2025-03-05 Policy Weekly Meeting
- Ramesh Murugan Iyer
| Agenda Item | Requested by | Notes / Links | |
|---|---|---|---|
Meeting Chair: Ramesh Murugan Iyer | |||
| Review of minutes from last meeting and matters arising | |||
| Policy update, Status for Paris | #tsc TSC Weekly Meeting PTL Weekly Meeting #ptl | ||
| Github actions for S3p tests | GHA fails due to resource limitation. Waiting on the review from Matt for increasing the resources. Waiting on Github billing to be available. Expected to be in March. Wayne Dunican - To check the deployment if the components can be minimized. | ||
| ONAP DTF | Ramesh Murugan Iyer | ONAP DTF DAYs 2025 | |
| Security updates | Ramesh Murugan Iyer | Projects were asked to check vulnerabilities periodically and fix critical CVEs within a month by the TSC | |
| Dependency uplifts | Jetty uplifts are done. Currently checking Netty on policy-models. | ||
| OPA PDP updates | Deena Mukundan | https://gerrit.onap.org/r/admin/repos/policy/opa-pdp,general opa-pdp wiki : OPA PDP Kevin has raised a request for sonatype scanning support for golang project. Request for adding Sonarqube scanner for Golang for project opa-pdp(IT-27801) – Sonar cloud config for Git hub action didn't work. Further reviews to be pushed. SECCOM's decision is to try to fix all the reported vulnerabilities for opa-pdp as the sonatype doesn't support differentiating direct and transitive dependencies at the moment. – Need to check if all the dependencies can be updated from Nexus Iq. - May not be able to fix all the CVEs until direct dependencies are listed. Check with SECCOM for license related vulnerabilities and get exemption. (Check with Byung) Start looking in to Gold badging criteria for opa-pdp. | |
| AOB | |||
Actions
Notes
Attendees
Recording
Policy Framework Status Check
health checks
-------------
onap-daily-dt-oom-master,2023-03-02 05:41,health-policy,pass:2,fail:0
https://logs.onap.org/onap-integration/daily/onap-daily-dt-oom-master/2023-03/02_05-41/xtesting-healthcheck/full/full/report.html
failing jobs
------------
https://jenkins.onap.org/job/policy-clamp-master-project-csit-verify-clamp
https://jenkins.onap.org/job/policy-opa-pdp-master-project-csit-policy-opa-pdp
https://jenkins.onap.org/job/policy-pap-sonar
warning jobs
------------
https://jenkins.onap.org/job/policy-opa-pdp-master-project-csit-verify-opa-pdp
Bugs
POLICY-5274 - Getting issue details... STATUS
POLICY-5233 - Getting issue details... STATUS