Value Statement

As a ACM policy developer, I need a HTTP API endpoint to abstract recording a compliance event to the database.

Definition of Done for Engineering Story Owner (Checklist)

• The POST API endpoint should be implemented as described in the design EXCLUDING authorization. Authorization will be handled in a separate story.
• The code structure uses a "plugin" system for an action to take when a compliance event is received. For now, this will include just the database (specifically Postgresql) plugin
• The HTTP server should only be started based on the presence of the secret defined in the design.

Development Complete

• The code is complete.
• Functionality is working.
• Any required downstream Docker file changes are made.

Tests Automated

• [ ] Unit/function tests have been automated and incorporated into the
  build.
• [ ] 100% automated unit/function test coverage for new or changed APIs.

Secure Design

• [ ] Security has been assessed and incorporated into your threat model.

Multidisciplinary Teams Readiness

• [ ] Create an informative documentation issue using the [Customer
  Portal_doc_issue template](
  https://github.com/stolostron/backlog/issues/new?assignees=&labels=squad%3Adoc&template=doc_issue.md&title=),
  and ensure doc acceptance criteria is met. Link the development issue to
  the doc issue.
• [ ] Provide input to the QE team, and ensure QE acceptance criteria
  (established between story owner and QE focal) are met.

Support Readiness

• [ ] The must-gather script has been updated.