2021-10-05 Security Subcommittee Meeting Notes
Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 5th of October 2021.
Jira No | Summary | Description | Status | Solution |
---|---|---|---|---|
| TSC meeting update | Honolulu maintenance release approved Jakarta timeline proposed: Release Planning Jakarta Participants reminded to vote for TSC membership |
|
|
| PTL meeting update | Michal to remove vid from OOM Investigating portal-sdk removal Reminded projects to update Security Vulnerabilities tables on protected wiki (CLI, EXTAPI, VNFSDK have made no progress; AAI, MSB have not reported status) |
|
|
| Angular experience on dependencies | Jared presented his development results on app dependency cluster graph. Slides presented - please refer to thebottom of this page for a link. | started |
|
| ONAP release notes and dependencies | Thomas was contacted. He is retrieving info via script about all the components. Output: Dependencies between components or with external projects are not tracked here. | ongoing | To review the context of this request. |
| Feature template follow-up | Muddasar had a meeting with Alla. Muddasar is preparing a slide deck to be presented at the TSC. | ongoing | Slides with the proposal to be presented at the TSC. |
| SonarCloud coverage for Jakarta release | Focus on security vulnerabilities that have blocker or critical rank. In Sonar it is called hotspot. | started |
|
[REQ-441] | New Global Requirement | [REQ-441] LOGS MANAGEMENT - PHASE 1: COMMON PLACE FOR DATA – PROPOSAL FOR JAKARTA | ongoing | Next PTLs meeting on 18th of October - agenda |
| Kubernetes hardening | Shared by Brian: https://deploy-preview-29791--kubernetes-io-main-staging.netlify.app/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/ CubeCon next week, slack channel exists for Kubernetes security. | started |
|
| OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 12th OF OCTOBER'21. | Kubernetes hardening (Brian) CADI and AAF replacement (Byung) |
|
|
Recording:
SECCOM presentation:
ApplicationVisualization_2021_05_10.pptx