It is extremaly important to define and assure as early as possible quality gates as well as automated process for checking if the submitted code can be merged. It saves everyones time!
Slides & Recording
Live interactive demo session
- Problem description
- Status and focus for ONAP
Focus on code quality significantly reduces threats. The cost of fixing problem after merge has a cost (20-50% increase). Lack of SonarCloud automated new code scan was explained and demonstrated with CPS project. As a next step SO project will participate in the PoC. As an ultimate goal all ONAP projects would be covered by security by design approach.
- work with PTLs community on finalization of quality gates for a new code merge to be followed by the TSC presentation for an implementation approval.
- provide feedback to Christophe on duplicated lines (new code vs. existing code) fabian rouzaut