2019-08-22 DCAE Meeting Notes

Bridge

New time (Effective from 03/14/2019 - until DST Ends)

Thursday, 9.00 – 10.00 AM EDT/13.00 -14.00 PM UTC

Bridge - zoom.us/j/824147956 

Recording:

Attendees:

Host: Tony Hansen

Aleem, David Farrelly, ecormul, Henrik Andersson, Jack Lucas, Marge Hills, Mark Scott, Pawel Baniewski, Piotr, pwielebs, Rajendra Jaiswal, Sameer, Sonia Sangari


Discussion Topics:


1 Time (est) Topics Requester/Assignee Notes/Links
2
Project Status

START RECORDING

PARTICIPANT LIST

3
Self Release process

Self Releases Workflow (Nexus2)

Open Issue: IT-17166 Self release support for projects with independent sub-project

Impacts following repo

  • dcaegen2/services
  • dcaegen2/cli


4
Globaljjb migration (DCAEGEN2-1578)

Status checkpoint review and open issues  - global-jjb Migration Tracker

Key Changes

  • Oparent migration to 2.0.0
  • New build job introduced (replaces old release job)
    • New jobs are required to be run on Centos

Migrated Jobs with issues

  • SDK dmaap client (reverted back temporarily to Ubuntu for jar creation) (izabela.zawadzka@nokia.com, @pawel.biniek@nokia.com, Piotr Jaszczyk )
  • HV_VES
  • PM-Mapper
  • InventoryAPI
  • ServiceChange Handler
  • DFC (jar is okay)
  • RESTConf (jar is okay)
  • VES (jar is okay)
  • SON-handler (jar okay)
  • PRH
  • BBS-EP
  • DataLake-handlers (8/8 - Can be exempted as this is POC component)
  • Mapper
  • TCA
  • TCA-gen2


Completed Work

  • Docker binding to mvn phases being removed to separate jar and docker creation on separate job; so the latter job can be run on Ubuntu and jar creation can be done on centos and auto-signed.

Outstanding work

  • Migrate SDK build structure to disable failing unit-test for maven-stage job so it can be migrated to Centos


5
El-Alto Commitments Early Drop artifacts

Release candidate

EarlyDrop  (Code completion and artifact released by August 2, 2019) 5.0.0

  • ConfigbindingService
  • CloudifyManager
  • Bootstrap
  • Plugins (k8s, Dmaap)
  • ServiceChangeHandler
  • InventoryAPI
  • DFC
  • PM-Mapper
  • Deployment Handler

Branching will be done with released component by tomorrow; master branch can be used for Frankfurt work (need minor version updated to avoid conflict with El-Alto patch/bug fixes)

Second/Final El-Alto drop (Code completion and artifact released by Sep 6, 2019) 5.1.0

  • BlueprintGenerator (DCAEGEN2-1700)
  • TCA
  • VESCollector
  • SDK
  • RESTConf
  • Dashboard
  • HV-VES
  • PRH
  • PM-Mapper (minor updates)
  • DFC
  • SON-Handler
  • Mapper?
  • ?
6
MS Blueprint Impact

DCAEGEN2-1686 - Blueprints should import Cloudify type files version 4.5.5

Possible impact for components using k8s plugin 1.6.x and up; Jack verifying this currently and will confirm next week

  • DFC
  • Pm-Mapper
7
 SECCOM updates

8/15 & 8/8 - OJSI issues (201 is critical and impacts DCAE passing badge)

7/25

  •     SEC-COM addressing some selected vulnerabilities as POC for some project; recommendation to other projects team will follow after POC is done
  •     Component owners may choose to address reported vulnerability for El-Alto if they have bandwidth


SEC-COM Vulnerabilities per project/component  https://wiki.onap.org/download/attachments/48531500/19_07_09_DublinVulnerabilitiesAnalysis.xlsx?api=v2 (from https://wiki.onap.org/display/DW/2019+SECCOM+meeting+input)

SECCOM proposing ONAP project wide updated for external libraries (Vulnerabilities) https://wiki.onap.org/download/attachments/64007424/ONAP%20Vulnerability%20management%20for%20El%20Alto%20release_PP_v4%20%282%29.pptx?version=1&modificationDate=1561385888000&api=v2

DCAE Impacted component are listed below


 8
 CL format change

Control Loop Event Standarization using VES 

  • New DCAE MS support for new CL structure?
    • Followup with Pam/Policy team whether this can be supported for Frankfurt






Discussed SECCOM-251 - 255

During the meeting, I thought these were related to crypto_used_network, but instead these are about VES supporting authentication and authorization. That is, there must be no more unauthenticated and unauthorized VES reports. The various requirements deal with how an authentication identity is to be implemented and authorized.


Open Action Items



Seeking Community support

Topic/JIRACurrent Status Planned Work
Docker build consistentency ( DCAEGEN2-1579)

JIRA cover broad aspect of standardizing DCAE component build process and docker tagging.

  1. Nokia team proposal identifies best practice for docker tagging optimized-dockers-jvm.pdf. 
  2. Following components migrated to new docker tagging best-practice
    1. PRH
    2. PM-Mapper

Need volunteer from community to support

  • Standardize pom/jjb template for all dcae component (java and python)
  • Plugin list alignment with oparent
  • Python build dependency on script to be reduced;