NOTE: This is a sample template for the purpose collaborating and soliciting feedback. The actual Zowe Participation Form will involve a DocuSign Form (or equivalent) provided by the Linux Foundation to enable a digital submission.
...
...
Zowe API Mediation layer - 2019
...
Zowe API Mediation Layer Conformance Criteria Check-list:
1) Application Service
...
Zowe Conformance Test Evaluation Guide is a set of self-certify and self-service tests to help the developer community integrate and extend specific technology into the Zowe framework.
Below are the requirements for the available conformance programs. Items marked (required) are required for achieving conformance in a given program.
Zowe API Mediation layer - 2019
- Application Service
- An application provides at least one service or UI
Comments:
2)- (required)
- Register with discovery services
Select all that apply:
- All exposed services of the application are discoverable by the API Mediation Layer Discovery Service
- The service is registered by dynamic registration (preferred)
- The service is registered by static definition (minimum requirement)
- A service must be registered using one of the following methods: (required)
- All exposed services of the application are discoverable by the API Mediation Layer Discovery Service
Dynamic registration - preferred (best practice)
Static definition - minimum requirement
- The service must provide a default service ID that is prefixed by the provider name (for example:
...
- `acme`,
...
- `xyzcorp`, `bar`). (required)
- The service ID must be configurable externally after deployment
...
- . (required)
- The service ID
...
- must written in lower case, contain no symbols, and is limited to 64 characters
...
- . (required)
- The API ID
...
- must follow the same rules as for Java packages
...
- . The example of the API ID: zowe.apiml.apicatalog
...
- . (required)
- The published service URL
...
- must follow the gateway URL conventions
...
- . (required)
- For versioned APIs,
...
- service URLs must contain a service version before the service ID in the following formats:
- api/v1/{serviceId}
...
- reserved for REST APIs
...
- ui/v1/{serviceId}
...
- reserved for UIs
...
- ws/v1/{serviceId}
...
- reserved for WebSockets
...
For non-versioned APIs or APIs
...
- versioned differently (e.g. z/OSMF), use the following formats:
- api/{serviceId}
...
- reserved for REST APIs
...
- ui/{serviceId}
...
- reserved for UIs
...
- - ws/{serviceId}
...
- reserved for WebSockets
...
(required)
- API DocumentationSelect all that apply:
- Documentation is Swagger/Open API 2.0 compliant
- . (required)
- Every public resource is documented with a description of each resource
- . (required)
- Every method of each REST endpoint is documented
- . (required)
- Every method of each REST endpoint is demonstrated by an example
- . (required)
- Every parameter (headers, query parameters, payload, cookies, etc.) is documented with definitions of all possible values and their associated meanings. (required)
- Every error code, including errors returned in the payload is documented
Comments:
4)- . (required)
- API naming and addressing
Select all that apply:
- Encoded slash is not used
- . (required)
- The service interprets values independent of their URL encoding
- . (required)
- lowerCamelCase is used for names of resources, parameters, and JSON properties
Comments:
5)- .
- Service requests and responses
Select all that apply:- API -
- Request and response payloads are in JSON or binary data format
- .
- API - In JSON format, links are relative, and must not contain the schema, hostname, and port. (required)
- WebSocket -
- Service URIs contained in WebSocket messages payload are addressed through the API ML Gateway. (required)
- UI -
- UI uses relative links and does not contain the schema, hostname, and port
Comments:
6)- . (required)
- Authentication and AuthorizationSelect all that apply:
- Resources are protected by mainframe credentials
- . (required)
- Services accept basic authentication (minimum requirement)
- . (required)
- Services accept Zowe JWT token in the cookie
Comments:
7)- .
- Versioning and Support
Select all that apply:- Service implementation follows the semantic versioning model
- .
- Last two major versions are supported by API services
- The service provider agrees to support the major service version for at least two years from its release
Comments:
8) UI
- . (required)
- UI
- UI uses only relative URLs
Comments:
9) WebSocket Services
Select all that apply:
- . (required)
- WebSocket Services
- WebSocket connection creation, all subsequent communication between WebSocket client, and server is routed through the API ML Gateway. (required)
- WebSocket connections are closed by the initiator through API ML Gateway.
Comments
10) Zowe Version Compatibility
The service provider agrees to re-certify when a new version of the conformance criteria is released within 60 days
- (required)
Zowe CLI - 2019
Please verify and comment where needed that the participating offering has achieved the conformance criteria for Zowe Command Line Interface Conformance Criteria: Test Evaluation Guide Summary:
1) InfrastructureSelect all that apply:
- Plug-in is constructed on the Imperative CLI Framework
- . (required)
- Plug-in is NOT run as a standalone CLI
- . (required)
- Plug-in commands write to stdout or stderr via Imperative Framework response.console APIs
Comments:
2) Installation
Select all that apply:
- . (required)
- Installation
- Plug-in is installable with the zowe plugins install command.
- (required)
- Plug-in is installable into the @lts-incremental version of the core Zowe CLI and follows semantic versioning
- . (required)
- Plug-in is uninstallable via the zowe plugins uninstall command
Comments:
3)- . (required)
- Naming
- If the plug-in introduces a command group name, it does not conflict with existing conformant plug-in group names.
Comments:
4) Profiles
Select all that apply:
- (required)
- Profiles
- If the plug-in has unique connection details, it introduces a profile that lets users store these details for repeated use.
- (
- required)
- Plug-in users are able to override all profile settings via the command line and/or environment variables.
Zowe App Framework
...
Summary:
1) Packaging:
Select all that apply:
...
– 2019
- Packaging
- Every plugin must have a unique ID. The ID format follows java package naming conventions. The Zowe project reserves org.zowe.
- (required)
- Every plugin and each of its services must have a version.
- (required)
- Directory layout adheres to the ZLUX App filesystem structure.
- (required)
- Source code layout is recommended adheres to the ZLUX App filesystem structure for tooling consistency
Comments:
2)- .
- Web UIs ALL:
- All Apps must contain an icon image file to represent it, located at web/assets/icon.png within the App's package.
Comments:
- (required)
- Web UI IFrame:
- IFrame Apps (apps with framework type "iframe") which embed a top-level iframe within (example: https://github.com/zowe/api-layer/blob/master/zlux-api-catalog/web/index.html) must use the ID "zluxIframe" for that element. This is required for the app to be a recipient of app to app communication.
Comments:
- (required)
- Web UI Non-IFrame:Select all that apply:
- DOM elements originating from your App should always be a child of the Zowe viewport DOM element, "com-rs-mvd-viewport".
- (required)
- Network requests to the Zowe App Server must never be done without the use of the URI Broker.
- (required)
- Access to resources outside the App Server should also be made through the URI Broker whenever possible
- .
- Apps must not pollute the global namespace with regards Javascript, HTML, and CSS
- . (required)
- When using a library present in the Zowe App Framework core, you must depend on the same version.
- (required)
- Web apps should extend the framework's default build scripts for webpack and typescript
- .
- 5) UI Design: Apps
- Apps should follow the UI Design guidelines
Comments:
6) - Localization and Internationalization (I10n and I18n):
non-IFrame:
Select all that apply:
- The active language to be used for string selection must be retrieved using ZoweZLUX.globalization.getLanguage(), which determines language by multiple factors.
- (required)
- No strings visible in a UI should be hard-coded, rather resource strings must be used in accordance with one of the existing internationalization support mechanisms
- .
- 7) App Server:Select all that apply:
- Data services should be written such that all synchronous and asynchronous errors are caught. Utilize try-catch and check the existence of error objects from asynchronous calls. Uncaught exceptions effect server responsiveness and disrupt clients.
Comments:
8) Documentation:
Select all that apply:
- (required)
- Documentation
- Every HTTP API must be documented in swagger 2.0. The swagger document must be stored in doc/swagger
- . (required)
- In addition, it is recommended to have documentation about the format of any Websocket APIs, to be placed within doc
Comments:
9) Logging
Select all that apply:
- .
- Logging
- An Apps non-IFrame web components, or App Framework dataservices (eg Javascript and Typescript) must log only through the "zlux" logger
- . (required)
- ZSS services log only through the Zowe ZSS Logger
- . (required)
- Passwords must never be logged
- . (required)
- Error reporting should follow the standard tooling
Comments:
10) Storage
- .
- Storage
- User preferences, if applicable to a plugin, must be stored through the configuration data service.
Comments:
...
- (required)