...
Jira No | Summary | Description | Status | Solution | Architecture review template | Byung prsented he current template: ONAP Component Architecture Review Template Security related comments were shared on cotainer hardening, pen testing, API security, logging requirements. | ongoing | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
TSC elections | New e-mail for voting process wil be sent. | Superblueprint demo updat | Enterprise IOT URLLC demo - camera doing the inspection. Severs instalation just copleted. | PTLs meeting | Vijay was surprised with latest scans and smal progress - Amy will have a meeting with him on that. SBOM - Muddasar plans to contact a few PTLs. | Update on the Security Logging Fields | Python container PoC and extending Andrew Lang's work on logging architecture. Additional internal resource might be available from MITRE. Michal's feedback on modyfing Python base image. | ongoing | We have to identify right PTLs - Pawel and Amy to propose PTL by end of this week. Michal could be involved.Service Mesh plans for London release | Andreas presented first draft, summarized recent achievements and future plans for Service Mesh. First part (almost completed) is to get ready for ISTIO, get rid of AAF. Many components which are working already. In AAI comunicaio issues between Model Loader and Babel, some minor issues with DCAE, no work done yet for VNFSDK or UUI. Daily heath checks are done.Smoke use cases are using Ingress APIs. Plans for London: please refer to slide 8
Keycloak and CertManager would be kept outside of ONAP deployments - discusion with Fiachra. | Requirements setup for London release. AAF and MSB to be removed. In DMaaP AAF still must be enald to have it running. Architecture Subcommittee shall do the recomendation to TSC, requirement to e tracked with Requirement Subcommittee. SECCOM could suport in AuthN/AuthZ policies setup. Proper upgrade scenario in ONAP to be elaborated. | ||||||||
Q&A session Security Call Data Record Presentation | No feedback received so far received by David. | Slide and 2 pager to be sent to seccom distribution list by David. | |||||||||||||||||
NEXUS-IQ scans | Only Master will be scanned, so now % increase will be well represented. | ||||||||||||||||||
Python PoC | Interal resource wil help. Vijay and Michal in the loop. Base image modification. | ongoing | |||||||||||||||||
Architecture review template | Byung prsented he current template: ONAP Component Architecture Review Template Security related comments were shared on cotainer hardening, pen testing, API security, logging requirements. | ongoing | |||||||||||||||||
Daylight saving time | To be further elaborated. In US in the week of November 4th, to be checked last weekend of October for Europe/Poland. | ||||||||||||||||||
SECCOM MEETING CALL WILL BE HELD ON 11th OF October'22. Architecture review template to be reviewed. |
Recordings:
View file | ||||
---|---|---|---|---|
|
SECCOM presentation:
View file | ||||
---|---|---|---|---|
|