Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 7th of December 2021.
Jira No | Summary | Description | Status | Solution |
---|---|---|---|---|
SECCOM presentations for incoming DDF (January). | SECCOM topics backlog for DDF (4 bullets we merge into one Topic):
Interproject proposals:
| ongoing | ||
Jakarta proposed versions update: |
| ongoing | CentOS versionits usage by ONAP community to be elaborated with Fabian. Column to be added on what applies to container run time and what applies to node | |
Jakarta basic images | Michal is working for both Java and Python | ongoing | Recommended versions to be shared with Amy. | |
SCA analysis | Ongoing - direct dependencies transferred to excel. Failing Jenkins jobs for AAI. Jira tickets created per project. | ongoing | ||
PTL meeting update |
| ongoing | ||
TSC meeting update | SECCOM requirements were approved by TSC. | done | ||
Meeting yesterday on unmaintained projects/repos | We need an audit on project dependencies – current projects that are unmaintained (and repos). | ongoing | David to lead this audit and bring it to TSC. | |
Quality gates for code quality improvements | 3 levels under consideration: bronze, silver and gold. Basic level could be reacjing 55% of code coverage. https://docs.sonarqube.org/latest/user-guide/metric-definitions/ Tables about project maturity (self reported) while we are doing measured approach. | started | To review levels from sonarqube and tables for project maturity. | |
SECCOM MEETING CALL WILL BE HELD ON 14th OF DECEMBER'21. | Quality gates for code quality improvements - continuation of the discussion. SBOM next steps - which repos/projects to take into account? |
Recording:
SECCOM presentation: