Data Authorization‐W912HQ25P0049 - USACE/cwms-data-api GitHub Wiki
CWMS Data Authorization Project Overview
This page contains meeting notes and other documentation related to progress on a contract to improve data operations and security. While the majority of data in the CWMS database is public by law, some data we store must be private, or at least have release delayed in time by various agreement with those entities that own that data, such as a privately owned dam upstream of a flood control project.
The information is being stored here given a need to have a record of it, and in the interest of transparency. We ask that anyone that isn't USACE staff that work on this project, or the vendor doing the work, refrain from editing this page. If there are points of concern you wish to address please open a discussion about it so it can be addressed.
Resource | Link |
---|---|
Project Wiki Home Page (this page) | https://github.com/USACE/cwms-data-api/wiki/Data-Authorization%E2%80%90W912HQ25P0049 |
Kanban board | https://github.com/orgs/USACE/projects/49/views/1 |
CDA Wiki | https://github.com/USACE/cwms-data-api/wiki/Data-Authorization%E2%80%90W912HQ25P0049 |
Bitbucket Repo | https://bitbucket.hecdev.net/projects/CWMS/repos/cwms_database |
Data API Repo | https://github.com/USACE/cwms-data-api/ |
CWMS Python Wrapper Repo | https://github.com/HydrologicEngineeringCenter/cwms-python |
CWMS Database Repo | https://github.com/HydrologicEngineeringCenter/cwms-database |
CWMS Data Repo | https://github.com/cwbi-dev-infrastructure/cwms-data |
USACE Org Policy | https://github.com/USACE/policies?tab=readme-ov-file#user-profiles |
Docker Compose for CDA getting started wiki page | https://github.com/USACE/cwms-data-api/wiki/How-to-use-Docker%E2%80%90compose-with-a-windows-Client |
Core Meeting Metadata
topic | detail |
---|---|
Meeting Title | W912HQ25P0049 CWMS Database Authorization Updates Kickoff |
Date/Time | 5/19/25, 2pm EST |
Meeting Location | Virtual (MS Teams) |
Meeting Remote Link information | See meeting Invite |
Meeting Purpose | Kickoff meeting for CWMS Authorization Improvements contract |
Meeting Agenda
- Introductions
- Verify current source code locations methods of contribution
- Scheduling the regularly occurring meetings
- General questions
Meeting Invitees and Attendees
Invitee | Present? | Org |
---|---|---|
Michael Neilson (host) | Y | USACE - HEC |
Charles Graham | Y | USACE - HEC |
Eric Novotny | Y | USACE - HEC |
Fauwaz Hanbali | Y | USACE - HEC |
Jorge Hassan | Y | SolidLogix |
Milver Valenzuela | Y | SolidLogix |
Todd Boss | Y | SolidLogix |
Ryan Cunningham | Y | SolidLogix |
Christina Whitehead | Y | SolidLogix |
Vairav Laxman | Y | SolidLogix |
Meeting Detailed notes
Note: a Powerpoint deck was used to drive the meeting: see here: USACE CWMS Kickoff Meeting Presentation 2025.05.19.pdf
Agenda Item #1: Introduction of the teams
All team members from both sides were introduced, with tiles and job roles described. The project team for both the Government and the Contractor are as follows:
From SolidLogix:
- Jorge Hassan - SolidLogix CEO, Executive Sponsor & Solutions Architect.
- Milver Valenzuela - SolidLogix COO, Project Director.
- Todd Boss - Project and Data Manager.
- Ryan Cunningham - Senior Software Engineer.
- Christina Whitehead - Business Analyst.
- Vairav Laxman - Software Engineer.
From USACE HEC:
- Michael Neilson - main technical POC, COR
- Charles Graham - district staff member for ACE, community outreach/front-end
- Eric Novotny - data team lead for water management section, database development
- Fauwaz Hanbali - senior hydraulic engineer During the team introductions, the HEC team described the technical scope: CWMS Data API, time series authorization, cloud migration context, and stakeholder access goals.
Agenda Item #2: Verify current source code locations methods of contribution
The team discussed the current technical makeup of the project, discussed communication, tooling, and other development topics.
-
CWMS API is hosted publicly on GitHub – Solid Logix will fork it for contribution.
-
Docker Compose setup with local Oracle database image is available for local dev/testing.
-
HEC will share a ready database image, schema repo, and setup guides.
-
HEC to grant GitHub repo access and create DevNet SSO/rocket.chat accounts for Solid Logix team.
-
Fork-first development model will be followed; internal contributions may be considered later.
-
Rocket.Chat + Discourse to be used for real-time communication and stakeholder engagement.
-
Focus is on time series authorization and integration into the existing CWMS Data API.
-
Local schema includes metadata but not time series data – HEC can provide loading tools.
-
No CAC required now – if needed later, they'll work to expedite it.
-
Target architecture is cloud-first; PostgreSQL is preferred long term, but Oracle is current baseline.
-
Unit/integration tests will be run through GitHub Actions.
-
HEC is open to sharing real use cases, success criteria, and sample data once accounts are in place.
-
Mike to provide list of stakeholders for interviews.
-
HEC emphasized “open, opinionated, and collaborative” community culture.
Agenda Item #3. Scheduling the regularly occurring meetings The team discussed meeting cadence, plus discussed documentation initiatives and talked about other Project Management issues.
- Bi-weekly meetings to be scheduled starting Monday, 5/27 @ 11AM EST / 8AM PST
- Next Monday is a Federal Holiday: we’ll do a one-off Tuesday 5/28 meeting, then return to every other Monday cadence.
- Todd will manage the cadence, project board (GitHub Projects), and wiki structure.
- We will use GitHub Projects to do Task tracking
- We will use GitHub Wiki for online documentation.
- GitHub wiki and Issues will serve as the single source of truth for docs, MFRs, and meeting notes.
- Formal MFRs (Memos for Record) will be used when decisions are finalized.
- Both sides are on the same page w/r/t transparency and documentation, and we’ll do our best to use the tools and to document as much as possible.
Agenda Item #4: General questions and Next Steps. General Questions as documented in the Kickoff deck; the five major subject areas to cover were:
- Source code & Collaboration
- Environment & Infrastructure
- Authorization Design Input
- Stakeholders & Meetings
- Additional Considerations.
Questions or blockers? Reach out via email or rocket.chat once available. The USACE team endeavors to be as responsive as possible, given their role as government employees.
All Next Steps are captured as Action Items with assignees.
Action Items
Action item | Assignee |
---|---|
HEC will share a ready database image, schema repo, and setup guides | HEC Team |
HEC to grant GitHub repo access | HEC Team |
Create DevNet SSO/rocket.chat accounts and Discourse action | HEC Team |
Solid Logix to send GitHub usernames and team email list to HEC | Todd Boss |
Schedule recurring Monday every two week meetings | Todd Boss |
Mike to provide list of stakeholders for interviews. | Mike Neilsen |
Solid Logix to try Docker Compose setup and report issues | SolidLogix Dev Team |
Define repo structure (sub-project vs separate repo) by end of week | Team |
CWMS Database Authorization Bi-Weekly Status Meeting 5/27/25
Core Meeting Metadata
topic | detail |
---|---|
Meeting Title | CWMS Database Authorization Bi-Weekly Status Meeting 5/27/25 |
Date/Time | 5/27/25 11am EST/8am PST (note; this is off one day from normal cadence due to Federal Holiday on 5/26/25) |
Meeting Location | Virtual (Google Meet) |
Meeting Remote Link information | See meeting Invite |
Meeting Purpose | Bi-Weekly Status Meeting for CWMS Database Authorization Project |
Meeting Agenda
- Review Open Action Items for Status and Completion
- Review Kanban Board Structure
- Discuss Overall plan of attack for Project
- Discuss Status of current Deliverables being worked
- General Discussion, Questions
Meeting Invitees and Attendees
Invitee | Present? | Org |
---|---|---|
Michael Neilson | Y | USACE - HEC |
Charles Graham | Y | USACE - HEC |
Eric Novotny | Y | USACE - HEC |
Fauwaz Hanbali | Y | USACE - HEC |
Dave Kaplan | N | USACE - HEC |
Matthew Fleming | N | USACE - HEC |
Jorge Hassan | Y | SolidLogix |
Milver Valenzuela | Y | SolidLogix |
Todd Boss (host) | Y | SolidLogix |
Ryan Cunningham | Y | SolidLogix |
Christina Whitehead | Y | SolidLogix |
Vairav Laxman | Y | SolidLogix |
Raul Proenza | N | SolidLogix |
Open Action Item discussion
Action Item | Assignee | Status | Completion Date |
---|---|---|---|
HEC will share a ready database image, schema repo, and setup guides | HEC Team | Docker image provided in kickoff, complete | Done with 5/19/25 kickoff. |
HEC to grant GitHub repo access | HEC Team/Mike | We can clone repo, fork USACE repo. One was private, now granted access to Ryan. Jorge and Vairav still need access. Mike sent emails to get things set up. Anyone should be able to edit wiki on the CDA project. Todd specifically invited by Mike to edit during Meeting; done | Done during 5/27/25 Meeting |
Create DevNet SSO/rocket.chat accounts and Discourse action | HEC Team/Mike | Mike has informed internal Admin, not yet done. When done, we’ll get emails to indicate as such. | |
Solid Logix to send GitHub usernames and team email list to HEC | Todd Boss | Done, sent list of git usernames and emails to USACE team. Jorge to re-send today to add one more developer during meeting | 5/20/25, 5/27/25 follow up done. |
Schedule recurring Monday every two week meetings | Todd Boss | Done; scheduled one-off 5/27 meeting then every two-weeks cycle | 5/20/25 |
Mike to provide list of stakeholders for interviews. | Mike Neilsen | Mike sending email imminently during meeting | Sent 5/27/25. |
Solid Logix to try Docker Compose setup and report issues | Solid Logix team | Ryan: done. We have Docker compose done, now testing | 5/23/25 |
Define repo structure (sub-project vs separate repo) by end of week | Team | Mike suggests starting as a subproject of the data api. Add it as a new directory in the existing repo. | Decision made 5/27/25 |
Meeting Detailed notes
Highlights:
- The meeting centered on establishing the technical environment, onboarding procedures, and outlining collaboration methods.
- The technical team confirmed the successful setup of initial development tools, including a containerized local environment and access to foundational schema resources.
- Repositories and documentation relevant to the data API project were reviewed.
- A Kanban-based tracking model will be used for task management and milestone tracking.
- Early priorities include familiarization with the data API and associated UI planning.
- Billing practices were aligned to tracked deliverables and development progress.
Key Technical Notes:
- The system under development is a data-centric API supporting time series management and related operations.
- A pre-configured container image was made publicly available for bootstrapping local development.
- Development contributions will be managed within a shared repository, using GitHub Projects for coordination.
- A Swagger-based interface is available for exploring API functionality.
- Role-based access control (RBAC) and identity features are in progress but not mandatory for initial development.
- Versioning is managed at the data layer; endpoint URLs do not include version tokens.
- Time series endpoints are the first area of focus, followed by UI mockups aligned with planned access controls.
Action Items Discussion and Disposition
- Local environment and schema access confirmed by both teams.
- GitHub access permissions under review and being updated.
- Access to internal collaboration tools (e.g., chat, wiki) is being provisioned.
- Discussion underway on whether additional access to private repositories is needed.
- A shared Kanban board is being built to reflect active and upcoming tasks.
- A stakeholder list has been distributed via secure channel.
- Initial invoice to be drafted based on progress indicators tied to Kanban status.
- Project tooling permissions and access to be validated by developers.
- Local development is preferred for now; potential cloud environment needs will be reassessed.
- Contributors are encouraged to review shared documentation and example notebooks.
Action Items: New from this meeting
Action item | Assignee |
---|---|
Get Kanban fully populated with PWS tasks and subtasks | Todd Boss |
Get billing process defined and ready to go | Milver, Todd |
Confirm wiki/project edit capabilities just provided | Todd, Milver |
Begin setting up Stakeholder interviews | Todd, Christina |
CWMS Database Authorization Bi-Weekly Status Meeting 6/9/25
Core Meeting Metadata
topic | detail |
---|---|
Meeting Title | CWMS Database Authorization Bi-Weekly Status Meeting 6/9/25 |
Date/Time | 6/9/25 11am EST/8am PST |
Meeting Location | Virtual (Google Meet) |
Meeting Remote Link information | See meeting Invite |
Meeting Purpose | Bi-Weekly Status Meeting for CWMS Database Authorization Project |
Meeting Agenda
- Review Open Action Items for Status and Completion
- Review Kanban Board And Provide Updates on Epics and Tasks
- General Discussion, Questions
Discussion to include:
- Local setup of API and DB working
- We are using Docker to run things locally
- We see the skeletal tables in the CWMS schemas
- We begun analysis of the API code base and are exploring solutions
- Current plan is to focus on RBAC + ABAC approach options; in a spike we need more down time to do research
Meeting Invitees and Attendees
Invitee | Present? | Org |
---|---|---|
Michael Neilson | Y | USACE - HEC |
Charles Graham | Y | USACE - HEC |
Eric Novotny | Y | USACE - HEC |
Fauwaz Hanbali | N | USACE - HEC |
Dave Kaplan | N | USACE - HEC |
Matthew Fleming | N | USACE - HEC |
Jorge Hassan | Y | SolidLogix |
Milver Valenzuela | Y | SolidLogix |
Todd Boss (host) | Y | SolidLogix |
Ryan Cunningham | Y | SolidLogix |
Christina Whitehead | Y | SolidLogix |
Vairav Laxman | Y | SolidLogix |
Raul Proenza | N | SolidLogix |
Open Action Item discussion
Action Item | Assignee | Status | Completion Date |
---|---|---|---|
Create DevNet SSO/rocket.chat accounts and Discourse action | HEC Team/Mike | Mike has informed internal Admin, not yet done. When done, we’ll get emails to indicate as such. 6/9: Mike Escalating | Open |
Confirm wiki edit capabilities | Todd, Milver | Confirmed wiki editing going forward | Closed 5/28/25 |
Confirm project edit capabilities | Todd, Milver | Project config issues remain, resulting in use of outside Project for now. Mike found issue, functionality restored, closing | Resolved 6/9/25 |
Get Kanban fully populated with PWS tasks and subtasks | Todd Boss | Kanban setup in SL project, moving forward | Done 6/4/25 |
Get billing process defined and ready to go | Milver, Todd | Done, first invoice generated | done 6/1/25 |
Begin setting up Stakeholder interviews | Todd, Christina | Christina created pre-survey and Skeleton, ready to schedule | Open |
Meeting Detailed notes
Meeting Summary: Project Stakeholder Sync Participants: USACE Representatives and Solid Logix Team
Highlights Interview Preparation:
- Solid Logix team developed a pre-interview survey and a structured interview guide to support upcoming stakeholder engagements. Approval from the agency is pending before scheduling begins.
Stakeholder Engagement Strategy:
- One-on-one interviews are preferred to maximize feedback.
- USACE will notify internal stakeholders; Solid Logix team will coordinate logistics and scheduling.
- An additional stakeholder was identified for inclusion.
Local Development Environment:
- Solid Logix team completed local environment setup using containerized deployment.
- A key gap identified: lack of seeded data for validating access control configurations.
- USACE agreed to provide example data in standard formats to support testing.
Technical Updates:
- Recent changes improved how access control is managed in the codebase.
- Test data injection via configuration files was recommended for local testing.
- Current logging mechanisms do not expose all session context details; enhancements are planned.
- Existing role enforcement is simplified, based on office-level permissions.
Security Model Planning:
- The team plans to use data from interviews and system analysis to inform design of candidate access models.
- Future tasks will include analyzing permissions and building hybrid RBAC/ABAC models.
Project and Repository Coordination:
- Issues related to project board alignment and permissions on the version control platform were resolved.
- Solid Logix team now has full access to submit and track issues.
Communication Logistics:
- Some email delivery issues were reported between the two organizations, potentially due to attachments or server configurations.
- Multiple recipients will now be CC’d to ensure communications are received.
Action Items
- Resolve Communication Issues:
- Solid Logix team to resend key emails and include additional recipients.
- USACE team to investigate possible mail server filtering or quarantining.
- See open action item for Rocket accounts escalation
- Initiate Stakeholder Interviews:
- Solid Logix team to send interview requests and begin scheduling.
- Survey form will be updated to capture respondent identity for correlation.
- Each interview will be scheduled as a one-on-one session (approx. 1 hour).
- Seed Test Data:
- USACE to prepare and share a limited dataset for local testing of security and access control logic.
- Possible use of container-based utilities to automate loading of test data.
- Repository and Task Tracking:
- Project issues and Kanban tasks will now be tracked under the correct repository.
- Access rights have been updated to allow task ownership and triage.
- Next Phase Planning:
- Solid Logix team to begin dependency and use-case gathering immediately after interviews.
- Permission analysis and model design will follow based on insights gathered.
Action Items: New from this meeting
Action item | Assignee |
---|---|
USACE Seed Test Data | USACE Staff/Eric |
CWMS Database Authorization Bi-Weekly Status Meeting 6/9/25
Core Meeting Metadata
topic | detail |
---|---|
Meeting Title | CWMS Database Authorization Bi-Weekly Status Meeting 6/9/25 |
Date/Time | 6/23/25 11am EST/8am PST |
Meeting Location | Virtual (Google Meet) |
Meeting Remote Link information | See meeting Invite |
Meeting Purpose | Bi-Weekly Status Meeting for CWMS Database Authorization Project |
Meeting Agenda
- Review Open Action Items for Status and Completion
- Review Kanban Board And Provide Updates on Epics and Tasks
- General Discussion, Questions
Discussion to include:
- tbd
Meeting Invitees and Attendees
Invitee | Present? | Org |
---|---|---|
Michael Neilson | Y | USACE - HEC |
Charles Graham | Y | USACE - HEC |
Eric Novotny | Y | USACE - HEC |
Fauwaz Hanbali | Y | USACE - HEC |
Dave Kaplan | N | USACE - HEC |
Matthew Fleming | N | USACE - HEC |
Jorge Hassan | Y | SolidLogix |
Milver Valenzuela | Y | SolidLogix |
Todd Boss (host) | Y | SolidLogix |
Ryan Cunningham | Y | SolidLogix |
Christina Whitehead | Y | SolidLogix |
Vairav Laxman | Y | SolidLogix |
Raul Proenza | N | SolidLogix |
Open Action Item discussion
Action Item | Assignee | Status | Completion Date |
---|---|---|---|
Create DevNet SSO/rocket.chat accounts and Discourse action | HEC Team/Mike | Mike has informed internal Admin, not yet done. When done, we’ll get emails to indicate as such. 6/9: Mike Escalating. done 6/11, team confirming. | Done 6/11/25 |
Begin setting up Stakeholder interviews | Todd, Christina | Christina created pre-survey and Skeleton, ready to schedule, email config issue blocker resolved 6/11/25, emails sent and scheduling started | In progress 6/11/25 |
USACE Seed Test Data | USACE Staff/Eric | Discussed 6/10/25, USACE actively working. goal is something by 6/13/25 | open |
Resolve Email connectivity issues | Team | Emails not going through, SL diagnosed with USACE IT, discovered email MX/SPF record issue | resolved 6/11/25 |
Meeting Detailed notes
Action Items: New from this meeting
Action item | Assignee |
---|