...
Jira No | Summary | Description | Status | Solution | M4 update |
| ongoing | Software BOMs |
| |||
---|---|---|---|---|---|---|---|---|---|---|---|---|
ongoing | Muddasar to research on how the missing information can be collected (plugin to be used?). | Last TSC |
| ongoing | ONAP documentation | From green user perpective - a lot of info is missing on how to install ONAP or upgrade it - lot of missing information from ONAP documentation. Troubleshooting based on logs is painfull... Solution level thinking from user perpective, how to start and what is the sequence to install ONAP. Sean is exploring POM file and some documented ONAP interdependencies. In Amy'steam some developer is also doing similar effort. | ongoing | Pawel to sent an information to documentation team. We need a dependency map. Angular experience to be shared if possibleTSC update |
| ongoing | ||
| DCAE update |
| ongoing | mTLS to be further elaborated | ||||||||
Jakarta proposed dates | Global Requirements/Best Practice deadline for submission: 2nd of December by SECCOM:
| ongoing | ||||||||||
Last PTL meeting | Portal and VID dependencies (i.e., portal, portal-sdk & vid repos): Portal -> SDC UI (user authentication) -> Other projects are dependent on SDC (e.g., CLAMP GUI) VID to be removed , portal SDK as well. Projects unmaintained shall have their repos excluded from scans. EoL/EoS nomenclature could be used, open source communities do not maintain older versions, but encouraging to use latest greatest. | ongoing | ||||||||||
SCA automation efforts | We are xploring automation capabilities for moving data from Nexus-IQ to Wiki. | strated | ||||||||||
New Best practice for Jakarta release – new req to be open for Security logging | Set of questions prepared by Bob, to be addressed. Sidecar for logging - to be further decided by TSC who is going to maintain it. | ongoing | PTLs meeting to be used for collecting info on logging capabilities per project. | |||||||||
Feature intake template | Muddasar did not find prove of tracking the feature after its approval. | ongoing | To reach out PTLs on what could be the best way to tackle Jira template. Muddasar will propose some initial template, contributions are welcome. Muddasar will also reach out Alla as a follow up, feedback from testers might be also valuable. | New Best Practice for Jakarta | Apart from current global requirements we might want to follow any other requirements: Security logging as best practice for Jakarta, it is not exactly REQ-441 | started | Logging requirements | Base images provision by Integration team to PTLs as a good foundation for logging and logger helper. | ongoing | Present idea to PTLs and socialize from Architecture perspective (Friday's meeting?). Meeting invitation to be shared by Amy to Toine and Vijay. After initial discussion idea could be presented during the PTL's meeting. | ||
Chartmuseum | Slides presented by Tony uploaded below. Requirement to support by DCAE registry for HELM charts. Chartmuseum is maintained by Chart team. 3 types of authentication supported. Proposal isto restrict the client's list, once they have user names and passwords only ones who have to update/delete charts limits writing and access considerable just for those particular clients. FW to be used to limit the access for reading to strictlty ONAP applications. mTLS could be a solution for read? Side car with cert could be interesting. | ongoing | mTLS to be considered | OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 5th OF OCTOBER'21. |
|
Recording:
View file | ||||
---|---|---|---|---|
|
SECCOM presentation:
View file | ||||
---|---|---|---|---|
|