Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Jira No
SummaryDescriptionStatusSolution

ONAP Security logging PoC requirements - Byung

https://lists.onap.org/g/onap-requirements-sub/viewevent?eventid=1437425&calstart=2022-02-28

Presentation available at the bottom of this page. Security Logging Requirements were presented to Use Case Subcommittee.

Toine agreed to be a project for a PoC.

startedPresentation on proposed logging fields to be provided to PTLs community on 14th of March. To be folloed by architecture information as a separate presentation/topic.
IT-23650Unmaintained projects – ticket creation for failing Jenkins jobs 

Issue seems to be finally resolved.

homas asked to propose a patch for the composite release notes that includes info from slide 6.

done

LFN preparing document on ONAP security

https://wiki.lfnetworking.org/display/LN/2022+LFN+Security+whitepaper

Contribution needed for SBOM part – Sean/Bob done

-NTIA paper could be a good reference.

done

Unmaintained projects Discussion on how to represent unmainained project, yaml vs. Json file, type of information.ongoing
IT-23622IT-23622 API documentation for SonarCloud (continuation of IT-23519)

Tony and Amy will try to use AT&T leverage as SonarCloud customer to get info on API documentation.

ongoing

Unmaintained projects - Istanbul Maintenance Release NotesTicket creation for failing Jenkins jobs. Thomas asked to propose a patch for the composite release notes that includes info from slide 6 but we first need to solve failing Jenkins jobs.doneFailing Jenkins jobs issue to be escalated.

Security logging update 

https://wiki.onap.org/display/DW/Jakarta+Best+Practice+Proposal+for+Standardized+Logging+Fields

Some more clarifications planned, naming causing some confusion.


ongoing

One more session (on 25th of February) to complete fields review.

Next to be reviewed with PTLs.


SonarCloud findingsTony will open direct tickets to projects.startedTickets to be open by Tony.

Badging - no update

Tony working with David and Dave on getting projects moved from having owner from project and replacing with David for Badging. Some owners gone away... Additional editors do not have rights to remove somebody from the project (can only add additional people).

No movement. Waiting for an answer from David Wheeler.


Tony to reach out David.

Final SCA scan for Istanbul Maintenance release.List of projects with transitive dependencies to be provided by Amy.


Quality gatesNo update so far from Seshu.ongoing

To join SO meeting.

To drop an e-mail to Toine.


Issue with Wiki creation by TonyTicket to be created to solve the issue







SECCOM MEETING CALL WILL BE HELD ON 15th OF MARCH'22. 

Quality gates for code quality improvements - continuation of the discussion.

5Y review criteria.





Recording: 

View file
name2022-03-08_SECCOM_week.mp4
height250


SECCOM presentation: