Goals
This project will focus to address the remaining Security requirements defined by the ONAP SECCOM Community based on JIRA Backlog
Perform the necessary migration/upgrade to packages according to the SDC security vulnerability report: https://wiki.onap.org/pages/viewpage.action?spaceKey=SV&title=SDC
Tasks
(Due dates are roughly estimated and are subject to change ±)
# | Activity | Due Date | Status |
---|---|---|---|
1. | Set up SDC local development environment and run Sanity tests. Get familiar with SDC components and understand he interaction among them |
| ACTIVE |
2. | Upgrade maven dependencies to more recent versions so they don’t include security vulnerabilities |
| PENDING |
3. | Generate certificates with AAF in deploy time and integrate them |
| PENDING |
4. | Getting CII badges (passing/silver/gold) |
| PENDING |
5. | Fixing security tickets and ONAP JIRA Security Issues (OJSI) |
| PENDING |
6. | Bounce checking special characters for SDC APIs |
| PENDING |
7. | Migrating Junit 4 to 5 |
| PENDING |
8. | Java 11 migration |
| PENDING |
9. | Complete pending tasks + Summary report |
| PENDING |
Implementation
- Implement the required migrations (Update used packages and dependencies, Junit4→Junit5, and migrate to Java 11)
- Implement any required code modifications due to the upgrade/migration
- Fix security tickets and OJSI
Milestones
Week 6
- Set up SDC local development environment and run Sanity tests
- Get familiar with SDC components and understand he interaction among them
- Upgrade maven dependencies to more recent versions so they don’t include security vulnerabilities
Week 12
- Generate certificates with AAF in deploy time and integrate them
- Getting CII badges (passing/silver/gold)
Week 18
- Fixing security tickets and ONAP JIRA Security Issues (OJSI)
- Bounce checking special characters for SDC APIs
- Migrating Junit 4 to 5
Week 24
- Java 11 migration
- Complete pending tasks + Summary report
Mentee: Amir Mohamad