Integration and Built Tests For Releases

Owned by Amy Zwarico
Apr 08, 2020
1 min read

Guilin

  • Continue running all Frankfurt tests – HTTP, JDWP, root pods, etc

  • Progress on the limit tests

    • Enable test created by Fabian but descoped for Frankfurt

  • Verify the versions of the upstream pods according to SECCOM recommendation (Database, Java, Python, Docker, Kubernetes, and Image Versions)

  • Prepare a test to check that Java 11/ Python 3.8 are the default versions

    • Morgan plans to build a python 3.8 with onap user/group

    • Java11 test already running

  • Test the validity date of the certificates

  • Define reasonable goals for CIS testing (Docker and k8s)

    • assuming current issues are due to the non-cloud native-ness of some components

    • Proposed new tests from CIS Docker Benchmark to be added to Jenkins build

      • Ensure that only trusted base images are used (section 4.2).

      • Ensure that healthcheck instructions have been added to container images (section 4.6)

      • Ensure that docker images in ONAP have removed setuid and setgid (section 4.8)

  • Test that upstream docker containers such as mysql and Casandra run as non-root and do not expose external HTTP ports

    • Must fix in the common databases

    • Should fix in the project specific databases