Feat/add certification process2 #253
Conversation
garloff
commented
Sep 24, 2024
garloff
commented
- Explain the motivation for the SCS certification levels rooted in the levels of digital sovereignty. - Give a practical example how to achieve the SCS certification by running the tests. - Hints on how to get listed, why we have the HM there and how to react to failed runs. Signed-off-by: Kurt Garloff <[email protected]>
Signed-off-by: Kurt Garloff <[email protected]>
garloff
added
documentation
Signed-off-by: Kurt Garloff <[email protected]>
|
Note that I have pushed the changes to the staging branch, so we should see the results in https://docs-staging.scs.community/ in a few minutes. |
Signed-off-by: Kurt Garloff <[email protected]>
Signed-off-by: Kurt Garloff <[email protected]>
Signed-off-by: Kurt Garloff <[email protected]>
Signed-off-by: Kurt Garloff <[email protected]>
Signed-off-by: Kurt Garloff <[email protected]>
Cosmetic, as we did not translate them ... Signed-off-by: Kurt Garloff <[email protected]>
|
This one supercedes PR #251. Please review the end results, I unfortunately went through some trial and error for getting docusaurus to do what I need. Note that the Markdownlint check fails with or without this patch. It barfs on the generated index files, not sure whether the generation process can be tweaked or whether we'd need to filter things out for that check. In any case, that's unrelated to the contribution from this PR. |
There was a problem hiding this comment.
Looks good overall. Just two things:
- Adjust sidebar item titles
I suggest to shorten the sidebar item texts to keep them one liners for better readability such as:
- From
Getting SCS-compatible certification (for operators)toCertification ProcessorGetting Certified - From
Example testing and adjustment for SCS IaaS-compatible compliancetoTesting Compliance' orCompliance Testing` - From
Compliant cloud environments overviewto 'Compliant Clouds'
- Move "The taxonomy of digital sovereignty" from Certification Overview Page
Starting with a short introduction and the list of scs certification levels helps engage visitors, reducing the chance of overwhelming with too much text at in the beginning. Introduction sentence could be:
The SCS certification levels build upon the concept of digital sovereignty, categorizing various degrees of control and transparency for cloud services.
| Members of the OSBA can become also member of the Forum SCS-Standards for an additional membership | ||
| fee, providing the financial resources for the Forum to do its work. Membership in the OSBA is | ||
| open to any organization that supports the goals of the OSBA. | ||
| Alternatively, a certification fee can be paid without any membership; the fee corresponds to the | ||
| lower tier membership fee. |
There was a problem hiding this comment.
This comment applies in the same way as the other: IF this is not the leading document on this matter:
Please don't place infos at arbitrary locations that might then be outdated. I think, it makes sense to point here to the forum but I would refrain from making statements regarding fees since this will lead to be errors on the long run.
| As published in [DuD](https://rdcu.be/cWdBJ) (German, English version in | ||
| [the cloud report](https://the-report.cloud/why-digital-sovereignty-is-more-than-mere-legal-compliance/)) | ||
| and being summarized nicely in a [cloudahead article](https://www.cloudahead.de/der-freiheitskampf-des-sovereign-cloud-stacks), | ||
| we differentiate between several levels of digital sovereignty. | ||
| We'll skip stage 0, introduced by Gregor Schuhmacher in his description, which | ||
| specifies using a cloud at all as the pre-step to be taken. This has relevance, | ||
| as some companies continue to call solutions that are not on-demand, not | ||
| self-service API driven, not metered | ||
| (see [NIST definition of cloud](https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf)) | ||
| to be (private) clouds. We talk about real clouds, where deployment of infrastructure | ||
| is API-driven, unlocking DevOps teams productivity. |
There was a problem hiding this comment.
I would suggest a different style here:
I think this is a very good place to define our taxonomy and reflect upon it.
I think it is also good to point to the DuD, cloudical and cloudahead articles - however I would not dive into "We'll skip stage 0, introduced by Gregor Schuhmacher in his description, which
specifies using a cloud at all as the pre-step to be taken. This has relevance," because with that you mix the styles. While we're in the process of a (more or less) formal definition, you here fall into a conversational style.
There was a problem hiding this comment.
True, good observation. Will fix.
| to be (private) clouds. We talk about real clouds, where deployment of infrastructure | ||
| is API-driven, unlocking DevOps teams productivity. | ||
|
|
||
| The levels as seen by the SCS movement are: |
There was a problem hiding this comment.
| The levels as seen by the SCS movement are: | |
| The levels as seen by the SCS movement are: |
why is the term 'SCS movement' suddendly introduced? We're not a SCS project or community anymore?
There was a problem hiding this comment.
Right, should be SCS project (and in the future maybe Forum SCS-Standards),
| 3. The operator must be a member ("shaper" or "advisor" level) of the Forum SCS-Standards in the | ||
| OSB Alliance (a non-profit) and pay the respective membership fees. Alternatively fees can | ||
| be paid without becoming a member. |
There was a problem hiding this comment.
Like in my other comment, I would recommend to not hardcode the conditions here unless this becomes the leading document for this. IF this becomes the leading document for this, this should be the place where also the forum then needs to update stuff if things change.
There was a problem hiding this comment.
Ideally, we'd have a preliminary Forum Page that we can point to already.
The other option is to sketch the forum conditions here and then remove it as soon as we have the page that we can point to.
Fortunately, the content is not controversial, as this has all been agreed up already thanks to your and Dirk's great work.
| have a health monitor running (currently still | ||
| [openstack-health-monitor](https://docs.scs.community/docs/operating-scs/guides/openstack-health-monitor/Debian12-Install) | ||
| but soon the new [health-monitor](https://scs.community/tech/2024/09/06/vp12-scs-health-monitor-tech-preview/)), |
There was a problem hiding this comment.
I think it is not good practice to talk about future plans in such a document. Document the "as is" case and update if the "as is" case changes.
As suggested by @fkr. Co-authored-by: Felix Kronlage-Dammers <[email protected]> Signed-off-by: Kurt Garloff <[email protected]>
Co-authored-by: Felix Kronlage-Dammers <[email protected]> Signed-off-by: Kurt Garloff <[email protected]>
This page was called overview before and the document's name is still overview (and should stay so, as it is linked to from various places). That's why I kept the word "overview" in the title. A compromise could be 'Compliant Clouds overview' to keep the relation with the link name. |
Agreed. While I think we should explain how our understanding of digital sovereignty drives the levels of SCS certification, not everyone wants to read through it, so splitting out additional background info into a separate page makes sense. |
