2020-07-21 Security Subcommittee Meeting Notes

Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 21st of July 2020.

Jira No	Summary	Description	Status	Solution

Jira No	Summary	Description	Status
	Integration Testing – Sylvain	#1 Establish the list of enforcements planned for Guilin through the OOM gating REQ-361 Automated certificate retrieval including HTTPS enablement REQ-362 All containers must run as non root REQ-373 Python 3.8 support – enforcement after notification from the PTLs that migration complete REQ 351 Java Language 11 support – enforcement after notification from the PTLs that migration complete #2Timeline for enforcement When project teams report development completion of enforceable Guilin requirements No later than M4 Guilin (Code completion) - Guilin Impact View per Component #3 Establish a grace period so PTLs can communicate to their projects team	presented to PTLs
REQ-368	Service Mesh POC – Sylvain	Automated deployment of Istio, CertManager, KeyCloak Analyzing ONAP components for inclusion: Dmaap, AAI, etc CertManager can use ACME, Venafi, Vault, self signed certs, external CA
	Harbor presentation to TSC – Fabian	Solene to present to TSC 23/7
REQ-376	Flow Management – Fabian	https://lf-onap.atlassian.net/wiki/display/DW/Service+Mesh+PoC+plan AP: Fabian will provide the above link to the PTLs to collect detailed flow information
REQ-323	Vulnerable package upgrade – Amir	Jackson databind upgrades complete for SDC – did not require much work 2.x -> 2.11: no code changes 1.x -> 2.11: minor code changes
	OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 28th OF JULY'20.	Topics proposed: Harbor feedback from TSC Security Documentation – Harald Service Mesh progress Honolulu security requirements

No recording - LastPass problems persist

TSC Harbor presentation (2020/07/23)