Release Notes
=============
+
+Version: 1.5.2
+==============
+
+:Release Date: 2019-10-10
+
+SDC SDKs Versions
+-----------------
+
+- sdc-distribution-client
+
+ :Version: 1.4.0
+
+- sdc-tosca
+
+ :Version: 1.6.2
+
+Release Purpose
+----------------
+
+
+**Epics**
+
+- [`SDC-1425`_] - SDC documentation improvement
+- [`SDC-2461`_] - El Alto release planning milestone
+- [`SDC-2487`_] - Functionality and API Freeze
+- [`SDC-2523`_] - Code Freeze
+- [`SDC-2566`_] - Release Candidate 0 Integration and Test
+
+.. _SDC-1425: https://jira.onap.org/browse/SDC-1425
+.. _SDC-2461: https://jira.onap.org/browse/SDC-2461
+.. _SDC-2487: https://jira.onap.org/browse/SDC-2487
+.. _SDC-2523: https://jira.onap.org/browse/SDC-2523
+.. _SDC-2566: https://jira.onap.org/browse/SDC-2566
+
+**Stories**
+
+- [`SDC-1894`_] - Enable Certificate for SDC
+- [`SDC-1961`_] - Purge APIs for Service and Resource
+- [`SDC-2072`_] - Create VSP from VNF csar
+- [`SDC-2101`_] - RestConf - Policy model support
+- [`SDC-2102`_] - DFC - Policy model support
+- [`SDC-2104`_] - PM-Mapper Policy Model support
+- [`SDC-2142`_] - Enhance Service/VF/PNF to support Req & Cap
+- [`SDC-2166`_] - Enable transport level encryption on all interfaces
+ and the option to turn it off
+- [`SDC-2294`_] - Support Capability Properties
+- [`SDC-2296`_] - Upgrade SDC from Titan to Janus Graph
+- [`SDC-2313`_] - Fix Service Proxy Node Type
+- [`SDC-2359`_] - Fix Service Proxy Node Template
+- [`SDC-2397`_] - SDC Constructor injection - better practice
+- [`SDC-2416`_] - Embed AAF generated certificate in SDC
+- [`SDC-2419`_] - Migrate all SDC projects to O-Parent
+- [`SDC-2475`_] - Package Handling - Validate PM Dictionary and VES
+ Events YAML Files in SOL004 package
+- [`SDC-2478`_] - Update SDC versions
+- [`SDC-2509`_] - Descriptor Handling - Model-driven mapping from
+ SOL001 to internal model
+- [`SDC-2510`_] - Package Handling - Store the original onboarded
+ package, whether it's a CSAR or a ZIP
+- [`SDC-2540`_] - Package Handling - Fix artifacts references in main
+ TOSCA descriptor while converting packages
+- [`SDC-2560`_] - Update SDC versions
+
+.. _SDC-1894: https://jira.onap.org/browse/SDC-1894
+.. _SDC-1961: https://jira.onap.org/browse/SDC-1961
+.. _SDC-2072: https://jira.onap.org/browse/SDC-2072
+.. _SDC-2101: https://jira.onap.org/browse/SDC-2101
+.. _SDC-2102: https://jira.onap.org/browse/SDC-2102
+.. _SDC-2104: https://jira.onap.org/browse/SDC-2104
+.. _SDC-2142: https://jira.onap.org/browse/SDC-2142
+.. _SDC-2166: https://jira.onap.org/browse/SDC-2166
+.. _SDC-2294: https://jira.onap.org/browse/SDC-2294
+.. _SDC-2296: https://jira.onap.org/browse/SDC-2296
+.. _SDC-2313: https://jira.onap.org/browse/SDC-2313
+.. _SDC-2359: https://jira.onap.org/browse/SDC-2359
+.. _SDC-2397: https://jira.onap.org/browse/SDC-2397
+.. _SDC-2416: https://jira.onap.org/browse/SDC-2416
+.. _SDC-2419: https://jira.onap.org/browse/SDC-2419
+.. _SDC-2475: https://jira.onap.org/browse/SDC-2475
+.. _SDC-2478: https://jira.onap.org/browse/SDC-2478
+.. _SDC-2509: https://jira.onap.org/browse/SDC-2509
+.. _SDC-2510: https://jira.onap.org/browse/SDC-2510
+.. _SDC-2540: https://jira.onap.org/browse/SDC-2540
+.. _SDC-2560: https://jira.onap.org/browse/SDC-2560
+
+
+Security Notes
+--------------
+
+*Fixed Security Issues*
+
+- [`OJSI-31 <https://jira.onap.org/browse/OJSI-31>`__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be
+- CVE-2019-12115 [`OJSI-76 <https://jira.onap.org/browse/OJSI-76>`__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution
+- CVE-2019-12116 [`OJSI-77 <https://jira.onap.org/browse/OJSI-77>`__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution
+- CVE-2019-12117 [`OJSI-78 <https://jira.onap.org/browse/OJSI-78>`__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution
+- CVE-2019-12118 [`OJSI-79 <https://jira.onap.org/browse/OJSI-79>`__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution
+- CVE-2019-12119 [`OJSI-80 <https://jira.onap.org/browse/OJSI-80>`__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution
+
+*Known Security Issues*
+
+- [`OJSI-90 <https://jira.onap.org/browse/OJSI-90>`__\ ] - SDC exposes unprotected API for user creation
+- [`OJSI-94 <https://jira.onap.org/browse/OJSI-94>`__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID
+- [`OJSI-126 <https://jira.onap.org/browse/OJSI-126>`__\ ] - In default deployment SDC (sdc-wfd-fe) exposes HTTP port 30256 outside of cluster.
+- [`OJSI-127 <https://jira.onap.org/browse/OJSI-127>`__\ ] - In default deployment SDC (sdc-wfd-be) exposes HTTP port 30257 outside of cluster.
+
+
+*Known Vulnerabilities in Used Modules*
+
+Quick Links:
+
+- `SDC project page <https://wiki.onap.org/pages/viewpage.action?pageId=6592847>`__
+- `Passing Badge information for SDC <https://bestpractices.coreinfrastructure.org/en/projects/1629>`__
+
+**Known Issues**
+
+- [`SDC-2541 <https://jira.onap.org/browse/SDC-2541>`__\ ] - Custom WF not present in the CSAR package
+
+**Upgrade Notes**
+
+ N/A
+
+**Deprecation Notes**
+
+ N/A
+
+**Other**
+
+ N/A
+
+
+
+
+Version: 1.4.1
+==============
+
+:Release Date: 2019-06-06
+
+SDC SDKs Versions
+-----------------
+
+- sdc-distribution-client
+
+ :Version: 1.3.0
+
+- sdc-tosca
+
+ :Version: 1.5.1
+
+Release Purpose
+----------------
+
+**New Features**
+
+The main goal of the Dublin release was to:
+ - Support PNF onboarding
+ - SOL 001 v2.5.1 support
+ - VSP compliance check feature
+ - SDC and CDS integration
+ - improve code coverage of the SDC code.
+
+
+**Epics**
+
+- [`SDC-1937 <https://jira.onap.org/browse/SDC-1937>`__\ ] - Service Workflow - Assigned Workflow and Complex Types in Operation
+- [`SDC-1956 <https://jira.onap.org/browse/SDC-1956>`__\ ] - Add VSP Compliance Check feature
+- [`SDC-1970 <https://jira.onap.org/browse/SDC-1970>`__\ ] - Supporting PNF package onboarding
+- [`SDC-1987 <https://jira.onap.org/browse/SDC-1987>`__\ ] - Add dependent child service to service
+- [`SDC-1988 <https://jira.onap.org/browse/SDC-1988>`__\ ] - Add property to service
+- [`SDC-1990 <https://jira.onap.org/browse/SDC-1990>`__\ ] - Service Consumption
+- [`SDC-1991 <https://jira.onap.org/browse/SDC-1991>`__\ ] - Service Consumption - Input Data and Validations
+- [`SDC-1992 <https://jira.onap.org/browse/SDC-1992>`__\ ] - Service dependency - Rainy Day Validations
+- [`SDC-1993 <https://jira.onap.org/browse/SDC-1993>`__\ ] - Service dependency - Input Data and Validations
+- [`SDC-1994 <https://jira.onap.org/browse/SDC-1994>`__\ ] - Add property to VNF and PNF
+- [`SDC-1999 <https://jira.onap.org/browse/SDC-1999>`__\ ] - Operation interfaces
+- [`SDC-2170 <https://jira.onap.org/browse/SDC-2170>`__\ ] - updating the VNFD (SOL001) type based on SOL001 v2.5.1
+
+**Stories**
+
+- [`SDC-1000 <https://jira.onap.org/browse/SDC-1000>`__\ ] - SDC Parser is throwing exception on critical issues
+- [`SDC-1392 <https://jira.onap.org/browse/SDC-1392>`__\ ] - Write Unit test for Compile-Helper-Plugin
+- [`SDC-1399 <https://jira.onap.org/browse/SDC-1399>`__\ ] - Change the plugins load to be parallel
+- [`SDC-1426 <https://jira.onap.org/browse/SDC-1426>`__\ ] - catalog documentation
+- [`SDC-1427 <https://jira.onap.org/browse/SDC-1427>`__\ ] - Onboarding documentation
+- [`SDC-1429 <https://jira.onap.org/browse/SDC-1429>`__\ ] - WORKFLOW documentation
+- [`SDC-1489 <https://jira.onap.org/browse/SDC-1489>`__\ ] - multiple cloud technology artifact support
+- [`SDC-1568 <https://jira.onap.org/browse/SDC-1568>`__\ ] - Health check integration for designers
+- [`SDC-1569 <https://jira.onap.org/browse/SDC-1569>`__\ ] - Enable a secuirity solution for the designers in sdc TBD
+- [`SDC-1743 <https://jira.onap.org/browse/SDC-1743>`__\ ] - Add support for work flow deployment on heat
+- [`SDC-1744 <https://jira.onap.org/browse/SDC-1744>`__\ ] - Add support for different locations of Main service template WIP
+- [`SDC-1925 <https://jira.onap.org/browse/SDC-1925>`__\ ] - Resolve SONAR issues in SDC BE
+- [`SDC-1941 <https://jira.onap.org/browse/SDC-1941>`__\ ] - SDC refactoring and code smells
+- [`SDC-1946 <https://jira.onap.org/browse/SDC-1946>`__\ ] - Code quality improvements
+- [`SDC-1948 <https://jira.onap.org/browse/SDC-1948>`__\ ] - Solve BE issues from sonar
+- [`SDC-1950 <https://jira.onap.org/browse/SDC-1950>`__\ ] - asdctool code quality improvements
+- [`SDC-1973 <https://jira.onap.org/browse/SDC-1973>`__\ ] - Create VSP package from PNF onboarding package
+- [`SDC-1974 <https://jira.onap.org/browse/SDC-1974>`__\ ] - Supporting PNF manifest file in the onboarding package
+- [`SDC-1975 <https://jira.onap.org/browse/SDC-1975>`__\ ] - Design time catalog to associate artifacts with PNF (Test)
+- [`SDC-1976 <https://jira.onap.org/browse/SDC-1976>`__\ ] - Supporting PNFD (SOL001) mapping to AID model
+- [`SDC-1977 <https://jira.onap.org/browse/SDC-1977>`__\ ] - Display VSP Resource Type (VF/PNF) in Import VSP UI
+- [`SDC-1978 <https://jira.onap.org/browse/SDC-1978>`__\ ] - Ensure descriptor name matches name used in generated TOSCA.meta in VSP
+- [`SDC-1979 <https://jira.onap.org/browse/SDC-1979>`__\ ] - Allowing the dedicated artifact folder with Entry-point in TOSCA.meta
+- [`SDC-1980 <https://jira.onap.org/browse/SDC-1980>`__\ ] - Supporting onboarding packaging security
+- [`SDC-2022 <https://jira.onap.org/browse/SDC-2022>`__\ ] - Allow custom plugins in SDC
+- [`SDC-2067 <https://jira.onap.org/browse/SDC-2067>`__\ ] - SDC and CDS Integration to enable E2E Automation
+- [`SDC-2085 <https://jira.onap.org/browse/SDC-2085>`__\ ] - Outputs on operations - Operation screen BE
+- [`SDC-2090 <https://jira.onap.org/browse/SDC-2090>`__\ ] - update the normative type of onboarding DM
+- [`SDC-2094 <https://jira.onap.org/browse/SDC-2094>`__\ ] - R4 5G U/C SDC: FM Meta Data GUI Display from PNF Onboarded Package
+- [`SDC-2108 <https://jira.onap.org/browse/SDC-2108>`__\ ] - Import VSP and Create PNF internal csar
+- [`SDC-2109 <https://jira.onap.org/browse/SDC-2109>`__\ ] - Adding additional artifacts
+- [`SDC-2110 <https://jira.onap.org/browse/SDC-2110>`__\ ] - Add PNF manually (without using vsp)
+- [`SDC-2112 <https://jira.onap.org/browse/SDC-2112>`__\ ] - Add a copy of the onboarded package under artifact folder
+- [`SDC-2113 <https://jira.onap.org/browse/SDC-2113>`__\ ] - copy the on boarding artifacts into the right SDC artifact type
+- [`SDC-2136 <https://jira.onap.org/browse/SDC-2136>`__\ ] - HTTPS support on workflow application backend
+- [`SDC-2168 <https://jira.onap.org/browse/SDC-2168>`__\ ] - M2/3/4 findings
+- [`SDC-2194 <https://jira.onap.org/browse/SDC-2194>`__\ ] - Enhance SDC Workflow designer BE to connect to secure Cassandra
+- [`SDC-2199 <https://jira.onap.org/browse/SDC-2199>`__\ ] - Migrate SDC to use Common Cassandra Cluster
+- [`SDC-2226 <https://jira.onap.org/browse/SDC-2226>`__\ ] - Create Internal BE API for artifact Upload
+- [`SDC-2233 <https://jira.onap.org/browse/SDC-2233>`__\ ] - Support workflow artifact in Service Distribution Notification
+- [`SDC-2280 <https://jira.onap.org/browse/SDC-2280>`__\ ] - achieve CII Badging passing level for Dublin
+- [`SDC-2313 <https://jira.onap.org/browse/SDC-2313>`__\ ] - Fix Service Proxy Node Type
+
+**Known Issues**
+
+- [`SDC-2336 <https://jira.onap.org/browse/SDC-2336>`__\ ] - Service dependency - Can't select sibling property when sibling node is not service proxy
+- [`SDC-2374 <https://jira.onap.org/browse/SDC-2374>`__\ ] - SDC appears to lose connectivity to Cassandra and Titan intermittently
+- [`SDC-2371 <https://jira.onap.org/browse/SDC-2371>`__\ ] - SDC fails to deploy in Windriver lab
+
+Security Notes
+--------------
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+- [`OJSI-31 <https://jira.onap.org/browse/OJSI-31>`__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be
+- CVE-2019-12115 [`OJSI-76 <https://jira.onap.org/browse/OJSI-76>`__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution
+- CVE-2019-12116 [`OJSI-77 <https://jira.onap.org/browse/OJSI-77>`__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution
+- CVE-2019-12117 [`OJSI-78 <https://jira.onap.org/browse/OJSI-78>`__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution
+- CVE-2019-12118 [`OJSI-79 <https://jira.onap.org/browse/OJSI-79>`__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution
+- CVE-2019-12119 [`OJSI-80 <https://jira.onap.org/browse/OJSI-80>`__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution
+- [`OJSI-90 <https://jira.onap.org/browse/OJSI-90>`__\ ] - SDC exposes unprotected API for user creation
+- [`OJSI-94 <https://jira.onap.org/browse/OJSI-94>`__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID
+- [`OJSI-101 <https://jira.onap.org/browse/OJSI-101>`__\ ] - In default deployment SDC (sdc-be) exposes HTTP port 30205 outside of cluster.
+- [`OJSI-102 <https://jira.onap.org/browse/OJSI-102>`__\ ] - In default deployment SDC (sdc-fe) exposes HTTP port 30206 outside of cluster.
+- [`OJSI-126 <https://jira.onap.org/browse/OJSI-126>`__\ ] - In default deployment SDC (sdc-wfd-fe) exposes HTTP port 30256 outside of cluster.
+- [`OJSI-127 <https://jira.onap.org/browse/OJSI-127>`__\ ] - In default deployment SDC (sdc-wfd-be) exposes HTTP port 30257 outside of cluster.
+- [`OJSI-132 <https://jira.onap.org/browse/OJSI-132>`__\ ] - In default deployment SDC (sdc-dcae-fe) exposes HTTP port 30263 outside of cluster.
+- [`OJSI-133 <https://jira.onap.org/browse/OJSI-133>`__\ ] - In default deployment SDC (sdc-dcae-dt) exposes HTTP port 30265 outside of cluster.
+
+*Known Vulnerabilities in Used Modules*
+
+Quick Links:
+
+- `SDC project page <https://wiki.onap.org/pages/viewpage.action?pageId=6592847>`__
+- `Passing Badge information for SDC <https://bestpractices.coreinfrastructure.org/en/projects/1629>`__
+
+**Known Issues**
+
+ N/A
+
+**Upgrade Notes**
+
+ N/A
+
+**Deprecation Notes**
+
+ N/A
+
+**Other**
+
+ N/A
+
+
+Version: 1.3.7
+==============
+
+:Release Date: 2019-01-31
+
+`README <https://github.com/onap/sdc>`__
+
+SDC SDKs Versions
+-----------------
+
+- sdc-distribution-client
+ :Version: 1.3.0
+
+- sdc-tosca
+ :Version: 1.4.63
+
+ `README <https://github.com/onap/sdc-sdc-tosca>`__
+
+Release Purpose
+----------------
+The Casablanca Maintenance release was focused on fixing high priority defects discovered in Casablanca release.
+
+**Bugs**
+
+- [`SDC-1447 <https://jira.onap.org/browse/SDC-1447>`__\ ] - [SDC] SDC create csar with many warnnings
+- [`SDC-1955 <https://jira.onap.org/browse/SDC-1955>`__\ ] - SDC distribution failed
+- [`SDC-1958 <https://jira.onap.org/browse/SDC-1958>`__\ ] - SDC Parser can not be used for CCVPN Templates
+- [`SDC-1971 <https://jira.onap.org/browse/SDC-1971>`__\ ] - Change version failure
+- [`SDC-2014 <https://jira.onap.org/browse/SDC-2014>`__\ ] - Documentation figure not readable
+- [`SDC-2053 <https://jira.onap.org/browse/SDC-2053>`__\ ] - SDC fails healthcheck
+- [`SDC-2077 <https://jira.onap.org/browse/SDC-2077>`__\ ] - SDC-BE and SDC-FE missing log files
+
+
+
+Version: 1.3.5
+==============
+
+:Release Date: 2018-11-30
+
+`Link to README <https://github.com/onap/sdc>`__
+
+SDC SDKs Versions
+-----------------
+
+- sdc-distribution-client
+ :Version: 1.3.0
+
+- sdc-tosca
+ :Version: 1.4.7
+
+ `README <https://github.com/onap/sdc-sdc-tosca>`__
+
+Release Purpose
+----------------
+The Casablanca release was focused on improving platform stability and resiliency and introducing new platform capabilities.
+
+**New Features**
+
+The Casablanca release is the third release of the Service Design and Creation (SDC).
+
+The main goal of the Casablanca release was to:
+ - Improve code coverage of the SDC code.
+ - Complete E2E workflow design and distribution.
+ - Finalize DCAE-DS and integrate it with OOM
+ - Support HPA
+ - Enhance security
+
+
+Security Notes
+--------------
+
+SDC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307823>`_.
+
+Quick Links:
+
+- `SDC project page <https://wiki.onap.org/pages/viewpage.action?pageId=6592847>`_
+- `Passing Badge information for SDC <https://bestpractices.coreinfrastructure.org/en/projects/1629>`_
+- `Project Vulnerability Review Table for SDC <https://wiki.onap.org/pages/viewpage.action?pageId=45307823>`_
+
+**Known Issues**
+
+- [`SDC-1958 <https://jira.onap.org/browse/SDC-1958>`__\ ] - SDC Parser can not be used for CCVPN Templates.
+- [`SDC-1955 <https://jira.onap.org/browse/SDC-1955>`__\ ] - SDC distribution failed
+
+**Upgrade Notes**
+
+ N/A
+
+**Deprecation Notes**
+
+ N/A
+
+**Other**
+
+ N/A
+
+
+
Version: 1.2.0
==============
- [`SDC-951 <https://jira.onap.org/browse/SDC-951>`__\ ] - update SDC-TOSCA packages
- [`SDC-952 <https://jira.onap.org/browse/SDC-952>`__\ ] - update SDC-DISTRIBUTION-CLIENT packages
- [`SDC-953 <https://jira.onap.org/browse/SDC-953>`__\ ] - update SDC-DOCKER-BASE packages
-- [`SDC-954 <https://jira.onap.org/browse/SDC-954>`__\ ] - update SDC-TITAN-CASSANDRA packages
- [`SDC-955 <https://jira.onap.org/browse/SDC-955>`__\ ] - configuration ovriding capabilities.
- [`SDC-957 <https://jira.onap.org/browse/SDC-957>`__\ ] - add ignore conformance level option
- [`SDC-969 <https://jira.onap.org/browse/SDC-969>`__\ ] - sync1802E to ONAP part 1
Security Notes
--------------
-SDC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28377537>`_.
+SDC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28377537>`__.
Quick Links:
-- `SDC project page <https://wiki.onap.org/pages/viewpage.action?pageId=6592847>`_
-- `Passing Badge information for SDC <https://bestpractices.coreinfrastructure.org/en/projects/1629>`_
-- `Project Vulnerability Review Table for SDC <https://wiki.onap.org/pages/viewpage.action?pageId=28377537>`_
+- `SDC project page <https://wiki.onap.org/pages/viewpage.action?pageId=6592847>`__
+- `Passing Badge information for SDC <https://bestpractices.coreinfrastructure.org/en/projects/1629>`__
+- `Project Vulnerability Review Table for SDC <https://wiki.onap.org/pages/viewpage.action?pageId=28377537>`__
**Known Issues**
:Version: 1.1.32
-- sdc-tosca
+ - sdc-tosca
- :Version: 1.1.32
+ :Version: 1.1.32
Release Purpose
Code Review / sdc.git / blobdiff