.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2020 NOKIA
+.. Copyright 2020-2021 NOKIA
.. _release_notes:
-==========================
-Cert Service Release Notes
-==========================
+***************************************
+OOM Certification Service Release Notes
+***************************************
-==============
-
-Version: 2.2.0
---------------
-
-:Release Date:
-
-**New Features**
-
-* Added module **oom-certservice-k8s-external-provider** with following functionality:
-
- An external provider is a part of PKI infrastructure. It consumes CertificateRequest CRD from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server.
-
- More information can be found on dedicated `wiki page <https://wiki.onap.org/display/DW/CertService+and+K8s+Cert-Manager+integration>`_
-
-**Bug Fixes**
-
- N/A
-
-**Known Issues**
-
- N/A
-
-**Security Notes**
-
- N/A
-
-*Fixed Security Issues*
-
- N/A
-
-*Known Security Issues*
-
- N/A
-
-*Known Vulnerabilities in Used Modules*
-
- N/A
-
-**Upgrade Notes**
-
-**Deprecation Notes**
-
-**Other**
+.. contents::
+ :depth: 2
+..
+Version: 2.5.0
==============
-Version: 2.1.0
---------------
-
-:Release Date:
-
-**New Features**
-
-* Added module **oom-certservice-post-processor** with following functionality:
-
- * appending CMPv2 certificates to CertMan truststore
- * replacing CertMan keystore with CMPv2 keystore
-
-**Bug Fixes**
-
- N/A
-
-**Known Issues**
-
- N/A
-
-**Security Notes**
-
- N/A
-
-*Fixed Security Issues*
-
- N/A
-
-*Known Security Issues*
-
- N/A
+Abstract
+--------
-*Known Vulnerabilities in Used Modules*
+This document provides the release notes for the Jakarta release.
- N/A
+Summary
+-------
-**Upgrade Notes**
+Vulnerability Fix
-**Deprecation Notes**
+Release Data
+------------
-**Other**
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Project** | OOM |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.5.0 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.5.0|
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Release designation** | Jakarta |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
-==============
-
-Version: 2.0.0
---------------
-
-:Release Date:
-
-**New Features**
- - The same functionality as in aaf-certservice 1.2.0
+New features
+------------
-**Bug Fixes**
-
- N/A
+**Bug fixes**
**Known Issues**
- N/A
-
-**Security Notes**
-
- N/A
-
-*Fixed Security Issues*
-
- N/A
-
-*Known Security Issues*
-
- N/A
-
-*Known Vulnerabilities in Used Modules*
-
- N/A
-
-**Upgrade Notes**
-
-**Deprecation Notes**
-
-**Other**
-
-===========
-
-Version: 1.2.0
---------------
-
-:Release Date:
-
-**New Features**
-
- - Client creates subdirectories in given OUTPUT_PATH and place certificate into it.
-
-**Bug Fixes**
-
- N/A
+If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions.
+The required actions are described in :ref:`Troubleshooting section <troubleshooting>`
-**Known Issues**
+Deliverables
+------------
- N/A
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+Docker images mentioned in Release Date section.
-**Security Notes**
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
+- :ref:`CMPv2 certificate provider description <cmpv2_cert_provider>`
-*Fixed Security Issues*
+Known Limitations, Issues and Workarounds
+-----------------------------------------
- N/A
+System Limitations
+~~~~~~~~~~~~~~~~~~
-*Known Security Issues*
+Any known system limitations.
- N/A
-*Known Vulnerabilities in Used Modules*
+Known Vulnerabilities
+~~~~~~~~~~~~~~~~~~~~~
- N/A
+Any known vulnerabilities.
-**Upgrade Notes**
-**Deprecation Notes**
+Workarounds
+~~~~~~~~~~~
-**Other**
+Any known workarounds.
-===========
-Version: 1.1.0
+Security Notes
--------------
-:Release Date: 2020-06-29
+**Fixed Security Issues**
-**New Features**
+- `OOM-2903 <https://jira.onap.org/browse/OOM-2903>`_ Fix Apache Vulnerability [CVE-2021-44228] in CertService
- - Added property to CertService Client to allow selection of output certificates type (One of: PEM, JKS, P12).
+**Known Security Issues**
-**Bug Fixes**
+None
- - Resolved issue where created PKCS12 certificates had jks extension.
-**Known Issues**
+Test Results
+------------
+Not applicable
- N/A
-**Security Notes**
+References
+----------
- N/A
+For more information on the ONAP Istanbul release, please see:
-*Fixed Security Issues*
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
- N/A
+Version: 2.4.0
+==============
-*Known Security Issues*
+Abstract
+--------
- N/A
+This document provides the release notes for the Istanbul release.
-*Known Vulnerabilities in Used Modules*
+Summary
+-------
- N/A
+Certificate update use case is now available. For details go to:
+:ref:`How to use instructions<how_to_use_certificate_update>`
-**Upgrade Notes**
+Release Data
+------------
-**Deprecation Notes**
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Project** | OOM |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0|
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Release designation** | Istanbul |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
-**Other**
-===========
+New features
+------------
-Version: 1.0.1
---------------
+- `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_ Implement certificate update in CMPv2 external issuer
-:Release Date: 2020-05-22
+- `OOM-2753 <https://jira.onap.org/browse/OOM-2753>`_ Implement certificate update in CMPv2 CertService
-**New Features**
+- `OOM-2744 <https://jira.onap.org/browse/OOM-2744>`_ Remove CertService Client mechanism from ONAP
-The Frankfurt Release is the first release of the Certification Service.
+- `OOM-2649 <https://jira.onap.org/browse/OOM-2649>`_ Update contrib/ejbca to 7.x
+**Bug fixes**
-**Bug Fixes**
+- `OOM-2771 <https://jira.onap.org/browse/OOM-2771>`_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer
- - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
+- `OOM-2764 <https://jira.onap.org/browse/OOM-2764>`_ Fix sonar issues in CertService
**Known Issues**
- - PKCS12 certificates have jks extension
-
-**Security Notes**
+If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions.
+The required actions are described in :ref:`Troubleshooting section <troubleshooting>`
- N/A
+Deliverables
+------------
-*Fixed Security Issues*
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+Docker images mentioned in Release Date section.
- N/A
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
-*Known Security Issues*
+- :ref:`CMPv2 certificate provider description <cmpv2_cert_provider>`
- N/A
+Known Limitations, Issues and Workarounds
+-----------------------------------------
-*Known Vulnerabilities in Used Modules*
+System Limitations
+~~~~~~~~~~~~~~~~~~
- N/A
+Any known system limitations.
-**Upgrade Notes**
-**Deprecation Notes**
+Known Vulnerabilities
+~~~~~~~~~~~~~~~~~~~~~
-**Other**
+Any known vulnerabilities.
-===========
-Version: 1.0.0
---------------
-
-:Release Date: 2020-04-16
-
-**New Features**
-
-The Frankfurt Release is the first release of the Certification Service.
-
-**Bug Fixes**
+Workarounds
+~~~~~~~~~~~
- - No new fixes were implemented for this release
+Any known workarounds.
-**Known Issues**
-
- - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
-
- - PKCS12 certificates have jks extension
-**Security Notes**
-
- N/A
+Security Notes
+--------------
-*Fixed Security Issues*
+**Fixed Security Issues**
- N/A
+None
-*Known Security Issues*
+**Known Security Issues**
- N/A
+None
-*Known Vulnerabilities in Used Modules*
- N/A
+Test Results
+------------
+Not applicable
-**Upgrade Notes**
-**Deprecation Notes**
+References
+----------
-**Other**
+For more information on the ONAP Istanbul release, please see:
-===========
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
-End of Release Notes
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
\ No newline at end of file
Code Review / oom / platform / cert-service.git / blobdiff