The need of guardrails
We have seen plenty of tech projects go wrong because there was no standardization or guardrails adopted as part of the developer infra by the tech teams. This means every developer lends their own unique style, perspective and expertise to the work they do. This literally translates to chaos and lack of maintainability.
In the ever-evolving realm of software development, navigating the intricate landscape requires a strategic approach. Godspeed is a first of its kind fourth generation framework for developing APIs and event driven systems. It provides a comprehensive set of guard rails to guide tech teams through the challenges of developing modern microservices and serverless based backends, in a standardised manner with good quality output. This blog explores four key guard rails offered by Godspeed: Schema Driven Development, Configure Over Code, Security, and Decoupled Architecture.
Guardrail 1: Schema Driven Development (aka SDD)
Schema Driven Development is the cornerstone of best practices embraced by adept tech teams. It revolves around establishing schemas as the foundation and single source of truth for applications. Two types of schemas play a crucial role: data-based schemas for CRUD operations and API schemas for various event types.
Benefits of SDD
Embracing schema driven development brings several benefits, including automatic validation of data at input and output exchange boundaries, code and documentation generation, decoupled support for multiple event protocols, increased efficiency in team coordination, and clear identification of contract failures, fostering a standardized and efficient development process.
In Godspeed domain, developers work on a universal event schema definition format for all different event types, whether http, graphql, socket etc. For databases, we promote prisma syntax as standard schema for database modelling and API generation, though this is not forced upon developer.
Schema Structure
The specs use Swagger and JSON Schema, along with authentication, authorization and some custom additional attributes as defined by the event sources.
Auto-generation of API Schema from Prisma DB schema. One can generate for both http and graphql events, from a prisma spec.
godspeed gen-crud-api
Watch this video to know more.
Guard Rail 2: Configure Over Code
Configure Over Code is a philosophy that emphasizes identifying the intention of an action rather than getting lost in its implementation details. Godspeed employs a fourth-generation DSL (Domain-Specific Language) written in YAML, offering a language-agnostic, abstracted approach to configuration. This approach extends to configuring environment variables, application settings, event sources, workflows, and data sources.
Benefits of configure over code approach
Through high-level abstractions, Configure Over Code reduces boilerplate code, enhances code reusability, and fosters flexibility and decoupling across different languages and projects.
Few examples of Configure Over Code:
Watch the below video to know more.
Guard Rail 3: Security
Security stands as a paramount concern in software development, especially in domains dealing with sensitive information. Godspeed provides guard rails for four key security mechanisms:
Secrets Management: All secrets, such as passwords, are managed as environment variables, promoting a secure and standardized approach.
Encryption: Godspeed facilitates encryption of data at rest and in transit, ensuring the protection of sensitive information in databases and logs.
Log Redaction: To prevent sensitive information from leaking into logs, Godspeed allows the configuration of keys to selectively redact data, maintaining confidentiality.
Authentication: Godspeed plugins allow out of box JWT authentication but developer can customise and add any kind of authentication. We follow zero trust policy to ensure that one JWT settings are configured, authentication is enabled by default on all endpoints, and developer has to explicitly disable it on specific endpoints to which they want to give free access.
Authorization: Godspeed enables fine-grained authorization at both the event and workflow levels, ensuring secure access to resources and data. Authorization policies are seamlessly integrated into the configuration.
Watch this video to know more.
Guard Rail 4: Decoupled Architecture
Decoupled Architecture in Godspeed ensures that the various components of a system are not tightly welded, allowing for easy replacement or modification without affecting the entire system. This decoupling occurs at multiple layers:
Event Sources: Through standardised event schemas, plugins and event handlers (controller) inputs, Godspeed enables uniform event definition and handling across diverse sources. The event data from different protocols and servers is deserialized and serialized by the event source. The workflows get a standard GSCloudEvent object containing all event input and returns a GSStatus object with its output and status code. As you see these two interfaces decouple the controller or event handler logic with the particular event source. To replace one with another, you only need to change a single file.
Data Sources: Godspeed allows you to use any datastore or API - together datasources. For datastore access we encourage the use of Prisma as a standard for defining database models, supporting decoupling from specific databases and allowing for easy database replacements. But tomorrow, lets say you wish to replace Prisma or whatever datasource client you use with another one, your controller code or business logic does not need to change. You can replace the datasource plugin file with the new file, and write transformation logic of query and response from old datasource format to the new one's format. Imagine if you have used old datasource in 100 APIs across 5 projects, it will be easier to make change in one file than in 100 places!
Cloud and Infrastructure: Godspeed is a Nodejs module. It is cloud-agnostic, providing flexibility in choosing cloud providers and ensuring seamless deployment on any cloud.
Watch the below video to know more.
Conclusion
Godspeed's guard rails serve as a compass for tech teams, providing clear pathways through the challenges of modern software development. Whether it's adhering to schema driven development, embracing configuration over code, implementing robust security measures, or fostering a decoupled architecture, Godspeed empowers teams to build standardised, maintainable, and secure systems. By embracing these guard rails, tech teams can navigate the complex software development landscape with confidence and efficiency. With this, why don't you go give a shot to trying Godspeed out!