-
Notifications
You must be signed in to change notification settings - Fork 18
02 Software Development Lifecycle DevSecOps AttendanceTrack
Software Delivery Lifecycly The Software engineering lifecycle phases are defined for the class attendance app. A focus is given in DevSecOps and SRE. The goals is to make the app a SaaS product. This page presents a high level view of the DevSecOps stages. The next page includes the detailed aspects of the DevSecOps lifecycle.
graph TD
A[Planning] -->|Define goals requirements| B[Development]
B -->|Write code build applications| C[Testing]
C -->|Automated testing and CI| D[Integration]
D -->|Code integration and CI| E[Deployment]
E -->|Automated deployment and CD| F[Monitoring]
F -->|Continuous monitoring| G[Feedback]
G -->|Collect feedback execute improvements| A
- Use of Primefaces as the UX framework with JEE MVC
- local development with docker-compose for the LDAP, NonSQL DB
This involves identifying the security risks and vulnerabilities that your application might face, and setting goals for how you will mitigate them.
- Versioning of Java and vulnerabilities in it
- a pipeline can be set up in ADO to run security scans
- pipeline Conducts threat modeling as a proactive process of identifying and understanding potential threats to the system (local and prod)
Define the goals and requirements of the project. Plan the development and deployment processes.
- A responsive webapp to mark attendance of classes and mandatory training sessions
- Automate session/class report generation
- Automate process of following up with student when absent
| Lecturer | Student | Admin Staff | Application | Factual Implementation |
|---|---|---|---|---|
| generate class attendance | register attendance | Obtain report attendance after each class | Screen that allows students to mark attendance live with a timer under 30 seconds and an unique code | |
| see reports | see absence report | see all reports | ||
| manually update attendance records | manually update attendance records | |||
| get notified about absent students | get notification of failure to attend | trigger process of following up to understand class absence | Screen with mini-process view follow-up |
- Enable students
- Start Class Attendance
- List Professors
- Confirmation notifications via email and SMS
- The system could send notifications to students as a reminder to confirm their attendance within the specified timeframe.
- Notifications could also be sent to students who haven't confirmed attendance after a certain period to ensure they are aware of their status
- The system should maintain a record of attendance data for each class and each student
- The system should generate attendance reports for lecturers and administrative staff to review and analyze attendance patterns.
- The system should present a screen to handle Absence Management. Absent students will be followed up. students to provide reasons for their absence, along with supporting documents if necessary. There must be a valid reason on failure to attend the class.
Implement role-based access control to ensure that only authorized users, such as lecturers and administrative staff, have access to certain features and functionalities.
CI/CD pipelines for code and build applications. GitHub Version control system is used to manage code changes.
- Emphasize TDD Test Driven development testing paradigm in java: code the system requirements described in this page.
- Document smoke testing of the system
- Test locally with docker compose
- Deploy to Azure cloud Compute VM with docker compose
- Write the IaaC module for the App, User directory and No SQL DB
- Generate QR code and attendance number for a specific class
- Provide one-time authentication code for students to log their class attendance.
- Time Limit for Confirmation: It is mandatory for the students to confirm their attendance within a 1-minute timeframe from entering the code
- Mark attendance in a Non SQL DB
- Generate Reports related to attendance and classes
- Application must be responsive and accessible via PC, Laptop, Tablet and mobile devices
- vulnerability scanning tools
- leverage WSL
- IDE VSCode and IntelliJ
- vsCode with integrated terminal
- run scripts to create and run the docker container with local changes
- run fully automated testing in java with gradle
Automated testing ensures the quality and functionality of the code.
mapping requirements with the test cases
- Login with valid credentials for different user roles (student, lecturer, admin).
- Attempt login with invalid credentials.
- Logout functionality.
Test website layout and functionality on different devices and screen sizes. Ensure optimal user experience across various platforms.
Test navigation between different screens and features. Validate UI elements are displayed correctly and function as expected.
Mark attendance live within 30 seconds using a unique code. Verify time limit enforcement for attendance marking. Attempt marking attendance with an invalid code.
Start session/class attendance. Verify attendance is recorded for registered students. Manually update attendance records if needed.
View attendance reports for specific classes and time periods. Verify reports include accurate attendance data. Download reports in different formats (e.g., PDF, CSV).
View individual attendance records. Verify accuracy of personal attendance data.
Identify and flag absent students automatically. Send automated email and SMS notifications to absent students for confirmation. Trigger follow-up process for unconfirmed absences.
Receive and respond to attendance confirmation notifications. Provide reasons for absence with supporting documents. Submit absence explanations and documents.
Enable and manage student accounts. List and manage registered lecturers. Configure notification settings for attendance confirmation and reminders. View comprehensive attendance reports and data across all classes.
Verify only authorized users can access specific features based on their roles. Restrict unauthorized access attempts to sensitive functionalities.
Test application performance under various loads and user concurrency. Ensure response times are acceptable and application remains stable.
Conduct security tests to identify vulnerabilities and potential security risks. Implement necessary security measures to protect user data and system integrity.
Test integration between the webapp and other systems it interacts with LDAP, NoSQL database, any external party Ensure data exchange and communication functions smoothly.
Automated deployment tools deploy the application to different environments. Continuous Deployment (CD) automates the release process.
gradle tracks the webapp version.
use git tags and semantic versioning to manage the composite app version
- Installation process: project a Java project JEE. Import in any IDE and build with gradle or maven. Build docker image and run
- Software dependencies: dependencies are described in the gradle file
- Latest releases by using git tags
- API references. API docs
Continuous Integration (CI) tools automate the testing process. Integration:
Code changes are integrated into a shared repository. CI tools automatically build and test the integrated code.
Continuous monitoring of application performance and infrastructure. Detect and address issues in real-time.
Collect feedback from users and stakeholders. Use feedback to improve future development cycles.
Back | Next