Closed kelaja closed 7 months ago
Gaia-X compliance: @kelaja : No changes since Release 23.12 with respect to Gaia-X compliance -> Could you please tick this checkbox?
@kelaja : GDPR Compliance: No changes since Release 23.12 Catena-X.GDPR.Declaration.and.Requirements_V2024.03_SemHub.xlsx
Interoperability Check: Interoperability was ensured to Release 23.12. Since then no changes have been made. @kelaja : Could you please tick this checkbox?
Data Sovereignty Check: @vialkoje : Could you please tick this checkbox? No significant changes since Release 23.12. See also Description for R24.03
Verification of foreseen CX Standards: @thomas-henn : Could you please confirm? See also previous task for R23.12: https://github.com/eclipse-tractusx/sig-release/issues/125
Documentation
[ ] Arc42 https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/main/docs/documentation.md
[ ] Administrator`s Guide (User assistance): https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/main/README.md
[ ] End-User Manual (User assistance): End-user of the services is the developer who uses the API endpoints. Hence the swagger-ui of the services serves as the documentation. https://semantics.int.demo.catena-x.net/hub/swagger-ui/index.html There is a rudimentary integration to the Cantena-X portal, for which an End User explanation available on Portal UI https://portal.int.demo.catena-x.net/datamanagement
[ ] Interfaces Documentation: Link to swagger UI documentation: https://semantics.int.demo.catena-x.net/hub/swagger-ui/index.html
@vialkoje : No significant changes since Release 23.12. Could you please check and approve the checkboxes?
Security Checks- Thread Modelling Analysis: No changes since Release 23.12. See also Security Assessment diagram: https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/main/docs/documentation.md#:~:text=s%20%3Fp%20%3Fo%20.%0A%7D-,Security,-Assessment
@guenterban : Could you please check and approve it?
User Journey : @thomas-henn : Could you please confirm? See also previous task for R23.12: https://github.com/eclipse-tractusx/sig-release/issues/128
Verification of foreseen CX Standards: @thomas-henn : Could you please confirm? See also previous task for R23.12: #125
Yes, Semantic Hub is compliant with relevant published CX Standards.
User Journey : @thomas-henn : Could you please confirm? See also previous task for R23.12: #128
Yes, user journey of Semantic Hub is aligned along with e.g. Digital Twin Registry, Discovery Services and Semantic Hub.
Security Checks - Dynamic Application Security Testing (DAST): Invicti scan has been made - the results can be seen here: https://www.netsparkercloud.com/scans/report/098b72536de448934397b11101ec06f6/
@PiotrStys : Could you please review and approved it?
Hi @tunacicek, DAST approved.
Security Check- Secret scanning:
Secret Scanning (gitleaks) is activated and available: https://github.com/eclipse-tractusx/sldt-semantic-hub/actions/workflows/gitleaks.yml
@DnlZF Could you please review and approved it?
Security Checks - Static Application Security Testing (SAST): See the results here: https://analysiscenter.veracode.com/auth/index.jsp#ReviewResultsAllFlaws:47240:1397649:32851557:32821215:32836865::4406299
@BANANAS1337 : Could you please review and approved it?
Security Checks - Software Composition Analysis (SCA): https://analysiscenter.veracode.com/auth/index.jsp#ReviewResultsSCA:47240:1397649:32851557:32821215:32836865:::::4406299: @BANANAS1337 : Could you please review and approved it?
Security Checks - nfrastructure as Code https://github.com/eclipse-tractusx/sldt-semantic-hub/actions/workflows/kics.yml @RoKrish14 : Could you please review and approved it?
General Checks - Compliant with the Style Guide No changes since Release 23.12 UI is part of the Portal and considered there https://portal.int.demo.catena-x.net/semantichub @jjeroch : Could you please review and approve it?
Test Results - E2E Integration Test Tests done: See result here: https://jira.catena-x.net/browse/A1SLDT-1505
@tunacicek : As discussed-
SAST: Approved SCA: Approved IAC: Approved Secret Scanning: Approved
General Checks - Compliant with the Style Guide No changes since Release 23.12 UI is part of the Portal and considered there https://portal.int.demo.catena-x.net/semantichub @jjeroch : Could you please review and approve it?
@tunacicek we have a open defect from last release. We approved last release with the condition that the defect is getting solved in release 24.03. - whats the status. It looks still "undone" - https://github.com/eclipse-tractusx/sldt-semantic-hub/issues/157
General Checks - Compliant with the Style Guide No changes since Release 23.12 UI is part of the Portal and considered there https://portal.int.demo.catena-x.net/semantichub @jjeroch : Could you please review and approve it?
@tunacicek we have a open defect from last release. We approved last release with the condition that the defect is getting solved in release 24.03. - whats the status. It looks still "undone" - eclipse-tractusx/sldt-semantic-hub#157
Hi @jjeroch We updated in the backend to the newest sdk and enabled the diagram API again. The adjustments need to be done on the Portal UI side. @ma3u Do you have any updates on the UI part?
Expert Approval granted for Documentation and data sovereignty.
INT test performed/documented. E2E test performed/documented. No high defect. TM approved @kelaja : please approve for "E2E Integration Test passed"
Open: InterOP ThreatModeling & Container Scans StyleGuide TRG QG approval postponed until topics addressed / no follow-up mtg required.
Discussed with @tunacicek Container Scans: Approved
Security Assessment Process (Threat Modeling Analysis) approved.
No significant changes detected since last release (23.12). No open critical & high finding remaining for this release.
Documentation of the assessment will be moved out to the GitHub repositories of the Products before the next release.
According to team no interoperability relevant changes for this release, therefore expert approval granted for interoperability
TRG checks completed.
@tunacicek any update or conclusion on StyleGuide/UI? This is the only blocker from QG approval...
Hi all,
will this be also in your interest?
- [ ] Compliant with the Style Guide, fix will be delivered by @thomas-henn on release 24.05
@thomas-henn please provide a information / draft for the current release note.
Thanks in advance.
@FaGru3n: With the support of @jjeroch and @mkanal the issue is under https://github.com/eclipse-tractusx/portal-frontend/issues/446 Currently in clarification if this can be solved for release 24.05.
yes, @thomas-henn , no changes to our alignment yesterday. but in order to pass this current QG here we need two things: 1) a short "OK" from @jjeroch that she approves this approach for Release 24.03 and 2) your draft description of the "knownknown" which will remain unresolved for 24.03 Thx
@thomas-henn & @jjeroch pls add your final conclusion here
@FaGru3n: With the support of @jjeroch and @mkanal the issue is under eclipse-tractusx/portal-frontend#446 Currently in clarification if this can be solved for release 24.05.
Hi, its a must with 24.05. I think it was really a miss to approach the ticket in the given time. Now after we offered to take it over again; a different team was approached. Thats not ideal. However we can not change this anymore but should improve in future. 24.03. approved
all pre-conditions fulfilled, QG approval granted. Congrats.
Release Info
Please provide information on what you want to be included in the Eclipse Tractus-X release. If you are not owner of this issue, please provide the information as comment to the issue.
Version to be included in Eclipse Tractus-X release: helm version: semantic-hub- 0.1.35 Image version: 0.2.16
Leading product repository: https://github.com/eclipse-tractusx/sldt-semantic-hub
Compliance Verifications
This issue tracks all compliance related checks, that need to be performed for a product release in Eclipse Tractus-X.
Documentation
Security Checks
General Checks
Test Results
Helpful Links