FinnGen Handbook

Sandbox IVM tool request handling policy

The primary way to add new software programs to the Sandbox IVM is by using environmental modules (Lmod). The primary way to add new R and Python packages is through the internal CRAN and PyPi package repositories.

Key principles

  • Sandbox users can request new tools to be added to the Sandbox environment by sending a request to the finngen-servicedesk@helsinki.fi.

  • These tools will be evaluated by the FinnGen system administrators.

  • To be used in the Sandbox IVM these tools must be:

    • trustworthy

    • free

    • using an open-source license approved by OSI

    • intended for data analysis

    • of a purpose that does not conflict with the FinnGen research plan

  • A tool can be:

    • a software program

    • a software package

    • a Docker file

    • a Docker image (restrictions apply)

  • The primary way to add new software programs to the Sandbox IVM is by using environmental modules (Lmod).

  • The primary way to add R and Python packages to the Sandbox IVM is through the internal CRAN and PyPi package repositories. The package repositories content (libraries and packages) will be incrementally updated to contain latest versions off the packages two times a month.

  • Essential R and Python packages may be included in R and Python environmental modules.

Trustworthiness

A tool is considered trustworthy if:

  • It is developed by a reputable company, organisation or individual such as the Python Software Foundation (PSF) or a well-known researcher.

  • It has a reputable funding source, For example, Plink2 is funded by biotechnology companies (GRAIL and Human Longevity) and Stanford University.

  • It has a reasonable level of documentation available to describe its functionality and purpose.

  • The user has described the intended purpose of the tool and it matches with the tool documentation.

  • It is installed from a trusted source directly prepared by the original development team such as Github.

  • It is installed from a trusted package repository such as Cran or Pypi. The primary source of new packages installed in the Sandbox is a trusted package repository.

  • It is open-source and the source code is available for evaluation by the FinnGen system administrators.

Examples of trustworthy tools:

  • Generally used programming languages such as Python.

  • Packages from official repositories such as CRAN and PyPI.

  • Generally used data analysis environments such as Rstudio and Jupyter Notebooks.

  • Generally used scientific analysis tools such as Plink2.

  • Scientific analysis tools prepared by FinnGen core researchers.

  • Docker images from reputable publishers such as Docker Official Images and images from the Docker Verified Publisher.

Docker files

Users can request new tools to be installed by providing a Docker file by following these instructions for preparing a Docker file

Docker images

Users can request new tools to be installed by providing a Docker image.

The Docker image must have been prepared by:

  • a FinnGen core researcher

  • a reputable original tool development team (subject to case-by-case evaluation and approval by the FinnGen system administrator team)

Docker vulnerability scanning

Docker images are vulnerability scanned in the Sandbox Docker Repository and will not be approved if they have any critical issues.

The user who requested the tool to be installed is responsible for addressing any such critical issues.

PreviousHow to reset your finngen.fi account passwordNextDocker images

Last updated