Versions Compared

Old Version 1

changes.mady.by.user Paweł Pawlak

Saved on

compared with

New Version Current

changes.mady.by.user Paweł Pawlak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Jira No
SummaryDescriptionStatusSolution

ONAP disaggregation Disaggregation impact on SECCOM activities

Byung provided presentation on disaggregation that was initially discussed:

ONAP - Streamlining the process-2023-7-18-v2.pptx

Separation of marketing and component versions - proposal by Florian to be further elaborated at the OOM meeting on Wednesday.

Proposal: Break ONAP's monolithic version schema

Helm charts dependencies to be analyzed (by Andreas):

ONAP Helm chart dependencies

With known major version and version provided by the project SCA scans could be provided automatically.

Do we maintain a single CI/CD pipeline or individual per project.

Different namespace must be possible.

ONAP components interfaces abstraction (to serve both ONAP but alno non-ONAP) would require an additional development efforts to build adapters - it brings some risk. TM Forum brings some defined APIs.

Security controls out of ONAP:

  • run time out of the box with ONAP (most of them provided by service mesh)
  • build time (we are sending secure code)
  • security of the development pipeline within 

Logging and logs management need to be carefuly considered as one of pilars of security.

Ceremony is needed at ONAP level that finishes and summarizes efforts for a solution.

startedTo be continued at ARCCOM and OOM meetingsquality assurance and testing 

Marek shared update on recent integration and testing capabilities.

Current daily and weekly tests are run based on the assumption that all ONAP components are installed.

Today Marek started preparing community version of a system relying on Testkube where tests are defined the same way as other resources. Testkube will allow to apply only tests needed for system setup, it will allow for variation of components selected.

All tests scenarios used in DT should be migrated within next 3 months.

It is fundamental to know if ONAP consumers would be using ISTIO, as it takes care of secure communication between components.




5 Years security questionnaire for Policy project

https://lf-onap.atlassian.net/wiki/display/DW/PF+-+ONAP+Security+Review+Questionnaire

All answers were reviewed, additional comments and questions were raised.


Tony to send to Policy team an update from today's review.

NEXT SECCOM MEETING CALL WILL BE HELD ON 1st of August 2023. 

5Y security questionnaire by Policy. 







Recordings: 

2023-07-25_SECCOM_week_part_1.mp4

2023-07-25_SECCOM_week_part_2.mp4

SECCOM presentation:

2023-07-25 ONAP Security Meeting - AgendaAndMinutes.pptx