Details
Description
Epic Hypothesis Statement (https://www.scaledagileframework.com/epic/)
For | Operators, AIV/PSI engineers commissioning early array releases (ie AA0.5), SKA developers, SKA testers, SKA security and networking |
who | are developing, testing, and integrating SKA software components |
the | DevSecOps strategy and related tools implementation |
is a | set of policies and tools and resources (core services, computational facilities and documentation) |
that | enables the continuous release of working software products:
|
Unlike | A classical stage-gated approach where different company departments are delegated different stages in the life-cycle of software products, |
our solution | tries to shift left as much as possible, the responsibilities associated with testing, security, integrations, and operations; realising those as part of the software development life-cycle and providing automated tools that enable quick end-to-end release of software products |
Outcome hypothesis | One or more Continuous Integration/Delivery environments are established that: * provide abstracted compute, network and storage * is portable/scale-able on demand * provide core and common services such as monitoring, and logging of the abstract infrastructure itself, and the workloads executed * provides the canonical repository of delivered artefacts (scripts, configuration, binaries, images, etc.) that are maintained and curated centrally, that are checked and tested against centrally managed policies and NFRs A set of policies is defined for: * Software development security * Release management * Software deployment The policy is associated with a strategy that details the roll-out of specific software tools, frameworks and processes to support the policy implementation on PI basis Standards exist for packaging and deployment of software components and applications A framework is developed for delivering versioned and QA'ed application/software component suites to pre-production/production environments The implementation is clearly monitored and benefits are evaluated at PI boundaries. Teams can reliably deploy software that is tested and secured in different qualification environments |
Leading Indicators |
|
NFRs |
|