Page History

...

Jira No

Summary

Description

Status

Solution

Java and the new model of licensing for Oracle JDK versus Open JDK – Natacha

Oracle JDK which is commercial - benefits updates

Open JDK - like open source so free of charge but support for java 11 but not earlier versions.

Presentation was submitted to recent TSC meeting to ensure the common understanding of the risk.

TSC wants to know which distribution of the OpenJDK is used – Integration team/OOM to be contacted - discussion planned for next status meeting on Wednesday. SECCOM cares Java 11 and not particular distribution - we appreciate common image from governance perspectiveand harmonization - coordination on release manager side.

Next steps:

E-mail to be sent to Morgan with Pawel B. in copy to confirm if image is already created.

Secrets management

Agreement achieved last week (Krzysztof and Samuli)

Written description is needed on the Wiki.

Once we have a written recommendation, it would be reviewed at the next SECCOM meeting and further presented at the TSC for an prroval - once gained it would become best practice.

Script for automatic jira ticket generation of direct dependencies to be upgraded was successfully tested with CLAMP by Julien and Pierre.

2 scripts were created in Python

script 1: uses maven and creates json of direct dependencies to be upgraded
script 2: takes json generated by script 1 and creates Jira tickets for each package to be upgraded

Scripts were reviewed as well as CLAMP. No specific feedback from SECCOM received from demo till today.

Nexts steps:

Wiki with script description to be created
Before creating a ticket script could check if it does not exist.
Scripts available under Julien's github: https://github.com/JulienBe/onap-dep
Present solution to PTLs and get feedback on how to integrate the scripts into the ONAP development cycle to generate the project jiras for package upgrades

New xtesting security docker has been integrated end of last week.

Meeting on Wednesday with OOM and Integration.

Update next week.

Frankfurt M2/M3 scorecard SECCOM requirements update

Items reviewed:

Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-207
SECCOM Code coverage
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-215
SECCOM Containers configured per secure recommendation
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-219
SECCOM Java 11 migration from v8
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-223
SECCOM CII badging – meet targeted Silver and Gold requirements
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-227
SECCOM Complete the OJSI backlog
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-231
SECCOM HTTPS communication vs. HTTP
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-235
SECCOM Password removal from OOM HELM charts
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-239
SECCOM Communication Matrix
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-243
SECCOM Containers and Kubernetes secure configuration recommendation
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-247
SECCOM Coverity integration by end of Frankfurt
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-251
SECCOM Ingress controller
Jira
server ONAP JIRA
columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId 425b2b0a-557c-3c0c-b515-579789cceedb
key REQ-263
SECCOM Perform Software Composition Analysis - Vulnerability tables

Status

colour	Yellow
title	YELLOW

Status

colour	Red
title	RED

Status


colour	Yellow
title	YELLOW

Status

colour	Red
title	RED

Status


colour	Yellow

Status


colour	Green

Status


colour	Yellow

Status


colour	Green

Status

colour	Green
title	GREEN

Status


colour	Red
title	RED

Status


colour	Green

Status

colour	Red
title	RED

OJSI status update - projects to be reasked - if no feedback - slot to be assigned on the next PTL call

CII Badging - Jira tickets to be isued with script usage. Some answers from hardening questions.

ONES NA CFP

SECCOM presentations submitted:

ODL and ONAP (Pawel & Luis)
Password generation with ONAP (Krzysztof)
Cloudnative deployment of ONAP with ingress controller (Krzysztof)
Kubernetes and security aspects (Samuli & Amy)

To be further discussed the scope of SECCOM F2F in LA:

ONAP security requirements and allignment with VNF security requirements

VNF security requirements

CMPv2 update

Buiding containers in an unified way for ONAP

Template to be created.

OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 11TH OF FEBRUARY'20

...

Space shortcuts

Page tree

Versions Compared

Old Version 3

New Version Current

Key