Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: ABI-016, issue around SSO

...


StatusCategoryItemSummaryPlanWhy"Aspirational" TimingRelated JiraChampionParticipants
ABI-001Done. (Pending inclusion in release)PlatformAES: pre- and post-filtersReinstate mod-aes to allow transaction data streaming directly from Okapi. The current implementation depends on Okapi filter functionality.
  • Validate changes to Okapi from Jan 2019 (MODAFILT-6)
  • Deploy mod-aes to an environment and qualify
  • Provide solution for max-headers problem
  • Depends on pending auth redesign
  • Enhance mod-aes implementation as needed
  • Release mod-aes as part of build.

  • 2020-Q2 design
  • 2020-Q3 development

Jira Legacy
serverSystem JiraJIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODAES-4
Jira Legacy
serverSystem JiraJIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODAES-5
Jira Legacy
serverSystem JiraJIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyOKAPI-837

ABI-002Under DiscussionMulti-TenancyCross-Tenancy SupportAllows selective and controlled data sharing between separate tenants in Folio. This addresses the needs of Institutions or Consortia who need to selectively share data between their member organizations. At present Folio supports only modeling as separate tenants (share nothing) or single tenant (share everything).

Draft Document (limited access)
  • Review strawman proposal from Spitfire Team.
  • Formulate a platform-level solution
    • Identify required changes from Okapi
    • Identify required changes from RMB
    • Design mod-tenant module to arbitrate access between tenants
    • TBD

TBD


ABI-003Pending DiscussionUsersSystem and Tenant level usersIntroduce the notion of tenant-level and system-level users.
  • Spike to gather requirements including related tech-debt items
  • Implement support for user classes (mod-users)
  • Retrofit solution to existing implementations that have temporary solutions: Edge APIs; mod-pubsub.
This allows operations to be performed in the context of the entire tenant (tenant-level) or the platform (system-level). Accordingly these classes of users would be protected from casual user management and provided with suitable permissions.2020-Q3 design and development ??; 2020-Q3  released??

Jira Legacy
serverSystem JiraJIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyFOLIO-2551


Craig McNally
ABI-004Under DiscussionMulti-TenancyDatabase Connectivity: tenant; interface; methodAllow database connectivity to be specified on a per tenant basis. Currently Folio only supports database connectivity to be specified at the module level
  • Create a solution proposal that allows flexibility for connectivity specification through RMB.
    • Primary goal is to provide tenant-level specification
    • Solution should allow for eventual interface-level specification as well and possibly method-level
  • Implement RMB changes to allow tenant-level connectivity
This would be helpful for load balancing database connectivity between tenants (allowing a large/busy tenant to have a separate database than other tenants for the same module).2020-Q3 design and development??; 2020-Q4: released ??

Jira Legacy
serverSystem JiraJIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyFOLIO-1794

Jira Legacy
serverSystem JiraJIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyRMB-664


ABI-005Under DiscussionPlatformAuthN/Z Refactoring

Refactoring of authentication and authorization address:

  • Performance issues related to token signature/generation
  • Protocol limitations wrt header size limitation and security best practices
  • Protocol complexity and comprehensibility

Plan:

  • design a new internal Authn/z protocol (Okapi ↔ mod-authtoken)
  • Favour standard API design (RAML/JSON) implementation (handler vs filter)
  • Provide a solution with high level of cacheability
Primarily improved performance

2020-Q2 Design

2020-Q2 Development

Jira Legacy
serverSystem JiraJIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyFOLIO-2523

ABI-019

Under

Discussion

PlatformDistributed Transactions

Discussion regarding strategies for dealing with cross-module (microservice) communication that required data consistency. Including:

  • architectural patterns (eg 2PC, ES/CQRS, Saga, PM, etc)
  • examples through specific FOLIO use-cases (Acq, Circ, DI)
  • platform-level support (Okapi, mod-pubsub, etc)
  • recommended external tools/libraries/frameworks
  • error handling for async operations and eventual consistency
  • Capture representative use-cases and discuss limitations of existing implementation
  • Discuss patterns that can be used to remove the limitations
  • Propose extensions to the platform components to aid developers when implementing processed requiring DT
  • Research and proposed third party library and tools that could be integrated with the FOLIO Platform

2020-Q1/Q2 Requirements analysis

2020-Q2

Research and design

Spike: Distributed transaction use cases and solutions

Handling Errors in Asynchronous Processes

ABI-006Suggested for evaluationRefactor OkapiTenant Context (runtime)Split out Okapi tenant management into "mod-tenant". Intersects with cross-tenancy functionality.





ABI-007Suggested for evaluationRefactor OkapiDependency ManagementDedicated global registry for Folio dependencies





ABI-008Suggested for evaluationRefactor OkapiRegistry (runtime)Split out Okapi management of registered modules and interfaces.





ABI-009Suggested for evaluationRefactor OkapiTenant APIs (admin)See below





ABI-010Suggested for evaluationMulti-TenancyTenant ManagementA administrative component for tenant provisioning and upgrading (including data upgrading). Refactoring the TenantAPI functionality from Okapi forms the basis





ABI-011Under DiscussionSearchSearch EngineIntroduce a dedicated search engine (e.g. ElasticSearch) for performance reasons. Also provides cross-tenant searching.

See related proposal:
Search




VBar
ABI-012Suggested for evaluationAutomationCamundaAdd an automation engine for Folio





ABI-013Suggested for evaluationUsers

Roles

is this the same as Team/Group concept (data ownership)?

Create support for formalized Roles within Folio





ABI-014Suggested for evaluationPlatformGraphQLAdopt GraphQL as a API calling convention in Folio





ABI-015Suggested for evaluationRelease ManagementApplication packagingSupport the distribution of "Applications" separate from monolithic Folio releases.





ABI-016Suggested for evaluationUsersSAML SSO strategyExtend SSO functionality to delegate the details of user management and authentication to external systems. Avoid the need to duplicate user records in FolioCome to a more focused project strategy for SAML support.


Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODLOGSAML-44

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODLOGSAML-58

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODLOGSAML-59

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyMODLOGSAML-66

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyUXPROD-554

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyUXPROD-556

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyUXPROD-1612

Jira Legacy
serverSystem JIRA
serverId01505d01-b853-3c2e-90f1-ee9b165564fc
keyUXPROD-2444

See also:


ABI-017Suggested for evaluationCodexCodex

Next generation of Codex functionality

  • beyond Codex Search






ABI-018Suggested for evaluationInstrumentationOkapi/modules

Define instrumentation capabilities, including:

  • logging formats and structure (fields, patterns)
  • metrics: supported protocols (e.g JMX, Prometheus, etc) and measured quantities
  • integration with third-part tools, including log aggregators (ELK, CW, etc), time series databases (Prometheus), service mesh solutions (e.g Istio, X-ray)




...