Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleTBD

This is the bulk of the RFC.

Explain the proposal as though it were already implemented and you were teaching it to someone already familiar with Folio - foregoing unnecessary introductory material.

  • Get into the specifics including corner cases and plenty of examples.

  • Define any new terminology and named concepts

  • Fully explain the scope of the proposal: backend; frontend; full-stack.

  • Provide clear guidance as to how the proposal might be implemented.

  • Include any reference to any existing Folio Jira issues.

  • If appropriate, the use of diagrams and illustrations is encouraged.

  • Provide any assessment of the dependency impact of the proposed change; its interaction with other features is clear.

  • If possible describe how disruptive the change might be to the existing Folio development community.

  • Discuss how any breaking changes can be rolled out (migration guidance).

  • If applicable, provide sample code or pseudo-code, error messages, or deprecation warnings

  • Describe the impact on existing Folio documentation, guides and other reference materials.

New Components

The Eureka platform introduces several new components. These will need to undergo some evaluation process. However, there is insufficient time in the proposed timeline to use the standard TCR/New module evaluation process.

Deprecations

The following could be deprecated/archived once Eureka has been fully adopted and these components are no longer within the support period:

  • Okapi - Functionality has been delegated to various single-purpose components

    • folio-kong

    • folio-keycloak

    • folio-module-sidecar

    • mgr-tenants

    • mgr-applications

    • mgr-tenant-entitlements

    • mod-scheduler

    • mod-okapi-facade

  • mod-authtoken - Replaced by Keycloak/Sidecars

  • mod-login-saml - Replaced by Keycloak

  • mod-consortia - Replaced by mod-consortia-keycloak

  • mod-login - Replaced by mod-login-keycloak

  • mod-permission - Replaced by mod-roles-keycloak

    • Slightly different from the components above in that it’s included in app-platform-minimal. Mod-permissions is needed for migration APIs used when moving to the Eureka platform. After that, it’s no longer needed. So, we need to be sure everyone has fully adopted Eureka before removing it from app-platform-minimal along with the migration APIs.

Benefits

  • Maintainability

    • By adopting trusted open source software like Kong and Keycloak, Folio can focus their development effort on library business logic, leaving the API gateway and Security code to the experts.

  • Security

    • Improved SSO integrations

      • Support for multiple identity providers

      • Single logout

      • Federation support

      • etc.

    • Use of standard protocols (OIDC, OAuth2, etc.)

    • RBAC support

      • Policies allow for greater control of who can do what, when, from where, etc.

      • Provides a better UX for managing privileges (Grid instead of flat list of permissions/permissionSets)

    • Additional features like MFA, LDAP/AD integration, etc.

  • Enabler for independent application lifecycles

    • Application-level packaging (application formalization)

  • A step toward the envisioned app stores / application marketplaces

  • Improved system user management

    • Modules no longer need to create, manage, and use system users. The platform handles this instead.

  • Configurable structured transaction logging (https://github.com/folio-org/folio-module-sidecar?tab=readme-ov-file#logging-configuration )

Risks and Drawbacks

Expand
titleTBD

Why should we not do this?

A genuine and thoughtful consideration to risks and drawbacks is essential for a well-rounded proposal.

...