Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This centralized page, for all Guilin projectsHonolulu projects, is aimed at identifying the risks as they are foreseen within the release life cycle.

...

Risk IDProject Team or person identifying the riskIdentification DateRisk (Description and potential impact)Team or component impacted by the risk

Mitigation Plan

(Action to prevent the risk to materialize)


Contingency Plan - Response Plan

(Action in case of the risk materialized)

Probability of occurrence (probability of the risk materialized)

High/Medium/Low

Impact

High/Medium/Low

Status
1OOF

 

Meeting the following requirement for CMSO - Upgrade vulnerable packagesOOF - CMSOWill be taken up along with the feature implementation if it is required by the use casesProject team will try to take up activity if no new feature is plannedLowLowIdentified
2UUI

 

usecase UI dockers contain GPLv3

Jira
serverONAP JIRA
serverId425b2b0a-557c-3c0c-b515-579789cceedb
keyUSECASEUI-494

UUIWill take active action to contact Jira owner and find out witch package contains GPLv3Make the current dependencies work well and keep this problem to next releaseHighLowIdentified
3Policy

 

Some package upgrades (e.g., CDS) may require significant rework

Jira
serverONAP JIRA
serverId425b2b0a-557c-3c0c-b515-579789cceedb
keyREQ-439

PolicyWill continue to work on upgradesObtain a waiver for the problem packagesMediumMediumIdentified
4SDC

 

Some package upgrades may require significant rework

Jira
serverONAP JIRA
serverId425b2b0a-557c-3c0c-b515-579789cceedb
keyREQ-439

SDCWill continue to work on upgradesObtain a waiver for the problem packagesMediumMediumIdentified
5AAI

 

Cannot upgrade to Java 11 for modules dependent on Java 8 only supported Janusgraph

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

AAINothing we can really do given the current constraints unless JanusGraph updates to working with Java 11Obtain a waiver for the mS with the core tech of JanusgraphHighLowIdentified
6DCAE

 

REQ-438 - COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11)  

Due to upstream dependency on NIFI project, some of MOD (NiFI) components (designtool/gen-processor/nifi-registry) will remain in java 8

DCAEMigrate/replace MOD NiFI components with custom containers for future releaseRequest waiver (discused with SECCOM and they are okay with filing exception for NiFI components)HighLowIdentified
7DCAE

REQ-437 - COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8

With Cloudify 3.x support releated by Cloudify under 5.1.1, DCAE CM pod upgrade is targetted for H release. This will be major upgrade requiring extensive regression. Marking this risk due to resource/time constraint. 

DCAEBased on severity of issue - we'll assess if new containers can be released for H release or if need to be withheld.If switching to Guilin version (old CM 4.6 version) - will need waiver for Cloudify container and pluginsMediumHighIdentified
8CPS

 

Upgrade vulnerable packages, which all are Transient dependenciesCPSWorking with SecCom to resolve high level vulnerabilitiesObtain a waiver for the problem packagesMediumLowIdentified