Merge "update new passwd for cadi"

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 4972492..ae22cb2 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -49,6 +49,15 @@ Summary
 
 **Security Notes**
 
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+
+*Known Vulnerabilities in Used Modules*
+
 OOM code has been formally scanned during build time using NexusIQ and no
 Critical vulnerability was found.
 

diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
index fc16610..51e8e5b 100755 (executable)
--- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
@@ -40,7 +40,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-blueprintsprocessor:0.4.3
+image: onap/ccsdk-blueprintsprocessor:0.4.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml
index 70b6125..14432ec 100755 (executable)
--- a/kubernetes/cds/charts/cds-command-executor/values.yaml
+++ b/kubernetes/cds/charts/cds-command-executor/values.yaml
@@ -40,7 +40,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-commandexecutor:0.4.3
+image: onap/ccsdk-commandexecutor:0.4.5
 pullPolicy: Always
 
 # application configuration

diff --git a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
index 2276128..c924b2b 100755 (executable)
--- a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
+++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
@@ -38,7 +38,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.4.3
+image: onap/ccsdk-controllerblueprints:0.4.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/cds/charts/cds-sdc-listener/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
index 922362e..cd2fbf5 100644 (file)
--- a/kubernetes/cds/charts/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
@@ -37,7 +37,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-sdclistener:0.4.3
+image: onap/ccsdk-sdclistener:0.4.5
 name: sdc-listener
 pullPolicy: Always
 

diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml
index 2ef8736..036b888 100644 (file)
--- a/kubernetes/cds/charts/cds-ui/values.yaml
+++ b/kubernetes/cds/charts/cds-ui/values.yaml
@@ -28,7 +28,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui-server:0.4.3
+image: onap/ccsdk-cds-ui-server:0.4.5
 pullPolicy: Always
 
 # application configuration

diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
index 5965b41..954de3a 100644 (file)
--- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
@@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:4.0.3
+image: onap/clamp-dashboard-kibana:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
index 356d64b..893860b 100644 (file)
--- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
@@ -30,7 +30,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:4.0.3
+image: onap/clamp-dashboard-logstash:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 214eed6..398c9ea 100644 (file)
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -30,7 +30,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp:4.0.3
+image: onap/clamp:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index f7b2078..4094801 100644 (file)
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -47,7 +47,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-dgbuilder-image:0.4.3
+image: onap/ccsdk-dgbuilder-image:0.4.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml
index bc8157b..02c69ad 100644 (file)
--- a/kubernetes/common/network-name-gen/values.yaml
+++ b/kubernetes/common/network-name-gen/values.yaml
@@ -54,7 +54,7 @@ mariadb-galera:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-apps-ms-neng:0.4.3
+image: onap/ccsdk-apps-ms-neng:0.4.4
 pullPolicy: IfNotPresent
 
 # application configuration

diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
index ddfa00a..aec082f 100644 (file)
--- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
@@ -100,9 +100,9 @@ componentImages:
   holmes_rules: onap/holmes/rule-management:1.2.6
   holmes_engine: onap/holmes/engine-management:1.2.5
   tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2
-  ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.4
+  ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5
   snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
-  prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.3
+  prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.4
   hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.1.0
 
 # Resource Limit flavor -By Default using small

diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh
index 0be91b0..ec8c914 100644 (file)
--- a/kubernetes/policy/resources/config/pe/push-policies.sh
+++ b/kubernetes/policy/resources/config/pe/push-policies.sh
@@ -203,7 +203,7 @@ sleep 2
 
 echo "Create SDNC vFW Naming Policy"
 curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
-    "configBody": "{ \"service\": \"SDNC-GenerateName\", \"version\": \"CSIT\", \"content\": { \"policy-instance-name\": \"ONAP_VNF_NAMING_TIMESTAMP\", \"naming-models\": [ { \"naming-properties\": [ { \"property-name\": \"AIC_CLOUD_REGION\" }, { \"property-name\": \"ONAP-NF\", \"property-value\": \"CONSTANT\" }, { \"property-name\": \"TIMESTAMP\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNF\", \"naming-recipe\": \"AIC_CLOUD_REGION|DELIMITER|CONSTANT|DELIMITER|TIMESTAMP\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"ENTIRETY\", \"start-value\": \"001\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } }, { \"property-name\": \"NFC_NAMING_CODE\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNFC\", \"naming-recipe\": \"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" }, { \"property-name\": \"VF_MODULE_LABEL\" }, { \"property-name\": \"VF_MODULE_TYPE\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"PRECEEDING\", \"start-value\": \"01\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } } ], \"naming-type\": \"VF-MODULE\", \"naming-recipe\": \"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\" } ] } }",
+    "configBody": "{ \"service\": \"SDNC-GenerateName\", \"version\": \"CSIT\", \"content\": { \"policy-instance-name\": \"ONAP_VNF_NAMING_TIMESTAMP\", \"naming-models\": [ { \"naming-properties\": [ { \"property-name\": \"AIC_CLOUD_REGION\" }, { \"property-name\": \"CONSTANT\", \"property-value\": \"ONAP-NF\" }, { \"property-name\": \"TIMESTAMP\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNF\", \"naming-recipe\": \"AIC_CLOUD_REGION|DELIMITER|CONSTANT|DELIMITER|TIMESTAMP\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"ENTIRETY\", \"start-value\": \"001\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } }, { \"property-name\": \"NFC_NAMING_CODE\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" } ], \"naming-type\": \"VNFC\", \"naming-recipe\": \"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\" }, { \"naming-properties\": [ { \"property-name\": \"VNF_NAME\" }, { \"property-value\": \"_\", \"property-name\": \"DELIMITER\" }, { \"property-name\": \"VF_MODULE_LABEL\" }, { \"property-name\": \"VF_MODULE_TYPE\" }, { \"property-name\": \"SEQUENCE\", \"increment-sequence\": { \"max\": \"zzz\", \"scope\": \"PRECEEDING\", \"start-value\": \"01\", \"length\": \"3\", \"increment\": \"1\", \"sequence-type\": \"alpha-numeric\" } } ], \"naming-type\": \"VF-MODULE\", \"naming-recipe\": \"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\" } ] } }",
     "policyName": "SDNC_Policy.ONAP_VNF_NAMING_TIMESTAMP",
     "policyConfigType": "MicroService",
     "onapName": "SDNC",

diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index c135835..cd1a887 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.5.2
+image: onap/sdnc-dmaap-listener-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index 4c80d9c..a7e249a 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.5.2
+image: onap/sdnc-ansible-server-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index d51a509..ef76ed3 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.5.2
+image: onap/admportal-sdnc-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index 0793352..7c985ce 100644 (file)
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.5.2
+image: onap/sdnc-ueb-listener-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 03fdd01..9bd50a1 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -32,7 +32,7 @@ global:
 # application images
 repository: nexus3.onap.org:10001
 pullPolicy: Always
-image: onap/sdnc-image:1.5.2
+image: onap/sdnc-image:1.5.4
 
 # flag to enable debugging - application support required
 debugEnabled: false