The following items are expected to be completed for the project to Pass the M3 API Freeze Milestone.
M3 Release Architecture Milestone overview is available in wiki.
Usage
- Use the "Copy" and "Move" options (available under the ..., top right of this page) to duplicate this template into your project wiki.
- Fill out the Yes/No column
- Provide link to evidence (when necessary)
| Practice Area | Checkpoint | Yes/No | Evidences | How to? |
|---|---|---|---|---|
| Security | Has the Release Security/Vulnerability table been updated in the protected Security Vulnerabilities wiki space? | Yes | R4 APPC Security/Vulnerability - Full Content | PTL reviews the NexusIQ scans for their project repos and fills out the vulnerability review table |
| Has the project committed to enabling transport level encryption on all interfaces and the option to turn it off? | No | Requirements and test cases for transport layer encryption have been created for all interfaces not currently supporting encryption. | ||
| Has the project documented all open port information? | Yes | OOM NodePort List | ||
| Has the project provided the communication policy to OOM and Integration? | No | tracking on APPC-1487 - Getting issue details... STATUS for details | Recommended Protocols | |
| Do you have a plan to address by M4 the Critical and High vulnerabilities in the third party libraries used within your project? | Yes | *APPC inherits from ODL. APPC is working with ODL community to address the security vulnerabilities issues. Please see ODL TSC meeting note: https://meetings.opendaylight.org/opendaylight-meeting/2019/tsc/opendaylight-meeting-tsc.2019-02-21-16.58.html |
| |
| Architecture | Has the Project team reviewed the APIs with the Architecture Committee (ARC)? | Yes | ONAPARC-408 - Getting issue details... STATUS | Architecture walkthrough to understand how each project contributes on Release Use Case. ARC to organize the walkthrough. |
| Is there a plan to address the findings the API review? | Yes | APPC-1442 - Getting issue details... STATUS is the epic to track new DistributeTrafficCheck API | The plan could be as simple as a Jira issue to track the implementation of findings or a documented plan within the wiki. | |
| Does the team clearly understand that no changes in the API definition is allowed without formal TSC review and approval? | Yes | NA | In the case some changes are necessary, bring the request to the TSC for review and approval. | |
Is there any changes in the scope, functionalities, deliverable, dependency, resources, API, repositories since M1 milestone? | No | If Yes, please a link to the evidence of these changes. | Critical point to understand is that change is inevitable, and that right timing and clear communication to the community will ease the process of accepting changes. | |
| Provide link to the API Documentation. | Yes | APPC LCM API Guide | ||
| Release Management | Are committed Sprint Backlog Stories been marked as "Closed" in Jira board? | Yes | APPC Board | |
| Are all tasks associated with Sprint Backlog Stories been marked as "Closed" in Jira? | Yes | APPC Board | ||
| Have all findings from previous milestones been addressed? | N/A | No previous findings | ||
| Development | Is there any pending commit request older than 36 Business hours in Gerrit? | No | ||
| Do you have a plan to address by M4 the Critical and High vulnerabilities in the third party libraries used within your project? | Yes | R4 APPC Security/Vulnerability - Full Content | Ensure by M4 the Nexus-IQ report from “Jenkins CLM” shows 0 critical security vulnerability. Open the Nexus-IQ report for the details on each repo. | |
Are all the Jenkins jobs successfully passed ( Merge-Jobs)? | Yes | https://jenkins.onap.org/view/appc/ | ||
| Are all binaries available in Nexus? | Yes | https://nexus.onap.org/#nexus-search;quick~appc | ||
| Integration and Testing | Have 50 % of System Integration Testing Use Cases been implemented successfully in Jenkins? It should include at least 1 CSIT that will be run on Lab-xxx-OOM-Daily Jenkins Job | Yes | https://sonar.onap.org/component_measures?id=org.onap.appc%3Aappc&metric=line_coverage APPC CSIT describes in APPC CSIT Functional Test Cases | |
| Has the project code successfully passed the Daily Build process? | Yes | https://jenkins.onap.org/view/appc/ | Goal is to ensure the latest project commit has not broken the Integration Daily Build | |
| Has the project passed the Integration Sanity Tests? | Yes | Integration sanity tests in Dublin Release cover:
No test failure reported on http://onapci.org/grafana/d/8cGRqBOmz/daily-summary?orgId=1 No Integration Blocking Issue with no workaround: Dublin Release Integration Test Blocking Issues | ||
| Modeling | Has the Project team provided links to Data Models (e.g, JSON, YANG, Swagger, etc.) for all Shared Information (e.g., APIs, API Payload, Shared Design Model)? | Yes | APPC provides one single definition for API: APPC uses Yang model to define LCM Action: Yang Model for LCM Action for payload. APPC uses swagger 1.2 apidoc that provided by ODL ( see some sample links in APPC WindRiverLab ) APPC does not use TOSCA model in R4. | It is a non-blocking item for M3 - The Modeling team is gathering information |