TrueVote.Scaffolding — Construction of best practices in software development

  • Secure — We always develop with the mindset of Murphy’s Law — “what can go wrong, will go wrong” and code defensively and with an atomic approach. For further assistance, the scaffolding is set up with static code analyzers at compile-time to help us find potential problems before they become vulnerabilities.
  • Full test coverage —We’re building a rigorous test suite, inspired by Dr. Richard Hipp of SQLite, more on that below.
  • Ultra-strict linting at compile-time — All contributors’ code shall look the same. We’ve turned on virtually every linting option to ensure the strictest patterns.
  • Self-Documenting — Well-designed software doesn’t need a manual for new developers to come on board. Strict enforcement of model and endpoint descriptors helps ease the learning curve.
  • Portable across cloud service providers — while our initial deployment is with Microsoft Azure Functions, we could move the workloads to AWS Lambda or Google Cloud Functions. The word “Azure” doesn’t exist in the scaffolding beyond the headers, and we will abstract vendor-specific components.

Stack

TrueVote.Api is built in C# using .NET Core 6.0

  • Coverlet & Coveralls —track code coverage
  • XUnit & Moq — unit testing framework
  • GitHub Actions — CI/CD (Continuous Integration / Continuous Deployment)
  • Logging — Standard logging throughout all components
  • Dependency Injection — Enables class instantiation simply by declaration
Stylized Swagger using custom CSS for adherence to the TrueVote style guide
Property descriptors

Culture of Test

Worth the struggle

First Endpoint: /status

Software should provide an internal “health check” and some diagnostic information. /status simply returns a data model of a few elements of the software that are useful to quickly check.

CurrentTime
Branch
Buildtime
LastTag
CommitHash

❤️Contributing

TrueVote is open source. Please consider contributing! Check out the guidelines on our contributor page to get started.

TO-DO

A few open issues with tightening and automating the scaffolding further:

  • Enforce OpenApi descriptor annotations. The C# linting options specified in .editorconfig do not have a way of ensuring that public endpoint methods are correctly documented. We want to ensure that the 4 lines above the function declaration are included, ideally at compile time.
  • Add git hook and GitHub hook to enforce commit messages with a reference back to a JIRA ticket or GitHub issue.

Future Blog Posts

Looking ahead, concurrently as we build on TrueVote.Api, we plan on publishing more about our efforts of the additional elements in the TrueVote Application Software Suite:

  • Why TrueVote chose Bitcoin as its immutable blockchain for tamper-proof data

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
TrueVote

TrueVote

To ensure a true democracy, what’s needed is an open, fully digital, tamper-proof, verifiable system. TrueVote is designed to fill that need.