...
Jira No | Summary | Description | Status | Solution | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Logging security discussion Follow-up discussion by Byung: After meeting Justin shared his script and mentioned node level Fluentbit deployment (different name space with different privilege level). Adrien is working on node level logging. | Node vs. pod level logging update, pods logs visible but not yet with content, kyverno used for policy management | ongoing | Andrew from Byung's team will check feasibility for continues working on pod level logging. Next week conclusion expected. | |||||||||||||||||
CPS Security review questionaire by Tony | Slot for a meeting with CPS team under setup. | ongoing | ||||||||||||||||||
Security issues raised by External researchers | Latest weekly scans | ongoing | Unmaintained projects | Repos without merge (for last 1 year) identified. Merges by Thomas and Cedric to be excluded. | ongoing | At the next PTL meeting Jan 23rd list to be reviewed | Security review questionaire | CPS team has mostly completed their security review. Tony will be scheduling a meeting with them to answer a few questions | ongoing | Update to SECCOM to be provided by Tony next week | TSC meeting (12th January) |
| PTL meeting (16th January) | Cancelled due to day off in US | London recommended versions | ongoing | ||||
Upcoming D&TF | Please register!, TopicsPageis OPEN! -SECCOM proposals (TBD):
| ongoing | ||||||||||||||||||
Python PoC by Bob | Environment for testing is available ORAN SC is actively using Pylog, libraries under testing, | ongoing | Fiachra to be contacted. | |||||||||||||||||
TSC meeting (19th January) |
| |||||||||||||||||||
PTL meeting (23rd January) | Waiting for a feedback from Andreas.
| Tickets for Global Requirements | -Epic REQ-437: COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8) -Epic REQ-438: COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11) | ongoing |
| |||||||||||||||
London recommended versions | ||||||||||||||||||||
SECCOM MEETING CALL WILL BE HELD ON January 31st 2023. | Node vs. pod level logging update by Byung. CPS Security review questionaire by Tony. |
Recordings:
SECCOM presentation:
2023-01-24 ONAP Security Meeting - AgendaAndMinutes.pptx