ADR-0011: Keep Things Minimal: Do One Thing Well

Keep Things Minimal: Do One Thing Well

• Status: accepted
• Date: 2024-05-10
• Tags: design, philosophy

Context and Problem Statement

At a 5000-feet level, VMware Secrets Manager is a secure Key-Value store.

It can securely store arbitrary values that you, as an administrator, associate with keys. It does that, and it does that well.

Any other feature that we add to the project should be in service of this core. And any additional feature introduced should be evaluated with utmost scrutiny.

We do not add new features just because they are cool. Nor do we add new features to reach feature parity with other projects.

Decision Drivers

• We want to keep the project simple and easy to understand.
• We want to keep the project attack surface minimal.
• We want to limit the scope of the project based on the core team and the community’s bandwidth.
• We believe that a project that does one thing well is better than a project that does many things poorly.
• We also believe that other tools can complement VMware Secrets Manager, and we do not need to add all features in this project. For example, instead of creating an internal policy engine, we can rely on OPA. Or instead of creating a new identity control plane, we can rely on SPIFFE.

Considered Options

1. Say yes to every feature request.
2. Prioritize features based on the core team’s bandwidth, the community’s bandwidth, and the project’s vision.

Decision Outcome

Chosen option: “option 2”, because it is common sense.

Positive Consequences

• The project will remain simple and easy to understand.
• The project will have a minimal attack surface.
• The project will be able to focus on doing one thing well.
• The project will be able to leverage other tools in the ecosystem.
• The project will be able to keep the scope in check.
• The project will be able to deliver value to the users.

Negative Consequences

• The project may not be able to cater to every feature request.
• The project may not be able to reach feature parity with other projects.
• The project may not be able to keep everyone happy.

ADRs

You can view the ADRs by browsing this following list:

• ADR-0001: Use Log4brains to manage the ADR
• ADR-0002: Use Markdown Architectural Decision Records
• ADR-0003: VSecM Will Be Scoped to Work on Kubernetes Only
• ADR-0004: Be Practically Secure
• ADR-0005: Be Resilient by Default
• ADR-0006: Be Secure by Default
• ADR-0007: Document All Public Methods
• ADR-0008: Have a Minimal and Intuitive API
• ADR-0009: Have at Least 50% Test Coverage Across the Project
• ADR-0010: Keep Non-Public Function in Separate Files from the Public Functions
• ADR-0011: Keep Things Minimal: Do One Thing Well
• ADR-0012: All Files Shall Have a SPDX License Header
• ADR-0013: Scan the Codebase for Vulnerabilities and Code Smells Regularly
• ADR-0014: Get OpenSSF Best Practices Compliance
• ADR-0015: Keep Source Code Line Length Around 80 Characters
• ADR-0016: Centralize Magic Words, Numbers, and Configuration Constants in Common Modules
• ADR-0017: VSecM OIDC Resource Server Shall Be Secure by Default“
• ADR-0018: Use Asciinema for Use Case Examples in the Documentation“

edit this page ✏️