Version 0.9.0

5 Cross-cutting requirements

The cross-cutting requirements described in this section are an extension of the cross-cutting requirements defined in the Architecture Blueprint document and the Security BB definition. This section will describe any additional cross-cutting requirements that apply to this building block or differences with the Architecture Blueprint.

5.1 Architecture Blueprint

Topic number in arch document
Name of requirement in arch document
MUST only use TIOBE top 25 languages
SHOULD use TIOBE top 25 languages (Not MUST)
Shell may be used for scripting. (Shell holds language ranks between 50 and 100.)
APIs MUST be idempotent
Application APIs will contain POST endpoints which are not idempotent.
GET/PUT/DELETE APIs are idempotent relative to Mediator BB, but idempotent-ness of intermediated services depend on the service provider and cannot be specified at this level.
MUST provide configuration only through the environment
Configuration not only through environment
Configuration is mainly in configuration files. Environment variables could also be used. No configuration in code.
Databases MUST not include business logic
Databases SHOULD not include business logic
We propose that this is a design recommendation which intends to make business logic all live in a clearly visible and accessible location. This may not always be followed, as the benefits of stored procedures (e.g., in reducing DB transaction round-trips, etc.) may sometimes outweigh this general design recommendation.
MUST be asynchronous first
SHOULD be asynchronous first
The Service Access Layer of IM is synchronous first.
The PubSub Layer is asynchronous
MUST use standardized configuration
See 3.17
MUST use standardized data formats for interchange
Standard formats are used for communication with other BB. Inside BB non-standard protocols can be used.
MUST use web hooks for callbacks
OpenAPI spec 3.0 supported in the first version. Moving to OpenAPI 3.1 is planned in the future.

5.2 Security Specification

Topic number in Security specs document
Name of requirement in arch document
MUST allow the provisioning/management of admin users via the SSO/IAM application specified by the Security BB.
Copyright © 2022