• This meeting is reduced to 30 minutes
• Rotating host
  • volunteer for this week: Paweł Pawlak  / Byung-Woo Jun 

Jessica Gonzalez Paweł Pawlak 

Byung-Woo Jun 

• Jessica Gonzalez , cleaning up ONAP confluence pages, attachments; so far 260GB, target: 220GB;TSC needs to set up a policy around the attachment length (6 months and can be 4 months)

  • Teams want to keep some of the important demo video.
  • TSC vote on August 29th: 

    TSC recommends all ONAP community members to add links with zoom meeting recording from Dashboard to ONAP Wiki's meeting summaries, so we could avoid an issue of high volume attachments with meeting recordings.

    • TSC approved the recommendation on August 29th 2024
    • Plans to share this recommendation with PTLs and others at the next PTL meeting.
  • working with LF IT, started June 13th and removed July 3rd; try to recover some of videos; Jessica will send email to Toine for more details.
  • 239GB current size, which is still big for migration; investigating if we can store large files to another storage; bring up options to TSC and TSC will make a decision
• Did we remove A1 Policy Mgt / CCSDK Jenkins Jobs from London release?

Byung-Woo Jun 

• Oslo related Wiki under creation by Byung, Release Planning: Oslo
• Project Status in Oslo Release
• Oslo Release Key Updates,  PTL, update them by end of September
• The Architecture diagram for Oslo, Oslo-R15 Architecture Diagram
• Oslo Architecture main wiki pages, Oslo-R15 Architecture/ArchCom Wiki Page ; see its sub directories for project architecture pages
• O-parent removal from Oslo??
  • Ericsson presented their O-parent removal experience to the TSC meeting
  • See Adheli's Removal of O-Parent from Policy, Removal of O-Parent from Policy 
  • Each PTL needs to open a Jira ticket for O-Parent removal from their projects
  • For the projects without PTLs, SECCOM will open a Jira ticket 
• ARCCOM: open for requirement/architecture reviews - target date: by end of September
  • Dan Timoney plans to update the key updates wiki page for CCSDK and SDNC
  • As needed, schedule requirement and architecture review with ARCCOM (Byung-Woo Jun )
    • Dan Timoney plans to schedule CCSDK and SDNC requirement and architecture reviews soon
    • Other PTLs will add key updates
• DT supports Argo CD-based deployment support the resolution? Andreas Geißler , Marek Szwałkiewicz , 
  • WIP (DT is working on it)
• Thomas Kulik , any update ? Fiete Ostkamp , worked on SDC for outdated Ruby - will update...
• Dong Wang (China Telecom) will share the China Telecom's vision for Oslo at the TSC this Thursday.

Byung-Woo Jun 

• ONAP Streamlining Documentation Enhancements for Oslo:
  • Defining ONAP Core components and extensions (e.g., lightweight ONAP, optional components)
  • Core component functions
  • Installation guide, including ArgoCD-based deployment options
  • configuration guide
  • User guide 
  • Use cases by operators and vendors
  • reference architecture (component, interface, security, function...) for lightweight ONAP
• PTLs will be contacted for their help as needed.

Andreas Geißler 

• An ArgoCD deployment to provide an alternative the helm deployment. Marek Szwałkiewicz , Andreas Geißler , any update? Andreas Geißler will check with Marek

• CCSDK A1 controller committer permission for John Keeney;
• Dan Timoney , said he is going to start the process, and John Keeney created a proposal, Committer Promotion Request for CCSDK repo - John Keeney.
• According to John Keeney (Ericsson EST) , these are the A1PMS activities, https://gerrit.onap.org/r/q/project:ccsdk%252Foran 

• ONAP logo change update, Thomas Kulik , https://gerrit.onap.org/r/q/%22new+onap+logo%22+-status:merged ; use the new ONAP logo where applicable...
• Thomas Kulik , will update next week after DT works at next TSC meeting

Byung-Woo Jun 

Andreas Geißler 

Kevin Sandi 

• DMaaP DR (DMaaP) deprecation is approved by TSC on July 25th - done
  • Error rendering macro 'jira' : Unable to locate Jira server for this macro. It may be due to Application Link configuration.
  • Proceeding rest of the transition steps, Project State: Unmaintained
  • The entire DMaaP will be deprecated, replaced by Kafka/Strimzi
  • Andreas Geißler , archiving unmaintained projects - done
  • https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27045 was created to remove DMaaP Jenkins job, CLM scan and sonaCloud report.
  • Kevin Sandi , sent email to Andreas Geißler for hist confirmation; Andreas Geißler confirmed this; Kevin will remove them to complete the ticket:

    • Jenkins Jobs and CLM scans::
      
      - jjb/dmaap/dmaap-datarouter.yaml
      
      - jjb/dmaap/dmaap-kafka-client.yaml
      
      https://gerrit.onap.org/r/c/ci-management/+/138907
      
      
      Sonarcloud reports:
      
      - dmaap-buscontroller
      
      - dmaap-datarouter
      
      - dmaap-kafka

Update Jiras

Oslo Package

Amy Zwarico 

Paweł Pawlak 

Oslo task: [REQ-1592] PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

Epic: https://jira.onap.org/browse/REQ-439

AAI: [AAI-3941] AAI PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR NEW DELHI RELEASE - ONAP JIRA

CCSDK: [CCSDK-4042] CCSDK PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR NEW DELHI RELEASE - ONAP JIRA

CPS: [CPS-2342] CPS PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR NEW DELHI RELEASE - ONAP JIRA

DCAE: [DCAEGEN2-3414] DCAE PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

Multicloud: [MULTICLOUD-1507] MULTICLOUD PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

Network Controller: [SDNC-1844] NETWORK CONTROLLER PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

Policy: [POLICY-5103] POLICY PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR NEW DELHI RELEASE - ONAP JIRA

PortalNG: [PORTALNG-114] PORTALNG PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

SDC: [SDC-4690] SDC PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

SO: [SO-4130] SO PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

UsecaseUI: [USECASEUI-840] UUI PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR OSLO RELEASE - ONAP JIRA

LF IT Support

• Jessica Gonzalez , cleaning up ONAP confluence pages, attachments; so far 260GB, target: 220GB;TSC needs to set up a policy around the attachment length (6 months and can be 4 months)

  • Teams want to keep some of the important demo video.
  • TSC vote on August 29th: 

    TSC recommends all ONAP community members to add links with zoom meeting recording from Dashboard to ONAP Wiki's meeting summaries, so we could avoid an issue of high volume attachments with meeting recordings.

    • TSC approved the recommendation on August 29th 2024
    • Plans to share this recommendation with PTLs and others at the next PTL meeting.
  • working with LF IT, started June 13th and removed July 3rd; try to recover some of videos; Jessica will send email to Toine for more details.
  • 239GB current size, which is still big for migration; investigating if we can store large files to another storage; bring up options to TSC and TSC will make a decision
• Lfx zoom meetings need backup owners for vacation and other occasions 

  • Pending ticket opened by Marek:

    https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-25573

    • Kevin Sandi - a workaround solution will be tried;
    • Marek / Matthew - automatic building solution is needed; escalate this? Waiting for feedback from Marek 
    • Kevin/Matt/Kevin - create a ticket and try a solution (maybe Github action helps? PoC??)
    • Some action plans and updates next week
    • Kevin and Marek are working on it, testing and deployment. will report its status - 90% is working; WIP; scheduled for next week update
    • wait for argo-cd deployment update. will revisit...
    • wait for Marek's return

    Kevin: Jenkins' sandbox; security patching is working fine; downtime would be 30 mins; will notify the downtime by email to ONAP community - WIP

    Thomas Kulik - issues with Portal-NG and other documentation - 

    Kevin / marek: WIP; update in two weeks.

    IT-26899 Project is not created in RTD - Kevin; found a root cause; almost done, pushed the fixes;

    Marek: Verifying of fixing; will follow up when Thomas Kulik  and Fiete Ostkamp back - next week report; related to RTD pipeline?  need further testing

    Ticket opened by Tony: IT-26848 - Tony is checking on it, still has issues; Kevin will work on it; Let us know.

  • Kevin Sandi , working on it; removing gerrit plugins as a possible solution; update the ticket with findings and will check them with Tony

CISA report on memory safe code: 

• joint-guidance-exploring-memory-safety-in-critical-open-source-projects-508c.pdf, 
• The-Case-for-Memory-Safe-Roadmaps-508c.pdf
  

  
  

• Maggie (NSA; SECCOM) forwarded the NIST special publication on Service Mesh Proxy Models for Cloud-Native Applications. It is pretty good documentation on Service Mesh, Threat analysis and recommendations, https://csrc.nist.gov/pubs/sp/800/233/ipd , https://doi.org/10.6028/NIST.SP.800-233.ipd

• 2 actions:

  1. OpenSSF- add/update their guidelines; Tony - Tony will check with OpenSSF 
  2. Locally for ONAP: impact assessment and reviewing if there are opportunities to remove those languages.

• Added memory safe code guidance to the architecture security review template, ONAP Component Architecture Review Template. PTL, please take a look at it.

Other Improvement suggestion

Andreas Geißler  Dan Timoney 

1. Complete the upgrade to Potassium originally planned for New Delhi. This work is almost complete – I expect to finish within the next week or so.
2. Complete the work needed to migrate our internal interfaces from the Bierman format to RFC 8040.
3. If time permits,  upgrade to OpenDaylight Calcium release. 

We have been advised that the OpenDaylight Calcium release is a major upgrade, with a significant amount of breaking changes.  So, I would say there is significant risk that the Calcium upgrade might not complete in time for Oslo.  My plan would be that we would release an initial Oslo version of CCSDK and SDNC that is based on OpenDaylight Potassium release to OOM as soon as it is a available so that we avoid a last minute impact.  Once that is complete, I’ll create our oslo branches and use our master branch to begin work on the Calcium port. If that port is completed in time to make Oslo, great – we’ll cherry pick it to the oslo branch and include it.  If not, then our Oslo code base remains stable on Potassium and the Calcium port will complete in the Paris release.

One more word on releases: my plan going forward is that the New Delhi release will be considered a “long term support” (LTS) release for CCSDK and SDNC.  That is to say, we’ll provide security updates and other critical fixes as needed for that release so that any clients that find themselves unable to migrate to RFC 8040 for whatever reason will still have support, with the understanding that they will remain on the OpenDaylight Argon release.

Dan Timoney , is working on this to remove Biermann API; he will update its status.

Paweł Pawlak 

Amy Zwarico 

1. Recommended packages upgrades are available on the restricted Wiki. Jiras to be created per project. 

   • Oslo/wiki/spaces/SV/pages/16094458

   Need to check NG Portal status CLM jobs. Any update?

 - no solution for now:

• • 6/24/2021: PortalNG reports in spreadsheet on protected wiki page - New Delhi Package Updates - Security Vulnerabilities - Confluence (onap.org)

Ticket opened by Fiete: https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-26527 (ticket is closed)

• ongoing; Jessica and Fiete are discussing this.

We are missing NG Portal UI CLM job.

List of the ONAP components to be disabled prepared by Andreas: 

OOM New Delhi Release

On April 18th, TSC approved the list.

Ticket opened by Fiete for UI CLM scan: https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-26882 - not a maven based project - an issue? To be further eleborated with Jess.

Fiete Ostkamp , SECCOM-276 - Setup scanning jobs for portal-ng-ui Closed . Unable to locate Jira server for this macro. It may be due to Application Link configuration.

Matt Watkins , will follow up. Please let us know the outcome. 

Chef dependency in SDC related to Ruby conflict (2.0 is pretty old)   SDC-4691 - catalog-be docker build is failing due to ruby dependency conflict Open

• Open Source Summit Europe, 16-18 September, Vienna, Austria,  https://events.linuxfoundation.org/open-source-summit-europe/program/schedule/?utm_campaign=Open%20Source%20Summit%20Europe%202024&utm_medium=email&_hsenc=p2ANqtz--PLfjC2kdB72Wx4XhOtjd6bwBvLLrdHV1DgPkYzqDK9cRnhL3sp2wYC4MtZWhqGGElYxHdkvMaIgDLVAx0ZQS2YsStnQ&_hsmi=311371508&utm_content=311371508&utm_source=hs_automation 
• Kubecon and CloudNativeCon North America 2024 (November 12-15), https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/?utm_source=google&utm_medium=paid-search&utm_campaign=kubecon-na-2024&utm_term=events-kubecon-na-2024-cncf&utm_content=kubecon-na_rsa&campaignid=21541954784&adgroupid=166431838780&creative=708046449585&matchtype=e&network=g&device=c&keyword=kubecon%202024&utm_term=kubecon%202024&utm_campaign=Events+-+KubeCon+NA+2024+-+CNCF&utm_source=google&utm_medium=ppc&hsa_acc=8666746580&hsa_cam=21541954784&hsa_grp=166431838780&hsa_ad=708046449585&hsa_src=g&hsa_tgt=aud-2235032889006:kwd-2276042045987&hsa_kw=kubecon%202024&hsa_mt=e&hsa_net=adwords&hsa_ver=3&gad_source=1&gclid=Cj0KCQjww5u2BhDeARIsALBuLnO86USewI8c0_a4uKus91l491oBwGC-cQoGruwKx3Sz5WUeGTuCFa0aAj_3EALw_wcB