archy/docs/community-app-review-checklist.md

Community App Review Checklist

Use this checklist when reviewing community-submitted app manifests for the Archipelago marketplace.

Security Requirements (Non-Negotiable)

• readonly_root: true (or documented justification for false)
• capabilities: [] — drop ALL, add only required with justification
• no_new_privileges: true
• user: 1000 (or UID > 1000, never root)
• seccomp_profile: default
• apparmor_profile specified
• Image tag pinned to specific version (no :latest)
• image_signature field present (Cosign verification)
• No secrets or credentials in environment variables (use secrets manager)
• Volumes use /var/lib/archipelago/{app-id}/ paths only

Manifest Completeness

• app.id follows kebab-case naming
• app.name is human-readable
• app.version follows SemVer
• app.description is accurate and concise
• resources section has cpu_limit, memory_limit, disk_limit
• health_check configured with reasonable interval/timeout
• ports use non-privileged ports (>1024) where possible
• dependencies listed (storage, other apps)

Functional Testing

• Container starts successfully on dev server
• Health check passes within 60 seconds
• Web UI loads via nginx proxy at /app/{id}/
• App functions correctly (basic smoke test)
• Container stops cleanly (no orphan processes)
• Data persists across container restart
• Resource usage stays within declared limits

Integration

• No port conflicts with existing apps
• Network policy appropriate (isolated vs archy-net)
• Dependencies start before this app
• App icon at neode-ui/public/assets/img/app-icons/{id}.png

Review Outcome

• Approved: Meets all requirements, tested on dev server
• Needs Changes: List specific issues to fix
• Rejected: Fundamental security or compatibility issues