Building Sovereign Software Infrastructure: The openCode Platform Ecosystem

Context

Sovereign software platforms for public administration require more than just code hosting. While commercial platforms like GitHub provide repository management, they are not designed for the specific sovereignty, compliance, and governance requirements of public administration. Germany's ZenDiS has developed openCode, a platform based on GitLab that provides additional services for government software development - including, for example, automated quality badges and security features. However, little is understood about how such platforms are architected, which services exist beyond the core GitLab functionality, and how these components work together to enable sovereignty.

While IS research has studied platform architectures and ecosystems extensively (Tiwana et al. 2010; Constantinides et al. 2018), the specific case of sovereign software platforms, where security, compliance, and public sector governance requirements drive architectural decisions, remains unexplored. This thesis provides the first systematic analysis of openCode's platform architecture and services, contributing both to platform research and to practical understanding of how to build sovereign software infrastructure.

Research Goals

The primary goal of this thesis is to systematically explore and analyze the openCode platform ecosystem to understand how a sovereign software platform is built and operates. This thesis examines the openCode ecosystem, including the GitLab instance (gitlab.opencode.de), the web portal (opencode.de), and associated services. You will explore what components exist, document how they function, and analyze how they serve sovereignty objectives. Concretely, the thesis will:

  1. Review theoretical foundations from IS platform and ecosystem research (Tiwana 2010, Constantinides 2018, West & O'Mahony 2008), focusing on platform architecture, complementary services, and governance mechanisms.
  2. Identify and map the openCode platform through exploratory analysis:
    • Investigate which services and components exist across gitlab.opencode.de, opencode.de, and related infrastructure
    • Document their functions and purposes through analysis of public documentation, APIs, technical specifications, and blog posts
    • Create architecture diagrams showing how components relate to each other
    • Systematize your findings by categorizing services (e.g., by function, purpose, or integration type)
  3. Analyze sovereignty mechanisms by examining how specific components address sovereignty requirements:
    • Which features enable transparency, security, quality assurance, or independence?
    • How do governance mechanisms function?
    • Connect components to digital sovereignty objectives
  4. Conduct deep-dive analysis of 1-2 core components that you identify and select based on their relevance and available documentation:
    • Analyze technical implementation (APIs, automation, integration approaches)
    • Evaluate effectiveness and limitations
    • Assess trade-offs in design decisions
  5. Evaluate the platform approach by critically assessing:
    • How are services organized and integrated to support sovereignty objectives?
    • What are strengths and limitations of the current architecture?
    • Does the platform effectively enable digital sovereignty for public administration?
  6. Use publicly available sources including technical documentation, API specifications, policy documents, blog posts, and public code repositories.

Contributions

  • For research: First systematic study of a sovereign software platform's architecture, showing how sovereignty requirements shape platform design and which services are needed beyond basic code hosting
  • For practice: Provides a blueprint for public administrations building sovereign software infrastructure, documenting architectural patterns and design choices that work beyond the German context

Requirements

  • Solid understanding of software platforms and ecosystems
  • Ability to read and analyze technical documentation
  • Proficiency in German and English

References

Boudreau, K. J. (2010). Open platform strategies and innovation: Granting access vs. devolving control. Management Science, 56(10), 1849-1872.

Constantinides, P., Henfridsson, O., & Parker, G. G. (2018). Introduction - platforms and infrastructures in the digital age. Information Systems Research, 29(2), 381-400.

de Reuver, M., Sørensen, C., & Basole, R. C. (2018). The digital platform: a research agenda. Journal of Information Technology, 33(2), 124-135.

Tiwana, A., Konsynski, B., & Bush, A. A. (2010). Platform evolution: Coevolution of platform architecture, governance, and environmental dynamics. Information Systems Research, 21(4), 675-687.

West, J., & O'Mahony, S. (2008). The role of participation architecture in growing sponsored open source communities. Industry and Innovation, 15(2), 145-168.