01-edu · zanninso · Jan 4, 2024 · Nov 15, 2023 · Nov 28, 2023 · Dec 5, 2023
diff --git a/subjects/java/projects/travel-plan/README.md b/subjects/java/projects/travel-plan/README.md
@@ -0,0 +1,64 @@
+## Travel-Plan
+
+### Objectives
+
+The primary goal of this project is to construct a robust and scalable environment for the Travel Management System and to develop a comprehensive Admin Dashboard that serves as the control center for travel management operations.
+
+### Instructions
+
+This is the first part of the last project and for this part the students will be asked to build the working enviroment and impliment the admin part to ease the last part for the project.
+
+#### 1. Environment Configuration
+
+##### Configure a Microservices Architecture:
+-    Follow industry best practices for scalability and high availability.
+-    Implement multiple replicas of each microservice for load balancing and failover mechanisms.
+
+##### Database Installation and Configuration:
+-    Set up PostgreSQL and Neo4j databases.
+-    Ensure databases are containerized to facilitate scalability and replication.
+
+##### Continuous Integration/Continuous Delivery (CI/CD) Pipeline:
+-   Employ Jenkins for CI/CD and unit testing.
+-   Employ SonarQube for automating code quality checks
+
+##### Use of Docker and Ansible:
+-    Docker to support automated provisioning and deployment of microservices.
+-    Ansible for creating playbooks to deploy all system elements consistently and scalably.
+
+##### Outcome:
+-    Achieve an automated, scalable infrastructure.
+-    Prepare the groundwork for Admin Dashboard development and additional features of the Travel Management System.*
+
+#### 2. Development and Design
+
+- Craft an Admin Dashboard enabling administrators to oversee users, travels, and payment gateways.
+- the admin should be able to add, edit or delete any user, travel, payment method and all the related part correctly (cascading!!!) 
+- Ensure each travel entry includes a destination or trajectory, dates, duration, activities or itinerary, accommodation, and transportation details.
+- for the payment gatways you can search about it to know what you need to support the most you have to support at least strip and paypal.
+- Develop an authentication and authorization service to safeguard access and operations.
+- Design a responsive and intuitive UI for the Admin Dashboard that shows well in diffirent screen sizes, ensuring browser compatibility at least for mozila and chrome.
+- Utilize any beneficial packages to enhance development efficiency, with the expectation to justify package selections during project reviews.
+
+#### 3. Best Practices & Ecosystem Familiarity
+
+- Adopt a collaborative development workflow using pull requests (PRs) for introducing changes and features.
+- Perform thorough code reviews on each PR to maintain code integrity, security adherence, and best practice compliance.
+- Integrate a CI/CD pipeline via Jenkins for seamless build, test, and deployment workflows of PRs.
+- Ensure all PRs undergo a rigorous review process, securing approval before merging into the main codebase.
+
+#### 4. Security Measures
+
+- Implement SSL/TLS encryption for all data in transit.
+- Ensure databases and services are accessible only within the internal network or via secure, authenticated endpoints.
+- Use secret management tools like HashiCorp Vault to handle sensitive information like API keys and database credentials.
+- Apply the principle of least privilege across all levels of the system, particularly in role-based access controls within the Admin Dashboard.
+- Regularly update all components to patch known vulnerabilities and ensure compliance with security best practices.
+
+### Bonus
+
+- Compose clear and detailed documentation for the application and database schema.
+- Incorporate Kubernetes alongside Ansible to enhance service management, orchestration, and load balancing capabilities.
+- impliment integration tests and E2E tests one of them or both of them. 
+- any other bonus that add a real value to the project.
+
diff --git a/subjects/java/projects/travel-plan/audit/README.md b/subjects/java/projects/travel-plan/audit/README.md
@@ -0,0 +1,80 @@
+
+#### Comprehension
+
+##### Ask the student to describe the microservices architecture implemented.
+
+###### Did the architecture effectively split functionalities into different microservices based on key factors like scalability and domain separation?
+
+##### Ask the student to explain one of the Ansible playbook
+
+###### did he/she clearly explain all the Ansible playbook
+
+##### Discuss the CI/CD pipeline setup.
+
+###### is there unit tests for each functionality and are the test run for each PR.
+
+###### is SonarQube report free from any error or warning that can break the CI/CD Process.
+
+##### Detail the security measures implemented.
+
+###### Were comprehensive security measures like SSL/TLS, secret management, and principle of least privilege correctly implemented?
+
+##### Ask the student to explain the database schema for PostgreSQL and Neo4j.
+
+###### Did the data structure in PostgreSQL and Neo4j effectively support the application's requirements?
+
+#### Functional
+
+##### Verify the execution of Ansible playbooks.
+
+###### Did the Ansible playbooks execute without errors and configure the environment as intended?
+
+###### Were the playbooks able to handle re-running scenarios without causing disruptions or inconsistencies?
+
+##### Test each microservice API.
+
+###### Are all microservice APIs is role based and doesn't work with a admin role based user authenticated except the login api?
+
+###### Are all microservice APIs function correctly and handle errors effectively?
+
+##### Verify Admin Dashboard functionality.
+
+###### Did the Admin Dashboard correctly manage users, travels, and payment gateways?
+
+##### Test Authentication and Authorization.
+
+###### Was the authentication service robust and did the role-based access control function correctly?
+
+##### Ask the student to Simulate load on microservices.
+
+###### Did the microservices demonstrate effective load balancing and failover under heavy traffic?
+
+##### Verify Docker and Ansible setup.
+
+###### Were Docker containers and Ansible playbooks set up correctly and functionally?
+
+##### Validate CI/CD pipeline and code quality.
+
+###### Did the CI/CD pipeline function correctly for build, test, and deployment processes, and were code quality standards maintained?
+
+##### Assess code review and best practices.
+
+###### Is the code consistence and well structured, also do they follow naming convention in recent pull requests?
+
+###### Are all the used libraries supported and not deprecated and not having any depracted methods in use, in recent pull requests?
+
+###### Are the security vulnerabilities found by sonar cube resolved in the pull requests ?
+
+#### Bonus
+
+##### Documentation Quality
+
+###### +did the students provides a clear documentation about the application and the database?
+
+##### Kubernetes Incorporation
+
+###### +did the students Incorporate Kubernetes alongside Ansible to enhance service management, orchestration, and load balancing capabilities?
+
+##### Additional Bonuses
+
+###### +did the student added any valuable bonuses and it works fine without any error