...
Jira No | Summary | Description | Status | Solution |
---|---|---|---|---|
SECCOM chair and vice chair elections | Confirm that the correct voting member for your company is on the Security Sub-committee Members list | List of participants was updated | ||
Secrets encryption | Krzysztof has a draft wiki page documenting the approach for ONAP secrets management and would like feedback Questions for Krzysztof:
Writing secrets to ETCD. | In Progress | ONAP secret management | |
AAF | ||||
MariaDB-Galera | Whole encryption is blocking and compromised in SO. | |||
| Description and examples of the CLAMP script Feedback from the PTLs\ meeting was to not run the script because the Jira tickets would create addtional work. They would prefer to track progress using gerrit reviews. SECCOM:
Actions: put ideas on onap-discuss and set up a separate meeting if there is enough interest | On Hold | ||
Automated K8S tests enabled for Frankfurt | Feedback from PTLs Propose enabling | Present to TSC | Docker and Kubernetes Security | |
Secrets encryption | Krzysztof has a draft wiki page documenting the approach for ONAP secrets management and would like feedback Questions for Krzysztof:
| In Progress | ONAP secret management | |
SECCOM chair and vice chair elections | Confirm that the correct voting member for your company is on the Security Sub-committee Members list | |||
Java and the new model of licensing for Oracle JDK versus Open JDK – Natacha | Oracle JDK which is commercial - benefits updates Open JDK - like open source so free of charge but support for java 11 but not earlier versions. 2/11 update Docker images for both the Debian and Alpine releases of the Java 11 JDK will be available for all projects | Docker images for both the Debian and Alpine releases of the Java 11 JDK will be available for all projects | TSC wants to know which distribution of the OpenJDK is used – Integration team/OOM to be contacted - discussion planned for next status meeting on Wednesday. SECCOM cares Java 11 and not particular distribution - we appreciate common image from governance perspective and harmonization - coordination on release manager side. Next steps: E-mail to be sent to Morgan with Pawel B. in copy to confirm if image is already created. 2/11: Confirm documentation and location of Debian and Alpine images | |
Upcoming F2F meetings | Decide which meeting(s) SECCOM wants to focus on Start collecting topics for the meeting(s) | In Progress | ||
OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 25TH OF FEBRUARY'20 |
...