This is the current definition of done, which should be followed.
In the future, it might change. At the end of this document are some suggestions on what to add later, when it will be possible.
Checklist
Things in this checklist should be done to consider the whole User Story as done.
Produced code for presumed functionalities
Functionality accepted by the business owner
Both normal/happy and exception/unhappy logic flows should be handled according to product specifications
Logging output and shipping to log aggregator
The code was scanned and passed security checks
A peer code review was performed
Lint check passing
Build without errors
Component and unit test cases covering normal and exception logic flows written and passing
Secrets are managed in the Secret management tool “Vault”
To be added later
This section describes possible checks added later when it is possible:
Functionality tested by QA team - I am putting this here, as right now, we don’t have capacity to do it
Error messages should be readable and frontend-friendly, don’t return default error messages to the frontend and other API callers - we need to agree on aproach first
Don’t put the sensitive customer information into logs (customer name, age, gender, passport/ID number, email address, phone number) - we need to agree on aproach first
Integration test cases coverage written and passing - PoC running, right now there is no setup for integration tests
Static and dynamic scanning without security vulnerabilities - we need to add tooling first, before we will add this to DoD