-
Type: Task
-
Status: Resolved (View Workflow)
-
Priority: Medium
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: VOLTHA v2.5
-
Component/s: ofagent-go, openolt-adapter, openonu-adapter, voltha-lib-go
-
Labels:None
-
Story Points:2
-
Epic Link:
We'd like to arrange with the community that CI/SCA security scan tools are activated on upstream/ONF VOLTHA software repositories so that security requirements are met.
Goal:
all relevant VOLTHA repositories covered by SCA/security tools inside the CI/CD pipeline
The tools may run with the flag "allow_failure: true" inside the CICD pipeline, meaning developers can push and build changes even though the tools report an issue.
The recommended list of security tools:
- Golang https://github.com/securego/gosec
- Python https://pypi.org/project/bandit/
- Java FindSecBugs|https://find-sec-bugs.github.io/
Affected repositories:
https://github.com/opencord/voltha-go
https://github.com/opencord/voltha-openolt-adapter
https://github.com/opencord/voltha-openonu-adapter
https://github.com/opencord/ofagent-go
https://github.com/opencord/kafka-onos
# | Subject | Branch | Project | Status | CR | V |
---|---|---|---|---|---|---|
20120,1 | VOL-3353 Enable Go sec | master | voltha-go | Status: ABANDONED | 0 | 0 |
20122,5 | VOL-3353 Enable gosec sca tool for voltha-go | master | voltha-go | Status: ABANDONED | 0 | 0 |
20123,7 | VOL-3353 Enable Go sec | master | voltha-openolt-adapter | Status: MERGED | +2 | +1 |
20124,5 | VOL-3353 Enable Go sec | master | ofagent-go | Status: MERGED | +2 | +1 |
20125,1 | VOL-3353 Enable Go sec | master | voltha | Status: ABANDONED | 0 | -1 |
20126,2 | VOL-3353 Enable Security checks | master | voltha-openonu-adapter | Status: ABANDONED | 0 | 0 |
20128,1 | VOL-3353 Enable python security check tools | master | voltha | Status: ABANDONED | 0 | -1 |
20129,13 | [VOL-3353] Enable security checks | master | voltha-openonu-adapter | Status: MERGED | +2 | +1 |
20130,5 | [VOL-3353] Enabled Find Security Bugs | master | kafka-onos | Status: MERGED | +2 | +1 |
20131,4 | [VOL-3353] Enabled Find Security Bugs | master | sadis | Status: MERGED | +2 | +1 |
20132,4 | [VOL-3353] Enabled Find Security Bugs | master | olt | Status: MERGED | +2 | +1 |
20135,15 | [VOL-3353] Python CI tools container | master | voltha-docker-tools | Status: MERGED | +2 | +1 |
20136,4 | [VOL-3353] Trigger openonu security static checks | master | ci-management | Status: MERGED | +2 | +1 |
20142,6 | VOL-3353 Enable Go sec Change-Id: Iefd4e6650c64a125ec0b7616fc4425ad24ab9a14 | master | voltha-go | Status: MERGED | +2 | +1 |
20192,2 | [VOL-3353] Enabled Find Security Bugs | master | aaa | Status: MERGED | +2 | +1 |
20193,2 | [VOL-3353] Enabled Find Security Bugs | master | bng | Status: MERGED | +2 | +1 |
20194,2 | [VOL-3353] Enabled Find Security Bugs | master | config | Status: ABANDONED | 0 | -1 |
20195,2 | [VOL-3353] Enabled Find Security Bugs | master | dhcpl2relay | Status: MERGED | +2 | +1 |
20197,2 | [VOL-3353] Enabled Find Security Bugs | master | fabric-tofino | Status: MERGED | +2 | +1 |
20198,2 | [VOL-3353] Enabled Find Security Bugs | master | igmpproxy | Status: MERGED | +2 | +1 |
20199,2 | [VOL-3353] Enabled Find Security Bugs | master | igmp | Status: ABANDONED | 0 | -1 |
20200,1 | [VOL-3353] Enabled Find Security Bugs | master | mcast | Status: MERGED | +2 | +1 |
20201,2 | [VOL-3353] Enabled Find Security Bugs | master | mac-learning | Status: MERGED | +2 | +1 |
20202,2 | [VOL-3353] Enabled Find Security Bugs | master | vtn | Status: ABANDONED | 0 | -1 |
20219,4 | [VOL-3353] Adding sca check | master | voltha-openonu-adapter-go | Status: MERGED | +2 | +1 |
20220,1 | [VOL-3353] adding lint and sca checks for openonu-go | master | ci-management | Status: ABANDONED | 0 | +1 |
20390,3 | VOL-3353 SCA fixes for export issues | master | voltha-openonu-adapter-go | Status: MERGED | +2 | +1 |
20394,1 | VOL-3353 SCA fixes for export issues | master | voltha-openonu-adapter-go | Status: ABANDONED | 0 | 0 |