We start our meetings by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.
Agenda
START RECORDING
Duration
Agenda Item
Requested by
Notes / Links
Duration
Agenda Item
Requested by
Notes / Links
30 mins
Cross-project discussion
This meeting is reduced to 30 minutes
Rotating host
volunteer for this week: @Byung-Woo Jun
TSC Strategy
@Byung-Woo Jun
Brainstorm:
Ensure ONAP core components are focused and operate independently, from build to runtime
DT finishs Argo-CD based component independent deployment
Argo-CD is a DT choice, but ONAP can allow other CDs, e.g., Flux (need contributors)
DT plans to productize some of the selected ONAP core components early next year in their TNAP production environment
Declarative and Intent-based component operations by the Repository-based Network Automation : see the ideas from ONAP Architecture Evolution - Ideas (November 2023)
Make ONAP core components more autonomous and ready for use by both ONAP, LF and other external users
During New Delhi and Oslo releases, CPS and Policy achieved the OpenSSF Gold Badging status. Kudos to the team!
Continue to promote/facilitate other ONAP core components for the Gold Badging status (e.g., UUI, SDNC)
Incorporate more GenAI capabilities and use cases to the ONAP components, and promote the adoption of open-source LLM models and frameworks aligned with LF AI & Data and GenAI Commons
Collaborate with LF AI & Data GenAI Commons and Nephio GenAI for 5G and 6G
Open-source based models and controls
AI-Based Control Loop
AI Model-As-A-Service
Foster inter-community collaboration with other LF communities, such as O-RAN and Nephio
SDNC enhancements (which is used by O-RAN OAM as is)
Resource-based Orchestration Pattern (leveraging CD and Operator)
Ensure the security of ONAP components and operations
The latest security mechanism for communications (service mesh enhancements leveraging Istio and coming Ambient Mesh)
Deprecate unused sub-components and mitigate security vulnerabilities
Define a secure LFN CI/CD pipeline by leveraging OpenSSF-associated reference tools
@Amy Zwarico will provide another demo how to access Nexus to PTLs next Monday (12/09)
PTLs can add more people for the Nexus access (but maybe there are some license limitations; check with LF IT);
@Amy Zwarico , give a Nexus access demo, can we give PTLs more current views?
@Toine Siebelink , CPS has a fortnightly community meeting during which we already check some quality report. I think we will start including this Nexus IQ report in that cycle...
SDNC Library, Policy, Doc Update
@Dan Timoney
@Andreas Geißler
@Ramesh Murugan Iyer
@Thomas Kulik
SDNC - SO integration testing for RFC 8040 status?
Good news. Almost done…
@Ramesh Murugan Iyer, @Andreas Geißler , Policy needs to be updated XACML pdp image update? What is the current status?
this week the Policy team plans to merge the change into the master branch for Paris
Oslo Release update
@Byung-Woo Jun
New Oslo sign off date is January 16th.
Any documentation update needs to be done by Sign off (Jan 16)
ARCCOM - Done
OOM
CPS
Policy
Portal-NG
CCSDK/SDNC
SO
UUI
Integration Test
...
PTLs need to issue Release Candidate Jira tickets for their projects
TSC approved a vulnerability exception for some projects; Package upgrades for vulnerability mitigation will be handled in Paris, and SDC Ruby update is postponed to Paris
@Kevin Sandi believes it is done. Check with Deena and Murali
@Paweł Pawlak , direct dependencies do not show it. @Kevin Sandi , will check it.
To find the dependency report (under CLM) from Nexus scan… @Kevin Sandi plans to fix it.
Dependency scan does not support for goLang.
OOM, SDNC, SO Update
@Andreas Geißler
@Dan Timoney
update needs for policy and cds (java 17 version) - image update;
Java 17 version update for CDS has been done part of the Oslo release
SDC, SO update will be done in the Paris release
Any OOM update for Oslo?
Update Jiras
Oslo Package
@Amy Zwarico
@Paweł Pawlak
@Toine Siebelink
** Moved this task to Paris **
Byung-Woo Jun, for those projects without PTLs, we fileed vulnerability exception. Those package update will be revisited in Paris. TSC approved it on December 12th.
@Toine Siebelink updated the following: (Thanks!!!).
Assignee, please check the tickets
For the ticket without assignees, we need to find new assignees
@Fiete Ostkamp , is there any automated tool for dependency checking from Gerrit? Matthew will provide its update. Matt/kevin will check; may use portal-ng as a test project/candidate; Fieta will a LF IT ticket toward Matt/Kevin. ; Matt put a couple of patches, still working on it. Matt gave us update…
The Github2Gerrit is under IT-27340; about to merge; Matt, let us know;
@Kevin Sandi, Github action ticket (Kevin Sandi) - bypassing -1 for option jobs : any update? Jira ticket for tracking RELENG-5602
If patches are fixed today, Kevin can start testing.
New bypassable workflow is in place and working. There are a couple of improvements I’m working on to avoid deprecation notices and use the correct voting github action.
It is working, but @Toine Siebelink , will create a new ticket for a new policy on checking the RTD links toward @Kevin Sandi ; @Thomas Kulik , reported there are many broken ONAP wikis; treat every warning as a warning??