Please provide feedback under 2022-11-16 Review Session
Mission Contribution
The Sandbox contributes to the GovStack vision in providing a demonstration environment to learn and a technical environment to test “more effective and cost-efficient digital government services”.
In other words, the GovStack Sandbox…
makes the GovStack approach tangible. It is the key tool to raise awareness and educate people on the benefits of the GovStack approach.
is an isolated, safe environment (you can break everything, but it doesn't have a negative effect) simulating a small governmental e-service system (reference implementation).
is an architectural approach centered around APIs and microservices to help unlock monolithic legacy systems to increase the speed of IT project delivery, leading to more effective and cost efficient digital governments
encapsulates the business logic and data necessary to represent multiple GovStack capabilities such as APIs, building blocks, use cases and workflows.
High-Level Features
DevSecOps methodology and tooling to replicate the testing, configuration, deployment and operation of BB candidates
Generic architecture implementation of Information Mediator and Open Source Building Blockcandidates to build the functional foundation
Specific e-service use cases
as pre-determined test scenarios to validate the functioning of the BB architecture
as frontends to visually showcase citizen-journey (optional civil servant) and educate on functioning
with dummy data registries enabling the use cases
Software compliance testing harness>> API Testing Plan TemplateTraining material and documentation
Users and User Stories
Personas sourced from:
View file | ||
---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Persona: “Policy Decision Maker” (Government, non-technical)
I want to experience an (Status colour Green title High
end-to-end) use case (e.g. from new-born child registration to healthcare provision) so that I can understand the complexity of the complete business logic and usage of BB throughout the whole process.Status colour Red title Low Status colour Blue title NEW
I (Service designers) want to experience exemplar digital services designed based on user needs, user journeys and life events, enabled using reusable software components, generic workflows (web/voice flows), and UX/UI best practices (responsive design & accessibility).Status colour Green title High Status colour Blue title NEW
I want to experience important BB functionalities (BB scenarios), without being embedded in sectoral use cases, so that I can test the same standard process (e.g. issuing a new ID) with multiple BB candidatesStatus colour Green title High
I want to be guided in and around the sandbox itself for demonstration purposes so that I can get the full technical and non-technical picture without specific domain knowledge.Status colour Green title High
I want to see the BB interaction while clicking through a use case so that I can understand the distributed BB approach and combination of BB.Status colour Green title High
View file | ||
---|---|---|
|
I want to see the interaction between users (e.g. Citizen and civil servant) so that I can imagine the interaction between citizens of my country and my ministry employees.Status colour Green title High
I want to click through sector-diverse use cases with calling out used workflows (semi-generic) and used BB (generic) so that I can understand the conceptual abstraction layers of the SDG Digital Investment Framework.Status colour Green title High
I want to be informed about reuse of workflows among offered use cases in the sandbox so that I can understand dependencies between use cases.Status colour Yellow title Medium
I want to access resources that proof the usage of the GovStack Implementation Playbook when prototyping the shown use case/services by the GovStack team (e.g. documentation after each step) so that I see proof of the theoretical framework.Status colour Yellow title Medium
I want to experience BB-based use case without any access barrier (login, deployment time, different credentials for user groups e.g. switching between citizen and civil servant view) so that I do not lose attention and can access without tech experience.Status colour Yellow title Medium
I want to see the assumptions and framework conditions (e.g. organizational setup) the use cases/sandbox is based on so that I can compare it with the conditions in my country.Status colour Yellow title Medium
I want to see that the system is restricted and designed for different user groups (citizen, admin, civil servant) so that I see security and user management/rights being addressed.Status colour Red title Low
I want to click through use cases and used common workflows that are of high importance for my country so that I can convince my colleagues/superiors.Status colour Red title Selection process
I want to see what happens if a Government does not use the BB approach so that I can see benefits of the approach.Status colour Red title Low
Persona: “Maintainer at Government” (Government, technical)
I want to deploy the sandbox with different BB candidates so that I can experience the interchangeability of software components.Status colour Green title High
As an IT expert in a Ghanian ministry/contracted IT consultant I want to be able to select for each BB 1 out of 3 Govstack-Compliant applications and deploy them with a particular use-case configuration so that I can understand Govstack interoperability concept and consider using the architecture and methodology in my own digital transformation. (Owner: Taylor Downs )Status colour Green title High
I want to test the performance and other metrics (e.g. latency, network speed, response time, compression, carbon footprint) so that I can evaluate the potential usage of the architecture.Status colour Green title High
I want to read an up-to-date documentation (technology stack, licenses, architecture diagram,…) so that I can inform myself about details of use software and architecture.Status colour Green title High
I want to experience accessibility and UX so that I can assess the usability for my target group.Status colour Green title High
I want to create self-hosted instance of the sandbox so that I can analyze the system in a safe environmentStatus colour Yellow title Medium
I want to be able to access and change source code or any other aspect in a safe environment, so that I can showcase a customized deployment to my colleagues/superiors.Status colour Yellow title Medium
I want to get a blueprint for DevSecOps environment so that I can build up my own BB-based system.Status colour Yellow title Medium
I want to see the infrastructure performance requirements that is needed to assess the sustainability of the BB based approach.Status colour Yellow title Medium
I want to check the administration and maintainability concept so that I can evaluate the potentially needed Maintenace efforts.Status colour Yellow title Medium
I want to save my custom sandbox deployment so that I can continue working with it another time.Status colour Red title Low
I want to change API so that I can test integration with the test environment of my country.Status colour Red title Low
I want to get security recommendations on how to set up such an environment so that I can build a secure testing ground for my country's systems.Status colour Red title Low
Persona: “CEO / Entrepreneur” (of a company supplying a BB candidate, technical)
I want to run functional and API requirements-based test scripts (and possibly other compliance checks, see status of compliance concept) so that I can proof compliance of my software product.Status colour Yellow title Medium
I want to deploy a sandbox instance with my BB candidate so that I can advertise my product as a possible component of the GovStack BB-based system.Status colour Yellow title Medium
I want to see how my organization can suggest my BB candidate to be integrated into the GovStack sandbox so that I can showcase our spec-compliant software product.Status colour Red title Low
Use Cases
1. Unconditional Social Cash Transfer/G2P Use Case
Use Case description to be inserted Nico Lueck
Building Blocks Candidates
Consent
Identification and Verification: ITU Procurement
Messaging
Payments: ITU Procurement
Registration: OpenCRVS?
Scheduling
Workflow and Algorithm
Client Case Management: OpenIMIS?
2. Construction Permits (from Djibouti)
Service design process ongoing
Additional (Non-)Functional Requirements
Requirements with abbreviations are taken from the ToR
View file | ||
---|---|---|
|
Automated Testing Requirements
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Manual Testing Requirements
Status | ||||
---|---|---|---|---|
|
requirements as possible.
Status | ||||
---|---|---|---|---|
|
Quality Requirements
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Safari browsers.
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
software products.
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
unreliable connectivity (act as a best practice reference to low-resource
environments).
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Hosting Requirements
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
ISO27001.
HOST.8 SOC 2 and 3 compliance: The hosting provider shall be certified under SOC and 3.
Synthetic data requirements
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
DevSecOps Environment
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
environments.
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
DevSecOps software factory by other actors.
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
dependencies and perform static code analysis (e.g. Snyk, SonarQube or
similar).
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|