Containerised application (package) design

Owned by Vineet Singh, created
Last updated: Jun 24, 2021
2 min read

Add your comments directly to the page. Include links to any relevant research, data, or feedback.

Status

Decided

Impact

High

Driver

@Vineet Singh 

Approver

@Razak K M

Contributors

@Razak K M @Mayank (Unlicensed) @Sagar Singh (Unlicensed) @Waseem 

Informed

 

Due date

May 7, 2021

Outcome

Initially, Digital Green acts as the trusted third party for verifying applications as required.

Background

The usage policy class “Restrict: for specific purpose” constraints data to be transferred if the containerised application is verified to not have changed. The change in the containerised application is detected by comparing its hash at run time with the hash at the time when connector was configured. It was assumed in the product design that the containerised application in the choice of programming language (node/python/ruby etc) can be created in a no code manner through the click of a button referring to the github repository. It was realised that this is not possible in a no code way and therefore the flow and user actions need to change.

Relevant data

The sequence for creating a containerised application as thought earlier:

  1. Consumer can share a github or similar repository of a node/python application for review to provider

  2. Provider can verify the repository and approve

  3. Consumer can containerise the approved application repository

  4. Hash of the container is logged by FS at this point and stored at provider’s end as well

  5. Provider shares data through connector and the exchange takes place only when hash has not changed

 

Issues:

  1. How does the repository approval take place?

  2. Single click containerisation not possible implying the consumer needs to create the container outside FS environment and therefore can change the repository after approval.

Options considered

 

Option 1:

Option 2:

 

Option 1:

Option 2:

Description

Trusted third party is where application repo is uploaded by the consumer with provider’s address and once provider approves the same, trusted third party creates a containerised application

Prepare guidelines for the developers of consumer application and ask them to strictly adhere to the guidelines. Also, step-by-step instructions could be created for consumer to containerise and upload the application as well as security hash.

Pros and cons

Takes away the effort to containerise application from consumer

Can scale in future with service provider acting like a “play store” and also as approver for advanced applications

Need to publish/ show code to trusted third party (similar to Android application)

Another actor in the ecosystem - governance needs to be sorted out

Effort is minimised for containerisation for the consumer.

No need for a third party intervention and submission of code to someone else

Easy integration of application into the ecosystem with other applications.

Puts the onus on containerisation on consumer who may or may not have their own developer team.

Consumer might not follow all the guidelines and hence could result in incompatibility of application with trusted connector

Estimated Effort

Low for building farmstack

Medium for building processes

Medium

Action items

Following action items to take decision:

@Mayank (Unlicensed) Come up with further options if possible
@Mayank (Unlicensed) What would be the long term implications for purely third party player instead of FS?
@Mayank (Unlicensed) Input for UI design based on the decision

Outcome

Since we are working with only a few partners for the starting phase, Digital Green can act as the trusted third party. Another important aspect to think of while containerizing could be analytics and usage patterns of the applications.