Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

This centralized page, for all Istanbul projects, is aimed at identifying the risks as they are foreseen within the release life cycle.

A Risk that materialized becomes an Issue.

Status:

  • Identified: a risk that has been identified, but has not yet been analyzed / assessed yet 
  • Assessed: an identified risk which currently has no risk response plan 
  • Planned: an identified risk with a risk response plan
  • In-Process: a risk where the risk response is being executed 
  • Closed: a risk that occurred and is transferred to an issue or the risk was solved/avoided
  • Not occurred: a risk that was identified but that did not occur 
  • Rejected: created and kept for tracking purposes but considered not to be used yet


Risk IDProject Team or person identifying the riskIdentification DateRisk (Description and potential impact)Team or component impacted by the risk

Mitigation Plan

(Action to prevent the risk to materialize)


Contingency Plan - Response Plan

(Action in case of the risk materialized)

Probability of occurrence (probability of the risk materialized)

High/Medium/Low

Impact

High/Medium/Low

Status
1OOF

 

Problem with removing GPLv3 components from OSDF docker imageOSDFPossible ways of solving the problem are documented here. OSDF Image optimizationRaise an exception for this release and continue to work on itMediumMediumIdentified
2Policy

 

Problems resulting from upgrade of jetty-serverPolicy, oparentRequest update to oparent sooner rather than later so that impact may be assessedRaise an exception for this release and continue to work on itLowHighIdentified
3Policy

 

Problems resulting from upgrade of CDS jarsPolicy, CDSBe proactive with CDS team
MediumLowIdentified
4Policy

 

TSOCA Control Loops are dependent on migration of DCAE kubernetesPolicy, DCAEBe proactive with DCAE team
MediumMediumIdentifier
5AAI

 

Lack of resources to deliver 

REQ-439 - CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIES 

AAIMake best efforts to resolve the security findingsRaise an exception for this release and continue to work on itMediumLowIdentified
6AAI

 

Janusgraph does not support Java 11

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)

AAINot much we can doRaise an exception for this release and hope janusgraph supports java 11 in the coming releaseHighLowIdentified
7DMaaP Message Router

 

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Confluent base images used by Message Router kafka/zookeeper are built using Java 8. Move to a newer version is a risk based on resources/time constraints.

DMaaPSource some more resources for the project to address this issue.Obtain a waiver for the problem packagesHighLowIdentified
8DMaaP kafka

 

Code coverage for the dmaap-kafka project failed to meet the required goal.

DMaaP kafkaCode coverage goalsObtain a waiver for the impacted componentsHighLowWorking with Sonar community to fix this unexpected coverage drop.
9CCSDK

 

Most recent AAF shiro plugin version appears to still be compiled for Java 8, which causes problems when installed in Karaf under Java 11.AAFAAF plugin is not installed until this is resolved - installing it breaks the container.Will continue to use built-in ODL credentials instead of using AAF to authenticateHighLowIdentified
10DCAE

 

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)

dcaemod-designtool & dcaemod-nifi-registry has dependency on upstream (NiFI) project which is currently on java8


DCAEContinue H versionWaiver/Exception to  be filed with SECCOM HighLowIdentified
  11DCAE

 

Scope of DCAE Transformation (REQ-685) being large and dependency on multiple projects (DCAE, OOM, Integration, CLAMP) - there is risk in completing the planned scope in entierity for this releaseDCAE, Integration, OOM, CLAMPPeriodic assessment with all impacted project;  adjust target scope if required.Defer subset of features to J releaseMediumMediumIdentified
12UUI

 

USECASEUI-574 - Getting issue details... STATUS

Update the vulnerable direct dependencies in code base but the result is unknown, and we don't have the lab environment to verify it now

UUIDelay it until our lab environment is ready
HighLowIdentified
13UUI

 

USECASEUI-405 - Getting issue details... STATUS

Not enough human resource to do this modification

UUIContinue working on it until next release
HighLowIdentified




























































  • No labels