Versions Compared

Old Version 40

changes.mady.by.user Benjamin Cheung

Saved on

compared with

New Version Current

changes.mady.by.user Benjamin Cheung

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Support for the Multi Tenancy in ONAP

Key Contacts - Seshu Kumar Mudiganti Olivier Phenix

Guilin Proposed Requirements - Multi-tenancy v2.2.pdf

...

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 


Documenting ONAP APIs

Key Contacts -  Andy Mayer Eric Debeau

Guilin Proposed Requirements 

Also see: Developing ONAP API Documentation

Executive Summary - Improve ONAP API Documentation:

  • Developer Friendly

  • Non-Developer Friendly

  • Easy to Find & Easy to Navigate

  • Common and Uniform Documentation Structure and Approach

  • Provides Information on Using the API (e.g., quick start)

  • Try It For Yourself (TIFY) Examples

Proposed non-functional requirements for Guilin release:

  1. All components should place externally facing (i.e. interfaces exposed by the ONAP component to either other ONAP components or components external to ONAP) API definitions (e.g. Swagger) in a common path within their Gerrit/Git 

    Suggested Path: <Component>/docs/api/swagger/

  2. Apply ReDoc to Swagger and place HTML in Readthedocs for the release

  3. Apply Minimum (Phase 1+) swagger guidelines

    1. See: Proposed Phase 1+ OpenAPI 2.0 / Swagger Style Guide

    2. Use the common insert for the info section (e.g., license info, contact info, etc): Swagger Insert Sample for Info Section

Related JIRAs under the Documentation project for the API Documentation non-functional requirements:

...

slides: 20200511.ONAP.relG.TIM.non functional requirements.v2.pptx

Key Contacts - Alessandro D'Alessandromarco.signorelli@telecomitalia.it

Executive Summary - ONAP code stability is steadly improved over the releases. Similarly is being happening for ONAP installation success rate. Anyway while it is recognized the OOM project efforts in providing an automation tool for ONAP installation, it is evident that further efforts are required among the ONAP projects to provide an overall solution that bring to a deterministic installation result.

...

  1. ONAP installation result shall be determinstic at k8s level with 99% success rate  (e.g. all POD are up and running)

  2. ONAP installation result shall be deterministic at functional level with 97% success rate (e.g. all functional modules are up and running, APIs are responsiveness, etc)

  3. ONAP installation result shall be determinstic at service level with 95% success rate (e.g. a service can be designed, distributed and deployed successfully)

  4. Same requirements shall apply when one or more ONAP functional modules are re-installed

     

Business Impact - Enables operators and service providers opex saving  

Business Markets - All operators and service providers can leverage the benefit of a deterministic installation 

Funding/Financial Impacts - Reduction in operations expense 

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 


ONAP projects shall upgrade all outdated, vulnerable direct dependencies in their code base

Key Contacts -  Amy Zwarico Paweł Pawlak

Executive Summary - All ONAP projects shall reduce the risks associated with software vulnerabilities in the ONAP code base by upgrading all outdated, vulnerable direct dependencies in their code bases following the recommendations of SECCOM. The project and repo specific recommendations are provided in the Security Vulnerability space.

...

ONAP projects shall define code coverage improvements and achieve at least 55% code coverage

Key Contacts -  Amy Zwarico Paweł Pawlak

Executive Summary - Each project written in Java, Python or Javascript must provide the planned percent improvement in code coverage by M2 and meet the planned improvement by M4. Code coverage for each project must be at least 55% of the code base.

...

ONAP shall increase the number of security tests performed during integration testing

Key Contacts -  Amy Zwarico Krzysztof Opasiak Sylvain Desbureaux Morgan Richomme

Executive Summary - Integration testing shall continue to test for unsecure communication (HTTP) and vulnerable ports (e.g., JDWP). Integration shall add tests to ensure that project containers use the versions of Java, Python, Linux, Docker, database and utilities specified in Guilin versions.

Business Impact - Improves the security posture of ONAP by using current versions and simplifies the deployment. 

...

ONAP shall increase the number of Docker Benchmark tests

Key Contacts -  Amy Zwarico Krzysztof Opasiak Sylvain Desbureaux

Executive Summary - Integration testing shall include tests that a non-root user for the container has been created, containers use only trusted base images (versions specified on Guilin versions), and HEALTHCHECK instructions have been added to container images.

...

Each ONAP project shall improve its CII Badging score by improving input validation and documenting it in their CII Badging site.

Key Contacts - Tony Hansen Amy Zwarico Paweł Pawlak

Executive Summary - ONAP project will ensure that input validation is performed on all GUI and API inputs and that the answer to the input validation question in their CII Badging site is answered.  Projects that have already answered this question positively, should verify that the answer is still correct.

...