Government Digital Service, part of Cabinet Office
WP1453 - GOV.UK Ruby and Rails application dependency upgrades
7 Incomplete applications
6 SME, 1 large
6 Completed applications
6 SME, 0 large
Important dates
- Published
- Tuesday 22 August 2017
- Deadline for asking questions
- Tuesday 29 August 2017 at 11:59pm GMT
- Closing date for applications
- Tuesday 5 September 2017 at 11:59pm GMT
Overview
- Summary of the work
- Upgrade up to 30 GOV.UK Rails applications from Ruby 2.2 to Ruby 2.3 and Rails 4.2 or 5.0 to Rails 5.1. We estimate this will take between 70 and 80 working days. Minimal existing context of the GOV.UK platform is required to perform this work.
- Latest start date
- Monday 23 October 2017
- Expected contract length
- 4-5 months (not beyond 31/03/2018)
- Location
- London
- Organisation the work is for
- Government Digital Service, part of Cabinet Office
- Budget range
- £65-70K
About the work
- Why the work is being done
- Supports delivery of critical GOV.UK roadmap by reducing the need for product teams to complete unrelated but essential application upgrades.
- Problem to be solved
- 30 GOV.UK applications are running on out of date frameworks with a limited support timeline. The vendors will stop supplying security updates in March 2018. The applications must be upgraded to framework versions that will receive longer term support
- Who the users are and what they need to do
-
As a publisher on GOV.UK
I want to use applications that are secure
So that I can be confident that my sensitive content won't be leaked - Early market engagement
- None
- Any work that’s already been done
- All applications have good test coverage and are part of a Continuous Integration and Continuous Delivery pipeline
- Existing team
- The existing team of GOV.UK developers will be available to review Pull Requests and answer questions on undocumented application behaviour. They will specify the versions of dependencies to be upgraded at the time the engagement begins. The work will be co-ordinated by a GOV.UK Delivery Manager and overseen by a GOV.UK Senior Technologist.
- Current phase
- Live
Work setup
- Address where the work will take place
- The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
- Working arrangements
- The team should work in the GDS office for an initial period to gain context, but are encouraged to work remotely afterwards. Fortnightly check in meetings on progress are required.
- Security clearance
- SC.
Additional information
- Additional terms and conditions
- Cabinet Office (CO) Travel and Subsistence policy will apply. All expenses must be pre-agreed with between the parties and must comply with the CO T&S policy.
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.
- Essential skills and experience
-
- 3+ years experience of Ruby, Rails and Sinatra
- 2+ years experience working in a Continuous Integration environment
- 2+ years experience working with Git
- 2+ years experience with Test Driven Development
- Nice-to-have skills and experience
-
- 5+ years experience of Ruby
- Experience of managing at least 2 complex Rails projects over multiple major Rails versions
- Recent experience working with the GOV.UK stack
- At least one example of experience with non-standard Rails applications that use APIs rather than ActiveRecord
- At least one example of experience performing long-running Ruby and Rails upgrades while development occurs in parallel
- At least one example of ability to research and understand from stakeholders issues that arise during upgrades
- At least one example of experience with changes to assets in Rails 5.1
- At least one example of experience working with 12 factor applications
How suppliers will be evaluated
- How many suppliers to evaluate
- 3
- Proposal criteria
-
- Technical solution
- Approach and methodology
- How the approach or solution improves the velocity of GOV.UK developers
- How the approach or solution meets security needs
- Estimated timeframes for the work
- How they’ve identified risks and dependencies and offered approaches to manage them
- Team structure
- Value for money
- How the approach works to minimise the need for similar work in the future
- Cultural fit criteria
-
- Evidence of experience working in an Agile environment with Kanban
- Evidence of experience reporting progress to Senior Management on a regular basis
- Experience communicating with other developers via Slack or similar tools
- Demonstrated understanding of the need to ask well defined questions of other developers
- Examples of sharing learnings with other developers
- Experience of pair or mob programming and understanding of the benefits
- Payment approach
- Capped time and materials
- Assessment methods
-
- Written proposal
- Work history
- Reference
- Presentation
- Evaluation weighting
-
Technical competence
75%Cultural fit
5%Price
20%
Questions asked by suppliers
- 1. Will GDS sponsor SC clearance - as this is not something a supplier can apply for by themselves? We are happy to pay for the costs of the application, but can we start work while the application is in progress.
-
If not currently held, the candidates must be willing to undertake the SC clearance process. As the DOS requirement makes it clear that SC clearance is required then suppliers are required to pay for that security clearance themselves as to become eligible and compliant to perform the contract.
We can however arrange for special dispensation to allow suppliers to begin their contract whilst the security process is underway.
A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted. - 2. Based on our experience the days estimate for this project is underestimated by half. We would normally budget around 5 days per Rails app. Could you publish the exact list of the applications required, along with the current version of Ruby/Rails. So that we can see if we are able to do this project within the budget. Could you also clarify if 3rd party gem dependencies are also to be upgraded, or just Rails/Ruby.
-
The answer can be accessed via the link below.
https://drive.google.com/file/d/0B-264nLyB1zdZE5jTXFEZEoxV0k/view?usp=sharing