Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This centralized page, for all Guilin projectsHonolulu projects, is aimed at identifying the risks as they are foreseen within the release life cycle.

A Risk that materialized becomes an Issue.

Status:

  • Identified: a risk that has been identified, but has not yet been analyzed / assessed yet 
  • Assessed: an identified risk which currently has no risk response plan 
  • Planned: an identified risk with a risk response plan
  • In-Process: a risk where the risk response is being executed 
  • Closed: a risk that occurred and is transferred to an issue or the risk was solved/avoided
  • Not occurred: a risk that was identified but that did not occur 
  • Rejected: created and kept for tracking purposes but considered not to be used yet


Risk IDProject Team or person identifying the riskIdentification DateRisk (Description and potential impact)Team or component impacted by the risk

Mitigation Plan

(Action to prevent the risk to materialize)


Contingency Plan - Response Plan

(Action in case of the risk materialized)

Probability of occurrence (probability of the risk materialized)

High/Medium/Low

Impact

High/Medium/Low

Status
1OOF

 

Meeting the following requirement for CMSO - Upgrade vulnerable packagesOOF - CMSOWill be taken up along with the feature implementation if it is required by the use casesProject team will try to take up activity if no new feature is plannedLowLowIdentified
2UUI

 

usecase UI dockers contain GPLv3

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyUSECASEUI-494

UUIWill take active action to contact Jira owner and find out witch package contains GPLv3Make the current dependencies work well and keep this problem to next releaseHighLowIdentified
3Policy

 

Some package upgrades (e.g., CDS) may require significant rework

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyREQ-439

PolicyWill continue to work on upgradesObtain a waiver for the problem packagesMediumMediumIdentified
4SDC

 

Some package upgrades may require significant rework

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyREQ-439

SDCWill continue to work on upgradesObtain a waiver for the problem packagesMediumMediumIdentified
5AAI

 

Cannot upgrade to Java 11 for modules dependent on Java 8 only supported Janusgraph

Image AddedREQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

AAINothing we can really do given the current constraints unless JanusGraph updates to working with Java 11Obtain a waiver for the mS with the core tech of JanusgraphHighLowIdentified
6DCAE

 

Image AddedREQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Due to upstream dependency on NIFI project, some of MOD (NiFI) components (designtool/gen-processor/nifi-registry) will remain in java 8

DCAEMigrate/replace MOD NiFI components with custom containers for future releaseRequest waiver (discused with SECCOM and they are okay with filing exception for NiFI components)HighLowClosed; exception submitted for NiFi related components
7DCAE

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8

With Cloudify 3.x support releated by Cloudify under 5.1.1, DCAE CM pod upgrade is targetted for H release. This will be major upgrade requiring extensive regression. Marking this risk due to resource/time constraint. 

DCAEBased on severity of issue - we'll assess if new containers can be released for H release or if need to be withheld.If switching to Guilin version (old CM 4.6 version) - will need waiver for Cloudify container and pluginsMediumHighNot Occurred
8CPS

 

Upgrade vulnerable packages, which all are Transient dependenciesCPSWorking with SecCom to resolve high level vulnerabilitiesObtain a waiver for the problem packagesMediumLowIdentified
9DMaaP Message Router

 

Image AddedREQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Confluent base images used by Message Router kafka/zookeeper are built using Java 8. Move to a newer version is a risk based on resources/time constraints.

DMaaPSource some more resources for the project to address this issue.Obtain a waiver for the problem packagesHighLowIdentified
10AAI

 

Upgrade vulnerable packages, which all are Transient dependenciesAAISource some more resources for the project to address this issue.Obtain a waiver for the problem packagesMediumLowIdentified
11VID

 

Upgrade vulnerable packages, which all are Transient dependenciesVIDSource some more resources for the project to address this issue.Obtain a waiver for the problem packagesMediumLowIdentified
12MultiCloud

 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

MultiCloud have updated to v3.7, which is the highest version that onappylog can support

MultiCloudRemove the dependency of onappylogObtain a waiver for the impacted componentsMediumLowIdentified
13Modeling

 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

Modeling/etsicatlog can support V3.7, which is the highest version that onappylog can support

ModelingRemove the dependency of onappylogObtain a waiver for the impacted componentsMediumLowresolved
14VFC

 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

VFC can support V3.7, which is the highest version that onappylog can support

VFCRemove the dependency of onappylogObtain a waiver for the impacted componentsMediumLowresolved
15SO

 

Code coverage for the new repos created failed to meet the required goal.

SOCode coverage goalsObtain a waiver for the impacted componentsHighHighResolved
16DMaaP kafka

 

Code coverage for the dmaap-kafka project failed to meet the required goal.

DMaaP kafkaCode coverage goalsObtain a waiver for the impacted componentsHighLowWorking with Sonar community to fix this unexpected coverage drop.
17Policy

 

OOM merge for M3 is not yet complete, so RC0 is even more unlikelyPolicyUpdate OOM review to latest Policy images

Obtain a waiver

Honolulu Exception Request for Policy

HighHigh

Withdrawn

M3 OOM review was merged

18SO

 

Upstream code changes merged for camunda upgrade have induced issue in the camunda database causing issues in the gating

SO

OOM Gating

Working on the cleanup with the help of the actual developerThis would be a must fix for the H release for SO component, else will need to revert all the changes pertaining to this upgrade.HighHighIdentfied.