2020-05-01 - System Operations and Management SIG Agenda & Notes
- Ingolf Kuss
- Tod Olson
Date
Attendees
- Dale Arntson
- Christopher Creswell
- Robert Douglas
- Anton Emelianov (Deactivated)
- Marc Johnson
- Mike Gorrell
- jackie.gottlieb@duke.edu (Deactivated)
- Former user (Deleted)
- spampell
- Philip Robinson
- jroot
- Brandon Tharp
Goals
- Learn about Security Audit (which has been discussed in the TC) and recent developments in Release Management.
Discussion items
| Time | Item | Who | Notes |
|---|---|---|---|
| 5 | Welcome | Ingolf |
|
| 25 | Security Audit | Stephen Pampell | Update on Security Audit + discussion Recap: selected NCC to do security audit of Edelweiss release. Audit conducted in February. Probed primarily Okapi and Authentication. Several issues found, but nothing critical or demanding instant attention. JIRA: FOLIO-2524 - Getting issue details... STATUS (Umbrella issue) Running notes: FOLIO Weekly Updates -- Q2 2020 A number of issues are targeted for Goldenrod release. Security team is being pulled together as subgroup of TC, will begin meeting May 8, a week from today. Main function is to triage any incoming security issues, determine severity and work with rest of community to take action as appropriate. |
| 25 | Release Management | Mike Gorell | Update on Release Management + discussion Sides: Tech Council -- Recommendation for Release Numbering Basic idea: There will be a LTS (long-term support release) train and a quarterly release train. At the beginning of the LTS, these are the same. Quarterly train continues on quarterly cadence. P1 (Priority 1) functional issues will trigger maintenance releases, first to be fixed in quarterly release and then maintenance release for LTS. P2 and lower functional issues will be fixed in quarterly releases, not trigger a maintenance releases. LTS will not get new functionality during its lifetime. For security issues, P1 and P2 will trigger maintenance release for current LTS, P1 will also be back-ported to previous LTS only. SysOps comfortable with the functional and security maintenance release concepts. Some suggestions about numbering conventions, captured in slides. |
| 5 | Topics for next meeting | Hotfix release | |
| Fröhlichen 1. Mai ! | Happy holiday! |