chore(bootcamp): Capture BootCamp Stream-settings/Recap Notes

[lolaapenna]

Day 2 Stream Setting

GH Enablement Stream

Done:

• GH Cluster Create
• Deployed OpenBao

To Do:

• Plugin definitions
• ...

Scanner Stream

Done:

• Research and align on the general entity rel model to understand how instances work wth heur
• kubernetes and keppel scanner

Todo:

• finalise CVE scanner - create issue and issue variant
• Begin working on keppel scanner (scanners will be stand alone)
• dummy Helm chart wich deploys servic account
• plugin definition for heureka and plugin definition for each scanner
• SARIF converter - SARIF being a standardized scanner result format

UI Stream

Done:

• Refactored the store library (lib in react) to manage store properties better to accommodate the growing data
• Finalise searching/filtering functionality
• Implemented panel manager

ToDo:

• ...

Org. Stream

Done:

• Created persona definitions which include background, goals, and chalenges

Todo:

• Establish the 'needs' definition for each persona
• Create user journey for the personas

[lolaapenna]

Day 2 Recap

Org Stream

Done:

• Added persona needs

In Progress:

• Translate needs to views

To DO:

• Storyline for Demo - famous CVE example - exclude background config and focus on capability.

UI Stream

In Progress:

• Refactoring the store slices
• implementing the service detail panel

GH Enablement Stream

Done:

• plugin definitions

To Do:

• Deploy load balancer
• create a cname for the service - enable reaching the service with a domain name
• Create: cname for Heureka + gardener cluster

Scanner Stream

Done:

• New requirements established
• Potential need to define an API model package

In Progress:

• CVE scanner - new requirements discovered - issue repository ID needs to be fetched + issue variant entity to be created

To Do:

• Align on seamless interconnectivity of Heureka components - scanners + heureka service - this should be easy with helm chart - definitions for both scanner and heureka
• Clearly define the scope of Demo

[lolaapenna]

Day 3 Recap

UI Stream: done:

• Filters for issue match implemented - pri name, sec name
• Service detail view implemented
• component list view - shows type of comp, num of comp version num of issues- may not be useful

To do:

• issue match filtered values

GH Stream done:

• Basic Helm chart for Heureka core published - deployed on remote vanilla gardener cluster
• Plugin for deploying heureka PR submitted
• Heureka deployed in QA cluster

Todo:

• Configure ingress
• 3 helm chart for scanners

Scanner Stream: done:

• CVE scanner - repository ID implemented
• Keppel scanner - fetching data from Keppel is implemented (within one keppel instance)

To do:

• CVE from a repository contains lists with metrics (multiple ratings) - need to decide the most recent rating - this impends the issue variant entity implementation
• API endpoint for component version issue

In progress:

• Keppel scanner processing in Heureka (impended by component version issue API endpoint)

Org Stream

User story map done

[lolaapenna]

Day 4 Stream Setting:

Scanner Stream To do:

• Severity rating figure out
• Backend functionality missing for -component-version-issue - implement across all layers

Org Stream: To do

• Finalise user story map - add storyline for manager
• Prepare for Show and Tell

GH Stream

We need a dedicated session to figure out how to tie the pieces together Tackle the unknowns with deploying in GH We avoid this for the Demo - we install the plugin for the UI alone - The plugin visible in the selector for GH

To do:

• setup LB and DNS for heureka
• Helm chart and deployment for scanners

UI Stream To do:

• finalize filter for services - with the new query
• search functionality for issue once it's done at the back end

[lolaapenna]

Day 4 Recap

Org Stream

• User Story Mapping completed

In Progress

• Show and Tell Prep

UI Stream Done:

• Filtering for services - pending review
• Issue-match detail view - pending review

In Progress:

• Generalizing filtering for other list views

GH Stream Done:

• Dev Cluster onboarded into GH QA ---- real vanilla cluster onboarded to GH
• Main Cluster onboarded into GH Prod.
• Basic Helm Chart for Heureka
• All Helm charts for scanners --- They are all deployed in QA
• All Helm charts and images are now packages on GHCR.io/cloudoperators (image registry for cloud operators)
• Ingress and domain name for Heureka --- 2nd Heureka backend now running (QA)

In Progress:

• pending PR for UI plugin definition

Scanner Stream Done

• POC for Kepel scanner - inserts Keppel data to heureka
• POC for NVD scanner - inserts NVD data to heureka

To Do:

• Kubernetes scanner
• Matching process

[lolaapenna]

WEEK 2

Scanner Stream

• In Progress
• Heureka clients for Keppel and Kubernetes scan
• Local cluster setup for the kubernetes scanner

UI Stream

• Search functionality for service - To do by Dustin
• Optimise list view of issues match list and issue match details
• URL state manager
• Modify filter slice store

Org. Stream

• Follow-up with personas - edit capabilities and the Auditor persona

[lolaapenna]

Org Stream

• Finalise Mural board for Show and Tell
• Slide deck for Demo
• Clearly outline Demo scope

Scanner Stream

• NVD and Keppel Scanners finalised - pending PR review/merge
• Kubernetes Scanner
• The issue matcher - handles creation only - for now
  • BL - Implement component version match state management - create a ticket + scanning capability for all clusters

[lolaapenna]

Scanner Stream

• Kubernetes Scanner - decide on how to handle when a container is found with an image version (component version) not in Heureka - BL item
• Implement Event Register - the ability to central register handlers to certain events. - this solves the problems of acting on events such as event versions being created, which need to be injected into app layer functions. events of the issue matcher - BL item
• NVD and Keppel Scanner PR merged - we need to check the deployment.

Org Stream:

• BootCamp Show n Tell ready.
• Demo Prep ongoing