R24.05 Managed Service Orchestrator - Release Checks

[ciprianherciu]

[!IMPORTANT]
Follow the guidance on how to use the templates.

Release Info

Please provide information on what you want to be included in the Eclipse Tractus-X release. If you are not owner of this issue, please provide the information as comment to the issue. Make sure to assign this issue to expert(s) for their approval, as soon as you have finished preparation. Multiple assignees allowed; they will un-assign themselves once review completed.

Version to be included in Eclipse Tractus-X release: version placeholder

Leading product repository: repository link

Compliance Verifications

This issue tracks all checks, that need to be performed for a product release in Eclipse Tractus-X.

• [x] Interoperability N/A
• [x] Data Sovereignty N/A

General Checks

• [x] Tractus-X Release Guidelines(TRGs) fulfilled

[!NOTE] Note: most criteria for documentation and security are now covered in TRGs

Security Checks

• [x] Thread Modelling Analysis passed

Test Results

• [x] E2E Integration Test passed
• [x] User Journey N/A

Helpful Links

• Eclipse Tractus-X openAPI specs on SwaggerHub

[tomaszbarwicki]

QG Checks created: https://github.com/eclipse-tractusx/managed-service-orchestrator/issues/133

[sharathshivprasad]

Data Interoperability check: Not applicable Data Sovereignty: There are no changes from last release regarding the data Sovereignty for managed service Orchestrator.

[sharathshivprasad]

Thread modelling Document:
https://confluence.catena-x.net/display/cxsecurity/Security+Assessment+-+Auto+Setup+API No changed from last realease. @guenterban Please approve.

[sharathshivprasad]

For User Journey, no changes from last release

[ciprianherciu]

At the moment on blocked because of the TEST-2003

[szymonkowalczykzf]

Threat Modeling - approved - no changes from last release: All recommendation already completed and implemented.

[ciprianherciu]

Data Sovereignty is not applicable for MSO. Please approve @vialkoje

[cbrugg]

INT Tests are blocked currently. Waiting on Fix by Portal Team @jjeroch regarding the Tech User for Managed Apps. No explicit E2E Tests planned as it is tested implicitly with other components. Can you @ciprianherciu give more details on which tests this refers to?

[RolaH1t]

QG review 15-May testing blocked / issue addressed and monitored => code update with version increase necessary data sov & interop considered not applicable; same as user journey TRG review can be initiated based on final version no follow-up mtg scheduled => team will reach out if necessary

[mabige]

@RolaH1t is this "data sov & interop considered not applicable; same as user journey" already a documented decision or is it required to get expert approval?

@ciprianherciu

[cbrugg]

As discussed in Daily Testmanagement Approval is given if Issues are declared as Known Knowns and adressed in R24.08.

[RolaH1t]

Hi @ciprianherciu do we still expect a code update for MSO here (as assumed in the QG review last week)? or are you going to update the changelog with the knownknown referring to the testing issue? In both cases I kindly ask you to complete the TRG checks for the final version with @tomaszbarwicki please.

note to @mabige `s question: there is no additional actions required regarding data sov, interop or user journey based on our decision in the QG review.

[almadigabor]

I checked the last remaining issue and trusting @tomaszbarwicki did all the other checks I approve the TRG QG checks with the following versions:

Helm Chart Version: 1.5.9 App Version: 1.5.6

[ciprianherciu]

@RolaH1t all the TRG's are approved. E2E Test is approved conditionally - We have mentioned about the Known Known in the Change Log. With that we could mark all the checkboxes.

[ciprianherciu]

@RolaH1t could we consider MSO for a conditional release? We have mentioned the Known Know in our product change log: For MSO: The retrieval and processing of the DIM Technical User credentials for automatic configuration and set-up of the EDC connector could not be fully tested. So the full functionality cannot be guaranteed.

Could You please give us the approval for the conditional release?

[RolaH1t]

yes @ciprianherciu I just verified the text in product changelog. with TM approval above and TRGs fulfilled => pls check the box on top and let me know, so QG shall be fine

[RolaH1t]

Congrats: Quality Gate fully approved with all necessary pre-requisites fulfilled! Thanks for all your efforts, Roland

[ciprianherciu]

yes @ciprianherciu I just verified the text in product changelog. with TM approval above and TRGs fulfilled => pls check the box on top and let me know, so QG shall be fine

Done! Thank You!