Sandbox Vision

Vision

The GovStack Sandbox makes the GovStack approach tangible. It is the key tool to raise awareness and educate people on the benefits of the GovStack approach.

The GovStack Sandbox is a safe environment/playground (you can break everything, but it doesn't have a negative effect) simulating a small governmental e-service system (reference implementation).
The GovStack Sandbox is an architectural approach centered around APIs and microservices to help unlock monolithic legacy systems to increase the speed of IT project delivery, leading to more effective and cost efficient digital governments

The sandbox shall encapsulate the business logic and data necessary to represent multiple GovStack capabilities such as APIs, building blocks, use cases and transaction flows.

The GovStack Sandbox serves Policy Makers, Technical Government Experts, and Technical Vendor Experts with functionalities to lower the barrier of using the GovStack approach or getting involved in GovStack Initiative.

The GovStack Sandbox can also serve as a demo or model “Digital Government Services Platform” for learning and capacity-building purposes.

The GovStack Sandbox provides a unified environment for various digital government ecosystem actors to discover, understand, engage, experiment, innovate, and build digital government solutions using the GovStack platform.

High-level features

Software Factory/DevSecOps methodology and tooling
Generic Building Block Architecture (combining different BB with Information Mediator into decentral system)
Specific e-service use cases (as pre-determined test scenarios to validate the functioning of the BB architecture)
Frontend to showcase use cases (citizen-facing, not civil servant facing)
Registries and Synthetic Data to enable the use cases
Software compliance testing harness (implemented as part of DevSecOps, see Compliance Concept - Demo/Sandbox - GovStack Wiki (atlassian.net))
Training material and documentation

Users and User Stories

Policy Maker/Subject Matter Expert (Non-technical)

MEDIUM I want to access resources that proof the execution of the GovStack Implementation Playbook when prototyping the shown use case/service by the GovStack team (e.g. documentation after each step) so that I see proof of the theoretical framework.
MEDIUM I want to experience BB-based use case without any access barrier (login, deployment time, different user logins/UIs) so that I do not lose attention and can access without tech experience.
LOW I want to see that the system is restricted and designed for different users (citizen, admin, civil servant) so that I see security and user management/rights being addressed.
HIGH I want to experience an end-to-end use case (e.g. from person being born to service delivery) so that I can understand the complexity of the complete business logic and engagement of BB throughout the whole process.
HIGH I want to be guided in and around the sandbox itself for demonstration purposes in order to see the technical implementation so that I can concentrate on the most relevant information of the sandbox.
HIGH I want to click through sector-diverse use cases and the implemented commonly used workflows (semi-generic) so that I can experience the generic nature of the BB approach.
HIGH I want to see reusability of workflows among offered use cases in the sandbox so that I can understand dependencies between use cases.
SELECTION PROCESS I want to click through use cases and used common workflows that are of high importance for my country so that I can convince my colleagues/superiors.
HIGH I want to see the BB interaction while clicking through a use case so that I can understand the distributed BB approach and combination of BB.
HIGH I want to see the interaction between users (e.g. Citizen and civil servant) so that I can go through both user experiences.
MEDIUM I want to see the assumptions and framework conditions (e.g. organizational setup) the use cases/sandbox is based on so that I can compare it with the conditions in my country.
LOW I want to see what happens if a Government does not use the BB approach so that I can see benefits of the approach.

Technical Government Expert

MEDIUM I want to create my own instance of the sandbox so that I can analyze the system in a safe environment
NOT IN SCOPE I want to change API so that I can test integration with the test environment of my country.
MEDIUM I want to be able to access and change source code or any other aspect in a save environment, so that I can showcase a customized deployment to my colleagues/superiors.
MEDIUM I want to save my custom sandbox deployment so that I can continue working with it another time.
HIGH I want to deploy the sandbox with different software products so that I can experience the interchangeability of software components.
I want to get recommendations for DevSecOps environment so that I can build up my own BB-based system.
LOW I want to get security recommendations on how to set up such an environment so that I can build a secure testing ground for my country's systems.
HIGH As an IT expert in a Ghanian ministry/contracted IT consultant I want to be able to select for each BB 1 out of 3 Govstack-Compliant applications and deploy them with a particular use-case configuration so that i can understand Govstack interoperability concept and consider using the architecture and methodology in my own digital transformation. (Owner: Taylor Downs )
HIGH I want to test the performance and other metrics (e.g. latency, network speed, response time, compression, carbon footprint) so that I can evaluate the potential usage of the architecture.
MEDIUM I want to see the technical resources of the infrastructure that is needed to assess the sustainability of the BB based approach.
HIGH I want to experience accessibility and UX so that I can assess the usability for my target group.
MEDIUM I want to check the administration and maintainability concept so that I can evaluate the potentially needed Maintenace efforts.
HIGH I want to read a living documentation (technology stack, licences, architecture diagram,…) so that I can inform myself about details of use software and architecture.

BB candidate supplier (Technical Vendor Expert)

LOW I want to see how my organization can suggest our software product to be integrated into the GovStack sandbox so that I can showcase our spec-compliant software product.
MEDIUM I want to run functional and API requirements-based test scripts (and possibly other compliance checks) so that I can proof compliance of my software product.
MEDIUM I want to deploy a sandbox instance with my software product so that I can advertise my product as a possible component of the GovStack BB-based system.

Additional Functional Requirements

DevSecOps Environment

From the ToR:

WP_2.1 Developing the software factory using Open Container Initiative (OCI)
compliant containers and Cloud Native Computing Foundation (CNCF)
certified Kubernetes to orchestrate and manage the containers.
WP_2.2 Designing the GovStack software factory such that it should be possible to host the software factory in any general-purpose public/ private cloud, or multi-tenant environments, as well as in disconnected and classified
environments.
WP_2.3 Developing the DevSecOps approach for automating the development and deployment activities as much as possible
WP_2.4 Setting up the tools and process workflows created and executed on the tools to support all the activities throughout the full DevSecOps lifecycle.
WP_2.5 Setting up of the CI/CD Orchestrator as the central automation engine of the CI/CD pipeline for managing the pipeline creation, modification, execution, and termination.
WP_2.6 Prepare documentation and other assets for reuse of the GovStack
DevSecOps software factory by other actors.

See also DEV.1. to DEV.10., page 15, ToR