X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=docs%2Fsections%2Frelease-notes.rst;fp=docs%2Fsections%2Frelease-notes.rst;h=803ba056a24044a1f19f28abc2b971389ef440c7;hb=187d1435142c50e627890ddd5049a9f43ebbe1a2;hp=094d10bf0f67c0b1ef90710637a71bf8c46f078c;hpb=03b0923ab092e980ba74537f00212abb0f499d05;p=oom%2Fplatform%2Fcert-service.git diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst index 094d10bf..803ba056 100644 --- a/docs/sections/release-notes.rst +++ b/docs/sections/release-notes.rst @@ -11,19 +11,18 @@ OOM Certification Service Release Notes :depth: 2 .. -Version: 2.4.0 +Version: 2.5.0 ============== Abstract -------- -This document provides the release notes for the Istanbul release. +This document provides the release notes for the Jakarta release. Summary ------- -Certificate update use case is now available. For details go to: -:ref:`How to use instructions` +Vulnerability Fix Release Data ------------ @@ -32,12 +31,12 @@ Release Data | **Project** | OOM | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0| +| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.5.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.5.0| | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Release designation** | Istanbul | +| **Release designation** | Jakarta | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ @@ -45,20 +44,8 @@ Release Data New features ------------ -- `OOM-2754 `_ Implement certificate update in CMPv2 external issuer - -- `OOM-2753 `_ Implement certificate update in CMPv2 CertService - -- `OOM-2744 `_ Remove CertService Client mechanism from ONAP - -- `OOM-2649 `_ Update contrib/ejbca to 7.x - **Bug fixes** -- `OOM-2771 `_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer - -- `OOM-2764 `_ Fix sonar issues in CertService - **Known Issues** If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions. @@ -102,7 +89,7 @@ Security Notes **Fixed Security Issues** -None +- `OOM-2903 `_ Fix Apache Vulnerability [CVE-2021-44228] in CertService **Known Security Issues** @@ -124,21 +111,19 @@ For more information on the ONAP Istanbul release, please see: #. `ONAP Release Downloads`_ #. `ONAP Wiki Page`_ -Version: 2.3.3 +Version: 2.4.0 ============== Abstract -------- -This document provides the release notes for the Honolulu release. +This document provides the release notes for the Istanbul release. Summary ------- -Certification Service provides certificates signed by external CMPv2 server - such certificates are further called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP. - -This project was moved from Application Authorization Framework (AAF), to check previous release notes see, `AAF CertService release notes `_ . - +Certificate update use case is now available. For details go to: +:ref:`How to use instructions` Release Data ------------ @@ -147,13 +132,12 @@ Release Data | **Project** | OOM | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.3| +| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0| | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Release designation** | Honolulu | +| **Release designation** | Istanbul | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ @@ -161,26 +145,24 @@ Release Data New features ------------ -- `OOM-2560 `_ Integrated CMPv2 certificate provider with Cert-Manager +- `OOM-2754 `_ Implement certificate update in CMPv2 external issuer - An CMPv2 certificate provider is a part of PKI infrastructure. It consumes CertificateRequest custom resource from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server. - During ONAP deployment, the CMPv2 certificate provider is enabled when flags cmpv2Enabled, CMPv2CertManagerIntegration and platform.enabled equals true. +- `OOM-2753 `_ Implement certificate update in CMPv2 CertService - More information can be found on dedicated `wiki page `_ +- `OOM-2744 `_ Remove CertService Client mechanism from ONAP -- `OOM-2632 `_ Extended CertService API and clients to correctly support SANs parameters such as: e-mails, URIs and IP addresses. +- `OOM-2649 `_ Update contrib/ejbca to 7.x **Bug fixes** -- `OOM-2656 `_ Adjusted CertService API to RFC4210 - changed MAC protection algorithm and number of iteration for such algorithm. - -- `OOM-2657 `_ Enhanced CertServiceAPI response in order to include CMP server error messages. +- `OOM-2771 `_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer -- `OOM-2658 `_ Fixed KeyUsage extension sent to CMPv2 server +- `OOM-2764 `_ Fix sonar issues in CertService **Known Issues** -None +If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions. +The required actions are described in :ref:`Troubleshooting section ` Deliverables ------------ @@ -198,19 +180,19 @@ Known Limitations, Issues and Workarounds ----------------------------------------- System Limitations ------------------- +~~~~~~~~~~~~~~~~~~ Any known system limitations. Known Vulnerabilities ---------------------- +~~~~~~~~~~~~~~~~~~~~~ Any known vulnerabilities. Workarounds ------------ +~~~~~~~~~~~ Any known workarounds. @@ -235,15 +217,14 @@ Not applicable References ---------- -For more information on the ONAP Honolulu release, please see: +For more information on the ONAP Istanbul release, please see: #. `ONAP Home Page`_ #. `ONAP Documentation`_ #. `ONAP Release Downloads`_ #. `ONAP Wiki Page`_ - .. _`ONAP Home Page`: https://www.onap.org .. _`ONAP Wiki Page`: https://wiki.onap.org .. _`ONAP Documentation`: https://docs.onap.org -.. _`ONAP Release Downloads`: https://git.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org \ No newline at end of file