Architecture
Decisions
Architecture Decision Records are used to capture architecture decisions alongside the code.
Known constraints
- Open source licenses on code & all project materials (creative commons)
- Web-based, over HTTPs
- Headless API
- Interoperable
- Work on urban (3G) LMIC connections and hardware (PC > mobile)
- i18n, l10n
Open Constraints?
- Project tooling? [#13]
- Process documentation - Already exists in Google Drive?
- Is this public & licensed for creative commons?
- How will it survive over lifespan of PCMT?
- User stories, tasks, bugs - GitLab issues
- Project documentation - GitLab Wiki, RTD
- Code (SCM) - GitLab
- Process documentation - Already exists in Google Drive?
- License? [#16]
- AGPLv3 - Tends to scare private companies away.
- MIT - highly permissive
- Others?
- Deployment architecture? [#17]
- Cloud?
- On-prem?
- To SaaS or not to SaaS? [#2]
- Can we estimate how many tenants we might have? Year 1? Year 5?
- Effects Deployment Architecture. e.g. If on-prem is a high requirement, then we may have to strike out cloud serverless (though there is tech such as OpenStack, CNCF).
- Multi-single-tenant. OpenLMIS has experimented with parts of this and has found that using a traditional app server (Java Spring) isn't well suited for operational costs.
- Serverless - Rapidly evolving, though still early stage for a project this size.
- Traditional multi-tenant is most mature, however it certainly adds to development and deployment costs.
- Still exploring options that balance hosted vs. on-prem
- Authorization [#18]
- Allows a role within a group to own specific sets of attributes of a Commodity/Item.
- RBAC? (can be useful in user stories where the role is "as a role I want...")
- ABAC?
- Authentication [#19]
- Delegated? (e.g. OAuth2 - OpenLMIS, Google Accounts, etc)
- SSO?
- Security [#20]
- How sensitive is product information? (will a stakeholder worry if data is in multi-tenant architecture)
- What's the risk to product catalog if credentials are compromised? (2FA / MFA)
- Interoperable
- OData
- Code Set for FHIR?
- Spreadsheets? CSV? XLS?
- EDI?
- Compliance
- EU - Cookie Law? GDPR?
- Principles for Digital Development?
- Customization?
- Logos? Colors?
- Custom fields?
- Custom workflow?
- Versioning?
- What version scheme will PCMT use? Will it follow/convey Akeneo PIM CE? Re: https://www.akeneo.com/de/blog/a-faster-way-to-benefit-from-akeneo/