1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
6 Version 0.6.4 (dgbuilder), 0.6.5 (cds)
7 ***************************************
8 :Release Date: 2020-08-24
10 El Alto Maintenance Release 1
12 The primary goal of this maintenance release is to address expired certificates. The only impact to CCSDK is in dgbuilder, which should use version
15 This maintenance release also includes a number of fixes to CDS for issues found by users of El Alto.
20 The following table lists the CCSDK docker containers updated in El Alto Maintenance Release 1 and their versions.
22 +--------------------------------------+---------------------------------------------------+----------------------+
23 | Image name | Description | Version(s) |
24 +======================================+===================================================+======================+
25 | onap/ccsdk-blueprints-processor | CDS blueprint processor | 0.6.5 |
26 +--------------------------------------+---------------------------------------------------+----------------------+
27 | onap/ccsdk-cds-ui | CDS web interface | 0.6.5 |
28 +--------------------------------------+---------------------------------------------------+----------------------+
29 | onap/ccsdk-cds-ui-server | CDS user interface back end | 0.6.5 |
30 +--------------------------------------+---------------------------------------------------+----------------------+
31 | onap/ccsdk-commandexecutor | CDS command executor | 0.6.5 |
32 +--------------------------------------+---------------------------------------------------+----------------------+
33 | onap/ccsdk-controllerblueprint | CDS controller blueprints | 0.6.5 |
34 +--------------------------------------+---------------------------------------------------+----------------------+
35 | onap/ccsdk-dgbuilder-image | Directed graph builder | 0.6.4 |
36 +--------------------------------------+---------------------------------------------------+----------------------+
37 | onap/ccsdk-sdclistener | CDS SDC listener | 0.6.5 |
38 +--------------------------------------+---------------------------------------------------+----------------------+
43 The following CDS fixes needed by El Alto users are included in this release:
45 +------------+----------------------------------------------------------------------------------+
47 +============+==================================================================================+
48 | CCSDK-1793 | CDS UI is pointing to the wrong endpoint for Save, Enrich, Download actions |
49 +------------+----------------------------------------------------------------------------------+
50 | CCSDK-1816 | update vLB_CDS CBA package |
51 +------------+----------------------------------------------------------------------------------+
52 | CCSDK-1859 | Bump up number of command-executor workers from 10 to 15 |
53 +------------+----------------------------------------------------------------------------------+
54 | CCSDK-1692 | Kotlin ResourceResolution scripts dynamic compilation prevents redeploying CBA |
55 +------------+----------------------------------------------------------------------------------+
56 | CCSDK-1886 | Netconf client invoke_rpc always fails even if it looks as if it succeeds. |
57 +------------+----------------------------------------------------------------------------------+
58 | CCSDK-1855 | Improve Remote Python Executor error handling and allow for structured response |
59 +------------+----------------------------------------------------------------------------------+
60 | CCSDK-1693 | Various resource resolution fix/improvements |
61 +------------+----------------------------------------------------------------------------------+
62 | CCSDK-1908 | netconfclient try <close-session/> 3 times before going to <kill-session/> |
63 +------------+----------------------------------------------------------------------------------+
64 | CCSDK-1877 | CDS remove http(s)_proxy reference from build process/artifact |
65 +------------+----------------------------------------------------------------------------------+
66 | CCSDK-1885 | CDS Rolling Upgrade Support |
67 +------------+----------------------------------------------------------------------------------+
68 | CCSDK-1924 | CDS Forced to change version/blueprint name when uploading new blueprint |
69 +------------+----------------------------------------------------------------------------------+
70 | CCSDK-2012 | BP Processor was not respecting timeouts... cmd-executors (with erroneous |
71 | | scripts) would hang BP processor |
72 +------------+----------------------------------------------------------------------------------+
73 | CCSDK-2020 | Custom headers for AAI rest calls from CDS |
74 +------------+----------------------------------------------------------------------------------+
75 | CCSDK-1855 | Improve Remote Python Executor error handling and allow for structured response |
76 +------------+----------------------------------------------------------------------------------+
77 | CCSDK-2039 | CMD executor didn't separate env. preparation and execution timeouts. |
78 +------------+----------------------------------------------------------------------------------+
79 | CCSDK-2049 | CMD executor env.prep was not handling error when 'packages' section missing |
81 +------------+----------------------------------------------------------------------------------+
82 | CCSDK-1860 | Pass CDS requestID/subReqID to Python execution in CMD proc. |
83 +------------+----------------------------------------------------------------------------------+
84 | CCSDK-2151 | ComponentConfigSnapshotsExecutor logs the content of a config snapshot, possibly |
85 | | exposing sensitive data |
86 +------------+----------------------------------------------------------------------------------+
91 :Release Date: 2019-09-30
97 The CCSDK El Alto release includes artifacts for both OpenDaylight Fluorine SR2 (version 0.5.3) and
98 OpenDaylight Neon SR1 (version 0.6.2).
100 Note: CCSDK support for Ubuntu-based OpenDaylight containers is deprecated. Ubuntu-based containers are provided
101 for ODL Fluorine, but not for Neon.
103 The following table lists the CCSDK docker containers and their versions.
105 +--------------------------------------+---------------------------------------------------+----------------------+
106 | Image name | Description | Version(s) |
107 +======================================+===================================================+======================+
108 | onap/ccsdk-alpine-image | Base Alpine Linux image for CCSDK | 0.5.3 (ODL Fluorine) |
109 | | | 0.6.2 (ODL Neon) |
110 +--------------------------------------+---------------------------------------------------+----------------------+
111 | onap/ccsdk-ansible-server-image | Ansible server image | 0.5.3 (ODL Fluorine) |
112 | | | 0.6.2 (ODL Neon) |
113 +--------------------------------------+---------------------------------------------------+----------------------+
114 | onap/ccsdk-apps-ms-neng | Naming microservice | 0.6.2 |
115 +--------------------------------------+---------------------------------------------------+----------------------+
116 | onap/ccsdk-blueprints-processor | CDS blueprint processor | 0.6.2 |
117 +--------------------------------------+---------------------------------------------------+----------------------+
118 | onap/ccsdk-cds-ui | CDS web interface | 0.6.2 |
119 +--------------------------------------+---------------------------------------------------+----------------------+
120 | onap/ccsdk-cds-ui-server | CDS user interface back end | 0.6.2 |
121 +--------------------------------------+---------------------------------------------------+----------------------+
122 | onap/ccsdk-commandexecutor | CDS command executor | 0.6.2 |
123 +--------------------------------------+---------------------------------------------------+----------------------+
124 | onap/ccsdk-controllerblueprint | CDS controller blueprints | 0.6.2 |
125 +--------------------------------------+---------------------------------------------------+----------------------+
126 | onap/ccsdk-dgbuilder-image | Directed graph builder | 0.5.3 (ODL Fluorine) |
127 | | | 0.6.2 (ODL Neon) |
128 +--------------------------------------+---------------------------------------------------+----------------------+
129 | onap/ccsdk-odl-fluorine-alpine-image | Alpine based OpenDaylight Fluorine SR2 image | 0.5.3 |
130 +--------------------------------------+---------------------------------------------------+----------------------+
131 | onap/ccsdk-odl-fluorine-ubuntu-image | Ubuntu based OpenDaylight Fluorine SR2 image | 0.5.3 |
132 +--------------------------------------+---------------------------------------------------+----------------------+
133 | onap/ccsdk-odl-neon-alpine-image | Alpine based OpenDaylight Neon SR1 image | 0.6.2 |
134 +--------------------------------------+---------------------------------------------------+----------------------+
135 | onap/ccsdk-odlsli-alpine-image | Alpine based OpenDaylight image with CCSDK | 0.5.3 (ODL Fluorine) |
136 | | libraries installed | 0.6.2 (ODL Neon) |
137 +--------------------------------------+---------------------------------------------------+----------------------+
138 | onap/ccsdk-odlsli-image | Ubuntu based OpenDaylight image with CCSDK | 0.5.3 (ODL Fluorine) |
139 | | libraries installed. DEPRECATED (see note above) | |
140 +--------------------------------------+---------------------------------------------------+----------------------+
141 | onap/ccsdk-saltstack-server-image | Saltstack server | 0.5.3 (ODL Fluorine) |
142 | | | 0.6.2 (ODL Neon) |
143 +--------------------------------------+---------------------------------------------------+----------------------+
144 | onap/ccsdk-sdclistener | CDS SDC listener | 0.6.2 |
145 +--------------------------------------+---------------------------------------------------+----------------------+
146 | onap/ccsdk-ubuntu-image | Base Ubuntu image for CCSDK | 0.5.3 |
148 +--------------------------------------+---------------------------------------------------+----------------------+
152 There are no new use cases or functional requirements in the El Alto release. The focus of this release is on bug
153 fixes, with a particular emphasis fon security fixes. However, there are new non-functional user stories that were
156 The full list of CCSDK user stories for El Alto may be found at <https://jira.onap.org/issues/?filter=12041>.
158 The following table lists some of the most significant user stories:
160 +--------------+----------------------------------------------------+
161 | Jira # | Abstract |
162 +==============+====================================================+
163 | CCSDK-1387 | Upgrade to OpenDaylight Neon SR1 |
164 +--------------+----------------------------------------------------+
165 | CCSDK-1033 | Support for NETCONF Notifications in CCSDK/SDNC |
166 +--------------+----------------------------------------------------+
170 The full list of bug fixes in the El Alto release may be found at <https://jira.onap.org/issues/?filter=12018>
172 The following table summarizes some of the most significant issues addressed:
174 +--------------+----------------------------------------------------+
175 | Jira # | Abstract |
176 +==============+====================================================+
177 | [CCSDK-1445] | loading jdbc driver Exception in ccsdk |
178 +--------------+----------------------------------------------------+
179 | [CCSDK-1443] | cds blueprint processor does not start |
180 +--------------+----------------------------------------------------+
181 | [CCSDK-1240] | CVE-20190-3795 : spring-data-core vulnerability |
182 +--------------+----------------------------------------------------+
183 | [CCSDK-1239] | CVE-2019-3797 : spring-data vulnerability |
184 +--------------+----------------------------------------------------+
185 | [CCSDK-1238] | Multiple CVEs - commons-compress |
186 +--------------+----------------------------------------------------+
187 | [CCSDK-1117] | Remove runtime internet dependency for dgbuilder |
188 +--------------+----------------------------------------------------+
189 | [CCSDK-991] | Upgrade to spring-core 2.8.6 or higher |
190 +--------------+----------------------------------------------------+
191 | [CCSDK-988] | Multiple CVEs - spring-expression < 4.3.17.RELEASE |
192 +--------------+----------------------------------------------------+
193 | [CCSDK-441] | Spring 3 vulnerability CVE-2018-1270 |
194 +--------------+----------------------------------------------------+
198 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
202 *Fixed Security Issues*
204 * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
206 *Known Security Issues*
208 * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_]
209 * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_]
211 *Known Vulnerabilities in Used Modules*
214 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
216 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
218 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
223 :Release Date: 2019-06-13
225 Note: The Dublin version for most CCSDK repositories is 0.4.4, except for CDS which is version
230 The full list of Dublin epics and user stories for CCSDK may be found at <https://jira.onap.org/issues/?filter=11802>.
232 The following list summarizes some of the most significant epics:
234 +-------------+------------------------------------------------+
235 | Jira # | Abstract |
236 +=============+================================================+
237 | [CCSDK-575] | Improve E2E Process Automation |
238 +-------------+------------------------------------------------+
239 | [CCSDK-840] | S3P - Footprint Optimization |
240 +-------------+------------------------------------------------+
241 | [CCSDK-859] | Update to OpenDaylight Fluorine |
242 +-------------+------------------------------------------------+
243 | [CCSDK-929] | 5G Use Case |
244 +-------------+------------------------------------------------+
245 | [CCSDK-930] | CCVPN Use Case Extension |
246 +-------------+------------------------------------------------+
250 The full list of bug fixes in the CCSDK Dublin release may be found at <https://jira.onap.org/issues/?filter=11804>
253 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
257 *Fixed Security Issues*
259 *Known Security Issues*
261 * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_]
262 * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
263 * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_]
265 *Known Vulnerabilities in Used Modules*
268 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
270 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
272 - `Project Vulnerability Review Table for CCSDK Dublin <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
277 :Release Date: 2019-01-30
280 The following bugs are fixed in the CCSDK Casablanca January 2019 maintenance release:
282 +-------------+-------------------------------------------------------------------------------+
283 | Jira # | Abstract |
284 +=============+===============================================================================+
285 | [CCSDK-727] | Do not prepend "sub" for subnet net id |
286 +-------------+-------------------------------------------------------------------------------+
287 | [CCSDK-728] | Self serve DG adjustement for unassign |
288 +-------------+-------------------------------------------------------------------------------+
289 | [CCSDK-740] | Restore inventory-response-item definition to the original version |
290 +-------------+-------------------------------------------------------------------------------+
291 | [CCSDK-765] | Upgrade jackson version to 2.8.9 |
292 +-------------+-------------------------------------------------------------------------------+
293 | [CCSDK-777] | Release version contains some snapshots |
294 +-------------+-------------------------------------------------------------------------------+
295 | [CCSDK-843] | Compile error due to old snapshot dependency |
296 +-------------+-------------------------------------------------------------------------------+
297 | [CCSDK-935] | restapicall JsonParser failed if response contains : as part of response body |
298 +-------------+-------------------------------------------------------------------------------+
301 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
304 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
306 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
308 - `Project Vulnerability Review Table for CCSDK Casablanca Maintenance Release <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
313 :Release Date: 2018-11-30
317 The full list of Casablanca epics and user stories for CCSDK maybe be found at <https://jira.onap.org/issues/?filter=11516>.
319 The following list summarizes some of the most significant epics:
321 +-------------+------------------------------------------------+
322 | Jira # | Abstract |
323 +=============+================================================+
324 | [CCSDK-279] | Update to OpenDaylight Oxygen release |
325 +-------------+------------------------------------------------+
326 | [CCSDK-357] | Develop Controller Design Studio in Casablanca |
327 +-------------+------------------------------------------------+
328 | [CCSDK-324] | Enhancements to support CCVPN use case |
329 +-------------+------------------------------------------------+
330 | [CCSDK-288] | Usability Enhancements |
331 +-------------+------------------------------------------------+
334 The full list of bug fixes in the CCSDK Casablanca release may be found at <https://jira.onap.org/issues/?filter=11544>
337 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
340 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
342 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
344 - `Project Vulnerability Review Table for CCSDK Casablanca <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
350 :Release Date: 2018-06-07
356 The full list of Beijing Epics and user stories for CCSDK may be found at <https://jira.onap.org/issues/?filter=10792>. The following
357 list summarizes some of the more critical features:
359 +--------------+-----------------------------------------------------------------------------------------------+
360 | Jira # | Abstract |
361 +==============+===============================================================================================+
362 | [CCSDK-222] | Ansible server support <https://jira.onap.org/browse/CCSDK-222> |
363 +--------------+-----------------------------------------------------------------------------------------------+
364 | [CCSDK-191] | enable fast loading of graphs <https://jira.onap.org/browse/CCSDK-191> |
365 +--------------+-----------------------------------------------------------------------------------------------+
366 | [CCSDK-179] | Upgrade CCSDK ODL containers to Nitrogen <https://jira.onap.org/browse/CCSDK-179> |
367 +--------------+-----------------------------------------------------------------------------------------------+
368 | [CCSDK-177] | Upgrade sli/northbound to Nitrogen <https://jira.onap.org/browse/CCSDK-177> |
369 +--------------+-----------------------------------------------------------------------------------------------+
370 | [CCSDK-176] | Upgrade sli/adaptors to Nitrogen <https://jira.onap.org/browse/CCSDK-176> |
371 +--------------+-----------------------------------------------------------------------------------------------+
372 | [CCSDK-175] | Upgrade sli/core to Nitrogen <https://jira.onap.org/browse/CCSDK-175> |
373 +--------------+-----------------------------------------------------------------------------------------------+
374 | [CCSDK-174] | Update ccsdk parent to support Nitrogen parent poms <https://jira.onap.org/browse/CCSDK-174> |
375 +--------------+-----------------------------------------------------------------------------------------------+
376 | [CCSDK-172] | Ability to call Ansible playbook from directed graph <https://jira.onap.org/browse/CCSDK-172> |
377 +--------------+-----------------------------------------------------------------------------------------------+
381 The full list of bug fixes in the CCSDK Beijing release may be found at <https://jira.onap.org/issues/?filter=11117>
385 +--------------+-----------------------------------------------------------------------------------------------------+
386 | Jira # | Abstract |
387 +==============+=====================================================================================================+
388 | [CCSDK-136] | pgaas is dependent on location\_prefix being all lowercase <https://jira.onap.org/browse/CCSDK-136> |
389 +--------------+-----------------------------------------------------------------------------------------------------+
393 CCSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The CCSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_.
396 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
398 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
400 - `Project Vulnerability Review Table for CCSDK Beijing <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_
406 **Deprecation Notes**
419 :Release Date: 2017-11-16
425 The Common Controller SDK provides the following functionality :
426 - Service Logic Interpreter
427 - Database access library (dblib)
428 - Service Logic test api (sliapi)
429 - MD-SAL data query adaptor
440 - `CCSDK-110 <https://jira.onap.org/browse/CCSDK-110>`_ Resolve license issues in dashboard project
441 - `CCSDK-136 <https://jira.onap.org/browse/CCSDK-136>`_ pgaas is dependent on location_prefix being all lowercase
442 - `CCSDK-137 <https://jira.onap.org/browse/CCSDK-137>`_ isolate deprecated methods
445 You may want to include a reference to CVE (Common Vulnerabilities and Exposures) `CVE <https://cve.mitre.org>`_
450 **Deprecation Notes**