When you are ready to release your app publicly to the Optimizely Data Platform (ODP) App Directory, you must submit it to Optimizely for review.
This review ensures your app meets design/content guidelines and requirements so that customers can safely use your app.
Both the developer and publisher roles can submit apps for review.
Typically, the developer role submits the app for review and works with the OCP team to make any change requests.
When the OCP team approves the app, only the publisher role can publish the app to production.
The following are guidelines that your app should meet before submitting it for review.
- Your app can not contain any secrets or credentials (access secrets in environment variables and store outside of Github in
- Your app can not log secrets or credentials
.envfile can not be part of the repository
- Your app can not import PII data
- Your app can not export data outside of OCP
- Your app can not access
anduincode or in-memory data directly (other than through SDKs)
- Your app can not execute any OS commands directly
- Your app can not gather, log, or send any information on how the runtime is built (OS version, folder structure, networking, ports, and so on)
- Your app must accurately identify itself in the metadata section (
summaryshould clearly identify the app and its purpose)
- All URLs you define in the metadata must be valid, functioning URLs
- Define the partner developing the app in the
performmethod should perform a small amount of work (less than 60 seconds)
preparemethod should handle both initializing and resuming the job
loggerfor logging, not
- Prefix all objects and fields that are unique to the app with the app ID
- Your app can not store data outside of ODP (use available storage instead)
- Only store secrets in the secrets store
Up till this point, you have been working with the dev version of your app (your app version has a
-dev tag). To submit your app for review, remove the
-dev tag and prepare your app for publishing:
- Change the version of your app in app.yml to a full release version by removing the
-devtag. For example, if your app version during testing was
0.0.1-dev.1, change it to
- In the OCP CLI, run the following command to create a git repository for your app review:
- In the OCP CLI, run the following command to prepare your app for publishing:
ocp app prepare
- The following confirmation message displays. Enter
yesto begin the app review process. Enter
You are uploading a release version of the app. This will start a review process and the app can't be published until it is approved. Are you sure?
The OCP CLI starts preparing your app for publishing to the app review process. You can leave this process running in the background. When complete, the following message displays:
Build complete. Ready to be published. Your app has been sent to review. Once approved, use ocp directory publish <appId@appVersion> to publish and release your app
When you submit your app for review, you should receive an email from Github inviting you to your app's repository in Optimizely-Connect-Platform-AppReview. Accept the invitation to participate in the review and receive email notifications each time Optimizely comments on your app review or requests changes.
You can communicate directly with the reviewers in Github throughout the review process.
In addition to monitoring the review in Github, you can view your app's review status by running the following command in the OCP CLI:
ocp directory status <appReviewId@appVersion>
Run the following command in the OCP CLI to open the Github review in a browser window:
ocp review open <appReviewId@appVersion>
During the review, Optimizely may submit a request through Github for you to make changes to your app. To make the requested changes:
- Change the version of your app in app.yml back to a dev version by adding the
-devtag. For example, if the app version you submitted for review was
0.0.1, change it to
Maintain the same version number (for example,
0.0.1) throughout the review.
Changing the version number creates a new review repository.
- Make the requested changes then test your app internally (with the
- Remove the
-devtag from the version in app.yml.
- In the OCP CLI, run the following command to resubmit your app to the existing review:
ocp app prepare
Continue monitoring the review in Github and making the requested changes until your app is approved. When your app is approved, you can release your app publicly.
You must have the publisher role to release your app publicly.
Do not run
ocp app prepareafter your app is approved. This prepares a new version of your app which requires another review.
Updated about 1 month ago