10
edits
Changes
Jump to navigation
Jump to search
Line 4:
Line 4: − + Line 12:
Line 12: − + − + − + + + + + − + + + Line 30:
Line 36: + + Line 46:
Line 54: − +
no edit summary
<code>''Explain the business problem or opportunity that needs to be solved in one sentence.''</code>
<code>''Explain the business problem or opportunity that needs to be solved in one sentence.''</code>
Source code developed by GC workers (software engineering, scientists, researchers,...) to support key programs needs to be available for reuse across departments and to be scanned for security vulnerabilities.
Source code developed by GC workers (software engineering, scientists, researchers,...) to support key programs needs to be available for reuse across departments, and to be scanned for security vulnerabilities.
== Current state or context ==
== Current state or context ==
</code>
</code>
Each department has at least one source code repository to manage versioning, and manage the software development life cycle. Many departments have several source code repositories. About $2 million is spent by departments on maintenance of source code repositories their associated continuous integration tools. This is based on data from the Application Portfolio Management program's inventory of applications which covers mostly the large departments.
Each department has at least one source code repository to manage versioning, and the software development life cycle. Many departments have several source code repositories. About $1.5 million is spent annually by departments on maintenance of source code repositories, and their associated continuous integration tools. This is based on data from the Application Portfolio Management program's inventory of applications which covers mostly the large departments. Extrapolating to the whole of the GC, we estimate that at least $2 million is spent annually around the GC on source code repositories.
== Root Cause ==
== Root Cause ==
Traditionally, software development is done within departments without a view to reuse the code or solution for other projects or across departments. Tools did not exist to easily share source code outside departments. Over the past few years, several collaboration platforms centered on development have emerged and gained popularity. The GC can leverage one of those platforms.
Traditionally, software development is done within departments without a view to reuse the code for other projects, or across departments. Massive online collaboration tools did not exist to easily share source code outside departments and the public.
== Desired business outcome ==
== Desired business outcome ==
A common platform to develop and collaborate around source code will
Over the past few years, several software development collaboration platforms have emerged and gained popularity. A few departments are already leveraging GitHub to co-develop source code with the public at large, using an open source license. Most of the software developed by departments is not for co-creation with the public, and would not be candidates for an open source licence. However, this source code can be shared within the GC. Several departments are already using the GCcode platform (GitLab instance). To make this platform mainstream for all departments it requires continuous funding and support.
A common development platform to develop and collaborate around source code will
* help developers discover source code they can contribute to, or reuse across departments
* help developers share best coding practices
* Decrease time and cost to build new solutions
* Decrease time and cost to build new solutions
* Reduce costs associated with acquisition and maintenance of source code repositories in each department
* Reduce costs maintenance cost of source code repositories
* Improve continuous integration (CI/CD) practices
* Improve continuous integration (CI/CD) practices
The use of GCcode is aligned with the GC Digital Standards "Work in the open by default" and "Collaborate widely".
== Future state ==
== Future state ==
Aspects to consider: stakeholders and users, business process, technology employed, information or data used, relevant legislation or policies, strategic alignment''
Aspects to consider: stakeholders and users, business process, technology employed, information or data used, relevant legislation or policies, strategic alignment''
</code>
</code>
GCcode has an established funding model with contributions from departments to cover the costs of maintenance, platform support and community engagement. The recurring yearly funding is estimated at $XX. The benefits of GCcode:
Source code developers will be able to
Source code developers will be able to
IT Security managers will be able to
IT Security managers will be able to
* Quickly locate vulnerable software libraries at the departmental level or across departments
* Quickly locate vulnerable software libraries at the departmental level or across departments
* Automate application security scans to prevent issues
* Automate application security scans to alert departments and prevent costly emergency responses
== Next Steps ==
== Next Steps ==
