/
Honolulu Risks

Honolulu Risks

This centralized page, for all Honolulu projects, is aimed at identifying the risks as they are foreseen within the release life cycle.

A Risk that materialized becomes an Issue.

Status:

  • Identified: a risk that has been identified, but has not yet been analyzed / assessed yet 

  • Assessed: an identified risk which currently has no risk response plan 

  • Planned: an identified risk with a risk response plan

  • In-Process: a risk where the risk response is being executed 

  • Closed: a risk that occurred and is transferred to an issue or the risk was solved/avoided

  • Not occurred: a risk that was identified but that did not occur 

  • Rejected: created and kept for tracking purposes but considered not to be used yet



Risk ID

Project Team or person identifying the risk

Identification Date

Risk (Description and potential impact)

Team or component impacted by the risk

Mitigation Plan

(Action to prevent the risk to materialize)



Contingency Plan - Response Plan

(Action in case of the risk materialized)

Probability of occurrence (probability of the risk materialized)

High/Medium/Low

Impact

High/Medium/Low

Status

Risk ID

Project Team or person identifying the risk

Identification Date

Risk (Description and potential impact)

Team or component impacted by the risk

Mitigation Plan

(Action to prevent the risk to materialize)



Contingency Plan - Response Plan

(Action in case of the risk materialized)

Probability of occurrence (probability of the risk materialized)

High/Medium/Low

Impact

High/Medium/Low

Status

1

OOF

Jan 18, 2021 

Meeting the following requirement for CMSO - Upgrade vulnerable packages

OOF - CMSO

Will be taken up along with the feature implementation if it is required by the use cases

Project team will try to take up activity if no new feature is planned

Low

Low

Identified

2

UUI

Jan 19, 2021 

usecase UI dockers contain GPLv3

USECASEUI-494: usecase UI dockers contain GPLv3Closed

UUI

Will take active action to contact Jira owner and find out witch package contains GPLv3

Make the current dependencies work well and keep this problem to next release

High

Low

Identified

3

Policy

Jan 19, 2021 

Some package upgrades (e.g., CDS) may require significant rework

REQ-439: CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIESIn Progress

Policy

Will continue to work on upgrades

Obtain a waiver for the problem packages

Medium

Medium

Identified

4

SDC

Jan 20, 2021 

Some package upgrades may require significant rework

REQ-439: CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIESIn Progress

SDC

Will continue to work on upgrades

Obtain a waiver for the problem packages

Medium

Medium

Identified

5

AAI

Jan 20, 2021 

Cannot upgrade to Java 11 for modules dependent on Java 8 only supported Janusgraph

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

AAI

Nothing we can really do given the current constraints unless JanusGraph updates to working with Java 11

Obtain a waiver for the mS with the core tech of Janusgraph

High

Low

Identified

6

DCAE

Jan 20, 2021 

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Due to upstream dependency on NIFI project, some of MOD (NiFI) components (designtool/gen-processor/nifi-registry) will remain in java 8

DCAE

Migrate/replace MOD NiFI components with custom containers for future release

Request waiver (discused with SECCOM and they are okay with filing exception for NiFI components)

High

Low

Closed; exception submitted for NiFi related components

7

DCAE

Jan 20, 2021

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8

With Cloudify 3.x support releated by Cloudify under 5.1.1, DCAE CM pod upgrade is targetted for H release. This will be major upgrade requiring extensive regression. Marking this risk due to resource/time constraint. 

DCAE

Based on severity of issue - we'll assess if new containers can be released for H release or if need to be withheld.

If switching to Guilin version (old CM 4.6 version) - will need waiver for Cloudify container and plugins

Medium

High

Not Occurred

8

CPS

Jan 21, 2021 

Upgrade vulnerable packages, which all are Transient dependencies

CPS

Working with SecCom to resolve high level vulnerabilities

Obtain a waiver for the problem packages

Medium

Low

Identified

9

DMaaP Message Router

Jan 21, 2021 

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Confluent base images used by Message Router kafka/zookeeper are built using Java 8. Move to a newer version is a risk based on resources/time constraints.

DMaaP

Source some more resources for the project to address this issue.

Obtain a waiver for the problem packages

High

Low

Identified

10

AAI

Jan 22, 2021 

Upgrade vulnerable packages, which all are Transient dependencies

AAI

Source some more resources for the project to address this issue.

Obtain a waiver for the problem packages

Medium

Low

Identified

11

VID

Jan 22, 2021 

Upgrade vulnerable packages, which all are Transient dependencies

VID

Source some more resources for the project to address this issue.

Obtain a waiver for the problem packages

Medium

Low

Identified

12

MultiCloud

Jan 24, 2021 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

MultiCloud have updated to v3.7, which is the highest version that onappylog can support

MultiCloud

Remove the dependency of onappylog

Obtain a waiver for the impacted components

Medium

Low

Identified

13

Modeling

Jan 25, 2021 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

Modeling/etsicatlog can support V3.7, which is the highest version that onappylog can support

Modeling

Remove the dependency of onappylog

Obtain a waiver for the impacted components

Medium

Low

resolved

14

VFC

Jan 25, 2021 

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8)

VFC can support V3.7, which is the highest version that onappylog can support

VFC

Remove the dependency of onappylog

Obtain a waiver for the impacted components

Medium

Low

resolved

15

SO

Feb 25, 2021 

Code coverage for the new repos created failed to meet the required goal.

SO

Code coverage goals

Obtain a waiver for the impacted components

High

High

Resolved

16

DMaaP kafka

Feb 25, 2021 

Code coverage for the dmaap-kafka project failed to meet the required goal.

DMaaP kafka

Code coverage goals

Obtain a waiver for the impacted components

High

Low

Working with Sonar community to fix this unexpected coverage drop.

17

Policy

Mar 9, 2021 

OOM merge for M3 is not yet complete, so RC0 is even more unlikely

Policy

Update OOM review to latest Policy images

Obtain a waiver

Honolulu Exception Request for Policy

High

High

Withdrawn

M3 OOM review was merged

18

SO

Mar 8, 2021 

Upstream code changes merged for camunda upgrade have induced issue in the camunda database causing issues in the gating

SO

OOM Gating

Working on the cleanup with the help of the actual developer

This would be a must fix for the H release for SO component, else will need to revert all the changes pertaining to this upgrade.

High

High

Identfied.