DCAE R4 M2 Functionality Freeze Milestone Checklist

DRAFT PROPOSAL FOR COMMENTS

The following items are expected to be completed for the project to Pass the M2 Functionality Freeze Milestone.

M2 Release Functionality Freeze Milestone definition.



Usage

  1. Use the "Copy" and "Move" options (available under the ..., top right of this page) to duplicate this template into your project wiki.

  2. Fill out the Yes/No column

  3. Provide link to evidence (when necessary)



Practice Area

Checkpoint

Yes/No

Evidence - Comment

How to?

Practice Area

Checkpoint

Yes/No

Evidence - Comment

How to?

Product Management

Are all provisional APIs interface (stub) been defined (at beta-quality level)? 

Yes

New api for R4 - SON-Handler (PCI Optimization API)



Is there a final list of externally consumable APIs available?

Yes

https://lf-onap.atlassian.net/wiki/display/DW/DCAE+R4+M1+Release+Planning#DCAER4M1ReleasePlanning-APIOutgoingDependencies



Existing platform API's - https://onap.readthedocs.io/en/latest/submodules/dcaegen2.git/docs/sections/offeredapis.html



For all completed Sprints, have Sprint Backlog Stories been marked as "Done" in Jira?

Yes

Getting issues...



Difference between a Product and Sprint Backlog

Are all tasks associated with the completed Sprint Backlog Stories been marked as "Done" in Jira?

Yes

 

Getting issues...



If applicable to your project, has your team been able to clear the project' blockers? If not provide status on the plan to close the blocker(s).

Yes

DCAEGEN2-1191 - Patch submitted



What new features or changes to existing features in this project scope need to be communicated to VNF Providers? List the changes in the Evidence tab.

Yes

VES Collector - Authentication enhancement





If yes to the previous question, have these been communicated to the VNF Requirements project? 

Yes

VNFRQTS



Release Management


Have all source code files been updated with License Apache 2 header?

Yes

New contribution pending.

Specific rules and instruction are available in ONAP wiki.

Has the year format in copyright header of all source code files been updated? (Rules for new files created in 2019 and existing files modified in 2019 are different)

Yes



Guidance on year format

In case source code can't be edited, has a "License.txt" file been placed at the root directory for which the license is applicable?

Yes





Guidance for source code file that can't be edited

(a) Has the Project Team added appropriate license and copyright notices to all ONAP source code and documentation files, where possible for the particular file format?

Yes





(b) Has the Project Team reviewed and understood the most recent license scan reports from the LF, for both (a) licenses within the codebase and (b) licenses for third-party build time dependencies?

Yes





For both (a) and (b) questions, have all high priority non-Project Licenses been either removed, planned for removal before code freeze, or escalated as likely exception requests?

Yes





Have all API projects dependencies been captured?

Yes

DCAE R4 M1 Release Planning#APIIncomingDependencies; pending Policy API (Risk#11 - https://lf-onap.atlassian.net/wiki/display/DW/Dublin+Risks)

The source of information for the API dependency is the "API Incoming Dependency" of the M1 Release Planning deliverable. Please update the source accordingly, and let The Release Manager aware of the changes.

Development

For new projects approved for this release, have all defined repositories source code been placed into Gerrit?

Yes

Repository created; seed code delivery in-progress 

  • dcaegen2/services/son-handler  - completed 2/18



Has the project team reach the Automated Unit Test Code Coverage expectation? (Refer to artifacts available in Sonar)

No

Yes for all but new components; will be addressed by M4

Goal: 55%

Guidance on Code Coverage and Static Code Analysis

Tools: Sonar

Is there any binaries (jar, war, tar, gz, gzip, zip files) in Gerrit project repository?

No

Except new components which are WIP

Refer to CI Development Best Practices

Could you ensure that all proprietary trademarks, logos, product names, company name, etc. have been removed? All ONAP deliverables must comply with this rule and be agnostic of any proprietary symbols.

Yes





Is there any pending commit request older than 36 business hours in Gerrit?

No

https://gerrit.onap.org/r/#/q/status:open+label:verified+-is:draft+-label:Code-Review%253D-1+AND+-label:Code-Review%253D-2+AND+is:mergeable+age:3days++dcaegen2

https://gerrit.onap.org/r/#/q/status:open+topic:info-file (22) Pending LF update; rest are pending submitter update (merge conflict and/or publish pending)

Have all the Jenkins jobs successfully passed (Merge-Jobs)?

No

Except SON-handler ([ONAP Helpdesk #68874] AutoReply: SON Handler MS: Seed code merge job failure)

https://jenkins.onap.org/view/dcaegen2/



Are all snapshot binaries available in Nexus?

No

Except new components which are WIP



Integration and Testing  

Have functional test cases i.e. CSIT been documented in wiki?

It should include at least 1 or 2 CSIT that will be run on

Lab-xxx-OOM-Daily Jenkins Job

Yes

https://lf-onap.atlassian.net/wiki/display/DW/5G+-+Real+Time+PM+and+High+Volume+Stream+Data+Collection

PM Mapper/DFC - https://lf-onap.atlassian.net/wiki/display/DW/5G+-+Bulk+PM

3GPP PM Mapper Testcases & Status

5G SON-Handler - https://wiki.onap.org/display/DW/OOF-PCI+Use+Case+-+Dublin+Release+-+ONAP+based+SON+for+PCI+and+ANR, Functional Testing

BBS Usecase - BBS Notifications#TestCases

Regression - DCAE Testplan (Regression)





Have you implemented in Jenkins at least 1 functional test case for each of the project repository?

Yes

https://jenkins.onap.org/view/dcagen2/job/dcaegen2-master-csit-testsuites/

As an example (provided by Integration Team)



Has the project code successfully passed the Build process?

Yes

CSIT Failure on dcaegen2-pmmapper-master-csit-pmmapper is DMAAP DR issues (DMAAP-1048)



Goal is to ensure your project latest commits have not broken the build.

Documentation

Has the team identified and outlined the set of documentations to be delivered in this Release?

Yes





 Security 

Has the Release Security/Vulnerability table been updated in the protected Security Vulnerabilities wiki space?

 Yes

 https://lf-onap.atlassian.net/wiki/pages/viewpage.action?pageId=16089310

 PTL reviews the NexusIQ scans for their project repos and fills out   the vulnerability review table

Have all project containers been designed to run as a non-root user?

 No

Dependent on 3rd party components - Cloudify which requires running as root. Other DCAE component migration will be worked based on resource availability.

https://jira.onap.org/browse/SECCOM-111

 https://wiki.onap.org/display/DW/Best+Practices

  • The Docker and Kubernetes engines may run as root until such time as the products support non-root execution.

  • Applications may run as root within a container.

  • The process ID of a container must not run as the root ID with the exception of containers supporting ONAP features that require the container to run as the root ID.

  • Containers may run with root privileges.

  • Project containers that run as the root ID must document this in the release notes along with the functionality that requires the container to run as the root ID.