AAI Release Notes
==================
+Version: 1.5.1
+
+:Release Data: 2019-10-03
+
+**New Features**
+
+The R5 El Alto release of ONAP is a maintenance release, focusing on
+deployability, technical debt, and footprint opimization.
+
+AAI focused on converting all of our microservices to Alpine, created
+common images for users to select either Alpine or Ubuntu, and reduced
+the number of microservices that is started by default for the
+demo. We updated to newer versions of spring boot - we are in the
+process of moving to spring-boot 2, but many of the microservices are
+still running 1.5.21. We updated to JanusGraph 0.2.3, which is a
+seamless upgrade from 0.2.0 which was used in Dublin.
+
+Users who would like to further reduce the AAI footprint can update the
+aai/oom helm charts.
+
+To re-enable the services that have been disabled by default, update
+to "enabled: true" in aai/oom/values.yaml:
+
+ .. code-block:: bash
+
+ aai-champ:
+ enabled: true
+ aai-gizmo:
+ enabled: true
+ aai-spike:
+ enabled: true
+
+To disable other components that are not critical to the Integration
+use cases (vFw, vLB, vDNS, etc), add "enabled: false" in
+aai/oom/values.yaml for each of the following services:
+
+ .. code-block:: bash
+
+ aai-data-router:
+ enabled: false
+ aai-search-data:
+ enabled: false
+ aai-elasticsearch:
+ enabled: false
+ aai-sparky-fe:
+ enabled: false
+
+*Known Vulnerabilities in Used Modules*
+
+AAI code has been formally scanned during build time using NexusIQ and
+all Critical vulnerabilities have been addressed, items that remain
+open have been assessed for risk and determined to be false
+positive. The AAI open Critical security vulnerabilities and their
+risk assessment have been documented as part of the linkTBD
+
+**Known Issues**
+
+The AAI UI is now integrated with Portal and AAF. However, the AAF
+default boostrap does not include a role that is necessary the demo
+user to access the AAI UI.
+
+Run the following as a workaround, adjust the URL and credentials
+according to your environment. The user in CRED must be able to update
+the org.onap.aai namespace. The following example has been tested from
+inside the AAI resources pod.
+
+ .. code-block:: bash
+
+ URL='https://aaf-service.onap:8100'
+ CRED='aai@aai.onap.org:demo123456!'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/RoleRequest+json" $URL/authz/role -d '{"name":"org.onap.aai.aaiui"}'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/UserRoleRequest+json" $URL/authz/userRole -d '{ "user":"demo@people.osaaf.org", "role":"org.onap.aai.aaiui" }'
+
+Frankfurt will include the role and role assignment in the
+default bootstrap data (being tracked under `AAI-2475 <https://jira.onap.org/browse/AAI-2475>`__)
+
+- `AAI-2606 <https://jira.onap.org/browse/AAI-2606>`_ Schema-service entity description is not available
+
+- `AAI-2457 <https://jira.onap.org/browse/AAI-2457>`_ Inconsistent error messages when getting AAI resources
+
+- `AAI-2457 <https://jira.onap.org/browse/AAI-2457>`_ Inconsistent error messages when getting AAI resources
+
+- `AAI-2092 <https://jira.onap.org/browse/AAI-2092>`_ aai-resources does excessive amounts of logging
+
+- `AAI-2082 <https://jira.onap.org/browse/AAI-2082>`_ aai-resources gives incorrect output when aai-cassandra has shutdown with failure
+
+Quick Links:
+
+- `Active and Available Inventory project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `R5 Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+- `R5 Project Vulnerability Review Table for AAI <https://wiki.onap.org/pages/viewpage.action?pageId=64003431>`_
+
+
+Version: 1.4.0
+
+:Release Data: 2019-06-08
+
+**New Features**
+
+The R4 Dublin release of ONAP is a balanced release, focusing on
+platform maturity and deployablity while also bringing in significant
+new features and use cases . AAI continued to leverage oom and
+kubernetes, and added new data types in support of multiple R4 use
+cases. AAI added a new schema service which moves AAI closer to being
+more model-driven and flexible.
+
+AAI is more model driven in Casablanca, which means it dynamically
+operationalize new and updated models at run-time, with minimal
+downtime and coding, so that the latest service and resource models
+can be delivered quickly. To do this, AAI must update its internal
+model, external API and behavior to respond to change to service and
+resource models, including schema changes. The schema service provides
+ONAP users the ability to quickly change the AAI data model without
+re-building key microservices.
+
+AAI delivered 55%+ test coverage on all Java-based repos.
+
+See `AAI-1779 <https://jira.onap.org/browse/AAI-1779>`__ for details
+on the schema updates in R4.
+
+Some AAI services can be configured to leverage the ONAP Pluggable
+Security Sidecar proof of concept (disabled by default, see the charts
+under aai/oom for more details).
+
+AAI now manages its own helm charts. See `aai/oom <https://gerrit.onap.org/r/admin/repos/aai/oom>`__
+
+**Known Issues**
+
+The AAI UI is now integrated with Portal and AAF. However, the AAF
+default boostrap does not include a role that is necessary the demo
+user to access the AAI UI.
+
+Run the following as a workaround, adjust the URL and credentials
+according to your environment. The user in CRED must be able to update
+the org.onap.aai namespace. The following example has been tested from
+inside the AAI resources pod.
+
+ .. code-block:: bash
+
+ URL='https://aaf-service.onap:8100'
+ CRED='aai@aai.onap.org:demo123456!'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/RoleRequest+json" $URL/authz/role -d '{"name":"org.onap.aai.aaiui"}'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/UserRoleRequest+json" $URL/authz/userRole -d '{ "user":"demo@people.osaaf.org", "role":"org.onap.aai.aaiui" }'
+
+Future releases will include the role and role assignment in the
+default bootstrap data (being tracked under `AAI-2475 <https://jira.onap.org/browse/AAI-2475>`__)
+
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+- `OJSI-114 <https://jira.onap.org/browse/OJSI-114>`_ In default deployment AAI (aai) exposes HTTP port 30232 outside of cluster.
+
+*Known Security Issues*
+
+*Known Vulnerabilities in Used Modules*
+
+AAI code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The AAI open Critical security vulnerabilities and their risk assessment have been documented as part of the `R4 project wiki <https://wiki.onap.org/pages/viewpage.action?pageId=64003431>`_.
+
+Quick Links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+- `R4 Project Vulnerability Review Table for AAI <https://wiki.onap.org/pages/viewpage.action?pageId=64003431>`_
+
+
+
+
+Version: 1.3.2
+--------------
+
+:Release Date: 2019-03-31
+
+**Updates**
+
+AAI demo certificates were going to expire before Dublin release, so they've been refreshed to last until 2020.
+
+- `AAI-2282 <https://jira.onap.org/browse/AAI-2282>`_ Update certifcate for Casablanca 3.0.2
Version: 1.3.1
--------------
to align on implementation across different ONAP components to provide
a more strategic model-driven A&AI implementation. For this release
decomposing AAI model/schema artifacts (OXM/XSD) into a more granular
-approach better enables extensibility and support logical
-subdivision of models.
+approach better enables extensibility and support logical subdivision
+of models.
AAI added support fo the Cross Domain and Carrier Layer VPN use case
by adding new object types, models, and edge rules.
Added support Support for SR-IOV.
-Authentication and Authorization is performed using AAF with the
-CADI framework. We use basic authentication with RBAC (Role Based
-Access Control) to secure the AAI REST APIs.
+Authentication and Authorization is performed using AAF with the CADI
+framework. We use basic authentication with RBAC (Role Based Access
+Control) to secure the AAI REST APIs.
AAI added automation support for orchestrating SR-IOV Provider
-Networks that are compatible with the Network Cloud 1.0
-infrastructure solution based on standard SR-IOV. Allow for standard
-SR-IOV Provider Networks to be defined with a set of one or more
-VLAN associations.
+Networks that are compatible with the Network Cloud 1.0 infrastructure
+solution based on standard SR-IOV. Allow for standard SR-IOV Provider
+Networks to be defined with a set of one or more VLAN associations.
AAI added suport to allow clients to specify the format on GET
operations in the resources micoservices to output like the custom
- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
-- `Project Vulnerability Review Table for AAI <https://wiki.onap.org/pages/viewpage.action?pageId=45307817>`_
+- `R3 Project Vulnerability Review Table for AAI <https://wiki.onap.org/pages/viewpage.action?pageId=45307817>`_
Version: 1.2.0
- Applications
- Sparky (AAI User Interface)
-Source code of AAI is released under the following repositories at https://gerrit.onap.org
+Source code of AAI is released under the following repositories at https://gerrit.onap.org
- aai/aai-common
- aai/event-client
- `AAI-17 <https://jira.onap.org/browse/AAI-17>`_ Seed code stabilization
-- `AAI-21 <https://jira.onap.org/browse/AAI-21>`_ Gizmo
+- `AAI-21 <https://jira.onap.org/browse/AAI-21>`_ Gizmo
- `AAI-24 <https://jira.onap.org/browse/AAI-24>`_ Move to Active Open Source Graph Database
- `AAI-566 <https://jira.onap.org/browse/AAI-566>`_ AAI Eclipse build failure - aai-traversal pom as hardcoded 1.8.0_101 jdk.tools version
- `AAI-621 <https://jira.onap.org/browse/AAI-621>`_ Update the snapshot in test-config for v1.1.1-SNAPSHOT
-
+
Version: 1.1.0
--------------
**New Features**
-Initial release of Active and Available Inventory (AAI) for Open Network Automation Platform (ONAP). AAI provides ONAP with its logically centralized view of inventory data, taking in updates from orchestrators, controllers, and assurance systems. AAI provides core REST services.
+Initial release of Active and Available Inventory (AAI) for Open Network Automation Platform (ONAP). AAI provides ONAP with its logically centralized view of inventory data, taking in updates from orchestrators, controllers, and assurance systems. AAI provides core REST services.
ONAP AAI R1 includes the following components:
**Known Issues**
- `AAI-61 <https://jira.onap.org/browse/AAI-61>`_ AAI cleaned up references to OpenECOMP but in order to keep the release stable for R1, the XML namespace still contains openecomp.
-
+
Client systems should use http://org.openecomp.aai.inventory/v11 as the XML namespace for ONAP AAI R1.
**Security Issues**
Code Review / aai / aai-common.git / blobdiff