X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=docs%2Frelease-notes.rst;h=898dc950cb74caf8d8bc45f3d0a0e7002ce5d586;hb=refs%2Fchanges%2F97%2F108897%2F1;hp=9d6e725a2b43b4081afe3e61e873ae71a308f04b;hpb=25007dd71736560d20e01f98eb31893c2a4c57ea;p=sdc.git diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 9d6e725a2b..898dc950cb 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -1,9 +1,269 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. _release_notes: ============= Release Notes ============= + +Version: 1.6.6 +============== + +:Release Date: 2020-06-04 + +SDC SDKs Versions +----------------- + +- sdc-distribution-client + + :Version: 1.4.1 + +- sdc-tosca + + :Version: 1.6.2 + +Release Purpose +---------------- + + +**Epics** + +* `SDC-1607 `_ - Logging alignemnet to 1.2 logging spec +* `SDC-1970 `_ - Supporting PNF package onboarding +* `SDC-2011 `_ - Design Studio (DCAE-DS) support for 3GPP PM Mapper +* `SDC-2378 `_ - ONAP as Third Party Domain Manager - Import Third Party Catalog in SDC +* `SDC-2415 `_ - AAF integration of HTTPS certificates +* `SDC-2482 `_ - Add VSP Compliance and Verification Check feature Phase 2 +* `SDC-2555 `_ - SDC support of Network Slicing Demo in Frankfurt +* `SDC-2598 `_ - Frankfurt release planning milestone +* `SDC-2643 `_ - Collapsing Roles / Role consolidation +* `SDC-2683 `_ - Functionality and API Freeze +* `SDC-2742 `_ - Code Freeze +* `SDC-2787 `_ - Release Candidate 0 Integration and Test + +**Stories** + +* `SDC-1952 `_ - 9 artifacts 9 definition is missing in the exported csar 9 s VDU node +* `SDC-2095 `_ - R6 5G U/C SDC: PM Dictionary GUI Display from PNF Onboarded Package +* `SDC-2138 `_ - SDC docker runs as non root +* `SDC-2216 `_ - Security improvements +* `SDC-2382 `_ - Introduce a new category for the 3rd party Service +* `SDC-2383 `_ - Expose the API for service creation as an External API +* `SDC-2385 `_ - Introduce property mapping rules to define parent-child mapping for properties added in service definition +* `SDC-2393 `_ - CBA association enhancement in PNFD to support API decision +* `SDC-2394 `_ - Support custom PNF workflow design +* `SDC-2405 `_ - Add workflow-designer secure frontend-backend communication +* `SDC-2417 `_ - SDC must work in HTTPS mode in all interfaces +* `SDC-2456 `_ - Optimize usage of repositories +* `SDC-2559 `_ - Need a getter method to return Input list from getEntity API +* `SDC-2561 `_ - Transformation of customized Node Types for PNFD +* `SDC-2562 `_ - Package Security - support signing of individual artifacts +* `SDC-2582 `_ - CBA association enhancement in VNFD to support API decision +* `SDC-2584 `_ - SDC-BE - create unique identifier for each execution of test cases. +* `SDC-2585 `_ - Refresh option in the onboarding validation page +* `SDC-2589 `_ - Onboard PNF software version +* `SDC-2590 `_ - Upgrade To Cassandra 3 +* `SDC-2629 `_ - SDC UI button for user to request VTP to create \& upload a OVP tar.gz file to OVP Portal +* `SDC-2631 `_ - SDC Meta Data for CDS Integration +* `SDC-2638 `_ - Upgrade Portal SDK to latest (2.6.0) +* `SDC-2639 `_ - Align logging to Onap-ELS 2019.11 +* `SDC-2640 `_ - Handle onboard ALTER tables to support upgrade +* `SDC-2644 `_ - Collapsing Roles - UI changes +* `SDC-2645 `_ - From Certified to Distributed - BE +* `SDC-2650 `_ - Perform Software Composition Analysis - Vulnerability tables +* `SDC-2651 `_ - Tosca Parser - getVFModule - new API +* `SDC-2652 `_ - Document current upgrade component Strategy +* `SDC-2656 `_ - add securityUtil code to Onap +* `SDC-2685 `_ - Upgrade Node \& npm version +* `SDC-2686 `_ - add common-app-logging module +* `SDC-2687 `_ - Upgrade sdc-tosca version in main SDC pom +* `SDC-2691 `_ - Enhance catalog FE proxy to be able to proxy to any defined plugin +* `SDC-2692 `_ - Fix sonar issues +* `SDC-2696 `_ - Release sdc-be-common 1.6.0 +* `SDC-2699 `_ - Increase SDC Code Coverage +* `SDC-2703 `_ - Upgrade Node/npm/yarn version for WF-D +* `SDC-2724 `_ - Catalog alignment +* `SDC-2732 `_ - fix CSIT +* `SDC-2733 `_ - remove unnecessary dependencies from pom +* `SDC-2758 `_ - Backend configuration file runtime reload +* `SDC-2760 `_ - Support import of custom node type name +* `SDC-2761 `_ - Backend extensibility + + +Security Notes +-------------- + +*Fixed Security Issues* + +- [`OJSI-102 `__\ ] - sdc-fe exposes plain text HTTP endpoint using port 30206 +- [`OJSI-126 `__\ ] - sdc-wfd-fe exposes plain text HTTP endpoint using port 30256 +- [`OJSI-127 `__\ ] - sdc-wfd-be exposes plain text HTTP endpoint using port 30257 + + +*Known Security Issues* + +- [`OJSI-90 `__\ ] - SDC exposes unprotected API for user creation +- [`OJSI-94 `__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID + + +*Known Vulnerabilities in Used Modules* + +Quick Links: + +- `SDC project page `__ +- `Passing Badge information for SDC `__ + +**Known Issues** + + N/A + +**Upgrade Notes** + + N/A + +**Deprecation Notes** + + N/A + +**Other** + + N/A + + + + +Version: 1.5.2 +============== + +:Release Date: 2019-10-10 + +SDC SDKs Versions +----------------- + +- sdc-distribution-client + + :Version: 1.4.0 + +- sdc-tosca + + :Version: 1.6.2 + +Release Purpose +---------------- + + +**Epics** + +- [`SDC-1425`_] - SDC documentation improvement +- [`SDC-2461`_] - El Alto release planning milestone +- [`SDC-2487`_] - Functionality and API Freeze +- [`SDC-2523`_] - Code Freeze +- [`SDC-2566`_] - Release Candidate 0 Integration and Test + +.. _SDC-1425: https://jira.onap.org/browse/SDC-1425 +.. _SDC-2461: https://jira.onap.org/browse/SDC-2461 +.. _SDC-2487: https://jira.onap.org/browse/SDC-2487 +.. _SDC-2523: https://jira.onap.org/browse/SDC-2523 +.. _SDC-2566: https://jira.onap.org/browse/SDC-2566 + +**Stories** + +- [`SDC-1894`_] - Enable Certificate for SDC +- [`SDC-1961`_] - Purge APIs for Service and Resource +- [`SDC-2072`_] - Create VSP from VNF csar +- [`SDC-2101`_] - RestConf - Policy model support +- [`SDC-2102`_] - DFC - Policy model support +- [`SDC-2104`_] - PM-Mapper Policy Model support +- [`SDC-2142`_] - Enhance Service/VF/PNF to support Req & Cap +- [`SDC-2166`_] - Enable transport level encryption on all interfaces + and the option to turn it off +- [`SDC-2294`_] - Support Capability Properties +- [`SDC-2296`_] - Upgrade SDC from Titan to Janus Graph +- [`SDC-2313`_] - Fix Service Proxy Node Type +- [`SDC-2359`_] - Fix Service Proxy Node Template +- [`SDC-2397`_] - SDC Constructor injection - better practice +- [`SDC-2416`_] - Embed AAF generated certificate in SDC +- [`SDC-2419`_] - Migrate all SDC projects to O-Parent +- [`SDC-2475`_] - Package Handling - Validate PM Dictionary and VES + Events YAML Files in SOL004 package +- [`SDC-2478`_] - Update SDC versions +- [`SDC-2509`_] - Descriptor Handling - Model-driven mapping from + SOL001 to internal model +- [`SDC-2510`_] - Package Handling - Store the original onboarded + package, whether it's a CSAR or a ZIP +- [`SDC-2540`_] - Package Handling - Fix artifacts references in main + TOSCA descriptor while converting packages +- [`SDC-2560`_] - Update SDC versions + +.. _SDC-1894: https://jira.onap.org/browse/SDC-1894 +.. _SDC-1961: https://jira.onap.org/browse/SDC-1961 +.. _SDC-2072: https://jira.onap.org/browse/SDC-2072 +.. _SDC-2101: https://jira.onap.org/browse/SDC-2101 +.. _SDC-2102: https://jira.onap.org/browse/SDC-2102 +.. _SDC-2104: https://jira.onap.org/browse/SDC-2104 +.. _SDC-2142: https://jira.onap.org/browse/SDC-2142 +.. _SDC-2166: https://jira.onap.org/browse/SDC-2166 +.. _SDC-2294: https://jira.onap.org/browse/SDC-2294 +.. _SDC-2296: https://jira.onap.org/browse/SDC-2296 +.. _SDC-2313: https://jira.onap.org/browse/SDC-2313 +.. _SDC-2359: https://jira.onap.org/browse/SDC-2359 +.. _SDC-2397: https://jira.onap.org/browse/SDC-2397 +.. _SDC-2416: https://jira.onap.org/browse/SDC-2416 +.. _SDC-2419: https://jira.onap.org/browse/SDC-2419 +.. _SDC-2475: https://jira.onap.org/browse/SDC-2475 +.. _SDC-2478: https://jira.onap.org/browse/SDC-2478 +.. _SDC-2509: https://jira.onap.org/browse/SDC-2509 +.. _SDC-2510: https://jira.onap.org/browse/SDC-2510 +.. _SDC-2540: https://jira.onap.org/browse/SDC-2540 +.. _SDC-2560: https://jira.onap.org/browse/SDC-2560 + + +Security Notes +-------------- + +*Fixed Security Issues* + +- [`OJSI-31 `__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be +- CVE-2019-12115 [`OJSI-76 `__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution +- CVE-2019-12116 [`OJSI-77 `__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution +- CVE-2019-12117 [`OJSI-78 `__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution +- CVE-2019-12118 [`OJSI-79 `__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution +- CVE-2019-12119 [`OJSI-80 `__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution + +*Known Security Issues* + +- [`OJSI-90 `__\ ] - SDC exposes unprotected API for user creation +- [`OJSI-94 `__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID +- [`OJSI-126 `__\ ] - In default deployment SDC (sdc-wfd-fe) exposes HTTP port 30256 outside of cluster. +- [`OJSI-127 `__\ ] - In default deployment SDC (sdc-wfd-be) exposes HTTP port 30257 outside of cluster. + + +*Known Vulnerabilities in Used Modules* + +Quick Links: + +- `SDC project page `__ +- `Passing Badge information for SDC `__ + +**Known Issues** + +- [`SDC-2541 `__\ ] - Custom WF not present in the CSAR package + +**Upgrade Notes** + + N/A + +**Deprecation Notes** + + N/A + +**Other** + + N/A + + + + Version: 1.4.1 ============== @@ -93,6 +353,11 @@ The main goal of the Dublin release was to: - [`SDC-2280 `__\ ] - achieve CII Badging passing level for Dublin - [`SDC-2313 `__\ ] - Fix Service Proxy Node Type +**Known Issues** + +- [`SDC-2336 `__\ ] - Service dependency - Can't select sibling property when sibling node is not service proxy +- [`SDC-2374 `__\ ] - SDC appears to lose connectivity to Cassandra and Titan intermittently +- [`SDC-2371 `__\ ] - SDC fails to deploy in Windriver lab Security Notes -------------- @@ -106,6 +371,15 @@ Security Notes - CVE-2019-12116 [`OJSI-77 `__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution - CVE-2019-12117 [`OJSI-78 `__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution - CVE-2019-12118 [`OJSI-79 `__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution +- CVE-2019-12119 [`OJSI-80 `__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution +- [`OJSI-90 `__\ ] - SDC exposes unprotected API for user creation +- [`OJSI-94 `__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID +- [`OJSI-101 `__\ ] - In default deployment SDC (sdc-be) exposes HTTP port 30205 outside of cluster. +- [`OJSI-102 `__\ ] - In default deployment SDC (sdc-fe) exposes HTTP port 30206 outside of cluster. +- [`OJSI-126 `__\ ] - In default deployment SDC (sdc-wfd-fe) exposes HTTP port 30256 outside of cluster. +- [`OJSI-127 `__\ ] - In default deployment SDC (sdc-wfd-be) exposes HTTP port 30257 outside of cluster. +- [`OJSI-132 `__\ ] - In default deployment SDC (sdc-dcae-fe) exposes HTTP port 30263 outside of cluster. +- [`OJSI-133 `__\ ] - In default deployment SDC (sdc-dcae-dt) exposes HTTP port 30265 outside of cluster. *Known Vulnerabilities in Used Modules* @@ -390,7 +664,6 @@ Workflow information is available in readthedocs - [`SDC-951 `__\ ] - update SDC-TOSCA packages - [`SDC-952 `__\ ] - update SDC-DISTRIBUTION-CLIENT packages - [`SDC-953 `__\ ] - update SDC-DOCKER-BASE packages -- [`SDC-954 `__\ ] - update SDC-TITAN-CASSANDRA packages - [`SDC-955 `__\ ] - configuration ovriding capabilities. - [`SDC-957 `__\ ] - add ignore conformance level option - [`SDC-969 `__\ ] - sync1802E to ONAP part 1 @@ -503,7 +776,7 @@ Workflow information is available in readthedocs - [`SDC-653 `__\ ] - implement forwarder capability - [`SDC-657 `__\ ] - Error message is not reported to calling functions - [`SDC-661 `__\ ] - need to throw an exception in case that substitution mappings is not correct -- [`SDC-664 `__\ ] - JTOSCA Library is missing case insensitive check for status attribute value : “supported” vs “SUPPORTED” +- [`SDC-664 `__\ ] - JTOSCA Library is missing case insensitive check for status attribute value : "supported" vs "SUPPORTED" - [`SDC-666 `__\ ] - Library Import feature is ignoring multiple imports in a file and loading only the last one in sequence - [`SDC-667 `__\ ] - Validate and Create capabilities APIs are throwing class cast exception - [`SDC-668 `__\ ] - Imports loading is running in to Stack overflow error for CSARs generated via SDC on-boarding process @@ -599,7 +872,7 @@ Workflow information is available in readthedocs - [`SDC-1188 `__\ ] - User Permission items - [`SDC-1190 `__\ ] - Java proxy classname in audit logs instead of resource name - [`SDC-1192 `__\ ] - ValidationVsp Cannot support multiple sessions -- [`SDC-1200 `__\ ] - SDC tab shows “HTTP Error 305” after login and accessing from the portal +- [`SDC-1200 `__\ ] - SDC tab shows "HTTP Error 305" after login and accessing from the portal - [`SDC-1204 `__\ ] - maven clean leaves files in target - [`SDC-1206 `__\ ] - Create VF fails with 404 error message for subinterface_indicator property - [`SDC-1207 `__\ ] - Distribution cannot create "UEB keys" @@ -637,7 +910,7 @@ Workflow information is available in readthedocs - [`SDC-1274 `__\ ] - NFOD - Error when adding nic to component - [`SDC-1275 `__\ ] - Logging core tests fail on Linux without hostname - [`SDC-1279 `__\ ] - fix marge job -- [`SDC-1280 `__\ ] - ‘Model Schema’ is not available for any API in onboarding Swagger +- [`SDC-1280 `__\ ] - 'Model Schema' is not available for any API in onboarding Swagger - [`SDC-1281 `__\ ] - TOSCA Analyzer - null point exception - [`SDC-1283 `__\ ] - Onboarding filter archive to active changes when pressing on workspace button - [`SDC-1284 `__\ ] - fix catalog-be start @@ -735,27 +1008,27 @@ New Features - [`SDC-53 `__\ ] - F28350/302244 [MVP] SDC 1710 - Increment Conformance Level - [`SDC-54 `__\ ] - F36419/299760 - [EPIC] - [MVP] SDC 1710 – Introduce a new Asset Type: PNF + [EPIC] - [MVP] SDC 1710 - Introduce a new Asset Type: PNF - [`SDC-55 `__\ ] - F34117/305092 - [EPIC] - [MVP] SDC 1710 – Enhance the CP + [EPIC] - [MVP] SDC 1710 - Enhance the CP - [`SDC-56 `__\ ] - F36795/298830 - [EPIC] – Provide a new Capability to Onboard non-HEAT VNFs based on a + [EPIC] - Provide a new Capability to Onboard non-HEAT VNFs based on a Questionnaire. - [`SDC-57 `__\ ] - F36795/150093 - [EPIC] – Enhance the VNF Model to include VNFC (VFC) + [EPIC] - Enhance the VNF Model to include VNFC (VFC) - [`SDC-58 `__\ ] - F36795/291353 EPIC] - [MVP] ASDC 1710 -TOSCA Parser - Stand alone - [`SDC-59 `__\ ] - F36795/296771 - [EPIC] - [MVP] SDC 1710 - TOSCA Parser – Support Complex Inputs + [EPIC] - [MVP] SDC 1710 - TOSCA Parser - Support Complex Inputs - [`SDC-60 `__\ ] - F36795/309319 - EPIC] – Provide Additional Artifact type relevant for VNF Onboarding. + EPIC] - Provide Additional Artifact type relevant for VNF Onboarding. - [`SDC-61 `__\ ] - F36797/291413 [EPIC] - Enhance the VFC Model with additional Properties for VFC characterization - [`SDC-62 `__\ ] - F36801/152151 [EPIC] - [MVP] ASDC 1707 - Tosca Schema files - [`SDC-63 `__\ ] - F36257/292814 - EPIC] - [MVP] SDC 1710 NFR – Enhance the System Health Check API + EPIC] - [MVP] SDC 1710 NFR - Enhance the System Health Check API - [`SDC-64 `__\ ] - 306915 EPIC: [DevOps] - SSL Certificates separation of certificates for the deployment code @@ -878,8 +1151,8 @@ New Features - [`SDC-318 `__\ ] - Provide preset definitions for the enitity types standardized by the tosca-nfv specification. -- [`SDC-325 `__\ ] - Add “Network - Service” and “E2E Service” to the predefined list of SDC categories. +- [`SDC-325 `__\ ] - Add "Network + Service" and "E2E Service" to the predefined list of SDC categories. - [`SDC-327 `__\ ] - add new artifact type to SDC - [`SDC-329 `__\ ] - add @@ -941,7 +1214,7 @@ Bug Fixes - [`SDC-289 `__\ ] - UI shows {length} and {maxLength} instead of actual limit values - [`SDC-290 `__\ ] - discrepancy - between the BE and FE on the “Create New License Agreement” Wizard + between the BE and FE on the "Create New License Agreement" Wizard - [`SDC-296 `__\ ] - The default value of the VF input parameter is incorrect. - [`SDC-297 `__\ ] - adjust