Carsten Rehfeld
b2a16a8be7
- REST API: register, patch, O-level, replacements, history, search endpoints - IoT lifecycle validations: future sunset, lock-before-release, sunset-passed-before-decommission - DB schema: Liquibase changesets 001–008 (services, versions, replacements, sunset-at column) - @ColumnTransformer(write="?::jsonb") on bsm_payload fields to avoid JDBC varchar→jsonb rejection - Jandex plugin on apix-common + quarkus.index-dependency so @NotBlank validators resolve at runtime - quarkus-logging-json extension added; quarkus.log.console.json=false is now a recognised key - Fix requireSunsetBeforeLockRelease: Boolean.TRUE.equals instead of !Boolean.FALSE.equals (null guard) - BDD suite: 27 scenarios / 213 steps across 5 feature files (sunset-lock, decommission, replacement, discovery, anonymity) - Test infrastructure: JDBC TRUNCATE in @Before for DB isolation, Arc.container() for clock control — no test endpoints in production code - sunsetAt truncated to microseconds in BDD steps to match Postgres timestamptz precision - Cucumber step fixes: singular/plural candidate(s), lastResponse propagation in replacementsReturnsNCandidates Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.8 KiB
1.8 KiB
arc42, status
| arc42 | status |
|---|---|
| 2 — Architecture Constraints | stub |
2.1 Technical Constraints
| Constraint | Rationale |
|---|---|
| Hosted on Hetzner (EU) | European sovereignty narrative; cost; GDPR residency |
| Docker Compose deployment | Solo maintainability; no Kubernetes overhead for PoC |
| Python 3.12 | AI ecosystem fit; LLM-assisted dev speed; SDK readiness |
| PostgreSQL 16 | Relational integrity + JSONB flexibility for BSM payload |
| Caddy reverse proxy | Auto-TLS (Let's Encrypt); zero-config HTTPS |
| Open source (Apache 2.0) | STF requirement; community credibility |
| HTTPS mandatory | Trust infrastructure must be served over TLS — non-negotiable even for PoC |
2.2 Organisational Constraints
| Constraint | Rationale |
|---|---|
| Solo developer | All components must be maintainable by one person |
| LLM-assisted development | Accepted; all generated code must be reviewed before commit |
| Public GitHub repository | STF requires open-source deliverables; also community signal |
| No external team dependencies | No waiting on others; all unblocked decisions are made by Carsten |
2.3 Regulatory Constraints
| Constraint | Rationale |
|---|---|
| GDPR-lite | Only data stored: registrant email (for contact), service URL, BSM payload. No analytics, no tracking. |
| No PII in logs | Even at DEBUG level — email addresses must not appear in log output |
| No secrets in images or Git | API keys and DB credentials via runtime env only |
2.4 Convention Constraints
| Constraint | Rationale |
|---|---|
| HATEOAS API style | Core APIX Internet-Draft requirement; agents must be able to navigate from root URL |
| IETF Internet-Draft alignment | BSM field names must match draft-rehfeld-bot-service-index-00 |
| PlantUML for all diagrams | Project convention (not Mermaid) |
| arc42 documentation structure | This document set |