Cloud Ecosystem of Managed Services
Standard Deployment
Standard Deployment capabilities enable application developers to produce secure, performant, and functional code. These include capabilities to support both containerized and non-containerized application architectures.
Description
The security toolchain provides the necessary mechnaism to ensure the secure operation of components in the cloud environment as governed by GSA security policy.
Key Capabilities Include:
- Anti Virus - Toolkit to able to detect many types of malware, including viruses.
- Vulnerability Scanning - Identifying packages on the file system with known vulnerabilities and providing recommendations for remediationl.
- Container Scanning - Identifying packages within container images with known vulnerabilities and providing recommendations for remediationl.
- Network Firewall - Control network traffic based on a set of rules.
Description
The code management faciliates the proceses associated with source code management (SCM) in support of the development experience and DevOps processes.
Key Capabilities Include:
- Git - Distributed revision control system
- Pull Requests - Propose changes for collaboration and review.
- Webhook - Send notifications to support integrations based on code repository events
- Orgs - The ability to group repos by organization.
Maturity:
FCS believes this capability has reached a level of maturity in FCS where it can be broadly deployed and used by FCS Tenants. Uses and limitations are well understood and costs have been baselined.
Technology
Additional Documentation
Description
The testing tools support the verification and validation of application functionality to functional and non-functional requirements.
Key Capabilities Include:
- Load Testing - Load testing simulates traffic to stress applications artificially in order to identify performance improvements.
Maturity:
FCS is exploring the capabilities in this area. Currently only a proof of concept deployment is occuring with a single customer/tenant or with a handful. Use of the capability is still ad hoc and has yet to be baselined or have cost estimates established.
Technology
Additional Documentation
Description
The code quality services support scanning of code in order to provide metrics for improvement.
Key Capabilities Include:
- Static Code Analysis - Reviews code without running the application for common possible formatting, archtectural, functional, security, or perforrmance defects and provides suggestions as to how to remediate.
Maturity:
FCS believes this capability has reached a level of maturity in FCS where it can be used and deployed in a limited capacity or upon special request from a customer/tenant.
Technology
Additional Documentation
Description
The deployment tools facilitate the deployment of applications aligned to the application packaging strategy.
Key Capabilities Include:
- Continous Integration / Continous Deployment (CI/CD) -
- GitOps - The implementation of the GitOps principles of including declarative state, Immutable, automated application from source, and continuous reconciliation.
Maturity:
FCS believes this capability has reached a level of maturity in FCS where it can be used and deployed in a limited capacity or upon special request from a customer/tenant.