Code Review / sdnc / oam.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Note admin portal disabled
[sdnc/oam.git] / docs / release-notes.rst
1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2
3 Release Notes
4 =============
5
6 Version 1.5.4
7 -------------
8 :Release Date: 2019-06-13
9
10
11 **New Features**
12
13 The full list of Dublin epics and user stories for SDNC maybe be found at <https://jira.onap.org/issues/?filter=11803>.
14
15 The following list summarizes some of the most significant epics:
16
17 +------------+----------------------------------------------------------------------------+
18 | Jira #     | Abstract                                                                   |
19 +============+============================================================================+
20 | [SDNC-551] | OpenDaylight Fluorine Support                                              |
21 +------------+----------------------------------------------------------------------------+
22 | [SDNC-564] | 5G Use Case                                                                |
23 +------------+----------------------------------------------------------------------------+
24 | [SDNC-565] | CCVPN Use Case Extension                                                   |
25 +------------+----------------------------------------------------------------------------+
26 | [SDNC-570] | SDN-R: Server side component                                               |
27 +------------+----------------------------------------------------------------------------+
28 | [SDNC-579] | SDN-R : UX-Client                                                          |
29 +------------+----------------------------------------------------------------------------+
30 | [SDNC-631] | SDNC support for the PNF Use Case Network Assign for Plug and Play feature |
31 +------------+----------------------------------------------------------------------------+
32
33
34 **Bug Fixes**
35 The full list of bug fixes in the SDNC Dublin release may be found at <https://jira.onap.org/issues/?filter=11805>
36
37 **Known Issues**
38 The full list of known issues in SDNC may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
39
40 One item of note is that the SDNC admin portal was determined to have a number of security vulnerabilities,
41 under Known Security Issues.  As a temporary remediation, the admin portal is disabled in
42 Dublin.  It will be re-enabled in El Alto once the security issues are addressed.
43
44 **Security Notes**
45
46 *Fixed Security Issues*
47
48 - CVE-2019-12132 `OJSI-41 <https://jira.onap.org/browse/OJSI-41>`_ SDNC service allows for arbitrary code execution in sla/dgUpload form
49   Fixed temporarily by disabling admportal
50 - CVE-2019-12123 `OJSI-42 <https://jira.onap.org/browse/OJSI-42>`_ SDNC service allows for arbitrary code execution in sla/printAsXml form
51   Fixed temporarily by disabling admportal
52 - CVE-2019-12113 `OJSI-43 <https://jira.onap.org/browse/OJSI-43>`_ SDNC service allows for arbitrary code execution in sla/printAsGv form
53   Fixed temporarily by disabling admportal
54 - `OJSI-91 <https://jira.onap.org/browse/OJSI-91>`_ SDNC exposes unprotected API for user creation
55   Fixed temporarily by disabling admportal
56 - `OJSI-98 <https://jira.onap.org/browse/OJSI-98>`_ In default deployment SDNC (sdnc-portal) exposes HTTP port 30201 outside of cluster.
57   Fixed temporarily by disabling admportal
58 - CVE-2019-12112 `OJSI-199 <https://jira.onap.org/browse/OJSI-199>`_ SDNC service allows for arbitrary code execution in sla/upload form
59   Fixed temporarily by disabling admportal
60
61 *Known Security Issues*
62
63 - `OJSI-34 <https://jira.onap.org/browse/OJSI-34>`_ Multiple SQL Injection issues in SDNC
64 - `OJSI-99 <https://jira.onap.org/browse/OJSI-99>`_ In default deployment SDNC (sdnc) exposes HTTP port 30202 outside of cluster.
65 - `OJSI-100 <https://jira.onap.org/browse/OJSI-100>`_ In default deployment SDNC (sdnc-dgbuilder) exposes HTTP port 30203 outside of cluster.
66 - `OJSI-179 <https://jira.onap.org/browse/OJSI-179>`_ dev-sdnc-sdnc exposes JDWP on port 1830 which allows for arbitrary code execution
67 - `OJSI-183 <https://jira.onap.org/browse/OJSI-183>`_ SDNC exposes ssh service on port 30208
68
69 *Known Vulnerabilities in Used Modules*
70
71 Quick Links:
72
73 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
74 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
75 - `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
76
77 Version: 1.4.4
78 --------------
79
80 **Bugs Fixes**
81
82 The following bugs are fixed in the SDNC Casablanca January 2019 maintenance release:
83
84 +------------+------------------------------------------------------------------------------------------+
85 | Jira #     | Abstract                                                                                 |
86 +============+==========================================================================================+
87 | [SDNC-405] | SDNC API documentation is missing on ReadTheDocs                                         |
88 +------------+------------------------------------------------------------------------------------------+
89 | [SDNC-523] | vnf-information.vnf-id validation check should not be mandatory in validate-vnf-input DG |
90 +------------+------------------------------------------------------------------------------------------+
91 | [SDNC-532] | oof query failed due to hostname change, returning unknown host                          |
92 +------------+------------------------------------------------------------------------------------------+
93 | [SDNC-534] | wrong "input" field in DMaaP message template                                            |
94 +------------+------------------------------------------------------------------------------------------+
95 | [SDNC-536] | Upgrade zjsonpatch version to remediate vulnerabilities                                  |
96 +------------+------------------------------------------------------------------------------------------+
97 | [SDNC-537] | Update to spring-boot 2.1.0-RELEASE                                                      |
98 +------------+------------------------------------------------------------------------------------------+
99 | [SDNC-540] | CCVPN closed loop testing failed.                                                        |
100 +------------+------------------------------------------------------------------------------------------+
101 | [SDNC-542] | [PORT] Network Discovery microservice does not log                                       |
102 +------------+------------------------------------------------------------------------------------------+
103 | [SDNC-546] | CCVPN bugs fix for manual free integration test                                          |
104 +------------+------------------------------------------------------------------------------------------+
105 | [SDNC-549] | Retain MD-SAL data on pod recreate                                                       |
106 +------------+------------------------------------------------------------------------------------------+
107
108
109
110 Version: 1.4.3
111 --------------
112
113
114 :Release Date: 2018-11-30
115
116 **New Features**
117
118 The Casablanca release of SDNC introduces the following new features:
119
120         - Network Discovery, in support of POMBA
121         - Support for CCVPN use case
122         - Change Management enhancements
123
124 **Bug Fixes**
125
126 The list of bugs fixed in the SDNC Casablanca release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11544>
127
128
129 **Known Issues**
130
131 The list of known issues in the SDNC project may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
132
133
134 **Security Notes**
135
136 SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_.
137
138 Quick Links:
139
140 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
141 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
142 - `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
143
144 **Upgrade Notes**
145    NA
146
147 **Deprecation Notes**
148    NA
149
150 **Other**
151    NA
152
153 Version: 1.3.4
154 --------------
155
156
157 :Release Date: 2018-07-06
158
159 **New Features**
160
161 The full list of SDNC Beijing Epics and user stories can be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=10791>.  The
162 following table lists the major features included in the Beijing release.
163
164 +------------+-------------------------------------------------------------------------------------------------------------+
165 | Jira #     | Abstract                                                                                                    |
166 +============+=============================================================================================================+
167 | [SDNC-278] | Change management in-place software upgrade execution using Ansible <https://jira.onap.org/browse/SDNC-278> |
168 +------------+-------------------------------------------------------------------------------------------------------------+
169 | [SDNC-163] | Deploy a SDN-C high availability environment - Kubernetes <https://jira.onap.org/browse/SDNC-163>           |
170 +------------+-------------------------------------------------------------------------------------------------------------+
171
172
173 **Bug Fixes**
174
175 The list of bugs fixed in the SDNC Beijing release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11118>
176
177
178 **Known Issues**
179
180 +------------+----------------------------------------------------------------------------------------------------------------------------------+
181 | Jira #     | Abstract                                                                                                                         |
182 +============+==================================================================================================================================+
183 | [SDNC-324] | IPV4_ADDRESS_POOL is empty <https://jira.onap.org/browse/SDNC-324>                                                               |
184 +------------+----------------------------------------------------------------------------------------------------------------------------------+
185 | [SDNC-321] | dgbuilder won't save DG <https://jira.onap.org/browse/SDNC-321>                                                                  |
186 +------------+----------------------------------------------------------------------------------------------------------------------------------+
187 | [SDNC-304] | SDNC OOM intermittent Healthcheck failure - JSONDecodeError - on different startup order <https://jira.onap.org/browse/SDNC-304> |
188 +------------+----------------------------------------------------------------------------------------------------------------------------------+
189 | [SDNC-115] | VNFAPI DGs contain plugin references to software not part of ONAP <https://jira.onap.org/browse/SDNC-115>                        |
190 +------------+----------------------------------------------------------------------------------------------------------------------------------+
191 | [SDNC-114] | Generic API DGs contain plugin references to software not part of ONAP <https://jira.onap.org/browse/SDNC-114>                   |
192 +------------+----------------------------------------------------------------------------------------------------------------------------------+
193 | [SDNC-106] | VNFAPI DGs contain old openecomp and com.att based plugin references <https://jira.onap.org/browse/SDNC-106>                     |
194 +------------+----------------------------------------------------------------------------------------------------------------------------------+
195 | [SDNC-64]  | SDNC is not setting FromApp identifier in logging MDC <https://jira.onap.org/browse/SDNC-64>                                     |
196 +------------+----------------------------------------------------------------------------------------------------------------------------------+
197
198
199 **Security Notes**
200
201 SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_.
202
203 Quick Links:
204
205 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
206 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
207 - `Project Vulnerability Review Table for SDNC <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_
208
209 **Upgrade Notes**
210         NA
211
212 **Deprecation Notes**
213         NA
214
215 **Other**
216         NA
217
218 Version: 1.2.1
219 --------------
220
221 :Release Date: 2018-01-18
222
223 **Bug Fixes**
224
225 - `SDNC-145 <https://jira.onap.org/browse/SDNC-145>`_ Error message refers to wrong parameters
226 - `SDNC-195 <https://jira.onap.org/browse/SDNC-195>`_ UEB listener doesn't insert correct parameters for allotted resources in DB table ALLOTTED_RESOURCE_MODEL
227 - `SDNC-198 <https://jira.onap.org/browse/SDNC-198>`_ CSIT job fails
228 - `SDNC-201 <https://jira.onap.org/browse/SDNC-201>`_ Fix DG bugs from integration tests
229 - `SDNC-202 <https://jira.onap.org/browse/SDNC-202>`_ Search for service -data null match, set vGW LAN IP via Heat
230 - `SDNC-211 <https://jira.onap.org/browse/SDNC-211>`_ Update SDNC Amsterdam branch to use maintenance release versions
231 - `SDNC-212 <https://jira.onap.org/browse/SDNC-212>`_ Duplicate file name
232
233 Version: 1.2.0
234 --------------
235
236 :Release Date: 2017-11-16
237
238 **New Features**
239
240 The ONAP Amsterdam release introduces the following changes to SDNC from
241 the original openECOMP seed code:
242    - Refactored / moved common platform code to new CCSDK project
243    - Refactored code to rename openecomp to onap
244    - Introduced new GENERIC-RESOURCE-API api, used by vCPE and VoLTE use cases
245    - Introduced new docker containers for SDC and DMAAP interfaces
246
247 **Bug Fixes**
248         NA
249 **Known Issues**
250 The following known high priority issues are being worked and are expected to be delivered
251 in release 1.2.1:
252 - `SDNC-179 <https://jira.onap.org/browse/SDNC-179>`_ Failed to make HTTPS connection in restapicall node
253 - `SDNC-181 <https://jira.onap.org/browse/SDNC-181>`_ Change call to brg-wan-ip-address vbrg-wan-ip brg topo activate DG
254 - `SDNC-182 <https://jira.onap.org/browse/SDNC-182>`_ Fix VNI Consistency: Add vG vxlan tunnel setup and bridge domain setup to brg-topo-activate DG
255
256 **Security Issues**
257         NA
258
259 **Upgrade Notes**
260         NA
261
262 **Deprecation Notes**
263         NA
264
265 **Other**
266         NA
SDNC OA&M tools