OOM Dublin - M3 API Freeze Milestone Checklist
- Mike Elliott
- cl664y@att.com
- Yang Xu
The following items are expected to be completed for the project to Pass the M3 API Freeze Milestone.
M3 Release Architecture Milestone overview is available in wiki.
Usage
Use the "Copy" and "Move" options (available under the ..., top right of this page) to duplicate this template into your project wiki.
Fill out the Yes/No column
Provide link to evidence (when necessary)
Practice Area | Checkpoint | Yes/No | Evidences | How to? |
|---|---|---|---|---|
Security | Has the Release Security/Vulnerability table been updated in the protected Security Vulnerabilities wiki space? | N/A | No "code" or code libraries delivered by OOM only Helm Charts. Helm Charts are not scanned by NexusIQ. | PTL reviews the NexusIQ scans for their project repos and fills out the vulnerability review table |
Has the project committed to enabling transport level encryption on all interfaces and the option to turn it off? | N/A | OOM does not directly encrypt all interfaces for the ONAP components. That is the responsibility of the project teams to deliver. To secure access into a Kubernetes cluster, one can optionally deploy an ingress controller. | ||
Has the project documented all open port information? | N/A | ONAP project teams are required to update the OOM NodePort list if port changes occur in the release. | Update OOM NodePort List | |
Has the project provided the communication policy to OOM and Integration? | N/A | |||
Do you have a plan to address by M4 the Critical and High vulnerabilities in the third party libraries used within your project? | Yes | OOM-1608: CVE-2018-20699 Docker vulnerabilityClosed will be addressed as part of delivering OOM-1598: Document a Highly-Available K8s Cluster Deployment (RKE 0.2.1 / K8S 1.13.5 / Helm (2.12.3 - not 2.13.1) / Docker 18.09.5)Closed |
| |
Architecture | Has the Project team reviewed the APIs with the Architecture Committee (ARC)? | Yes | OOM Dublin - M3 Architecture Review (passed review March 5, 2019) OOM provides no external APIs. | Architecture walkthrough to understand how each project contributes on Release Use Case. ARC to organize the walkthrough. |
Is there a plan to address the findings the API review? | N/A | OOM Dublin - M3 Architecture Review (passed review March 5, 2019) OOM provides no external APIs | The plan could be as simple as a Jira issue to track the implementation of findings or a documented plan within the wiki. | |
Does the team clearly understand that no changes in the API definition is allowed without formal TSC review and approval? | Yes | NA OOM provides no external API's. | In the case some changes are necessary, bring the request to the TSC for review and approval. | |
Is there any changes in the scope, functionalities, deliverable, dependency, resources, API, repositories since M1 milestone? | No | If Yes, please a link to the evidence of these changes. | Critical point to understand is that change is inevitable, and that right timing and clear communication to the community will ease the process of accepting changes. | |
Provide link to the API Documentation. | N/A | OOM provides no external API's. | ||
Release Management | Are committed Sprint Backlog Stories been marked as "Closed" in Jira board? | Yes | Stories are marked done as completed | |
Are all tasks associated with Sprint Backlog Stories been marked as "Closed" in Jira? | Yes | Tasks are marked done as completed | ||
Have all findings from previous milestones been addressed? | Yes | See Dublin Risks #16,17 | ||
Development | Is there any pending commit request older than 36 Business hours in Gerrit? | No | See search | |
Has the project team reach the Automated Unit Test Code Coverage expectation? (Refer to artifacts available in Sonar) | N/A | Helm/Kubernetes do not have unit tests and is not supported by Sonar. See Sonar OOM Results | Helm/Kubernetes do not have unit tests and is not supported by Sonar. See Sonar OOM Results | |
Do you have a plan to address by M4 the Critical and High vulnerabilities in the third party libraries used within your project? | Yes | OOM-1608: CVE-2018-20699 Docker vulnerabilityClosed will be addressed as part of delivering OOM-1598: Document a Highly-Available K8s Cluster Deployment (RKE 0.2.1 / K8S 1.13.5 / Helm (2.12.3 - not 2.13.1) / Docker 18.09.5)Closed | Ensure by M4 the Nexus-IQ report from “Jenkins CLM” shows 0 critical security vulnerability. Open the Nexus-IQ report for the details on each repo. | |
Are all the Jenkins jobs successfully passed ( Merge-Jobs)? | Yes | |||
Are all binaries available in Nexus? | Yes | Helm charts for Dublin 4.0.0 can be found in public helm repo: https://nexus.onap.org/content/sites/oom-helm-staging/master/ | ||
Integration and Testing | Have 50% of System Integration Testing Use Cases been implemented successfully in Jenkins? | N/A | OOM is not directly in the flow for use cases. Functional testing of ONAP using ROBOT health checks, validates OOM deployments as seen in Auto Continuous Deployment via Jenkins and Kibana | |
Has the project code successfully passed the Daily Build process? | Yes | Goal is to ensure the latest project commit has not broken the Integration Daily Build | ||
Has the project passed the Integration Sanity Tests? | Yes | Check blocking issue page | Integration sanity tests in Dublin Release cover:
No test failure reported on http://onapci.org/grafana/d/8cGRqBOmz/daily-summary?orgId=1 No Integration Blocking Issue with no workaround: Dublin Release Integration Test Blocking Issues | |
Modeling | Has the Project team provided links to Data Models (e.g, JSON, YANG, Swagger, etc.) for all Shared Information (e.g., APIs, API Payload, Shared Design Model)? | It is a non-blocking item for M3 - The Modeling team is gathering information |