Sandbox Vision

Policy Maker/Subject Matter Expert (Non-technical)

• I want to see example results of the service design process described in the “GovStack Implementation Playbook” so that I see proof of the theoretical framework.

• I want to experience BB-based use cases without any access barrier (login, deployment time) so that I do not lose attention and can access without tech experience.

• I want to click through sector-diverse use cases so that I can experience the generic nature of the BB approach.

• I want to click through use cases that are of high importance for my country so that I can convince my colleagues/superiors.

• I want to see the data flow in the background while clicking through a use case so that I can understand the BB interaction.

• I want to see interactions with among use cases highlighted so that I can understand dependencies between use cases.

• I want to see the assumptions and framework conditions (e.g. organizational setup) the use cases/sandbox is based on so that I can compare it with the conditions in my country.

Technical Government Expert

• MEDIUM I want to create my own instance of the sandbox so that I can analyze the system in a safe environment

• NOT IN SCOPE I want to change API so that I can test integration with the test environment of my country.

• MEDIUM I want to be able to access and change source code or any other aspect in a save environment, so that I can showcase a customized deployment to my colleagues/superiors.

• MEDIUM I want to save my custom sandbox deployment so that I can continue working with it another time.

• HIGH I want to deploy the sandbox with different software products so that I can experience the interchangeability of software components.

• I want to get recommendations for DevSecOps environment so that I can build up my own BB-based system.

• LOW I want to get security recommendations on how to set up such an environment so that I can build a secure testing ground for my country's systems.

• HIGH As an IT expert in a Ghanian ministry/contracted IT consultant I want to be able to select for each BB 1 out of 3 Govstack-Compliant applications and deploy them with a particular use-case configuration so that i can understand Govstack interoperability concept and consider using the architecture and methodology in my own digital transformation. (Owner: Taylor Downs )

• HIGH I want to test the performance and other metrics (e.g. latency, network speed, response time, compression, carbon footprint) so that I can evaluate the potential usage of the architecture.

• MEDIUM I want to see the technical resources of the infrastructure that is needed to assess the sustainability of the BB based approach.

• HIGH I want to experience accessibility and UX so that I can assess the usability for my target group.

• MEDIUM I want to check the administration and maintainability concept so that I can evaluate the potentially needed Maintenace efforts.

• HIGH I want to read a living documentation (technology stack, licences, architecture diagram,…) so that I can inform myself about details of use software and architecture.

Technical Vendor Expert

• I want to see how my organization can suggest our software product to be integrated into the GovStack sandbox so that I can showcase our spec-compliant software product.

• I want to run functional requirements-based test scripts so that I can check the compliance of my software product.

• I want to deploy a sandbox instance with my software product so that I can advertise my product as a component of the GovStack BB-based system.

DevSecOps Environment

From the ToR:

1. WP_2.1 Developing the software factory using Open Container Initiative (OCI)
   compliant containers and Cloud Native Computing Foundation (CNCF)
   certified Kubernetes to orchestrate and manage the containers.

2. WP_2.2 Designing the GovStack software factory such that it should be possible to host the software factory in any general-purpose public/ private cloud, or multi-tenant environments, as well as in disconnected and classified
   environments.

3. WP_2.3 Developing the DevSecOps approach for automating the development and deployment activities as much as possible

4. WP_2.4 Setting up the tools and process workflows created and executed on the tools to support all the activities throughout the full DevSecOps lifecycle.
   WP_2.5 Setting up of the CI/CD Orchestrator as the central automation engine of the CI/CD pipeline for managing the pipeline creation, modification, execution, and termination.

5. WP_2.6 Prepare documentation and other assets for reuse of the GovStack
   DevSecOps software factory by other actors.

See also DEV.1. to DEV.10., page 15, ToR

Building Block Architecture

Sources for building blocks (purely Open Source):

1. ITU Procurements: ID, Payment, (IM), Consent

2. Ukraine (Registries)

3. DIGIT (30 possibly components, e.g. workflow, messaging)

4. UNCTAD (Registries)

5. GIZ (OpenIMIS, see file below)

6. SunBird

7. Typo3 Association

8. MOSIP (Identity)

9. Others? Open for suggestions

OpenIMIS Integration concept and work plan

See also SNB.1. to SNB.16., page 17, ToR

See also QLTY.1. to QLTY.13., page 19, ToR

See also HOST.1. to HOST.8., page 19, ToR

Use Cases

The selection of use cases should consider the following criteria:

1. has been already implemented

2. has an owner who could describe the user journey in detail

3. uses as many BB as possible

4. have interconnections with other use cases

5. use a core registry (e.g. civil, business, land)

6. Political priorities (G2P, Social Protection, Gender)

Sources:

DIGIT: Products & Modules - DIGIT URBAN

G2P Connect: common/docs at main · G2P-Connect/common · GitHub