TC self evaluation for edge-erm
- Steve Ellis
Please see TCR ticket here: https://folio-org.atlassian.net/browse/TCR-38
ย | Criteria | Comments | Responsible | Evaluation Result | Evidence | Status |
|---|---|---|---|---|---|---|
1 | ย Uses Apache 2.0 license | Added license link to POM. | @Steve Ellis | Acceptable | Done | |
2 | ย Module build MUST produce a valid module descriptor |
| @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
3 | Module descriptor MUST include interface requirements for all consumed APIs | This module only requires two interfaces, | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
4 | ย Third party dependencies use an Apache 2.0 compatible license | Please see attached the output of | @Steve Ellis | Acceptable |  ย | Done |
5 | ย Installation documentation is included
| ย | @Steve Ellis | Acceptable | It is a standard edge-module and as such is deployed like all edge-modules. However the configuration options are documented in the readme. | Done |
6 | ย Personal data form is completed, accurate, and provided asย | ย | @Steve Ellis | Acceptable | Please see https://github.com/folio-org/edge-erm/blob/master/PERSONAL_DATA_DISCLOSURE.md | Done |
7 | ย Sensitive and environment-specific information is not checked into git repository | ย | @Steve Ellis | Acceptable | ย | Done |
8 | ย Module is written in a language and framework from theย officially approved technologiesย page | Are we going to upgrade edge modules to spring boot version 3.2.x like the docs say weโre supposed to for other spring modules? Note edge-common-spring hasnโt been upgraded soโฆ | @Steve Ellis | TODO | ย | TODO |
9 | ย Module only uses FOLIO interfaces already provided by previously accepted modulesย e.g. a UI module cannot be accepted that relies on an interface only provided by a back end module that hasn't been accepted yet | It is an edge module calling a couple of mod-agreements endpoints that are released. | @Steve Ellis | Acceptable | ย | Done |
10 | Integration with any third party system (outside of the FOLIO environment) tolerates the absence of configuration / presence of the system gracefully | There is no 3rd party integration. Itโs an edge module that talks to FOLIO mod-agreements. | @Steve Ellis | Acceptable | ย | Done |
11 | ย Sonarqube hasn't identified any security issues, major code smells, or excessive (>3%) duplication | See sonar report. | @Steve Ellis | Acceptable | https://sonarcloud.io/summary/new_code?id=org.folio%3Aedge-erm | Done |
12 | ย Usesย officially supportedย build tools | Is a maven project. | @Steve Ellis | ย | ย | Done |
13 | ย Unit tests have 80% coverage or greater and are based onย officially approved technologies | See sonar coverage report. | @Steve Ellis | Acceptable | https://sonarcloud.io/summary/new_code?id=org.folio%3Aedge-erm | Done |
14 |
| See repository. | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
15 | ย Module includes executable implementations of all endpoints in the provides section of the Module Descriptor | Module does not have | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
16 | Environment vars are documented in the ModuleDescriptor
| Please see MD. | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
17 | ย If a module provides interfaces intended to be consumed by other FOLIO Modules, they must be defined in the Module Descriptor "provides" section | Please see MD. | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/descriptors/ModuleDescriptor-template.json | Done |
18 | ย All API endpoints are documented in RAML or OpenAPI | OpenAPI is used. | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-erm/blob/master/src/main/resources/swagger.api/edge-erm.yaml | Done |
19 | ย All API endpoints protected with appropriate permissions as per the following guidelines and recommendations, e.g. avoid usingย | There are no endpoints defined in module descriptor. | @Steve Ellis | Acceptable | https://github.com/folio-org/edge-dcb/blob/master/descriptors/ModuleDescriptor-template.json | ย |
20 | ย Module provides reference data (if applicable), e.g. if there is a controlled vocabulary where the module requires at least one value | There is no reference data for this module. | @Steve Ellis | Acceptable | ย | Done |
21 | ย If provided, integration (API) tests must be written in anย officially approved technology
| API tests are written in Junit 5. | @Steve Ellis | Acceptable | ย | Done |
22 | ย Data is segregated by tenant at the storage layer | The module does not store data but forwards requests to FOLIO. | @Steve Ellis | Acceptable | ย | Done |
23 | ย The module doesn't access data in DB schemas other than its own and public | See above. | @Steve Ellis | Acceptable | ย | Done |
24 | ย The module responds with a tenant's content based on x-okapi-tenant header | For an edge module only the API Key is needed. | @Steve Ellis | Acceptable | ย | Done |
25 | ย Standard GETย | Has spring boot actuator. | @Steve Ellis | Acceptable | See application.yml and pom.xml. | Done |
26 | ย High Availability (HA) compliant
| The module has no state since it only makes requests to FOLIO. | @Steve Ellis | Acceptable | ย | Done |
27 | ย Module only uses infrastructure / platform technologies on theย officially approved technologiesย list.
| Itโs an edge module so this doesnโt apply. There are no platform technologies in use. | @Steve Ellis | Acceptable | ย | Done |