Rework workflow documentation

The workflow documentation is a bit of a mess. Rework the documentation:

• Split the details out of the platform guide, making it a better high level overview of Apertis targeted more at selling the platform.
• Create an architectural document covering the basics of the Apertis workflow and how the tools used by Apertis fit together. Use pictures to help explain.
• Detailed information about workflows shifted to guides
  • Packaging guide starting to be restructured to better cover workflows by adding sections.
  • Separating out description of component repository layout into its own guide.
  • Shift image creation details to Image building guide.

While I've noticed:

• Packages have been moved from repository based sub-directories under pkg/ to pkg/ its self. Update the URLs used on the website to reflect this.

Signed-off-by: Martyn Welch martyn.welch@collabora.com

content/architecture/platform-guide.md

@@ -27,9 +27,10 @@ components intended for deliverables are free from
 Apertis is not just a Debian-derived GNU/Linux distribution. It comprises: code
 hosting; code review tools; package build and image generation services; and an
 automated testing infrastructure with the aim of providing a clean, reliable
-environment. This allows developers go from source to deployable system images
-in the most dependable way, ready to be hosted on the cloud and made available
-for [over-the-air (OTA) updates]({{< ref "ostree.md" >}}).
+environment. This allows developers to go from source to deployable system
+images in the most dependable way, ready to be hosted on the cloud, programmed
+into a custom device or made available via
+[over-the-air (OTA) updates]({{< ref "ostree.md" >}}).
 
 ![](/images/apertis-functional-view.svg)
 
@@ -47,10 +48,11 @@ core.
 
 Apertis is designed for a collaborative development model with the aim of
 sharing efforts across and between multiple independent participants. It offers
-workflows and tools to maximize the shared commonalities, this reduces costs
-and increases development speed. This contrasts with approaches where
-participants of each development team are independently working towards there
-own goals, duplicating effort to implement common features.
+[workflows]({{< ref "workflow-guide.md" >}}) and tools to maximize the shared
+commonalities, this reduces costs and increases development speed. This
+contrasts with approaches where participants of each development team are
+independently working towards there own goals, duplicating effort to implement
+common features.
 
 While other workflows only focus on one team at a time, Apertis' strength is
 its ability to support many independent teams concurrently. The development
@@ -85,7 +87,7 @@ Contributions to the shared Apertis components follows Open Source Software
 (OSS) best practices with it's
 [maintainer/contributor policies]( {{< ref "contributions.md" >}} )
 centered on code review and
-[continuous integration]( {{< ref "gitlab-based_packaging_workflow.md" >}} ).
+[continuous integration]( {{< ref "component_structure.md" >}} ).
 
 # Security driven
 
@@ -106,6 +108,13 @@ provides a way for product teams to get access to a
 [stable stream]({{< ref "release-flow.md#apertis-release-flow" >}}) of less
 urgent updates.
 
+In order to protect Apertis systems from the exploitation of both known and
+unknown application flaws, by either external or internal threats, Apertis
+utilizes [AppArmor]({{< ref "guides/apparmor.md" >}}) for policy enforcement. This
+enables the system to restrict each applications access to only those resources
+that they are meant to be using, providing mitigation against many potential
+attack vectors.
+
 The optional [OSTree-based update mechanism]({{< ref "ostree.md" >}}) provides
 an efficient and safe update facility for the base platform, such that updates
 can be deployed often with minimal costs. The
@@ -117,8 +126,9 @@ example of how to implement fleet manangement.
 
 Applications can be deployed and updated in
 [application bundles]({{< ref "canterbury-legacy-application-framework.md" >}})
-without re-deploying the whole platform, decoupling the release and update
-cycle of the base software from that of each application.
+(with a new [Flatpak based solution]({{< ref "application-framework.md" >}}) on
+the way) without re-deploying the whole platform, decoupling the release and
+update cycle of the base software from that of each application.
 
 A goal of Apertis is to reduce the efforts required for long-term maintenance,
 in particular to enable quick and consistent response times for security issues
@@ -150,3 +160,20 @@ processed once and resulting binaries being shared with all. These resources
 are available to every team and since they are provided as a service they do
 not need to be duplicated for each developer. This ensures reproducibility,
 traceability and consistency during the whole product life cycle.
+
+# Key technologies
+
+Apertis makes heavy use of many open source technologies to form a strong platform:
+
+- **Debian packages** provide a wide ecosystem of pre-packaged components, from
+  a project with a long history of providing a reliable, robust operating
+  system.
+- **systemd** for system and service management, as well providing many basic
+  services.
+- **AppArmor** adding Mandatory Access Control, providing policy enforcement of
+  applicaiton profiles.
+- **OSTree** and **Flatpak** for safe, efficient and modular deployments
+- **D-Bus** providing inter-process communications, enabling privilege separation between the various system services and applications.
+- **Wayland** based compositor, providing a modern efficient display server.
+- **GStreamer** enabling multimedia playback
+