Software Bill of Materials (SBOMs) help in improving software development, supply chain management, vulnerability management, asset management, procurement, and high assurance processes.
There are several benefits of creating and using SBOM include reducing cost, security risk, license risk, and compliance risk.
SBOMs available formats were reviewed with an explanation of selected SPDX as ISO standard for an ONAP SO pilot and real ONAP SBOM generation in LFN CI pipeline.
Adding SBOM capability in the pipeline has no roadblocks, call for action was to implement it sooner as it does not require a lot of efforts on project teams.
Review release process changes that were implemented during the Istanbul release
Review lessons learned during the Istanbul release
Changes implemented in 2021 i.e. additional milestone (M4 - Docker Container readiness replacing some RC0 tasks), 1 Release Cadence were confirmed as efficient..