GSA’s has posted an RFI on eBuy to provide support of the ACRE Platform and ensure its success by providing expertise in the following areas:
- Operation and Management (O&M)
- Project Management and Administration
- Enhancement Support
- Enterprise Quality Program (EQP)
- DevOps
- ‘Software Code Quality
- Section 508 Compliance
- IPv6 Requirements
Responses are currently due by he end of the month. A copy of the draft SOW is provided below.
1.1 General Background
GSA’s Public Building Service (PBS) acquires space on behalf of the Federal Government through new construction and leasing, while acting as a caretaker for Federal properties across the country. As the largest public real estate organization in the United States, PBS owns or leases more than 8,800 assets and maintains an inventory of approximately 369.4 million square feet of rentable workspace.
General Services Administration’s (GSA) Office of the Chief Information Officer – Office of Public Buildings Information Technology Services (PB-ITS), 1800 F Street, NW, Washington, DC is pursuing services for the operations and maintenance for the Agile Custom Real Estate (ACRE) platform. The Agile Custom Real Estate (ACRE) platform supports the mission of GSA by serving as an application platform for various GSA business functions.
1.2 Platform Background
The Agile Custom Real Estate (ACRE) platform provides a seamless end-user experience by making data and services accessible in low code/no code open source platform, leveraging application programming interface (API) to enable integrations of both legacy on-prem and cloud applications. These integrations empower users to locate PBS data using an intuitive search capability and view data they’ve accessed across applications assigned to them within the ACRE platform. ACRE platform subsystems include: Lease Management Tool/Management Analysis Review System (LMT/MARS), Sustainable Operations and Maintenance (SOM) , Procurement Oversight and Evaluation Tool (POET), and Appraisal Data System (ADS).
This contract is to obtain technical support services (both operations and maintenance and development) for GSA’s ACRE platform, and subsystems.
Platform Overview
ACRE serves as a portal that houses UpTick based applications. UPtick is a modern low code/no code highly configurable platform. This platform allows for adding business functionality quickly. UPtick is built on Microsoft Common Operating Environment that can be leveraged by existing enterprise licenses and is widely available in all cloud environments: Microsoft SQL Server, Microsoft IIS, Microsoft .Net
The ACRE platform contains modules (subsystems) which provide application functionality to users. These modules include POET, LMT/MARS, and SOM, with ADS under development. These modules are built on top of open-source UpTick software. UpTick allows large organizations like PBS to quickly prototype major capabilities. It is a data-driven, low-code
platform that allows PBS to bring its own data, processes, roles, permissions, pdf forms, reports, and business rules.
ACRE consists of a modern application platform using a stateless, microservices architecture. The platform consists of 3 distinct “layers”: (1) Infrastructure, (2) User Interface Framework layer, then (3) User Interface layer utilized by individual applications.
Front-End Web User Access:
ACRE web users can access the application from either the internal GSA network or from public internet sources, utilizing GSA GSAuth for authentication. GSAuth is synched with their ENT accounts and will provide access through Single Sign On based upon their authentication to the GSA network. ACRE Keycloak will receive the authorization for the user from GSAuth and will match the User ID to its user database, which is periodically populated from Directory Service 7 (DS7). This will also provide the groups which the user belongs to, determining what role the user will have within ACRE.
Network Architecture:
The ACRE platform resides within the PB-ITS GSA data center. It is hosted on Red Hat Linux Virtual Machines. The Gateway application segment will include Docker containers for Keycloak, an NGINX reverse proxy, an Angular UI front end, a NestJS API back
end, a Redis cache, as well as a PostgreSQL server (non-containerized). See diagrams below for On-Premise Infrastructure Boundary, Architecture Diagram, and Server information.
System Environment:
The ACRE Platform is supported by three operational environments: Development (DEV), Test (TST), and Production (PROD). The Test and Production ACRE Platform environments include an infrastructure that is accessible to the internal GSA network. Vendor developers will have access to the development environment to install and test applications and software components before new versions are rolled out to the TST and PROD environments which can be accessed by the Application Operations or Technology Operations teams only.
Specific host to host RTP firewall rules are required for supporting the system network connections as required. All ACRE Platform systems are configured and hardened in accordance with GSA technical guidelines, NIST guidelines, and other guidelines as dictated by GSA approving officials. For the Linux containers, ACRE utilizes Red Hat Universal Base Images (UBI) in coordination with PBS TechOps engineers for secure baseline images. Container orchestration is completed via Docker Compose. Image and container scans are completed via OpenSCAP Docker. Vulnerabilities are assessed and remediated as necessary.
All encryption algorithms used for securing transmission protocols are FIPS-approved with FIPS-validated encryption modules, using TLS 1.2 as a minimum.
2.0 Scope of Work
The Contractor shall provide all personnel, administration, and management necessary in support of the ACRE Platform and ensure its success by providing support in the following areas:
- Operation and Management (O&M)
- Project Management and Administration
- Enhancement Support
- Enterprise Quality Program (EQP)
- DevOps
- Software Code Quality
- Section 508 Compliance
- IPv6 Requirements
- Tier II – III Helpdesk Services
This work will include but is not limited to software development, integration, testing, maintenance, audit support, system analysis, impact analysis, documentation, reports, and progress monitoring using reporting procedures and measures of performance. These shall be in accordance with industry best practices, NIST, OMB, GSA and PB-ITS policy and guidance in a manner consistent with CMMI Level III and ISO 9001:2015 practices and protocols.
The Contractor shall execute processes in a sustainable and repeatable process using an Agile approach of identifying, describing, testing and delivering technical solutions.
The Contractor shall be responsible for the integration and support of the application including all enhancements made to the application.
Download the Full Draft SOW Document Here
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.