NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

Versions Compared

Old Version 13

changes.mady.by.user Benson, Mark (NIH/NCI) [C]

Saved on

compared with

New Version 14

changes.mady.by.user Benson, Mark (NIH/NCI) [C]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Ticket Description Actions, Update
NCI-SCTASK0750465

Security team has flagged EVS stage host( nciws-p803) for JQuery vulnerability with full details as per below.

Eric asked us to remove it from lower tiers but we found no evidence of it there. It should be removed from Stage

Jason sent email message to remove the jar from Stage.

Appears that Systems was asking security team about location of file; sec team 

Lucas, Jason (NIH/NCI) [C]  will send an email.

team

  •  Jason sent the email, and Brandon Devera (SecOps) is running a new scan today (Wed, Oct 4)

NEXT ACTION: - wait till next week for update update  

NCI-RITM0473138

Discuss DOS strategy, tactics with Systems

Waiting on appt time for mtg/call

Do we want a banner on the pages?

Is it possible to have a trigger to send alert? (maybe ask systems group if this is possible)

ACTION: come up with a design for message for users on how to use/access data.

ACTION: possibly investigate what could be happening internally to the issue. (one message was from netsparker scan)

ACTION: brainstorm and discuss, discuss ideas and thoughts by next week exclamation mark 

ACTION: follow-up with Systems if no meeting is scheduled by Oct 9.

NCI-INC0779210NCIterms outageWait to watch status;  ticket probably 
 Outage continues for Term Form

Note: there was an attack last night, Tue Oct 3 from 4:48 pm -> 5:16
Is the outage that happened this morning just 10 pm.

Note: there was another outage again, morning of Wed, Oct 4, starting around 5am to around 7:45am
Based on communications, it appears that morning outage may have been due to a from a Netsparker scan?

ACTION: wait and watch?


SYSTEMS
EVS transition to virtual machines

STATUS:  Waiting on PROD VM to be ready. Once PROD VM is ready, will switch PROD and STAGE at same timeAs decided from last week, we will wait to switch STAGE from on prem to VM once PROD VM is ready; so we can switch both PROD and STAGE at same time .

Systems

BACKGROUND: 

On Friday Sept 29th, we were asked to deploy a banner on public-facing websites if the government was shutdown. There was confusion about who was reponsible for which pages - and how to do it quickly (especially if systems groups goes to bare-bones support level. While the government was not shut down, we still want the ability to handle it better in the future.
 
OBJECTIVE:

 to

Systems

OBJECTIVE: be able to update public-facing pages with banners quickly and efficiently, with Consistent styling desired for all sites .- in case the need ever arises again (in case of another shutdown/emergency/etc)


ACTION:

  •  Build responsibility list for public facing pages (Jason Lucas compiled the list) thumbs up 

Application

URL

Developer/POC

Term Browser

https://nciterms.nci.nih.gov/

Guidehouse/Kim Ong

Metathesaurus Browser

https://ncim.nci.nih.gov/

Guidehouse/Kim Ong

Term Suggestion Application

https://ncitermform.nci.nih.gov/

Guidehouse/Kim Ong

EVS Explore

https://evsexplore.semantics.cancer.gov

WCI/Brian Carlsen

EVSRESTAPI (Swagger Page)

https://api-evsrest.nci.nih.gov/swagger-ui/index.html

WCI/Brian Carlsen

EVS website

https://evs.nci.nih.gov/

Clint Malone?

Report Exporter

https://evs.cancer.gov/report-exporter

Mayo/Andrew Moore

LexEVS CTS2 docs                          

https://lexevscts2docs.nci.nih.gov

Mayo/Tracy Safran

LexEVS CTS2 Landing Page

https://lexevscts2.nci.nih.gov/lexevscts2/

Mayo/Tracy Safran

EVS Semantic Integration Platform

https://sip.evs.cancer.gov/evssip/

ESI/Ye Wu


ACTION:


LEXEVS UPDATES

Planning

  • Complete Report Exporter refactoring and dependency updates

    • (see EVSREPEXP-475 -> 483)

  • RMI Retirement - in progress

    • Update test script
  • Examine feasibility of Java 17
  • Miscellaneous bug fixes
    • Investigate ERROR messages (both reported by Jason Lucas, and catalina.out  

LexEVS Sprint Status


Completed Sprint - Sprint 212 (Sept 4 - Sept 29)  – Burndown Report

Current Sprint  - Sprint 213 (Oct 2 - Oct 27) LINK TO Jira Sprint 213

  • EVSREPEXP-491 resolve branch-download list not being displayed on chrome browser (now FIXED)
  • EVSREPEXP-433 Security issue: set-value vulnerability
  • LEXEVSCTS2-452 test_associations_subject_of call revealed hierarchy bug
  • EVSREPEXP-478 Feedback form is not coming up
  • LEXEVS-5341 Update Spring to Spring 6
  • LEXEVSCTS2-453 Update CTS2 welcome with digital sytle requirements (header, footer, etc)
  • LEXEVS-5252 Read an Entity by URI throwing a 302 error
  • LEXEVSCTS2-431 Service resource does not populate Service name/version
  • LEXEVS-5361 Investigate Java 17

Technical Debt remediation

LexEVS Code Debt Refactoring

  • Coding complete on lexevs services - except for isolated dependencies
    • The isolated dependencies largely depend on using an updated version of Java (e.g. they are using more current Java versions. Java 21 LTS is the current version.  FYI: the LTS stands for "long-term support". LTS versions are Java 11, Java 17, and Java 21. The more popular non-LTS Java version is Java 14)
    • Scott is investigating costs and feasibility of Java 17 (see LEXEVS-5361 above)
    • LEXEVSCTS2-447 javax-servlet - on hold, until we update Java 17
    • LEXEVSCTS2-446 spring-boot - on hold, until we update Java 17
  • Work on NCIt Browser - ehcache beta on dev. Kim approves promotion (Scott)
Report Exporter

    • Discussion Points:

      • Vulnerable dependencies - in progress
        • Red Herring: while Andrew was debugging, was getting "no results" for Concept codes – turns out it was service problems. 
        • Improving unit testing remaining
      • Ticket 487 - on Prod
      • Feedback form
        • Need to research approval procedure, Mark was asked to reach out to OCPL
        • Andrew to supply copy of survey form from RE

ACTION: Benson, Mark (NIH/NCI) [C] to report on info found out on  

Security

Statistics Dashboard

OBJECTIVE: Complete Migration of Statistics Dashboard from SumoLogic to DataDog by March 2024

STATUS:

The queries used in the Statistics Dashboard have been shared with < someone on migration team > (as of Sept 2023).

They are working on migrating from "SumoLogic" format to DataDog format 

  • SumoLogic Query: 
  • Data Dog Query


ACTIONS:

View file
namedbm_sd_actions.7ee020748834b8a28b07d02f5e65e6e0.avif.pdf
height150

Comparison/Mapping Tool
  • On Hold
AWS Cloud to be in Separate Account

Discussion Points

  • Waiting on AWS team

Decision Points:

Team Absences


Mayo Team - Tracy off Oct 12, 13.  In training Wed, Fri.  Andrew off Oct 27

MSC - 

Leidos - 

QA -

Gov - 


EVS SERVICE AND ARCHITECTURE GROUP UPDATES
EVS Service and Architecture Group

Discussion Points:



DATA UPDATES
Data

Discussion Points: 

23-09.d - schedule to deploy to PROD on  

Will do monthly terminology week starting  

Then will work on META afterwards


DECIDED: Data Deployment should continue as planned - no reason to delay.


BROWSER UPDATES

Browsernote outage discussion above

QA UPDATES

QA

>We completed Regression Executions for the Monthly DDR for Sep '23 (23.09d) for EVS REST APIs on PRODUCTION .

>We Executed Sanity Test Sets for LexEVS Data refresh on QA Tier .

>We have executed Sanity Tests on NCIm,NCIt,TermForm for updated 23.09 Thesaurus deployment  on STAGE Tier and for LexEVS Data refresh on QA Tier.

>We have completed Progression and Sanity Executions for EVS Report Exporter v1.2.0-RC3 Tag on PRODUCTION Tier (EVSREPEXP-487).

thumbs up 


TERMINOLOGIES LIFECYCLE REPORT

Terminology Updates and Schedule 

Discussion Points: 

Decision Points: 

Mark Benson TPM Update
  • Complete Anti-Harassment training thumbs up 
  • Research Scraper attack on NCI Terms Browser

...