-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a Creative Commons Attribution 4.0
+ International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. (c) ONAP Project and its contributors
+.. _release_notes:
+
+******************
+SDNC Release Notes
+******************
+
+
+Abstract
+========
+
+This document provides the release notes for the Frankfurt release of the Software Defined
+Network Controller (SDNC)
+
+Summary
+=======
+
+The Frankfurt release of SDNC introduces new functionality to support PNFs (Physical Network Functions), extends support
+for Netconf/TLS to support CMPv2, and adds support for the Multi Domain Optical Network Service use case.
-Release Notes
-=============
-Version: 1.2.0
---------------
+Release Data
+============
-:Release Date: 2018-11-16
++-------------------------+-------------------------------------------+
+| **Project** | SDNC |
+| | |
++-------------------------+-------------------------------------------+
+| **Docker images** | See :ref:`dockercontainers` section below |
++-------------------------+-------------------------------------------+
+| **Release designation** | Frankfurt |
+| | |
++-------------------------+-------------------------------------------+
+| **Release date** | 06/04/2020 |
+| | |
++-------------------------+-------------------------------------------+
+New features
+------------
-**New Features**
+The SDNC Frankfurt release includes the following features:
-The ONAP Amsterdam release introduces the following changes to SDNC from
-the original openECOMP seed code:
- - Refactored / moved common platform code to new CCSDK project
- - Refactored code to rename openecomp to onap
- - Introduced new GENERIC-RESOURCE-API api, used by vCPE and VoLTE use cases
- - Introduced new docker containers for SDC and DMAAP interfaces
+* ORAN-compliant A1 adaptor (Jira `SDNC-965 <https://jira.onap.org/browse/SDNC-965>`_)
+* Multi-Domain Optical Service (Jira `SDNC-928 <https://jira.onap.org/browse/SDNC-928>`_)
+* Python 2 -> Python 3 migration (Jira `SDNC-967 <https://jira.onap.org/browse/SDNC-967>`_)
+* Upgrade to new Policy lifecycle API (Jira `SDNC-968 <https://jira.onap.org/browse/SDNC-968>`_)
+
+
+
+For the complete list of `SDNC Frankfurt release epics <https://jira.onap.org/issues/?filter=12322>`_ and
+`SDNC Frankfurt release user stories <https://jira.onap.org/issues/?filter=12323>`_ , please see the `ONAP Jira`_.
+
+**Bug fixes**
+
+The full list of `bugs fixed in the SDNC Frankfurt release <https://jira.onap.org/issues/?filter=12324>`_ is maintained on the `ONAP Jira`_.
-**Bug Fixes**
**Known Issues**
-The following known high priority issues are being worked and are expected to be delivered
-in release 1.2.1:
- - `SDNC-179 <https://jira.onap.org/browse/SDNC-179>`_ Failed to make HTTPS connection in restapicall node
- - `SDNC-181 <https://jira.onap.org/browse/SDNC-181>`_ Change call to brg-wan-ip-address vbrg-wan-ip brg topo activate DG
- - `SDNC-182 <https://jira.onap.org/browse/SDNC-182>`_ Fix VNI Consistency: Add vG vxlan tunnel setup and bridge domain setup to brg-topo-activate DG
+The full list of `known issues in SDNC <https://jira.onap.org/issues/?filter=11119>`_ is maintained on the `ONAP Jira`_.
+
+
+Deprecated Features
+-------------------
+
+** SDNC portal **
+
+The SDNC portal is considered deprecated in the Frankfurt release, due
+to resource contraints. This functionality is delivered dormant
+in Frankfurt (i.e. it is disabled in the Frankfurt helm charts) and we
+plan to remove the code entirely in the Guilin release.
+
+** VNF-API **
+
+The functionality provided by the VNF-API is now provided as part
+of the GENERIC-RESOURCE-API. Therefore, the VNF-API is deprecated
+in Frankfurt and will be removed in Guilin.
+
+
+Deliverables
+------------
+
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+
+.. _dockercontainers:
+
+Docker Containers
+`````````````````
+
+The following table lists the docker containers comprising the SDNC Frankfurt
+release along with the current stable Frankfurt version/tag. Each of these is
+available on the ONAP nexus3 site (https://nexus3.onap.org) and can be downloaded
+with the following command::
+
+ docker pull nexus3.onap.org:10001/{image-name}:{version}
+
+
+Note: users that want to use the latest in-development Frankfurt version may use the
+tag 0.7-STAGING-latest to pull the latest daily Frankfurt build
+
++--------------------------------+-----------------------------------------------------+---------+
+| Image name | Description | Version |
++================================+=====================================================+=========+
+| onap/sdnc-aaf-image | SDNC controller image, integrated with AAF for RBAC | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+| onap/sdnc-ansible-server-image | Ansible server | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+| onap/sdnc-dmaap-listener-image | DMaaP listener | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+| onap/sdnc-image | SDNC controller image, without AAF integration | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+| onap/sdnc-ueb-listener-image | SDC listener | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+| onap/sdnc-web-image | Web tier (currently only used by SDN-R persona) | 1.8.3 |
++--------------------------------+-----------------------------------------------------+---------+
+
+
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* `SDN Controller for Radio user guide`_
+
+Known Limitations, Issues and Workarounds
+=========================================
+
+System Limitations
+------------------
+
+No system limitations noted.
+
+
+Known Vulnerabilities
+---------------------
+
+Any known vulnerabilities for ONAP are tracked in the `ONAP Jira`_ in the OJSI project. Any outstanding OJSI issues that
+pertain to SDNC are listed in the :ref:`secissues` section below.
+
+
+Workarounds
+-----------
+
+Not applicable.
+
+
+Security Notes
+--------------
+
+Fixed Security Issues
+~~~~~~~~~~~~~~~~~~~~~
+
+The following security issues have been addressed in the Frankfurt SDNC release:
+
+* `OSJI-34 <https://jira.onap.org/browse/OJSI-34>`_ : Multiple SQL Injection issues in SDNC
+* `OSJI-40 <https://jira.onap.org/browse/OJSI-40>`_ : SDNC service allows for arbitrary code execution
+* `OSJI-41 <https://jira.onap.org/browse/OJSI-41>`_ : SDNC service allows for arbitrary code execution in sla/dgUpload form (CVE-2019-12132)
+* `OSJI-42 <https://jira.onap.org/browse/OJSI-42>`_ : SDNC service allows for arbitrary code execution in sla/printAsXml form (CVE-2019-12123)
+* `OSJI-43 <https://jira.onap.org/browse/OJSI-43>`_ : SDNC service allows for arbitrary code execution in sla/printAsGv form (CVE-2019-12113)
+* `OSJI-199 <https://jira.onap.org/browse/OJSI-199>`_ : SDNC service allows for arbitrary code execution in sla/upload form (CVE-2019-12112)
+* `SDNC-1145 <https://jira.onap.org/browse/SDNC-1145>`_ : Pods still run as root
+* `SDNC-970 <https://jira.onap.org/browse/SDNC-970>`_ : Password removal from OOM Helm charts
+
+.. _secissues :
+
+Known Security Issues
+~~~~~~~~~~~~~~~~~~~~~
+
+There is currently one known SDNC security issue, related to the SDNC portal
+
+* `OJSI-91 <https://jira.onap.org/browse/OJSI-91>`_ : SDNC exposes unprotected API for user creation
+
+The current implementation of the SDNC portal - which was intended purely
+as a test tool - has a self-subscription model - so anyone can create an
+account by going to the setup link. This is not appropriate for production
+deployment and we strongly recommend that the SDNC portal NOT be used in
+production.
+
+The SDNC portal is disabled in the Frankfurt helm charts and will be removed
+entirely in the Guilin release.
+
+
+
+Test Results
+============
+Not applicable
-**Security Issues**
- You may want to include a reference to CVE (Common Vulnerabilities and Exposures) `CVE <https://cve.mitre.org>`_
+References
+==========
-**Upgrade Notes**
+For more information on the ONAP Frankfurt release, please see:
-**Deprecation Notes**
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
-**Other**
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+.. _`ONAP Jira`: https://jira.onap.org
+.. _`SDN Controller for Radio user guide`: https://docs.onap.org/en/frankfurt/submodules/ccsdk/features.git/docs/guides/onap-user/home.html