation transactionally — with rollback on failure.
Phase 3 — Marketplace (PublicHub) PENDING
A public catalog of packages published by the BizFirstGO team, verified partners, and the community. Browse, preview, rate, and install packages in one click from the marketplace directly into your tenant.
What Can Be Packaged?
| Artifact Type | Description | Package Type |
|---|---|---|
| Workflows | Process and thread definitions from Flow Studio | workflow-package |
| Atlas Forms | Form definitions, fields, actions, and validators | form-package |
| App Studio Apps | Visual applications built in App Studio | app-package |
| Octopus Agents | AI agent definitions and memory configurations | agent-package |
| Configuration | Rules, entity schemas, and app settings | config-package |
How Packages Work
Every InstallHub package is a ZIP archive containing:
- A
manifest.jsonat the root — name, version, author, artifact list, and checksum - Serialized artifact files under
artifacts/{type}/{id}.json - A human-readable
README.mddescribing what the package installs
The manifest declares all inter-artifact dependencies so the import engine can install them in the correct order. Packages can also declare dependencies on other packages, enabling composable distribution.
Key Design Principles
Service Layer Only
Extended projects (App Studio, Flow Studio) call only the InstallHub service layer — never the controllers directly. This enforces consistent validation and audit logging.
Tamper-Proof Bundles
Every bundle carries a SHA-256 checksum over its artifact contents. Import recomputes the checksum and rejects any bundle that has been modified after export.
Tenant Isolation
All exported packages are scoped to a tenant. On import, artifact IDs are remapped so there is no collision with existing artifacts in the target tenant.
Dependency Resolution
Export automatically includes all transitive dependencies. Import installs artifacts in dependency order so references are never broken.
Backend Architecture
InstallHub is implemented as a 7-project C# solution following clean architecture principles. The domain is fully decoupled from infrastructure, and the service layer is the integration boundary for external callers.
| Project | Role |
|---|---|
InstallHub.Domain | Entities, value objects, and domain interfaces |
InstallHub.Infrastructure | Database, ZIP I/O, and external service adapters |
InstallHub.Service | Export, import, and marketplace orchestration logic |
InstallHub.Api.Base | Request/response DTOs and base controller helpers |
InstallHub.Api | HTTP endpoints — REST API surface |
InstallHub.Tests | Unit tests for domain and service logic |
InstallHub.IntegrationTests | End-to-end pipeline tests |