You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 8
Next »
Agenda
START RECORDING
Duration | Agenda Item | Requested by | Notes / Links |
---|
1 hour | Cross-project discussions | Amy Zwarico | SECCOM proposed change to analyzing known vulnerabilities and updating vulnerable packages - Remove requirement to provide effective/ineffective analysis until there are tools to support the analysis
- Projects update direct dependencies in their applications to most recent version of packages
- Projects open Jiras to update packages in direct dependencies
- No requirement to upgrade transitive dependent packages
- oparent updated to most recent version of included packages (as of the time of the oparent release for the ONAP release)
- PTLs provide feedback on proposal to SECCOM nlt Dec 4
|
LF IT Support |
| - Repository Management FAQ
- Send email to infrastructure-coordinator@onap.org
- The Infrastructure coordinator is responsible for reviewing the request and either opening the ticket with LF-IT if everything is OK --OR-- taking the issue back up with the PTL --OR-- escalating it to the TSC only if something in the request is not OK and the PTL insists on moving forward anyway.
- Concern about responsiveness.
- Coordinator has been periodically unavailable -
- Dave/Kenny to follow up with coordinator to ensure ongoing availability and understanding of role
- Do we need a backup for the coordinator when unavailable (bus trips, vacation, etc.)
- PTLs may make a request to the TSC to identify a backup
- On the agenda for this week's TSC meeting
- Tickets
- IT-17899- APPC code coverage down from 80% to 5%
- IT-18325 - Create 3 new repositories to manage docker images
- Waiting on Infra Coordinator
- Migration Status / Upcoming Changes
- Action: PTLs review migration results and add comments on migration tracker
|
Testing Environment | | - Still removing images that are 20 ? days created vs updated. X.X.X-SNAPSHOT, can we please not remove these unless the update date > 20? days. What images should be retained? There is some inconsistency still.
|
Testing Improvement | | - New sonarcloud (possibly covered above by Jessica): Is there a way to login so a PTL can customize their view?
- Jessica Gonzalez reports that we are losing some capability with the newer version. However, it's necessary to update to maintain vendor support.
|
CSIT Review |
| - Disabled jenkins jobs to be cleaned up this week
- PTL will be included on gerrit review
- contact Morgan Richommewith any concerns
|
ToolChain Improvement |
|
|
Other Improvement suggestion |
|
|
Subcommittee Updates for PTLs |
| Cassandra 3 upgrade for the common cluster in OOM Ofir Sonsino - Ofir and Jimmy to discuss and come back to PTL meeting with recommendation
No update, will report next week |
TSC Update | Project Life-cycle Review | Preparation of the material to review Project life cycle as part of Frankfurt M2 Milestone. https://jira.onap.org/browse/TSC-107 |
Sharing Best Practices |
| |
IF TIME ALLOWS .... |
15 mins | Release status | | M1 wrapup David McBride Lab changes and impact on Frankfurt Schedule Brian Freeman M2/M3 JIRA issues generated Nov 21 David McBride Marco Platania reports that we have a release blocking issue at Wind River labs |
5 mins | Upcoming Events | |
|
10 mins | Remaining Action Items | | PTL Weekly ONAP12, Mon UTC 13:00 |
Zoom Chat Log
06:15:56 From cl664y : I have probably sent to onap-release only when the message is for PTLs
06:17:00 From Amy Zwarico : Amy Zwarico sent email to onap-release on Monday, 25 November, titled "NexusIQ Vulnerability Management for Frankfurt"
06:43:30 From Krzysztof Opasiak : The ticket id is IT-18372
06:54:10 From Pamela Dragosh : I have 2 more questions to add. 1) for removal of password from OOM charts, where are the JIRa’s for this? 2) seems the documentation project merge job is not producing any changes into the readthedocs
07:12:31 From Tony Hansen : http://tlhansen.us/onap/cii.html
07:12:46 From Tony Hansen : https://wiki.onap.org/display/DW/CII+Badging+Program
07:28:38 From morgan : need to drop. From an integration perspective, we have critical issues with the windriver lab (no access to some VMs, none of the lab answering properly) Jira is tracking the progress.
Action Items
- Jessica Gonzalezinvestigate whether it is possible to ignore a Sonar reported vulnerability through code annotation or other means
- Kenny Paul alert DDF programming committee regarding TSC-107 and related proposal. How will this be done? What is the time requirement?