docs/sections/release-notes.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2 .. http://creativecommons.org/licenses/by/4.0
   3 .. Copyright 2020-2021 NOKIA
   4 .. _release_notes:
   5
   6 ***************************************
   7 OOM Certification Service Release Notes
   8 ***************************************
   9
  10 .. contents::
  11     :depth: 2
  12 ..
  13
  14 Version: 2.4.0
  15 ==============
  16
  17 Abstract
  18 --------
  19
  20 This document provides the release notes for the Istanbul release.
  21
  22 Summary
  23 -------
  24
  25 Certificate update use case is now available. For details go to:
  26 :ref:`How to use instructions<how_to_use_certificate_update>`
  27
  28 Release Data
  29 ------------
  30
  31 +--------------------------------------+---------------------------------------------------------------------------------------+
  32 | **Project**                          | OOM                                                                                   |
  33 |                                      |                                                                                       |
  34 +--------------------------------------+---------------------------------------------------------------------------------------+
  35 | **Docker images**                    |  * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0                  |
  36 |                                      |  * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0       |
  37 |                                      |  * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0|
  38 |                                      |                                                                                       |
  39 +--------------------------------------+---------------------------------------------------------------------------------------+
  40 | **Release designation**              | Istanbul                                                                              |
  41 |                                      |                                                                                       |
  42 +--------------------------------------+---------------------------------------------------------------------------------------+
  43
  44
  45 New features
  46 ------------
  47
  48 - `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_ Implement certificate update in CMPv2 external issuer
  49
  50 - `OOM-2753 <https://jira.onap.org/browse/OOM-2753>`_ Implement certificate update in CMPv2 CertService
  51
  52 - `OOM-2744 <https://jira.onap.org/browse/OOM-2744>`_ Remove CertService Client mechanism from ONAP
  53
  54 - `OOM-2649 <https://jira.onap.org/browse/OOM-2649>`_ Update contrib/ejbca to 7.x
  55
  56 **Bug fixes**
  57
  58 - `OOM-2771 <https://jira.onap.org/browse/OOM-2771>`_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer
  59
  60 - `OOM-2764 <https://jira.onap.org/browse/OOM-2764>`_ Fix sonar issues in CertService
  61
  62 **Known Issues**
  63
  64 If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions.
  65 The required actions are described in :ref:`Troubleshooting section <troubleshooting>`
  66
  67 Deliverables
  68 ------------
  69
  70 Software Deliverables
  71 ~~~~~~~~~~~~~~~~~~~~~
  72 Docker images mentioned in Release Date section.
  73
  74 Documentation Deliverables
  75 ~~~~~~~~~~~~~~~~~~~~~~~~~~
  76
  77 - :ref:`CMPv2 certificate provider description <cmpv2_cert_provider>`
  78
  79 Known Limitations, Issues and Workarounds
  80 -----------------------------------------
  81
  82 System Limitations
  83 ~~~~~~~~~~~~~~~~~~
  84
  85 Any known system limitations.
  86
  87
  88 Known Vulnerabilities
  89 ~~~~~~~~~~~~~~~~~~~~~
  90
  91 Any known vulnerabilities.
  92
  93
  94 Workarounds
  95 ~~~~~~~~~~~
  96
  97 Any known workarounds.
  98
  99
 100 Security Notes
 101 --------------
 102
 103 **Fixed Security Issues**
 104
 105 None
 106
 107 **Known Security Issues**
 108
 109 None
 110
 111
 112 Test Results
 113 ------------
 114 Not applicable
 115
 116
 117 References
 118 ----------
 119
 120 For more information on the ONAP Istanbul release, please see:
 121
 122 #. `ONAP Home Page`_
 123 #. `ONAP Documentation`_
 124 #. `ONAP Release Downloads`_
 125 #. `ONAP Wiki Page`_
 126
 127 Version: 2.3.3
 128 ==============
 129
 130 Abstract
 131 --------
 132
 133 This document provides the release notes for the Honolulu release.
 134
 135 Summary
 136 -------
 137
 138 Certification Service provides certificates signed by external CMPv2 server - such certificates are further called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP.
 139
 140 This project was moved from Application Authorization Framework (AAF), to check previous release notes see,  `AAF CertService release notes <https://docs.onap.org/projects/onap-aaf-certservice/en/frankfurt/sections/release-notes.html>`_ .
 141
 142
 143 Release Data
 144 ------------
 145
 146 +--------------------------------------+---------------------------------------------------------------------------------------+
 147 | **Project**                          | OOM                                                                                   |
 148 |                                      |                                                                                       |
 149 +--------------------------------------+---------------------------------------------------------------------------------------+
 150 | **Docker images**                    |  * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3                  |
 151 |                                      |  * onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3               |
 152 |                                      |  * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3       |
 153 |                                      |  * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.3|
 154 |                                      |                                                                                       |
 155 +--------------------------------------+---------------------------------------------------------------------------------------+
 156 | **Release designation**              | Honolulu                                                                              |
 157 |                                      |                                                                                       |
 158 +--------------------------------------+---------------------------------------------------------------------------------------+
 159
 160
 161 New features
 162 ------------
 163
 164 - `OOM-2560 <https://jira.onap.org/browse/OOM-2560>`_ Integrated CMPv2 certificate provider with Cert-Manager
 165
 166   An CMPv2 certificate provider is a part of PKI infrastructure. It consumes CertificateRequest custom resource from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server.
 167   During ONAP deployment, the CMPv2 certificate provider is enabled when flags cmpv2Enabled, CMPv2CertManagerIntegration and platform.enabled equals true.
 168
 169   More information can be found on dedicated `wiki page <https://wiki.onap.org/display/DW/CertService+and+K8s+Cert-Manager+integration>`_
 170
 171 - `OOM-2632 <https://jira.onap.org/browse/OOM-2632>`_ Extended CertService API and clients to correctly support SANs parameters such as: e-mails, URIs and IP addresses.
 172
 173 **Bug fixes**
 174
 175 - `OOM-2656 <https://jira.onap.org/browse/OOM-2656>`_ Adjusted CertService API to RFC4210 - changed MAC protection algorithm and number of iteration for such algorithm.
 176
 177 - `OOM-2657 <https://jira.onap.org/browse/OOM-2657>`_ Enhanced CertServiceAPI response in order to include CMP server error messages.
 178
 179 - `OOM-2658 <https://jira.onap.org/browse/OOM-2658>`_ Fixed KeyUsage extension sent to CMPv2 server
 180
 181 **Known Issues**
 182
 183 None
 184
 185 Deliverables
 186 ------------
 187
 188 Software Deliverables
 189 ~~~~~~~~~~~~~~~~~~~~~
 190 Docker images mentioned in Release Date section.
 191
 192 Documentation Deliverables
 193 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 194
 195 - :ref:`CMPv2 certificate provider description <cmpv2_cert_provider>`
 196
 197 Known Limitations, Issues and Workarounds
 198 -----------------------------------------
 199
 200 System Limitations
 201 ------------------
 202
 203 Any known system limitations.
 204
 205
 206 Known Vulnerabilities
 207 ---------------------
 208
 209 Any known vulnerabilities.
 210
 211
 212 Workarounds
 213 -----------
 214
 215 Any known workarounds.
 216
 217
 218 Security Notes
 219 --------------
 220
 221 **Fixed Security Issues**
 222
 223 None
 224
 225 **Known Security Issues**
 226
 227 None
 228
 229
 230 Test Results
 231 ------------
 232 Not applicable
 233
 234
 235 References
 236 ----------
 237
 238 For more information on the ONAP Honolulu release, please see:
 239
 240 #. `ONAP Home Page`_
 241 #. `ONAP Documentation`_
 242 #. `ONAP Release Downloads`_
 243 #. `ONAP Wiki Page`_
 244
 245
 246 .. _`ONAP Home Page`: https://www.onap.org
 247 .. _`ONAP Wiki Page`: https://wiki.onap.org
 248 .. _`ONAP Documentation`: https://docs.onap.org
 249 .. _`ONAP Release Downloads`: https://git.onap.org