Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update weekly-standup-template.md #76

Merged
merged 4 commits into from
May 20, 2024
Merged

Update weekly-standup-template.md #76

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5649649
Update weekly-standup-template.md
Davsarper May 20, 2024
8e3ffb2
Correct workflow
JimMadge May 20, 2024
6db4dd9
Merge branch 'fix_workflow' into Davsarper-update-weekly-stories
JimMadge May 20, 2024
0e7cc6e
Fix linting
JimMadge May 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions .github/workflows/lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,15 @@ on:
push:
branches: [main]

job:
jobs:
prettier:
name: Prettier
runs-on: ubuntu-latest
steps:
- name: Checkout-repository
uses: actions/checkout@v4

- name: Run prettier
- uses: pre-commit/[email protected]
uses: pre-commit/[email protected]
with:
extra_args: prettier
extra_args: -a prettier
67 changes: 24 additions & 43 deletions Reports/ProgressReport-Feb24-Aug24.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,16 @@

This update: 8 April 2024


## Progress

This section contains a summary of progress across all stories in the [project roadmap](https://github.com/orgs/alan-turing-institute/projects/111/views/1).
It maps stories according to the (main) pillar and priority they contribute to.


### Codebase development

Running projects working with sensitive data safely
Running cutting edge data science projects effectively


#### Manage codebase releases and testing: [#50](https://github.com/alan-turing-institute/data-safe-haven-team/issues/50)

Contributes to:
Expand All @@ -25,6 +22,7 @@ Contributes to:
- Running cutting edge data science projects effectively

##### Goal

Support for deployments of the Data Safe Haven at Turing and beyond

##### Progress
Expand All @@ -40,7 +38,6 @@ iSTORM kept better communications than last time and did not find concerning iss
All reported vulnerabilities were known to us before the test and we are confident all are mitigated by technical or process controls.
We don't believe any of the vulnerabilities identified present a strong risk of enabling unauthorised data ingress or egress.


#### Codebase maintenance: [#47](https://github.com/alan-turing-institute/data-safe-haven-team/issues/47)

Contributes to:
Expand All @@ -49,6 +46,7 @@ Contributes to:
- Running cutting edge data science projects effectively

##### Goal

Ensure that codebase is kept up-to-date with bug fixes, security updates, external API changes etc.

- Ensure that DSH code is always deployable
Expand All @@ -63,26 +61,25 @@ Have worked on updating software used within SREs to ensure the security and fun
- Nexus server updated [PR](https://github.com/alan-turing-institute/data-safe-haven/pull/1744)
- CodiMD server updated [PR](https://github.com/alan-turing-institute/data-safe-haven/pull/1743)

Added and tested a script to handle SAS access tokens renewal, currently expiring yearly.
These are required manage access to data storage (and therefore ingress and egress).
The relevant PR is here https://github.com/alan-turing-institute/data-safe-haven/pull/1739.
In the process we realised SAS tokens are bound to Store Access Policies which could be modified to have no end date,
Added and tested a script to handle SAS access tokens renewal, currently expiring yearly.
These are required manage access to data storage (and therefore ingress and egress).
The relevant PR is here https://github.com/alan-turing-institute/data-safe-haven/pull/1739.
In the process we realised SAS tokens are bound to Store Access Policies which could be modified to have no end date,
we are currently considering the covenience of this approach versus potential security issues in https://github.com/alan-turing-institute/data-safe-haven/issues/1751 .

Improved use of hardcoded domain names and IPs.
Improved use of hardcoded domain names and IPs.
The hardcoded lists are difficult to maintain and are prone to going out of date.
Despite not fully stopping use of hardcoded domains and IPs, improvements have been made for the 4.2.0 release by relaxing rules where security allows.
Despite not fully stopping use of hardcoded domains and IPs, improvements have been made for the 4.2.0 release by relaxing rules where security allows.
For this the team checked individuals cases and applied where possible,
no security issues where found and we added this as a specific thing to pent test.
Related PR is https://github.com/alan-turing-institute/data-safe-haven/pull/1745 and explanatory issue is https://github.com/alan-turing-institute/data-safe-haven/issues/1549 .
no security issues where found and we added this as a specific thing to pent test.
Related PR is https://github.com/alan-turing-institute/data-safe-haven/pull/1745 and explanatory issue is https://github.com/alan-turing-institute/data-safe-haven/issues/1549 .

An issue with Jupyter notebooks not being able to use Python when launched from the menu was found,
despite extensive work a fix was not found and decided to let it be by documenting the right workaround: launching Jupyter Notebooks from the terminal.
An issue with Jupyter notebooks not being able to use Python when launched from the menu was found,
despite extensive work a fix was not found and decided to let it be by documenting the right workaround: launching Jupyter Notebooks from the terminal.
The issue is https://github.com/alan-turing-institute/data-safe-haven/issues/1584.

Updated documentation to reflect Azure Active Directory name change to Microsoft Entra.


#### Identify and implement core IAC changes: [#28](https://github.com/alan-turing-institute/data-safe-haven-team/issues/28)

##### Goal
Expand Down Expand Up @@ -111,28 +108,26 @@ A roadmap provides value,
- For users, to understand and have confidence in upcoming features and how to influence development.
- For funders, to see the products longer term vision/strategy and as evidence of maturity and continuity.


### Information governance & standards

Infrastructure adhering to the latest agreed upon standard
Identifying, co-creating and supporting a TRE standard used across TRE infrastructures


#### SATRE: stakeholder engagement and community buy in [#66](https://github.com/alan-turing-institute/data-safe-haven-team/issues/66)

##### Goal

Ensure that institutions evaluate themselves against SATRE and that the momentum is maintained between funded phases

At the end of the funded phase of SATRE there was a growing community interest,
At the end of the funded phase of SATRE there was a growing community interest,
with institutions and stakeholders affirming they would evaluate themselves against it and contribute feedback.

Without ongoing resources the necessary support to ensure that happens cannot be provided and SATRE may end up not being adopted.

##### Definition of Done

There are a number of self evaluations completed,
there is feedback on the spec repository and, ideally, there is an active WG within the TRE Community continuing to work on it.
there is feedback on the spec repository and, ideally, there is an active WG within the TRE Community continuing to work on it.

##### Progress

Expand All @@ -145,14 +140,12 @@ We have also seen how institutions that already have other accreditations opt to
SATRE has continued to attract the interest of the community,
with many attendees to its meeting wanting to be involved.


### Community building

Creating resources for all stakeholders (including members of the public) to engage in the TRE conversation
Creating and maintaining open and active communication spaces & workspaces (Slack, GH)
Identifying and documenting everything that can be openly documented


#### UK TRE Community leadership [#52](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52)

Contributes to:
Expand All @@ -172,15 +165,15 @@ Provide a space for those involved in building, using and responsible for govern

Funded phase came to an end on 31 March,
along reporting,
it is necessary to organise and put together what we have produced but we have:
it is necessary to organise and put together what we have produced but we have:

- Created a first version of all governance documents. Some will include pending conversations that may turn in the next version of those documents, for example the endorsement of outputs (v1 will only have community approval). This is the issue referencing to all documents https://github.com/orgs/uk-tre/projects/1/views/1?pane=issue&itemId=53738648
- Created a new website, not launched yet.
- Created a public community calendar, for "official" events and all those happening in the space and that people may want to include and promote.

We celebrated the March quarterly event with very positive feedback from participants.
Keynote was delivered by NHS England R&D programme Director on the subnational SDEs programme,
this followed a request by community members to know more about it during the December event.
this followed a request by community members to know more about it during the December event.
Full notes can be found here while we produce a report https://hackmd.io/6t-s4x-wQN6riL6gPJLuWg

With funding ending we received a community request/push to ensure we put the workshop budget to good use. In response we elaborated two event proposals that align with the goal of this grant: finalising governance docs with the community participation and setting up WGs for success.
Expand All @@ -192,7 +185,6 @@ Lastly we have been working with Scriberia to use the remaining funding to produ
The most immediate use will be for the production of physical stand up banners for events.
Due to timeline DSH will cover the actual banner while DARE funds have covered the illustration itself.


#### Communication and outreach [#35](https://github.com/alan-turing-institute/data-safe-haven-team/issues/35)

Contributes to:
Expand All @@ -204,7 +196,7 @@ Contributes to:

- Supporting the user community of the DSH codebase
- Publicising our work via blogposts, reports or papers
- Communicating our work through conference/workshop talks or posters
- Communicating our work through conference/workshop talks or posters

##### Progress

Expand All @@ -214,25 +206,22 @@ Held on 19-20 March DSH had its own stand, through a likert scale exercise on TR
The stand was busy on the first day and quieter on the second, in part due to its location out of sight from the rest,
but that left time to properly engage in conversation with those who did (NHS England, Head of cyber-physical & digital twins at Innovate UK, Chief Exec of RSS).
Overall the impression of those there has been that there was important potential leads even if less conversations than last year,
we have added to our private sharepoint for follow up.

we have added to our private sharepoint for follow up.

### TRESA
Over the year TRESA has increased its autonomy from the DSH research project,

Over the year TRESA has increased its autonomy from the DSH research project,
in terms of work ownership and management.
Therefore, TRESA stories have not been independently updated and this section is an update on the service area as a whole.

This warrants updating and reviewing the stories we keep under the DSH roadmap, focusing on communicating with the service area rather than planning or prioritising for them.


#### TRESA team updates


#### Other TRESA related stories

(Stories and work directly impacting TRESA but still lead from the research project)


##### TRESA Costs and cost recovery [#36](https://github.com/alan-turing-institute/data-safe-haven-team/issues/36)

###### Goal
Expand All @@ -245,7 +234,6 @@ TRESA has now its own code, people time has been changed in forecast to this cod

Next step is to formalise the recharge process, projects engaging with TRESA have already been advised there will be a staff related cost in addittion to their specific subscription.


##### Review of requirements for security accreditation [37](https://github.com/alan-turing-institute/data-safe-haven-team/issues/37)

###### Goal
Expand All @@ -270,7 +258,6 @@ Held team meeting to review non mandatory requirements identifying a full list o

Issue is [here](https://github.com/alan-turing-institute/trusted-research/issues/158#issuecomment-1965134444) and document with in progress submission can be found on TRESA sharepoint (private as it contains internal information).


### Project management and strategy

Work and stories that do not belong directly in any pillars but are necessary for all.
Expand All @@ -294,7 +281,7 @@ Through several strategy sessions we will:

##### Progress

On 13 February the DSH had its second strategy session, based on last year's work it tried to define and prioritise specific work and activities for the project by creating milestones by project workstream.
On 13 February the DSH had its second strategy session, based on last year's work it tried to define and prioritise specific work and activities for the project by creating milestones by project workstream.
While we discussed aspects of the Community workstream in depth there was no time for other workstreams.

Therefore the definition of milestones and their prioritisation needs to be continued and more effectively integrated into monthly discussions. A current priority once the FY has ended is to revisit ways of work and specifically roadmap management.
Expand All @@ -303,7 +290,6 @@ A first effort in that direction has been the creation of a first project report

As further improvement to ways of work a proposal on how to better engage with PIs was developed, but not yet discussed.


#### Contracts, legal and budget work [#53](https://github.com/alan-turing-institute/data-safe-haven-team/issues/53)

All work related to agreements, policies, expenses, contracts, budget.
Expand All @@ -314,19 +300,16 @@ Work has focused on managing UK TRE Community grant, which included ensuring act

Substantial work has also gone into aligning project actuals with Finance records for an appropriate management of internal and external Institute funds.



## Plans and priorities

This section contains project plans and priorities,
currently focusing on work to be done over the next month it should eventually encompass longer term plans.


### Monthly priorities: April

The list of priority stories can be found here https://github.com/orgs/alan-turing-institute/projects/111/views/11

#### Communication and outreach [35](https://github.com/alan-turing-institute/data-safe-haven-team/issues/35)
#### Communication and outreach [35](https://github.com/alan-turing-institute/data-safe-haven-team/issues/35)

Follow up on conversations from AI UK to keep momentum going,
as resources are limited this month the work here should be to establish connections but any meetings or further work left for furhter ahead.
Expand All @@ -347,7 +330,7 @@ Including any fixes and also required communications about the release.

#### Identify and implement core IAC changes [28](https://github.com/alan-turing-institute/data-safe-haven-team/issues/28)

April work will focus on identifying and planning work within this story so it can be a top priority in May.
April work will focus on identifying and planning work within this story so it can be a top priority in May.

#### UK TRE Community [52](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52)

Expand All @@ -373,13 +356,11 @@ New non-mandatory requirements that can be easily completed will be (already ide

While capacity is stretched with the new year we have to clarify recharges process and prepare for the announcement in May's catch up.


#### Not doing or prioritising

This month we are not leaving much out (please add anything you believe we should keep in mind),
with the new FY we are doing a bit everywhere in a month characterised by planning ahead.


### Next up: upcoming priorities and work the will be necessary

*under construction: please add anything relevant, with dates where possible*
_under construction: please add anything relevant, with dates where possible_
34 changes: 7 additions & 27 deletions weekly-standup-template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,26 +118,6 @@ For example, this may be an emergent task, providing support or expertise to oth

#### RAM-accountable

##### [Project strategy and ways of work](https://github.com/alan-turing-institute/data-safe-haven-team/issues/43)

###### People and time

<!--
- Harry Lime (x hours)
- Sam Space (y hours)
-->

###### Updates

<!--
- Added feature α
- Implemented in [PR](https://…)
- Working on bug β
- This is a critical bug which prevent users from …
- Opened [issue describing bug](https://…)
- Draft PR to fix bug [created](https://…)
-->

##### [SATRE: stakeholder engagement and community buy out](https://github.com/alan-turing-institute/data-safe-haven-team/issues/66)

###### People and time
Expand All @@ -160,7 +140,7 @@ For example, this may be an emergent task, providing support or expertise to oth

#### RCM-accountable

##### [Review current communication streams](https://github.com/alan-turing-institute/data-safe-haven-team/issues/35)
##### [UK TRE Community leadership](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52)

###### People and time

Expand All @@ -180,7 +160,9 @@ For example, this may be an emergent task, providing support or expertise to oth
- Draft PR to fix bug [created](https://…)
-->

##### [UK TRE Community leadership](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52)
#### RPM-accountable

##### [Contracts, legal and budget work](https://github.com/alan-turing-institute/data-safe-haven-team/issues/53)

###### People and time

Expand All @@ -200,9 +182,7 @@ For example, this may be an emergent task, providing support or expertise to oth
- Draft PR to fix bug [created](https://…)
-->

#### RPM-accountable

##### [Contracts, legal and budget work](https://github.com/alan-turing-institute/data-safe-haven-team/issues/53)
##### [Manage project reporting, impact capture, ways of work](https://github.com/alan-turing-institute/data-safe-haven-team/issues/54)

###### People and time

Expand All @@ -222,7 +202,7 @@ For example, this may be an emergent task, providing support or expertise to oth
- Draft PR to fix bug [created](https://…)
-->

##### [Manage project reporting, impact capture, ways of work](https://github.com/alan-turing-institute/data-safe-haven-team/issues/54)
##### [TRESA costs and cost recovery](https://github.com/alan-turing-institute/data-safe-haven-team/issues/36)

###### People and time

Expand All @@ -242,7 +222,7 @@ For example, this may be an emergent task, providing support or expertise to oth
- Draft PR to fix bug [created](https://…)
-->

##### [TRESA costs and cost recovery](https://github.com/alan-turing-institute/data-safe-haven-team/issues/36)
##### [Manage grant opportunities and pipeline](https://github.com/alan-turing-institute/data-safe-haven-team/issues/51)

###### People and time

Expand Down