apix/apix-mvp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
apix-mvp/docs/arc42/11-risks-technical-debt.md
T
Carsten Rehfeld b2a16a8be7 Implement apix-registry with IoT sunset/decommission lifecycle and full BDD suite 
- REST API: register, patch, O-level, replacements, history, search endpoints
- IoT lifecycle validations: future sunset, lock-before-release, sunset-passed-before-decommission
- DB schema: Liquibase changesets 001–008 (services, versions, replacements, sunset-at column)
- @ColumnTransformer(write="?::jsonb") on bsm_payload fields to avoid JDBC varchar→jsonb rejection
- Jandex plugin on apix-common + quarkus.index-dependency so @NotBlank validators resolve at runtime
- quarkus-logging-json extension added; quarkus.log.console.json=false is now a recognised key
- Fix requireSunsetBeforeLockRelease: Boolean.TRUE.equals instead of !Boolean.FALSE.equals (null guard)
- BDD suite: 27 scenarios / 213 steps across 5 feature files (sunset-lock, decommission, replacement, discovery, anonymity)
- Test infrastructure: JDBC TRUNCATE in @Before for DB isolation, Arc.container() for clock control — no test endpoints in production code
- sunsetAt truncated to microseconds in BDD steps to match Postgres timestamptz precision
- Cucumber step fixes: singular/plural candidate(s), lastResponse propagation in replacementsReturnsNCandidates

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08 09:13:26 +02:00

32 lines
2.9 KiB
Markdown
Raw Permalink Blame History

---
arc42: "11 — Risks and Technical Debt"
status: stub
---
## 11.1 Risk Register
| # | Risk | Probability | Impact | Mitigation |
|---|---|---|---|---|
| R-01 | Big tech ships a competing agent service directory before PoC is done | Medium | High | Speed is the primary mitigation. PoC by end of 2026. IETF draft establishes prior art regardless of PoC state. |
| R-02 | Chicken-and-egg: no real registrants → registry looks empty → no agents query it → no registrant motivation | High | High | Pre-seed with 5 real services (self + Lexnexum + 3 outreach targets) before any public announcement. Never launch empty. |
| R-03 | Solo bus factor: Carsten gets sick/unavailable | Medium | High | All infra as code (GitHub); `provision.sh` + `deploy.sh` must be runnable by anyone with Hetzner access. No undocumented steps. |
| R-04 | Hetzner VPS data loss (disk failure) | Low | High | Daily pg_dump to separate Hetzner volume. Restore documented and tested. |
| R-05 | Spider causes load on registrant services (aggressive checking) | Low | Medium | 15-min interval; 5s timeout; respect `Crawl-delay` in robots.txt if present; opt-out mechanism in BSM. |
| R-06 | STF rejects application despite PoC | Medium | Medium | PoC also serves founding member pitch and IETF credibility regardless of STF outcome. |
| R-07 | IETF draft does not progress / working group not formed | Medium | Medium | APIX can operate as a de-facto standard regardless of IETF formal status (as DNS did). |
## 11.2 Technical Debt Log
Accepted shortcuts in the MVP, with explicit exit paths:
| # | Debt | Accepted Because | Exit Path | Priority |
|---|---|---|---|---|
| TD-01 | Manual O-level assignment | Automated GLEIF/domain check is weeks of work; manual is safe for PoC | Automated O-1 (DNS/domain) + O-2 (GLEIF) in Phase 2 | High |
| TD-02 | Single shared API key | Per-registrant key management requires auth layer; premature for PoC | OAuth2 / per-registrant key management post-MVP | High |
| TD-03 | No rate limiting on read endpoints | PoC traffic too low to warrant it | Caddy rate_limit directives when traffic warrants | Medium |
| TD-04 | No full OpenAPI spec field validation by Spider | Field-level validation requires schema comparison logic; overkill for PoC | Spider `openapi_parser.py` extension post-MVP | Medium |
| TD-05 | Single-region deployment | Multi-region requires DB replication; solo can't maintain safely | Hetzner Managed Database + multi-region post-funding | Low (PoC SLA is acceptable) |
| TD-06 | No CI/CD pipeline | Solo dev; manual deploy via `deploy.sh` is sufficient | GitHub Actions pipeline post-MVP | Low |
| TD-07 | No TLS for Spider → DB connection | Both on same Docker network; no external exposure | TLS on internal connections post-MVP if required by audit | Low |
| TD-08 | Spider has no respect for registrant `robots.txt` | Most registered services won't have agent-specific crawl rules yet | Add robots.txt check to Spider fetcher when needed | Low |
Reference in New Issue View Git Blame Copy Permalink