Functional Requirements

Context

High-Level Description Of Services

To ensure the effective development, deployment, and maintenance of these governance tools, we need to handle:

Cloud service
Infrastructure
Pipeline Configuration
Orchestration and containerization
Domain management
Monitoring technology
Networking configuration
Security measures

DevOps Strategy Highlights

DevOps Strategy focuses on optimizing development and deployment processes for a small team without a dedicated DevOps engineer. It emphasizes selecting well-tested, developer-friendly components to streamline operations, reduce operational costs, and enhance system flexibility. The strategy further defines adopting Docker containers for packaging, utilizing Docker Compose on the Hetzner cloud for small projects, and Kubernetes for more complex requirements in larger projects.

Furthermore, GitHub for code repository and GitHub Actions for CI/CD pipelines, coupled with GitHub Secrets for secret management, handling monitoring by an open-source stack of Grafana, Prometheus, and Loki for cost-effective and efficient observability.

The strategy also highlights the importance of documentation using GitHub Markdown pages and outlines an implementation plan that includes infrastructure setup, pipeline configuration, deployment strategies, and continuous monitoring and optimization.

Description of required services

All services provided by the chosen supplier must be accompanied by testing results confirming that the requirements were fully implemented. The supplier will support two key streams of work:

Implementation of DevOps Strategy
Maintenance of the Implemented DevOps Strategy
Stakeholder Alignment: Ensure alignment and understanding of DevOps goals among key stakeholders, including development, operations, and leadership teams.

The supplier must be operational within 4 weeks of the award date.

Implementation of DevOps Strategy requirements

The following table describes a list of requirements with Milestones and Deliverables:

Milestone	Description	Deliverables
Milestones 1 - Infrastructure setup and configuration	Configure and setup both infrastructure systems for governace tools. The Supplier shall provide and carry out the following: Terraform Setup for Hetzner Cloud: Use Terraform to define infrastructure as code for provisioning resources on Hetzner Cloud. This includes setting up virtual machines, networks, and storage that will host the Kubernetes clusters. Kubernetes Cluster Configuration Configure Kubernetes clusters on Hetzner Cloud, either by using Hetzner's managed Kubernetes service or by manually setting up the clusters through Terraform scripts. Ensure the clusters are optimized for scalability and reliability. Milestone 1 - Acceptance Criteria: Terraform IaC scripts are fully documented, tested, and security-compliant. All cloud resources meet specifications. Kubernetes Clusters are set up with secure communication, and optimized resources. Integrate team repository permissions where only certain team members are allowed to trigger github actions.	IaC scripts for provisioning resources on Hetzner Cloud. Scripts cover provisioning of virtual machines, networks, and storage that will host the Kubernetes clusters.
Milestone 2 - Continuous Integration and Continuous Deployment (CI/CD) Pipeline Setup	Setup CI/CD for governance tools. The Supplier shall provide and carry out the following: i6GitHub Actions for CI: Set up GitHub Actions workflows for Continuous Integration. This should automate code linting, testing, building Docker images, and pushing them to a container registry upon every commit or pull request. GitHub Actions for CD: Configure GitHub Actions for Continuous Deployment. Automate the deployment process so that successful builds are automatically deployed to Kubernetes clusters. This includes updating deployments with new Docker images, managing Kubernetes configurations, and handling secrets. Milestone 2 - Acceptance Criteria: CI with GitHub Actions: Builds and tests are automated for every commit or PR, with clear reporting on failures. CD with GitHub Actions: Automated deployments to environments are successful, with rollback mechanisms tested.	Github Actions pipeline scripts with defined steps: lint, test, build, push-to-registry, deploy, release
Milestone 3 - Deployment Strategies and Operations	Ensure full deployment and operational strategies for governance tools. The Supplier shall provide and carry out the following: Implement Kubernetes Deployment Strategies: Implement advanced Kubernetes deployment strategies, to help maintain service availability and minimize risks during updates. Monitoring and Rollback Mechanisms: Integrate Prometheus for performance metrics, Grafana for visualization, and Loki for log aggregation, to monitor application and infrastructure performance in real-time. Implement automated rollback processes in the deployment workflows to revert to previous versions if issues are detected post-deployment. Milestone 3 - Acceptance Criteria: Deployment Strategies are implemented, documented, and cause zero downtime in staging tests. Critical KPIs are monitored with real-time alerts; rollback procedures are tested for minimal downtime.	- Deployed showcase project using the system - Monitoring demo of deployed showcase project
Milestone 4 - Security and Compliance Integration	Ensure full setup and configuration of the secrets management and compliance integration for governance tools. The Supplier shall provide and carry out the following: Secrets Management: Implement GitHub Secrets for secure storage and management of sensitive data and configurations. Integrate Kubernetes Secrets to securely deploy these configurations with the applications. Security Scanning: Incorporate security scanning tools into the CI pipeline to perform automated vulnerability scanning of Docker images and Kubernetes configurations, ensuring security issues are identified and resolved early in the development lifecycle. Milestone 4 - Acceptance Criteria: Secrets are securely managed and integrated without exposure in code or to unauthorized personnel. Security scans are part of the CI pipeline, with a process for addressing findings and documented compliance.	- Deployed showcase project using the added security features

Milestone

Description

Deliverables

Milestones 1 - Infrastructure setup and configuration

Configure and setup both infrastructure systems for governace tools.

The Supplier shall provide and carry out the following:

Terraform Setup for Hetzner Cloud: Use Terraform to define infrastructure as code for provisioning resources on Hetzner Cloud. This includes setting up virtual machines, networks, and storage that will host the Kubernetes clusters.
Kubernetes Cluster Configuration Configure Kubernetes clusters on Hetzner Cloud, either by using Hetzner's managed Kubernetes service or by manually setting up the clusters through Terraform scripts. Ensure the clusters are optimized for scalability and reliability.

Milestone 1 - Acceptance Criteria: Terraform IaC scripts are fully documented, tested, and security-compliant. All cloud resources meet specifications. Kubernetes Clusters are set up with secure communication, and optimized resources. Integrate team repository permissions where only certain team members are allowed to trigger github actions.

IaC scripts for provisioning resources on Hetzner Cloud.
Scripts cover provisioning of virtual machines, networks, and storage that will host the Kubernetes clusters.

Milestone 2 - Continuous Integration and Continuous Deployment (CI/CD) Pipeline Setup

Setup CI/CD for governance tools.

The Supplier shall provide and carry out the following:

i6GitHub Actions for CI: Set up GitHub Actions workflows for Continuous Integration. This should automate code linting, testing, building Docker images, and pushing them to a container registry upon every commit or pull request.
GitHub Actions for CD: Configure GitHub Actions for Continuous Deployment. Automate the deployment process so that successful builds are automatically deployed to Kubernetes clusters. This includes updating deployments with new Docker images, managing Kubernetes configurations, and handling secrets.

Milestone 2 - Acceptance Criteria: CI with GitHub Actions: Builds and tests are automated for every commit or PR, with clear reporting on failures. CD with GitHub Actions: Automated deployments to environments are successful, with rollback mechanisms tested.

Github Actions pipeline scripts with defined steps: lint, test, build, push-to-registry, deploy, release

Milestone 3 - Deployment Strategies and Operations

Ensure full deployment and operational strategies for governance tools.

The Supplier shall provide and carry out the following:

Implement Kubernetes Deployment Strategies: Implement advanced Kubernetes deployment strategies, to help maintain service availability and minimize risks during updates.

Monitoring and Rollback Mechanisms: Integrate Prometheus for performance metrics, Grafana for visualization, and Loki for log aggregation, to monitor application and infrastructure performance in real-time. Implement automated rollback processes in the deployment workflows to revert to previous versions if issues are detected post-deployment.

Milestone 3 - Acceptance Criteria: Deployment Strategies are implemented, documented, and cause zero downtime in staging tests. Critical KPIs are monitored with real-time alerts; rollback procedures are tested for minimal downtime.

- Deployed showcase project using the system

- Monitoring demo of deployed showcase project

Milestone 4 - Security and Compliance Integration

Ensure full setup and configuration of the secrets management and compliance integration for governance tools.

The Supplier shall provide and carry out the following:

Secrets Management: Implement GitHub Secrets for secure storage and management of sensitive data and configurations. Integrate Kubernetes Secrets to securely deploy these configurations with the applications.
Security Scanning: Incorporate security scanning tools into the CI pipeline to perform automated vulnerability scanning of Docker images and Kubernetes configurations, ensuring security issues are identified and resolved early in the development lifecycle.

Milestone 4 - Acceptance Criteria: Secrets are securely managed and integrated without exposure in code or to unauthorized personnel. Security scans are part of the CI pipeline, with a process for addressing findings and documented compliance.

- Deployed showcase project using the added security features

Maintenance of the Implemented DevOps Strategy

The Supplier shall ensure regular maintenance and support of the cloud infrastructure, orchestration tooling, domain management, monitoring systems, and CI/CD processes established under this document. The

Supplier will provide 2 dedicated DevOps engineers for ongoing support and maintenance activities.

On going activities	Description	Deliverables
Maintenance - Monitoring, Optimization, and Continuous Improvement	Optimize CI/CD Pipelines and Kubernetes Configurations: Continuously review and optimize the CI/CD pipelines and Kubernetes configurations to improve efficiency, reduce deployment times, and ensure the infrastructure scales effectively with the application needs. Comprehensive Monitoring: Monitor with Prometheus, Grafana, and Loki to ensure comprehensive visibility into both the application and the underlying infrastructure. Feedback Loops and Iteration: Establish feedback loops with development teams to gather insights and feedback on the DevOps processes and tooling. Use this feedback to make iterative improvements to the DevOps strategy and implementation. Regular maintenance and support of the cloud infrastructure, orchestration tooling, domain management, monitoring systems, and CI/CD processes done in Workstream 1. The Supplier will provide 2 dedicated DevOps engineers for ongoing support and maintenance activities.	Comprehensive monitoring covers all critical aspects with actionable alerts and accessible dashboards. CI/CD and Kubernetes show efficiency improvements, with a process for regular performance review. A process for feedback collection and implementation is active, with documented improvements.

On going activities

Description

Deliverables

Maintenance - Monitoring, Optimization, and Continuous Improvement

Optimize CI/CD Pipelines and Kubernetes Configurations: Continuously review and optimize the CI/CD pipelines and Kubernetes configurations to improve efficiency, reduce deployment times, and ensure the infrastructure scales effectively with the application needs.
Comprehensive Monitoring: Monitor with Prometheus, Grafana, and Loki to ensure comprehensive visibility into both the application and the underlying infrastructure.
Feedback Loops and Iteration: Establish feedback loops with development teams to gather insights and feedback on the DevOps processes and tooling. Use this feedback to make iterative improvements to the DevOps strategy and implementation.
Regular maintenance and support of the cloud infrastructure, orchestration tooling, domain management, monitoring systems, and CI/CD processes done in Workstream 1. The Supplier will provide 2 dedicated DevOps engineers for ongoing support and maintenance activities.

Comprehensive monitoring covers all critical aspects with actionable alerts and accessible dashboards. CI/CD and Kubernetes show efficiency improvements, with a process for regular performance review. A process for feedback collection and implementation is active, with documented improvements.

Requirements for Third-Party Software

The Supplier undertakes to provide Customer a complete list of all software libraries, compilers, and other Third Party Software which will be incorporated into the Deliverables and a copy of all license agreements to which Customer or any of its affiliates is bound to for the use of any Third Party Software and, if not licensed, the basis on which such Third Party Software may be lawfully used by Customer or any of its Affiliates.

PreviousDevOps for Governance Tools NextHow to apply

Last updated 1 month ago