Recent Upgrades

• A new deployment ready branch “rdk-next” has been created with higher standards of test qualification

• rdk-next is the new CMF branch that the community will push changes to for review.
• CMF has initially synchronized the rdk-next branch with Comcast production branch code. Automated scripts running daily will identify new Comcast commits and push them for review to rdk-next branches on CMF Gerrit. 
• rdk-dev-yymm is a new CMF integration branch, created monthly and baselined off rdk-next. This branch will be hosted per repository in conjunction with rdk-next, with the goal of incorporating community changes at the earliest juncture.
• Community changes, once approved, will be cherrypicked to rdk-dev-yymm and and will thus be available prior to the completion of Comcast down-streaming/ round-trip process.
• Approved contributions will be down-streamed to Comcast for predeployment validation using their test process
  • Defects will be planned in monthly sprints
  • Features will be presented for Architecture Review to be scheduled to an upcoming sprint. Sprint timelines to be published to contributor.
  • Contributions pending validation will be available in monthly development iteration branches
    
    
• Downstreamed Community changes, successfully merged to Comcast Sprint branches, will be cherrypicked to Comcast production branch. 
• When downstreamed Community changes are merged to the Comcast production branch they can be merged immediately on the CMF Gerrit rdk-next branch.
• Comcast changesets, imported or contributed daily  to rdk-next , will also be cherry picked to the rdk-dev-yymm branch throughout the monthly cycle (once they have passed the necessary gating criteria of scan, build). In this way, the rdk-dev-yymm branch will also keep sync with Comcast production branch.

Upgraded work-flow

1. User will do code contribution to rdk-next branch. This will undergo:
   1. Code reviews
   2. Build verification
   3. License compliance scan
   4. Test validation
2. Once successful, the change will get cherry-picked to rdk-dev-yymm (monthly dev) branch
3. This code is then down-streamed to Comcast branch where pre-deployment test validation are done
4. Once Comcast accepts, the change is merged to rdk-next.
5. Thus the change gets merged to rdk-next

Code Contribution Process

• For features - open a RDKDEV (for video or generic contributions) or RDKBDEV (for Broadband contributions)
• Clone the component code from rdk-next branch
• Apply changes 
• Push the patch to Gerrit for review
• Trigger reviews and handle review comments
• Change set trigger: Use TDK for validation and BlckDuck scan for license complicance

Feature Contribution - JIRA Guidelines

A feature contribution should follow after creating an appropriate JIRA project. This will present a clear picture about the architecture, testing details and other information which will be helpful during the acceptance process of the contribution.

Mandatory information

1. Project

   For Video & build system (Yocto) related contributions, the ticket should be created under RDKDEV. For broadband, the ticket should be created under RDKBDEV project.

2. Issue Type

   Issue type corresponds to the type of contributions we are making. The following issue types can be possible
   √ Incident - Build failure incident issues with the code verification steps such as Black duck scan, Jenkins verification etc.
   √ Bug - Bugs in existing component code.
   √ Task - An individual task which may be part of a new feature or improvement.
   √ Improvement - Improvements such as code refactoring or enhancements in current code.
   √ New feature - New feature contributions.

3. Ticket Status

   Status should be initially Open, and transitioned to the appropriate value while the contribution is being worked on.

4. Summary

   A brief summary about what we are trying to contribute 

5. Description

   A descriptive information about the contribution should be present so that component developers & architecture team can do assessment of the feature. Below details are desirable if the contribution is a new feature or having an significant impact on the current architecture.

...

The following items should be considered/addressed in the documentation for any RDK design initiative
JIRA Update Checklist
-----------------------

The following JIRA fields MUST be filled in to be considered "Definition Complete":

RDK SoC, RDK OEM - populate these fields for any user story where we have dependency on OEM and/or SoC

OEM/SoC Impact Details - description of impact (or "see Solution Overview" if included in the architecture specification)
* Platforms - ensure correct list of devices
* Validation - type of testing
* Regression - is regression required?
* Impacted Party - Comcast Only, Syndication, etc.
* Dependency - Internal/External
* Description - Solution Overview and Architecture Checklist

Testing impact/Guidance

------------------------
* Impacted modules
* Test process

Automated Testing
------------------

* Automation test procedure.

Diagnostics, Telemetry and Logging
-----------------------------------

* N/A

Outbound Network Connections
------------------------------

* Does this component make outbound connection requests? 
* If yes, do the connection requests retry in the case of failure?
** Do the repeated requests use an exponential back-off?
** If a maximum back-off has been defined, is it greater than 10 minutes?

Security
----------

* For Security Review - Do feature elements:
** make any changes to network port assignments?
** change iptables rules?
** require credentials, passwords, secret data?
** make any changes to our network connections? 
** connect to new services or servers?
** use data input from users or external tools?
** use any cryptographic functions?
** create or disclose proprietary or sensitive Co. or device data?
** properly log operational and configuration changes? 
** If possible describe what could happen if feature elements are:
*** spoofed?
*** tampered with?
*** used by an unauthorized actor?
** Advanced questions (optional)
*** what happens if a record of actions taken is destroyed?
*** what happens if an attacker attempts to DOS with the feature?

SI Concerns
-------------

* Yes/No/Any

Performance expectations
-------------------------

* Yes/No/Any

Timing consideration
----------------------

* If Any.

Supplementary Information

1. Impacted component(s) - Fill in list of impacted RDK components
2. RDK SI Impact - System Integration impacts
3. CPE SW Components - Component names.
4. Test Notes - Describe what tests are performed to validate this contribution and the procedure.
5. Unit Test Result - Description.

Gerrit Review Process

In order to contribute code, first-time users are requested to agree to the license at https://wiki.rdkcentral.com/signup.action.

...