AAF R3 (Casablanca) - Deliverables for API Freeze Milestone Checklist
sThe following items are expected to be completed for the project to Pass the M3 API Freeze Milestone.
M3 Release Architecture Milestone overview is available in wiki.
Practice Area | Checkpoint | Yes/No | Evidences | How to? |
|---|---|---|---|---|
Architecture
| Has the Project team reviewed the APIs with the Architecture Committee (ARC)? | Yes |
| |
Is there a plan to address the findings the API review? | N/A | (no known findings) |
| |
Does the team clearly understand that no changes in the API definition is allowed without formal TSC review and approval? | Yes |
|
| |
Is there any changes in the scope, functionalities, deliverable, dependency, resources, API, repositories since M1 milestone? | No |
|
| |
Provide link to the API Documentation. |
|
| ||
Release Management | Are committed Sprint Backlog Stories been marked as "Done" in Jira board? | So far |
| |
Are all tasks associated with Sprint Backlog Stories been marked as "Done" in Jira? | So far |
| ||
Have all findings from previous milestones been addressed? | Think so | Provide link to JIRA findings (PTL asks How/where to get a JIRA Finding?) |
| |
Development | Is there any pending commit request older than 36 Business hours in Gerrit? | Yes, Caveat |
| Two commits make major changes to key components. Full regression is required before allowing these to proceed. |
Do you have a plan to address by M4 the Critical and High vulnerabilities in the third party libraries used within your project? | Yes, with caveats |
| Criticals are removed. High vulnerabilities include javax.mail and guava (Guava is a dependent library). javax.mail has no valid version without vulnerabilities. Nexus-IQ report from “Jenkins CLM” shows 0 critical security vulnerability. | |
Are all the Jenkins jobs successfully passed ( Merge-Jobs)? | Yes |
| ||
Are all binaries available in Nexus? | Yes |
| ||
Integration and Testing | Have 50 % of System Integration Testing Use Cases been implemented successfully in Jenkins? | No | AAF is at 32.33% | AAF team has been focused on generating Certificates for ONAP Apps, and trying to work out how to be a CA in the nightly-torn-down environments. |
Has the project code successfully passed the Daily Build process? | Pending | AAF is still working the thorny issue of how to be a static CA, and still rebuild nightly. Solution is still not worked out. | Goal is to ensure the latest project commit has not broken the Integration Daily Build |