...
Topic Description
Excerpt |
---|
30m, Kevin Sandi fabian rouzautand Pawel Pawlak We will share the improvement mechanizm mechanism we developped developed as PoC for ONAP to automatically improve the committed code quality before its merge. |
...
Live interactive demo session
View file | ||||
---|---|---|---|---|
|
View file | ||||
---|---|---|---|---|
|
Agenda
- Problem description
- Solution
- DemoDemo
- Status and focus for ONAP
Minutes
Focus on code quality significantly reduces threats. The cost of fixing problem after merge has a cost (20-50% increase). Lack of SonarCloud automated new code scan was explained and demonstrated with CPS project. As a next step SO project will participate in the PoC. As an ultimate goal all ONAP projects would be covered by security by design approach.
Action Items
- work with PTLs community on finalization of quality gates for a new code merge to be followed by the TSC presentation for an implementation approval.
- provide feedback to Christophe on duplicated lines (new code vs. existing code) fabian rouzaut