Implement apix-registry with IoT sunset/decommission lifecycle and full BDD suite
- REST API: register, patch, O-level, replacements, history, search endpoints - IoT lifecycle validations: future sunset, lock-before-release, sunset-passed-before-decommission - DB schema: Liquibase changesets 001–008 (services, versions, replacements, sunset-at column) - @ColumnTransformer(write="?::jsonb") on bsm_payload fields to avoid JDBC varchar→jsonb rejection - Jandex plugin on apix-common + quarkus.index-dependency so @NotBlank validators resolve at runtime - quarkus-logging-json extension added; quarkus.log.console.json=false is now a recognised key - Fix requireSunsetBeforeLockRelease: Boolean.TRUE.equals instead of !Boolean.FALSE.equals (null guard) - BDD suite: 27 scenarios / 213 steps across 5 feature files (sunset-lock, decommission, replacement, discovery, anonymity) - Test infrastructure: JDBC TRUNCATE in @Before for DB isolation, Arc.container() for clock control — no test endpoints in production code - sunsetAt truncated to microseconds in BDD steps to match Postgres timestamptz precision - Cucumber step fixes: singular/plural candidate(s), lastResponse propagation in replacementsReturnsNCandidates Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Carsten Rehfeld
@@ -0,0 +1,42 @@
|
||||
---
|
||||
arc42: "2 — Architecture Constraints"
|
||||
status: stub
|
||||
---
|
||||
|
||||
## 2.1 Technical Constraints
|
||||
|
||||
| Constraint | Rationale |
|
||||
|---|---|
|
||||
| Hosted on Hetzner (EU) | European sovereignty narrative; cost; GDPR residency |
|
||||
| Docker Compose deployment | Solo maintainability; no Kubernetes overhead for PoC |
|
||||
| Python 3.12 | AI ecosystem fit; LLM-assisted dev speed; SDK readiness |
|
||||
| PostgreSQL 16 | Relational integrity + JSONB flexibility for BSM payload |
|
||||
| Caddy reverse proxy | Auto-TLS (Let's Encrypt); zero-config HTTPS |
|
||||
| Open source (Apache 2.0) | STF requirement; community credibility |
|
||||
| HTTPS mandatory | Trust infrastructure must be served over TLS — non-negotiable even for PoC |
|
||||
|
||||
## 2.2 Organisational Constraints
|
||||
|
||||
| Constraint | Rationale |
|
||||
|---|---|
|
||||
| Solo developer | All components must be maintainable by one person |
|
||||
| LLM-assisted development | Accepted; all generated code must be reviewed before commit |
|
||||
| Public GitHub repository | STF requires open-source deliverables; also community signal |
|
||||
| No external team dependencies | No waiting on others; all unblocked decisions are made by Carsten |
|
||||
|
||||
## 2.3 Regulatory Constraints
|
||||
|
||||
| Constraint | Rationale |
|
||||
|---|---|
|
||||
| GDPR-lite | Only data stored: registrant email (for contact), service URL, BSM payload. No analytics, no tracking. |
|
||||
| No PII in logs | Even at DEBUG level — email addresses must not appear in log output |
|
||||
| No secrets in images or Git | API keys and DB credentials via runtime env only |
|
||||
|
||||
## 2.4 Convention Constraints
|
||||
|
||||
| Constraint | Rationale |
|
||||
|---|---|
|
||||
| HATEOAS API style | Core APIX Internet-Draft requirement; agents must be able to navigate from root URL |
|
||||
| IETF Internet-Draft alignment | BSM field names must match draft-rehfeld-bot-service-index-00 |
|
||||
| PlantUML for all diagrams | Project convention (not Mermaid) |
|
||||
| arc42 documentation structure | This document set |
|
||||
Reference in New Issue
Block a user