Submit an app for review
When you are ready to release your app publicly to the Optimizely Data Platform (ODP) App Directory, you must submit it to Optimizely for review.
This review ensures your app meets design/content guidelines and requirements so that customers can safely use your app.
Note
Both the developer and publisher roles can submit apps for review.
Typically, the developer role submits the app for review and works with the OCP team to make any change requests.
When the OCP team approves the app, only the publisher role can publish the app to production.
Best practices
The following are guidelines that your app should meet before submitting it for review.
Security
- Your app can not contain any secrets or credentials (access secrets in environment variables and store outside of Github in
.env
file) - Your app can not log secrets or credentials
- The
.env
file can not be part of the repository - Your app can not import PII data
- Your app can not export data outside of OCP
- Your app can not access
anduin
code or in-memory data directly (other than through SDKs) - Your app can not execute any OS commands directly
- Your app can not gather, log, or send any information on how the runtime is built (OS version, folder structure, networking, ports, and so on)
app.yml
app.yml
- Your app must accurately identify itself in the metadata section (
app_id
,display_name
, andsummary
should clearly identify the app and its purpose) - All URLs you define in the metadata must be valid, functioning URLs
- Define the partner developing the app in the
vendor
field
Jobs
- The
perform
method should perform a small amount of work (less than 60 seconds) - The
prepare
method should handle both initializing and resuming the job
Logging
- Use
logger
for logging, notconsole
src/schema
src/schema
- Prefix all objects and fields that are unique to the app with the app ID
Storage
- Your app can not store data outside of ODP (use available storage instead)
- Only store secrets in the secrets store
Submit your app for review
Up till this point, you have been working with the dev version of your app (your app version has a -dev
tag). To submit your app for review, remove the -dev
tag and prepare your app for publishing:
- Change the version of your app in app.yml to a full release version by removing the
-dev
tag. For example, if your app version during testing was0.0.1-dev.1
, change it to0.0.1
. - In the OCP CLI, run the following command to create a git repository for your app review:
git init
- In the OCP CLI, run the following command to prepare your app for publishing:
ocp app prepare
- The following confirmation message displays. Enter
yes
to begin the app review process. Enterno
to exit.You are uploading a release version of the app. This will start a review process and the app can't be published until it is approved. Are you sure?
The OCP CLI starts preparing your app for publishing to the app review process. You can leave this process running in the background. When complete, the following message displays:
Build complete. Ready to be published. Your app has been sent to review.
Once approved, use ocp directory publish <appId@appVersion> to publish and release your app
Track your app review in Github
When you submit your app for review, you should receive an email from Github inviting you to your app's repository in Optimizely-Connect-Platform-AppReview. Accept the invitation to participate in the review and receive email notifications each time Optimizely comments on your app review or requests changes.
You can communicate directly with the reviewers in Github throughout the review process.
Check review status in the OCP CLI
In addition to monitoring the review in Github, you can view your app's review status by running the following command in the OCP CLI:
ocp directory status <appReviewId@appVersion>
Open Github review from the OCP CLI
Run the following command in the OCP CLI to open the Github review in a browser window:
ocp review open <appReviewId@appVersion>
Change requests
During the review, Optimizely may submit a request through Github for you to make changes to your app. To make the requested changes:
- Change the version of your app in app.yml back to a dev version by adding the
-dev
tag. For example, if the app version you submitted for review was0.0.1
, change it to0.0.1-dev.1
.Note
Maintain the same version number (for example,
0.0.1
) throughout the review.Changing the version number creates a new review repository.
- Make the requested changes then test your app internally (with the
-dev
tag). - Remove the
-dev
tag from the version in app.yml. - In the OCP CLI, run the following command to resubmit your app to the existing review:
ocp app prepare
Continue monitoring the review in Github and making the requested changes until your app is approved. When your app is approved, you can release your app publicly.
Note
You must have the publisher role to release your app publicly.
Do not run
ocp app prepare
after your app is approved. This prepares a new version of your app which requires another review.
Updated about 1 year ago