/
ONAP Policy Enhancements

ONAP Policy Enhancements

Owned by Amy Zwarico
Last updated: Apr 13, 2021 by Kenny PaulVersion comment
2 min read

Internship Projects/Mentors





Title

ONAP Policy Enhancements

Status

Approved by tsc

Difficulty

Medium




Description 

This internship is a great entry opportunity to contribute meaningful enhancements and improvements to the ONAP Policy code base. The Policy project is a core component of ONAP.

There are four focus areas of the internship: improving the security of the python code base, updating the ONAP oparent.pom, enhancing the Policy xacml policy decision point (xacml-pdp), and hardening the ONAP base images.

Python security improvement will provide the opportunity to understand the Policy code base by fixing problems identified by SonarCloud, upgrading vulnerable open source packages identified by NexusIQ scans, and improving the automated code coverage testing. Code improvement and package upgrades are regular code grooming activities that help to ensure that the ONAP code base remains secure. Code coverage testing is important to the community because it ensures that all code is tested before it is released to the community. This activity will provide an opportunity to learn more about test driven development by creating automated unit tests.

ONAP oparent.pom update is a straightforward activity that will give the resource the opportunity to learn how to find and integrate the latest open source packages into java projects.

The Policy xacml-pdp is a key component. This is a java development task to enhance the xacml policy decision point (pdp) with new capabilities such as more flexible time constraints and code refactoring to facilitate data validation.

ONAP image hardening includes grooming ubuntu, alpine and other docker base images for use in ONAP by tailoring each image for use with java or python. The creation of a variety of base images enables ONAP to support components with different requirements to build efficient and secure images.



Additional Information

https://wiki.onap.org/display/DW/Policy+Framework+Project

Repositories:



Learning Objectives

Understanding of the use of Policy within ONAP and the details of Policy code base.

Learning how to create automated unit tests.

Upgrading open source packages used in a project, working with commercial code scanning tools such as SonarCloud and NexusIQ.

Code contribution using gerrit, the ONAP CI/CD pipeline, Docker builds, Docker base images.

Expected Outcome



Updated oparent.pom file

Enhanced xacml-pdp module

Automated unit tests for xacml-pdp

Contribution of ONAP base images for Alpine

Relation to LF Networking 

ONAP

Education Level

Skills

Java and Python

Future plans

Preferred Hours and Length of Internship

Full-time (40 hours a week for 12 weeks during the summer)

Mentor(s) Names and Contact Info

Jim Hahn, jh7358@att.com, AT&T

Pam Dragosh, pamela.dragosh@att.com, AT&T

Amy Zwarico, az9121@att.com, AT&T