Merge pull request #77 from frmscoe/dev

docs: release version 1.0.0 of docs

Author: Justus-at-Tazama

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,8 @@
+## What did we change?
+
+## Why are we doing this?
+
+## How was it tested?
+- [ ] Locally
+- [ ] Development Environment
+- [ ] Not needed, changes very basic

.github/workflows/release.yml

@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: Apache-2.0
+
+# Please do not attempt to edit this flow without the direct consent from the Tazama team. This file is managed centrally.
+
+# This workflow should only be run when while on the main branch
+# Create a tag locally using "git tag vx.x.x" supposed to match latest version in changelog.md
+# Then push the release tag created above by running "git push origin vx.x.x"
+# The tag will be set on the release page on github with changes made
+
+name: Create a New Release
+
+on:
+  push:
+    tags:
+      - "v*"
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    name: Release pushed tag
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Create release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ github.ref_name }}
+        run: |
+          gh release create "$tag" \
+              --repo="$GITHUB_REPOSITORY" \
+              --title="${tag#v}" \
+              --generate-notes
+
+# Usage (while on main branch)
+# git tag v1.0.0
+# git push origin v1.0.0

.gitignore

@@ -1,3 +1,5 @@
+# SPDX-License-Identifier: Apache-2.0
+
 # System-specific files
 .DS_Store
 Thumbs.db

CHANGELOG.md

@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: Apache-2.0
+# Docs
+
+## v1.0
+
+## v1.1.0 (future date, 2024)
+
+* Next change summary here
+
+## v1.0.0 (June 14th, 2024)
+
+* Release first version of docs.

Community/Tazama-Charter.md

@@ -1,3 +1,5 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
 # Technical​ ​Charter (the “Charter”) for <br> Tazama Project
 Adopted November 29, 2023
 

Community/Tazama-Code-of-Conduct.md

@@ -1,3 +1,5 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
 # Code of Conduct - The Tazama Project
 
 ## Our Pledge

Community/Tazama-Contribution-Guide.md

@@ -1,3 +1,5 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
 # Contribution Guide
 
 - [Contribution Guide](#contribution-guide)
@@ -61,11 +63,11 @@ Hello and welcome! If you are reading this, we hope it's because you'd like to h
 
 ### 1.1 Overview of the Project
 
-Tazama is an open source software (OSS) real-time <<-insert your use case here->> monitoring solution. In its initial incarnation Tazama is focused on transaction monitoring for the detection of Fraud and Money Laundering behaviour. That's right: an **Open Source** transaction monitoring solution.
+Tazama is an open source software (OSS) real-time <<-insert your use case here->> monitoring solution. In its initial incarnation Tazama is focused on transaction monitoring for the detection of Fraud and Money Laundering behavior. That's right: an **Open Source** transaction monitoring solution.
 
 We built an open source product so that it can be used to promote trust in digital payments systems and encourage previously under-serviced communities to participate in digital payments ecosystems without worrying about the safety of their money. The product was envisaged by the [Level One Project](https://www.leveloneproject.org), an initiative of the Bill & Melinda Gates Foundation.
 
-While Tazama has strong applications in the financial services industry, it can also be used in other ways. The system could ingest any kind of data in real-time and model behaviour over time based on rules and scenarios specific to that data. Tazama could have applications in Healthcare Monitoring, Cybersecurity, Supply Chain Management, Smart City Applications, Retail and Customer Behavior Analysis, Transportation and Logistics, Environmental Monitoring, Telecommunications, IoT Devices and Smart Environments. (We asked ChatGPT.)
+While Tazama has strong applications in the financial services industry, it can also be used in other ways. The system could ingest any kind of data in real-time and model behavior over time based on rules and scenarios specific to that data. Tazama could have applications in Healthcare Monitoring, Cybersecurity, Supply Chain Management, Smart City Applications, Retail and Customer Behavior Analysis, Transportation and Logistics, Environmental Monitoring, Telecommunications, IoT Devices and Smart Environments. (We asked ChatGPT.)
 
 We are privileged, and very excited, to have recently joined The Linux Foundation as one of their many excellent Projects.
 
@@ -604,7 +606,7 @@ How to contact the core team for assistance.
 
 | Term | Definition |
 |---|---|
-| Author | The person/s or organization that created the project (For Tazama, that's [LexTego](www.lextego.com) and [Sybrin](www.sybrin,.com))
+| Author | The person/s or organization that created the project (For Tazama, that's [LexTego](www.lextego.com) and [Sybrin](www.sybrin.com))
 | Owner | The person/s who has administrative ownership over the organization or repository (not always the same as the original author ([The Tazama Project](www.tazama.org), a member of the Linux Foundation))
 | Maintainers | Contributors who are responsible for driving the vision and managing the organizational aspects of the project (They may also be authors or owners of the project.)
 | Contributors | Everyone who has contributed something back to the project

Community/Tazama-Design-Principles.md

@@ -0,0 +1,168 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
+# Design Principles
+
+In order to ensure that the system is built on good foundations, we follow a number of design principles for Tazama.
+
+- [Design Principles](#design-principles)
+  - [Open-source](#open-source)
+  - [Cloud-native / Cloud agnostic](#cloud-native--cloud-agnostic)
+    - [Containerized](#containerized)
+    - [Dynamically orchestrated](#dynamically-orchestrated)
+    - [Microservices oriented](#microservices-oriented)
+  - [Reduce Total Cost of Ownership](#reduce-total-cost-of-ownership)
+    - [Time to Production](#time-to-production)
+    - [Infrastructure costs](#infrastructure-costs)
+    - [Operational / Maintenance (excluding Infrastructure) costs](#operational--maintenance-excluding-infrastructure-costs)
+  - [Keep a constant eye on technical debt](#keep-a-constant-eye-on-technical-debt)
+  - [Design for Large scale as well as Low budget infrastructure](#design-for-large-scale-as-well-as-low-budget-infrastructure)
+  - [Security-first / defence in depth](#security-first--defence-in-depth)
+  - [Smart state management](#smart-state-management)
+  - [Design for automation](#design-for-automation)
+  - [Preserve Ambiguity](#preserve-ambiguity)
+  - [Always be architecting / Never stop architecting](#always-be-architecting--never-stop-architecting)
+
+## Open-source
+
+Tazama system is an open-source system where anyone can deploy and run it in their infrastructure without responsibility to pay for any tool upfront or via subscription. If one has an existing infrastructure then they pay $0 to run the Tazama system.
+
+## Cloud-native / Cloud agnostic
+
+Cloud-native / Cloud agnostic design implies the open source computing stack to be:
+
+1. Containerized
+2. Dynamically orchestrated
+3. Microservices oriented
+
+### Containerized
+
+Each component of the Tazama system is containerized. Whether it is OpenFaaS services or ArangoDB or Druid. This facilities reproducibility, scalability, transparency, and resource isolation. It also solves a lot of the deployment concerns by including all the dependencies in the container.
+
+### Dynamically orchestrated
+
+All the containers are orchestrated using Kubernetes. Containers are actively scheduled and managed to optimize resource utilization. This helps automate the following:
+
+1. Monitoring of the system (including all components)
+2. bringing the components (containers) up and down
+3. ensure all configurations are properly setup and dependencies are included
+4. load balancing
+5. sharing authentication secrets between containers
+
+### Microservices oriented
+
+The system is segmented into Microservices. Rule, Typology and Channel implementations are as a microservice. Each microservice performs a specific function. Each microservice is atomic. This design increases the overall agility and maintainability of the system. At the same time, this design makes it easy to develop the overall system by division of labour amongst the members of the development team who work on different microservices reducing multiple developers working on the same code base minimising code conflicts.
+
+## Reduce Total Cost of Ownership
+
+Total Cost of ownership (TCO) is all cost incurred at the asset level from its conception through to disposal at the end of its useful life. Reducing TCO is a no-brainer but at the same time very easy to lose sight of while going through the development process.
+
+These elements factors into the TCO:
+
+1. Time to Production
+2. Infrastructure costs
+3. Operational / Maintenance (excluding Infrastructure) costs
+
+### Time to Production
+
+We save time from concept to production by doing the following:
+
+1. We do not re-invent any wheels.
+2. We use popular open-source products.
+3. We POC them to ensure they fulfil the business requirements of the Tazama system.
+4. We do minimal customization. Most of the effort is spent in designing and writing the business logic.
+5. We re-use as much code as possible.
+
+> :warning: 1. We do not re-invent any wheels. *We used Kubernetes*
+> 2. We use popular open-source products. *Example: OpenFaaS, ArangoDB, Druid etc*
+> 3. We POC them to ensure they fulfil the business requirements of the Tazama system. *Example: ArangoDB, Linkerd etc*
+> 4. We do minimal customization. Most of the effort is spent in designing and writing the business logic. *Example: Linkerd comes packaged with Prometheus and Grafana. We did not customize Prometheus or Grafana. We did not customize Linkerd. We used OpenFaaS as recommended and wrote Rules and Typologies (business logic)*
+> 5. We re-use as much code as possible. *Example: All the Rules follow a standard coding template. The Rules only differ in the business logic. The same applies to Typologies.*
+
+### Infrastructure costs
+
+We understand that some of the users of the open source Tazama system will not have budget or access to extensive infrastructure. We therefore designed Tazama to support smaller budgets, without compromising on functionality.
+
+At the same time, there will be some users who will want to use Tazama system to scale to higher volumes, and have the appropriate resources to deliver. Tazama system supports these users too.
+
+Example: In the POC phase, we observed (and measured) that Kafka scaling required an expensive infrastructure as well as maintenance. In the MVP phase, we looked at Kafka alternatives; the alternatives were not just another set of MQ products but rather that the design alternatives to reduce the infrastructure costs.
+
+### Operational / Maintenance (excluding Infrastructure) costs
+
+Once in Production, if not checked, the Operations / Maintenance costs of running the Tazama system can become significant. Here is what we have done to help keep these costs to a minimum:
+
+1. Containerized - these are mostly compact OS containers that have the own dependencies and configurations. So it is easier to trobleshoot, modify or customize.
+2. Kubernetes Orchestrated - scaling up or down the number of containers can be a laborious and expensive task if not automated. Kubernetes solves that challenge.
+3. Standard products / tools - we have used industry popular products and tools (example: Linkerd, OpenFaaS) etc, so there is reliable information available publicly to support the overall Tazama system.
+4. Separation of configuration and code - we have designed and coded the Tazama system to keep configuration and code separate to enable efficient and effective maintenance.
+5. Separation of computing and business logic code - we have designed and coded the Tazama system to keep the technical / computing pieces of code and the business logic code as separate as possible. This makes it easy to update / build-new the business logic in less time and cost.
+
+## Keep a constant eye on technical debt
+
+Technical debt is unavoidable in Software / system development. What we can do is keep it to a minimum. Here are the following actions we have taken (and will continue to do so):
+
+1. Use standard products / tools
+2. Modularized code
+3. Code re-use
+4. Products / tools POC to ensure that satisfy the requirements
+5. Separation of code and config
+6. Separation of computing code and business logic
+7. Review every story at Hairwash and Grooming with tech debt in mind
+8. Clearing define and document story definition, steps and acceptance criteria to ensure we do not build anymore than what is required and that we do not re-invent the wheel
+9. Identify relationships between stories (dependencies - block / blocked-by) to ensure we re-use code
+
+## Design for Large scale as well as Low budget infrastructure
+
+This is an important design requirement for the Tazama system. We expect some users to have an extensive implementation whereas some others to have a minimal infrastructure. Here is how Tazama system is designed:
+
+1. Identify and POC tools and products with minimal footprint
+2. Identify and POC tools and products with minimal computation requirement
+3. Modularize system into many components / microservices that are atomic, to pick and choose for implementation. Microservices also enables implementation on a minimal infrastructure and at the same time use Containers / Kubernetes to scale up significantly for extensive infrastructure implementations
+4. Use caching in design to reduce consumption of computing resources
+5. Reduce inter-service communication (avoid any unnecessary communication between services) and use compressed messages for communication to increase overall efficiency as well as reduce network traffic within the Kubernetes cluster
+6. Highly configurable Rules, Typologies and Channels to support very small as well as very big implementations
+
+## Security-first / defence in depth
+
+This design principle goes without saying, considering what Tazama system is supposed to do. Security has been thought-about before we adopted any tools/products as well as began writing code. Here is how we did it:
+
+1. Chose Ambassador as the Cloud-native API Gateway
+2. Chose Keycloak for authentication and authorization as well as multi-tenant profile management
+3. Chose Linkerd that provides mTLS between all the containers in the Tazama system. Linkerd provides security without much compromise on performance of the services
+4. Design the system to have only one Ingress Point, which is the TMS API. Exceptions are Payment Platform Adapter Or Custom Data Transformation but if they are implemented then they replace TMS API as the Ingress point. Either ways, there will be only one Ingress Point.
+
+## Smart state management
+
+State management for Tazama is critical, as it is primarily Transaction Monitoring system. The transaction flows through many components / services (channels, typologies, rules, channel scoring processor etc) and the smart state management of the transaction through these services is critical to ensure transaction integrity:
+
+1. that we process only those rules and typologies associated with at transaction
+2. we do not duplicate the processing of any of the rules or typologies associated with that transaction
+3. that we can query the state of transaction at any point in time (example: what channels is processing that transactions and how many Rules have completed execution etc)
+
+## Design for automation
+
+More automation means less Operational costs and less probability of errors. The Tazama system is designed for automation at the following levels:
+
+1. Automated scaling (up or down)
+2. Automated deployment (Kubernetes cluster deployment)
+3. Automated Linkerd injection (Inter-service mTLS / Security / Real-time observability)
+4. Automated Telemetry data points collection
+5. Automated Inter-service communication
+6. Automated Transaction Aggregation & Decisioning Processor
+7. Automated Transaction-Channel decision-making
+8. Automated Transaction-Rule/Typology association determination
+9. Automated Transaction interdiction
+
+## Preserve Ambiguity
+
+This translates to make decisions later, or make only those decisions that need to be made. Not every choice needs to be made before the implementation begins. Tazama system development has adopted this design principle. Example: We are assuming that we will need ArangoDB as well as Druid. They both have different query languages but in theory ArangoDB can do what Druid does. But we have left both ArangoDB and Druid in the architecture and in the next PI we will decide via some measurement stories if we need to have both or can we just live happily with ArangoDB.
+
+Some say that if it is easy to be made later then it is not an architecturally significant decision.
+
+## Always be architecting / Never stop architecting
+
+With agile methodology thoroughly adopted, we cannot stop architecting or designing any product or system. The same applies to the Tazama system.
+
+1. Adopted products / tools get updated frequently (newer versions ing newer features, some of which we will adopt)
+2. New architecture / design philosophies come up frequently and Tazama system will consider that
+3. Tazama system will continually strive to improve performance and reduce costs (achieving both at the same time is not easy but with proper architecting and adopting good design patterns it can be done)
+4. With increased adoption of the Tazama system, new Business requirements and NFRs will come up and they need to be architected, designed and implemented

Guides/adding-a-rule-processor-to-the-full-service-full-stack-docker-tazama-for-testing.md

@@ -1,3 +1,5 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
 
 ## Introduction
 

Guides/full-service-full-stack-docker-tazama.md

@@ -1,3 +1,5 @@
+<!-- SPDX-License-Identifier: Apache-2.0 -->
+
 - [Introduction](#introduction)
 - [Pre-requisites:](#pre-requisites)
 - [Installation steps](#installation-steps)
@@ -245,8 +247,8 @@ docker compose up -d tms crsp tp tadp
 This command will install:
 
  - The Transaction Monitoring Service API at <https://localhost:5000>, where messages will be sent for evaluation
- - The Channel Router and Setup Processor that will handle message routing based on the network map
- - The Typology Processor that will summarise rule results into scenarios according to invidual typology configurations
+ - The Event Director that will handle message routing based on the network map
+ - The Typology Processor that will summarize rule results into scenarios according to individual typology configurations
  - The Transaction Aggregation and Decisioning Processor that will wrap up the evaluation of a transaction and publish any alerts for breached typologies
 
 You can test that the TMS API was successfully deployed with the following command from the Command Prompt: