progress snapshot
This commit is contained in:
61
databank/collab/intake/inbox/DevelopmentRules.md
Normal file
61
databank/collab/intake/inbox/DevelopmentRules.md
Normal file
@@ -0,0 +1,61 @@
|
||||
# Rules for developing software deliverables at TSYS Group
|
||||
*Adopt these principles and checklist items for every TSYS Group software deliverable—clear, testable, and production-ready.*
|
||||
|
||||
**Core Constraints**
|
||||
- Only perform host operations for:
|
||||
- git workflows (clone, fetch, commit, push, branch, tag)
|
||||
- Docker and Docker Compose (build, run, compose up/down, network operations)
|
||||
- All development and runtime tasks must be performed inside Docker containers.
|
||||
- Expose only the main application web interface to external networks; all other services/ports remain internal to the per-stack Docker network.
|
||||
|
||||
**Containerization & Deployment**
|
||||
- Ship the application as a Docker container image.
|
||||
- Provide and maintain a canonical docker-compose.yml that describes service dependencies, networks, volumes, and healthchecks.
|
||||
- Ensure the container:
|
||||
- builds reproducibly
|
||||
- starts reliably
|
||||
- passes automated smoke tests before any release or QA signoff
|
||||
|
||||
**Testing, QA & Reliability**
|
||||
- Follow Test-Driven Development (TDD) for all new features and bug fixes.
|
||||
- Create comprehensive automated test suites (unit, integration, E2E where applicable).
|
||||
- Maintain very high test coverage and ensure all tests pass in CI before merging.
|
||||
- Treat all warnings as errors; configure CI to fail on warnings where practical.
|
||||
- Include CI jobs that:
|
||||
- build the container
|
||||
- run linting
|
||||
- run tests
|
||||
- perform smoke/startup checks
|
||||
|
||||
**Security & Compliance**
|
||||
- Adhere to best practices for security, QA, engineering, and SRE/DevOps.
|
||||
- Ensure compliance with applicable regimes (PCI, GDPR, SOC, FedRAMP, accessibility standards).
|
||||
- Design for least privilege in containers and networks; avoid exposing credentials/secrets in images or source.
|
||||
- Integrate static analysis, dependency scanning, and container image vulnerability scanning into CI.
|
||||
|
||||
**Accessibility**
|
||||
- Prioritize accessibility from the start; satisfy applicable accessibility guidelines required by US Government contracts.
|
||||
- Include accessibility checks in test and QA processes.
|
||||
|
||||
**Code Quality & Maintainability**
|
||||
- Lint all artifacts (code, configuration, Dockerfiles, YAML).
|
||||
- Do not incur technical debt; add required tests, docs, and refactors as part of the change.
|
||||
- Maintain clear, organized repository and docs. Keep docker-compose.yml and runbooks up to date.
|
||||
|
||||
**Operational/SRE Requirements**
|
||||
- Provide healthchecks and metrics-friendly endpoints where applicable.
|
||||
- Document startup, configuration, and rollback procedures.
|
||||
- Ensure containers start quickly and deterministically for orchestration and smoke tests.
|
||||
|
||||
**Acceptance Checklist (must be satisfied before “done”)**
|
||||
- [ ] Code follows TDD and has adequate tests
|
||||
- [ ] Linting passes with zero warnings
|
||||
- [ ] Container image builds reproducibly
|
||||
- [ ] Container starts and passes smoke tests locally and in CI
|
||||
- [ ] docker-compose.yml reflects current service topology
|
||||
- [ ] Vulnerability and dependency scans show no critical issues
|
||||
- [ ] Accessibility and applicable compliance checks pass
|
||||
- [ ] Documentation and runbooks updated
|
||||
- [ ] No outstanding technical debt items left untracked
|
||||
|
||||
Follow this checklist and principles for every change to ensure secure, testable, and production-ready deliverables.
|
||||
Reference in New Issue
Block a user