2025-04-09 Policy Weekly Meeting
| Agenda Item | Requested by | Notes / Links | ||
|---|---|---|---|---|
Meeting Chair: Ramesh Murugan Iyer | ||||
| Review of minutes from last meeting and matters arising | ||||
| Policy update, Status for Paris | #tsc TSC Weekly Meeting PTL Weekly Meeting #ptl | |||
| ONAP Semi Standalone approach | Ramesh Murugan Iyer | |||
| Github actions for S3p tests | GHA fails due to resource limitation. Waiting on the review from Matt for increasing the resources. Waiting on Github billing to be available. Expected to be in March. – Further delayed until June to get the billing from LFN. Wayne Dunican - To check the deployment if the components can be minimized. Escalated with Byung to discuss this in TSC. | |||
| ONAP DTF | Ramesh Murugan Iyer | ONAP DT&F DAYs 2025 - Planning murali parthasarathy k will be leading the presentation for opa-pdp. | ||
| Security updates | Ramesh Murugan Iyer | Projects were asked to check vulnerabilities periodically and fix critical CVEs within a month by the TSC. Nexus Iq access requested for Wayne. - Got the approval from TSC – still pending from Matt Wattkins. | ||
| Openssf badging showing silver for Policy | Ramesh Murugan Iyer | https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-28024 Waiting for Eric to update further as there is an issue with Nexus url on hardening criteria for gold badging. | ||
| OPA PDP updates | Deena Mukundan | https://gerrit.onap.org/r/admin/repos/policy/opa-pdp,general opa-pdp wiki : OPA PDP Kevin has raised a request for sonatype scanning support for golang project. – still pending. Start looking in to Gold badging criteria for opa-pdp. - coverage is being worked on. API and PAP helm charts might require changes for adding some predeployed policies for opa in OOM. – Ticket to be created. | ||
| PAP kafka listener issue on kafka topics | In progress. Reproduced the issue. But its not impacting the workflow/cause any failures. opa-pdp has implemented a retry mechanism to retry registration if pap doesn't respond. Adam to retry the testing with manual deploy/undeploy after the error occurs. – issue occurs if pdp is restarted. Restart pdp Check for no listener error Trigger the workflow. The issue was not reproduced in confluent kafka in helm deployment. Need to try with strimzi kafka. | |||
| PAP removing PDP instances after missed heartbeats and not added back. | Adheli Tavares | PAP removing registered pdps after a certain period – Adheli is investigating the issue. Tested with apex, xacml and opa pdps in docker and helm. PDP was removed after missed heartbeats. But added back in PAP after the next heartbeat, workflow is fine later on. – Not seeing the same issue. Needs further investigation. – Require logs from opa-pdp deployment. – LOgs provided Need to test with strimzi kafka | ||
| PAP showing negative offset and stops consuming kafka messages. | Ramesh Murugan Iyer | Need a ticket and check with strimzi kafka. | ||
| AOB | ||||
Actions
Notes
Attendees
Recording
Policy Framework Status Check
failing jobs
------------
https://jenkins.onap.org/job/policy-apex-pdp-maven-clm-master
https://jenkins.onap.org/job/policy-clamp-newdelhi-project-csit-clamp
warning jobs
------------
https://jenkins.onap.org/job/policy-apex-pdp-newdelhi-project-csit-apex-pdp
warning jobs
------------
Bugs
POLICY-5274 - Getting issue details... STATUS
POLICY-5233 - Getting issue details... STATUS