July 13, 2023 Technical Committee Meeting Note

Attendees

Ramkumar P.S., Wesley Brown, Vasil Kolev, Ain, Aleksander, Benjamin Balder, Damian, David Higgings,Anrnold Kibuuka, Lekan Osaba, Madduri Vikash, Martin Kramer, Pawel Gesek, Srui Satyajit, Taylor downs, Laurence Berry

 

Agenda

Presenter

Duration

Discussion

Review pending action items

 

 10 minutes

 

https://www.youtube.com/watch?v=4ASKMcdCc3g

 

https://govstack-global.atlassian.net/browse/TECH-654

https://govstack-global.atlassian.net/browse/TECH-670WIP

Messaging BB candidate: Rapid pro. Discussion on adaptation requirements underway

https://govstack-global.atlassian.net/browse/TECH-742

 

Authorization mechanism

@Jaume DUBOIS

15 minutes

 

 

The goal is to have clear needs defined. What to do we have currently?

Do we have full inventory of:

  • Types of accessors checked (human, back-end systems, apps or browser, robots, hardware, ..)

  • Granularity of access control (Building block, module, API, single API service, single API service for specific tenant or data)

Is the overall management of all the accesses realistic from operational and user standpoint?

WIP

@Steve Conrad add to cross functional requirements about bbs not owning up RBAC and calling applications being responsible for it.

Are we using token based authorization within the request to BB.

How to get candidates bypass its own RBAC?

  1. Superuser access to be given when merging with IM backend?

  2. Or control to switch off existing RBAC in target BBs

  3. option to have api token registered in IM at max permission level for specific member entities

  4. come up with a concrete example for this case

Status update

Leads

30 minutes

https://govstack-global.atlassian.net/jira/plans/reports/6EFAz

  1. candidate bbs to be hosted in common playground infra

  2. infra requirements for individual bbs in sandbox common playground to be specified @satya

  3. Nortal: infra for IMBB is huge (how much?).

  4. provide apis, automation to integrate into Sandbox and cut dependencies on specific cloud provider

Alignment on mocks/emulators for testing and sandbox

@Benjamin Balder Bach

20 minutes

See proposal from Benjamin here: https://govstack-global.atlassian.net/wiki/spaces/GH/pages/277807158

See also notes from Sandbox/Testing meeting: https://govstack-global.atlassian.net/wiki/spaces/GH/pages/267812880

  1. Decision: Locate mock apps in same gitrepos as that of respective bbs

  2. are the mocks and emulators one and same thing? Emulators maintain stateful transactions. simple reference implementation of business logic to give back “appropriate responses” aligned to release cycle of BB specs

  3. Mocks respond with hardcoded data sets. Emulator responds with reactive results (datasets)

  4. Discuss actual layouts and mechanisms in Testing group meeting.

Discuss / define process for decoupling BBs into smaller pieces (contd.)

 

15 minutes

 

 

To be taken up next week