...
No. | Project Name | TSC Subgroup Release Status | Is this your first release | Blue Print Stage
| CD Logs URL to be used for review (Column filled in by PTLs) | Link to executive one pager (editable doc format) (Column filled in by PTLs) | API Info Reporting Review (Column filled in by API Subcommittee) (note for PTLs – go here for steps to fill in project API info form) | BluVal Certification | Security Certification Provide link to Vuls, Lynis, and Kube-Hunter logs below. Pass/Fail Criteria: Steps To Implement Security Scan Requirements Exception requests should be filed at: | Upstream Review (Column filled by Upstream Subcommittee and PTLs) (note PTL can go to Release 5 BP/Feature Upstream Status to find details) | Date ready for TSC review (Column filled in by PTLs) | TSC Review Date (Column filled in by TSC) | |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | No | Mature | |||||||||||
2 | No | Mature | |||||||||||
3 | |||||||||||||
4 | No | Incubation | ICN R5 Datasheet | Filed Release 5: Akraino CVE Vulnerability Exception Request Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted | Completed by 8/6/2021 | ||||||||
5 | Yes | Incubation | https://nexus.akraino.org/content/sites/logs/intel/ICN_CD_logs/pod11-node5/icn-master-bm-verify-bm_verifer-kata/12/ | ICN-MTSCN R5 Datasheet |
| Filed Release 5: Akraino CVE Vulnerability Exception Request Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted | Completed by 8/10/2021 | ||||||
6 | No | Incubation | https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-build/18/home/jenkins/log/ | https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-security-validation-build/4/results/ | Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | Completed 8/6/2021 | |||||||
7 | NO | Incubation | https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-uCPE-build/15/home/jenkins/log/ | ELIOT R5 - SD-WAN / WAN Edge / uCPE Data Sheet | https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-uCPE-security-build/10/results/ | Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | Completed on 8/6/2021 | ||||||
8 | TSC 2021-08-12 (Thursday) 7:00 am Pacific | No | Incubation | https://nexus.akraino.org/content/sites/logs/juniper/validation-2021/ | Blueprint Data Sheet | Not required as there is no change from Release 4 | Not required as there is no change from Release 4 | Completed by 8/10/2021 | 08/12/2021 | ||||
9 | No | Incubation | https://jenkins.akraino.org/job/kni-blueprint-pae-verify-deploy-gcp/69/ | https://nexus.akraino.org/content/sites/logs/redhat-kni/bluval_results/ Incubation Level Review Results: Vuls: Accepted with exception. The KNI Provider Access Edge blueprint uses OpenShift as its k8s distribution, which is deployed on Red Hat CoreOS, an immutable OS that is not supported by Vuls. __________________________________________________________ Lynis: Accepted ____________________________________________________________ Output manually generated, located at: Release 5 Security Scan Manual Logs Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | Completed by 8/10/2021 | 9/16/2021 | |||||||
10 | No | Incubation | Management Hub: https://logs.akraino.org/production/vex-yul-akraino-jenkins-prod-1/kni-blueprint-management-hub-verify-deploy-gcp/19/ | https://nexus.akraino.org/content/sites/logs/redhat-kni/bluval_results/ Incubation Level Review Results: Vuls: Accepted with exception. The KNI Provider Access Edge blueprint uses OpenShift as its k8s distribution, which is deployed on Red Hat CoreOS, an immutable OS that is not supported by Vuls. __________________________________________________________ Lynis: Accepted ____________________________________________________________ Output manually generated, located at: Release 5 Security Scan Manual Logs Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | Completed by 8/10/2021 | 9/16/2021 | |||||||
11 |
| ||||||||||||
12 | TSC 2021-09-21 (Tuesday) 7:00 am Pacific | No | incubation | https://nexus.akraino.org/content/sites/logs/baidu/job/aiedge/6/ | https://nexus.akraino.org/content/sites/logs/baidu/job/security_scan/aiedge/1 | Incubation Level Review Results:
Vuls: All vulnerabilities >9.0 must be fixed or verification provided that no patch currently exists. CVE-2017-18017 10.0 CVE-2018-15686 10.0 CVE-2019-14901 10.0 CVE-2017-15670 9.8 CVE-2017-15804 9.8 CVE-2018-1000007 9.8 CVE-2018-1000120 9.8 CVE-2018-11236 9.8 CVE-2018-1126 9.8 CVE-2018-12910 9.8 CVE-2018-15688 9.8 CVE-2018-16402 9.8 CVE-2018-18074 9.8 CVE-2018-18751 9.8 CVE-2018-20060 9.8 CVE-2018-6485 9.8 CVE-2019-10126 9.8 CVE-2019-10160 9.8 CVE-2019-14895 9.8 CVE-2019-16746 9.8 CVE-2019-17041 9.8 CVE-2019-17042 9.8 CVE-2019-17133 9.8 CVE-2019-5482 9.8 CVE-2019-9636 9.8 CVE-2016-7913 9.3 CVE-2017-15126 9.3 CVE-2017-16997 9.3 CVE-2017-9725 9.3 CVE-2018-10897 9.3 CVE-2019-12735 9.3 CVE-2018-1000122 9.1 CVE-2018-1000301 9.1 CVE-2019-9948 9.1 CVE-2016-10745 9.0 CVE-2018-19788 9.0 CVE-2019-14287 9.0 ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Pod: The following vulnerability must be corrected.
Cluster: Accepted | 9/20/2021 | 9/21/2021 | |||||
13 | No |
| https://nexus.akraino.org/content/sites/logs/fate/job/I-VICS/5/ | Intelligent Vehicle-Infrastructure Cooperation System(I-VICS) Datasheet | https://nexus.akraino.org/content/sites/logs/fate/job/I-VICS/5/ | No new features or bugs have been added after R4 release | Missing Upstream information | ||||||
14 | No | Incubation | https://nexus.akraino.org/content/sites/logs/tencent/job/tencent_5g_mec/ | Completed by 8/24/2021 | |||||||||
15 | No | Incubation | |||||||||||
16 | No | Incubation | https://nexus.akraino.org/content/sites/logs/cmti/job/iec5_r4/15/ | Bluval Exception has been accepted for the project. | R5 Release Notes of IEC Type 5: SmartNIC for Integrated Edge Cloud (IEC) Blueprint Family Completed by 8/30/2021 | ||||||||
17 | No | Incubation | https://nexus.akraino.org/content/sites/logs/huawei/job/ealt-edge-build/51/home/jenkins/log/ | EALTEDGE Release 5 Datasheet | https://nexus.akraino.org/content/sites/logs/huawei/job/ealt-security-validation-build/19/results/ | Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | R5 - Architecture Documentation of Enterprise Applications on Lightweight 5G Telco Edge Completed by 8/10/2021 | ||||||
18 | TSC 2021-08-10 (Tuesday) 7:00 am Pacific | No | https://nexus.akraino.org/content/sites/logs/cmti/job/pcei-daily/ | https://wiki.akraino.org/x/lwHkAg | https://nexus.akraino.org/content/sites/logs/pcei/job/r5/v1/
https://nexus.akraino.org/content/sites/logs/pcei/job/r5/v2/ Fixed: fs.suid_dumpable net.ipv4.conf.default.accept_source_route | Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request ____________________________________________________________ Lynis: Accepted with exceptions shown at: Release 5 Blueprint Scanning Status ____________________________________________________________ Kube-Hunter: Cluster: Accepted Pod: Accepted with exceptions shown at: | PCEI R5 Release Notes https://wiki.akraino.org/x/LgLkAg Completed by 8/6/2021 |
| |||||
19 | No |
| https://nexus.akraino.org/content/sites/logs/fate/job/Fate_test/15/ | Akraino R6 Federated ML blueprint datasheet.docx | Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request __________________________________________________________ Lynis: Accepted __________________________________________________________ Kube-Hunter: Exception granted: K8s not used by this BP. | federated ML Release Notes R6 Federated ML application at edge Release Notes Completed by 8/30/2021 | |||||||
20 | @Alexande | ||||||||||||
21 | TSC 2021-08-03 (Tuesday) 7:00 am Pacific | No | Incubation | https://nexus.akraino.org/content/sites/logs/juniper/job/Private%205G%20BP/ | Akraino Private LTE/5G BP Datasheet | Completed by 8/10/2021 | |||||||
22 | |||||||||||||
23 | Yes | Incubation | https://nexus.akraino.org/content/sites/logs/myais/job/parsec/10/ | Smart Cities R5 Security Certification Incubation Level Review Results:
Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request __________________________________________________________ Lynis: Accepted __________________________________________________________ Kube-Hunter: Exception granted: K8s not used by this BP for R5. However, in R6 it is planning to use K3s. | Completed by 9/30/2021 R5 Smart Cities BP release notes: Smart Cities R5 Release Notes | 9/20/2021 | 9/21/2021 | ||||||
24 | TSC 2021-09-21 (Tuesday) 7:00 am Pacific | Yes | Incubation | https://nexus.akraino.org/content/sites/logs/jejunu-pred-vanet-mec/job/push-logs/ | 9/20/2021 | 9/21/2021 | |||||||
25 | TSC 2021-09-16 (Thursday) 7:00 am Pacific | No | Incubation | https://nexus.akraino.org/content/sites/logs/arm-china/jenkins092/iec-type2-terraform/cdlogs/ | Incubation Level Review Results: Vuls: Accepted with exceptions shown at: Release 5 Vuls Exception Request __________________________________________________________
Lynis: Need to fix the following vulnerabilities:
_____________________________________________________ Kube-Hunter: Cluster: Accepted with exceptions shown at: Release 5 Blueprint Scanning Status This issues must be resolved prior to maturity. Pod: Could the same comparison between k3s and microk8s be provided for the kube-hunter pod.log as was provided for the cluster.log? The following vulnerabilities must be fixed:
| Missing Upstream information in IEC Type 2 Release Notes for R5 | |||||||
26 | No | ||||||||||||
27 | TSC 2021-10-14 (Thursday) 7:00 am Pacific | Yes | Incubation | R5 Datasheet | N/A | 10/14/2021 | |||||||
28 | Yes | Per e-mail from Colin Peters , blueprint consumes Kubernetes and EdgeX APIs. They are uploading API info form API info form uploaded . Scheduled for review by API subcommittee review | |||||||||||
29 | Yes | Incubation |