blob: 457819bc4e9af692f02a5de2b3e6e66a08ad91d1 [file] [log] [blame]
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -05001.. This work is licensed under a Creative Commons Attribution 4.0 International License.
2.. http://creativecommons.org/licenses/by/4.0
Welch, Lorraine (lb2391)52602972019-05-23 17:45:27 -04003.. Copyright 2017-2019 AT&T Intellectual Property. All rights reserved
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -05004
5
6Portal Platform Release Notes
7=============================
Welch, Lorraine (lb2391)52602972019-05-23 17:45:27 -04008Version: 2.5.0
9--------------
10:Release Date: 2019-06-13
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -050011
Welch, Lorraine (lb2391)52602972019-05-23 17:45:27 -040012.. toctree::
13 :maxdepth: 1
14
15We worked on SDK upgrade to integrate with AAF. We partially implemented multi-language.
16
17**New Features**
18 * SDK upgrade to integrate with AAF
19 * Use of CADI
20 * 68% JUnit Test Coverage
21 * Addressing security issues
22 * Internationalization language support - partially implemented
23 * Reporting feature enhancement in portal/sdk - design and partial code changes
24
25**Bug Fixes**
26 * Fixed Sonar reported critical issues.
27
28**Known Issues**
29 * Mismatch while displaying active online user in Portal.
30 * Internationalization Language component partially completed.
31 * Functional Menu change requires manual refresh.
32
33**Security Notes**
34
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020035*Fixed Security Issues*
36
37*Known Security Issues*
Krzysztof Opasiak66c40612019-05-24 23:40:34 +020038 * In defult deployment PORTAL (portal-app) exposes HTTP port 8989 outside of cluster. [`OJSI-97 <https://jira.onap.org/browse/OJSI-97>`_]
Krzysztof Opasiak43262c82019-05-24 23:45:05 +020039 * In defult deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_]
Krzysztof Opasiak59eebbf2019-05-24 23:45:52 +020040 * In defult deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_]
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020041
42*Known Vulnerabilities in Used Modules*
43
Welch, Lorraine (lb2391)52602972019-05-23 17:45:27 -040044PORTAL code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The PORTAL open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=51283057>`_.
45
46Quick Links:
47 - `PORTAL project page <https://wiki.onap.org/display/DW/Portal+Platform+Project>`_
48
49 - `Passing Badge information for PORTAL <https://bestpractices.coreinfrastructure.org/en/projects/1441>`_
50
51 - `Project Vulnerability Review Table for PORTAL <https://wiki.onap.org/pages/viewpage.action?pageId=51283057>`_
52
53**Upgrade Notes**
54 * For https Apps onboarded to portal, a certificate has to be downloaded in the browser when first trying to access the landing page of the App.
55 * For onboarded Apps using http (since Portal is using https) the browser asks the user to click to Proceed to the unsafe URL.
56 * For onboarded Apps using http the icon in the URL bar will appear red, click on it and allow unsafe scripts.
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020057
Welch, Lorraine (lb2391)52602972019-05-23 17:45:27 -040058**Deprecation Notes**
59
60**Other**
61 * Below are the docker images released as part of Portal Platform project:
62 * onap/portal-app:2.5.0
63 * onap/portal-db:2.5.0
64 * onap/portal-sdk:2.5.0
65 * onap/portal-wms:2.5.0
66 * portal/sdk java artifacts - (Release branch: “release-2.5.0”)
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020067
68Version: 2.3.2
Welch, Lorraine (lb2391)9256cac2019-04-10 18:27:30 -040069--------------
70:Release Date: 2019-04-15
71
72.. toctree::
73 :maxdepth: 1
74
75This is the official release notes for the Casablanca Maintenance Release 3.0.2.
76
Welch, Lorraine (lb2391)1b9bedf2019-04-15 17:03:25 -040077**Known Issues**
Welch, Lorraine (lb2391)fd3af2a2019-04-16 15:19:40 -040078 * The issue is an application running on HTTPS will not open in Portal if the AAF root CA is missing.
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020079 An error message will appear in a separate tab in Portal. It will say something like:
80 “The webpage at https://portal.api.simpledemo.onap.org:30200/vid/welcome.htm?cc=........ might
Welch, Lorraine (lb2391)1b9bedf2019-04-15 17:03:25 -040081 be temporarily down or it may have moved permanently to a new web address.”
Krzysztof Opasiak53de06c2019-05-24 23:30:00 +020082 Here is the work-around, copy above VID (or other app) URL and replace welcome.htm to login.htm
Welch, Lorraine (lb2391)1b9bedf2019-04-15 17:03:25 -040083 in a new browser window; after login come back to Portal home page and click VID, it will now work.
84
Welch, Lorraine (lb2391)fd3af2a2019-04-16 15:19:40 -040085 * For applications running on HTTP (for example SDC), the user needs to disable the security check in the browser to access the application.
86
Welch, Lorraine (lb2391)9256cac2019-04-10 18:27:30 -040087**Other**
88 * Portal updated Keystore certificate from AAF to extend its expiry date; This change was made in OOM project.
89
Welch, Lorraine (lb2391)2b790b62019-02-06 17:07:48 -050090Version: 2.3.1
91--------------
92:Release Date: 2019-01-31
93
94.. toctree::
95 :maxdepth: 1
96
97This is the official release notes for the Casablanca Maintenance.
98
99**Bug Fixes**
100 * During installation Maria DB can now be accessed from within the portal-db container. The fix was made in OOM scripts to handle the db issue identified in the previous release.
101
st782s7d4fa6e2018-08-28 12:34:01 -0400102Version: 2.3.0
103--------------
Manoop Talasila0a915d32018-11-12 11:49:01 -0500104:Release Date: 2018-11-30
st782s7d4fa6e2018-08-28 12:34:01 -0400105
106.. toctree::
107 :maxdepth: 1
108
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400109We worked on SDK upgrade to integrate with AAF. We completed Architecture review for Portal and use case UI to support multi-language.
st782s7d4fa6e2018-08-28 12:34:01 -0400110
111**New Features**
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400112 * Platform Maturity Guidelines - Integrating with OOM
113 * SDK upgrade to integrate with AAF
114 * Use of Semantic Versioning - V3 is the supported version
115 * Integration with AAF via REST; Supports both SDK and Framework Applications
116 * 65% JUnit Test Coverage
117 * Addressing security issues
118 * Internationalization language support - design related
119 * Reporting feature enhancement in portal/sdk - design and partial code changes
120 * Platform Enhancements - Improved logging, docker separation, and SDK Simplification
Manoop Talasila2115ee52018-11-15 10:42:08 -0500121 * Angular 5 upgraded with sample POC in SDK to build rich UI
Welch, Lorraine (lb2391)2b790b62019-02-06 17:07:48 -0500122
st782s7d4fa6e2018-08-28 12:34:01 -0400123**Bug Fixes**
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400124 * Improved exception handling in reporting feature and also in login feature while getting a lock from Zookeeper.
125 * Improved documentation to get access to Portal through port 8989.
126 * Fixed Sonar reported critical issues.
127 * Improved OOM deployment 30235 external port mapping for portal-sdk.
st782s7d4fa6e2018-08-28 12:34:01 -0400128
129**Known Issues**
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400130 * Mismatch while displaying active online user in Portal.
131 * UI misaligned on updating widgets in Portal.
132 * On Logout redirect landing page needs to be corrected.
133 * Functional Menu change requires manual refresh.
st782s7d4fa6e2018-08-28 12:34:01 -0400134
135**Security Notes**
136
Manoop Talasila2115ee52018-11-15 10:42:08 -0500137PORTAL code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The PORTAL open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=35522356>`_.
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400138
139Quick Links:
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400140 - `PORTAL project page <https://wiki.onap.org/display/DW/Portal+Platform+Project>`_
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400141
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400142 - `Passing Badge information for PORTAL <https://bestpractices.coreinfrastructure.org/en/projects/1441>`_
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400143
Manoop Talasila2115ee52018-11-15 10:42:08 -0500144 - `Project Vulnerability Review Table for PORTAL <https://wiki.onap.org/pages/viewpage.action?pageId=35522356>`_
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400145
st782s7d4fa6e2018-08-28 12:34:01 -0400146**Upgrade Notes**
Welch, Lorraine (lb2391)9d5f5d62018-10-26 18:13:36 -0400147 * For https Apps onboarded to portal, a certificate has to be downloaded in the browser when first trying to access the landing page of the App.
148 * For onboarded Apps using http (since Portal is using https) the browser asks the user to click to Proceed to the unsafe URL.
Welch, Lorraine (lb2391)2b790b62019-02-06 17:07:48 -0500149
st782s7d4fa6e2018-08-28 12:34:01 -0400150**Deprecation Notes**
151
152**Other**
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400153 * Below are the docker images released as part of Portal Platform project:
Welch, Lorraine (lb2391)9d5f5d62018-10-26 18:13:36 -0400154 * onap/portal-app:2.3.1
155 * onap/portal-db:2.3.1
156 * onap/portal-sdk:2.3.1
157 * onap/portal-wms:2.3.1
Welch, Lorraine (lb2391)2b790b62019-02-06 17:07:48 -0500158 * portal/sdk java artifacts - (Release branch: “release-2.4.0”)
st782s7d4fa6e2018-08-28 12:34:01 -0400159
Welch, Lorraine (lb2391)05005db2018-05-30 14:59:48 -0400160Version: 2.2.0
lorraineawelch34712d12018-03-27 16:05:16 -0400161--------------
162
Gildas Lanilis8764d782018-05-31 10:28:40 -0700163:Release Date: 2018-06-07
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400164
lorraineawelch34712d12018-03-27 16:05:16 -0400165.. toctree::
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400166 :maxdepth: 1
lorraineawelch34712d12018-03-27 16:05:16 -0400167
168We worked on hardening the ONAP Portal platform by improving code quality and addressing security issues.
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400169
lorraineawelch34712d12018-03-27 16:05:16 -0400170**New Features**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400171 * Platform Maturity Guidelines
lorraineawelch34712d12018-03-27 16:05:16 -0400172 * Integrating with MUSIC, OOM, and AAF
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400173 * 50% JUnit Test Coverage
lorraineawelch34712d12018-03-27 16:05:16 -0400174 * Addressing security issues
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400175 * Bootstrapping of VID roles and tighter integration with AAF
176 * Role Centralization capability for framework based partners - design related
177 * Platform Enhancements - Improved logging, Security Hardening, and SDK Simplification
178
lorraineawelch34712d12018-03-27 16:05:16 -0400179**Bug Fixes**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400180 * Issues with roles fixed in this release.
181 * Now able to deselect widget on Widget catalog page
182 * Replaced the word ECOMP to ONAP
183 * Terminated menu access by App Admin User that are supposed to be available to Portal Admin only
184 * Upgraded software packages to resolve security issues
lorraineawelch34712d12018-03-27 16:05:16 -0400185
186**Known Issues**
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400187 * Need to upgrade to new encrypt/decrypt algorithm in coordination with Partnering apps
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400188 * Logging needs improvement
189 * Not able to delete portal admin user
190 * Add support to connect with AAF Runtime
191 * Portal's SDK UI documentation in ONAP wiki needs samples
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400192 * The Portal/SDK fn_user table has encrypted passwords that need to change to using a hash algorithm
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400193 * UI cleanup needed: on adding entries to News Widget and display on Application Onboarding page
lorraineawelch34712d12018-03-27 16:05:16 -0400194
sa282waa9b3202018-07-25 13:25:43 -0400195**Security Issues**
196 * https://wiki.onap.org/pages/viewpage.action?pageId=27689089
197
Gildas Lanilis8764d782018-05-31 10:28:40 -0700198**Security Notes**
199
200PORTAL code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The PORTAL open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=27689089>`_.
201
202Quick Links:
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400203 - `PORTAL project page <https://wiki.onap.org/display/DW/Portal+Platform+Project>`_
Gildas Lanilis8764d782018-05-31 10:28:40 -0700204
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400205 - `Passing Badge information for PORTAL <https://bestpractices.coreinfrastructure.org/en/projects/1441>`_
Gildas Lanilis8764d782018-05-31 10:28:40 -0700206
Welch, Lorraine (lb2391)1b9c4d32018-10-18 17:05:59 -0400207 - `Project Vulnerability Review Table for PORTAL <https://wiki.onap.org/pages/viewpage.action?pageId=27689089>`_
lorraineawelch34712d12018-03-27 16:05:16 -0400208
209**Upgrade Notes**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400210 * Upgrades to Portal platform can be performed using Heat based installation scripts available under demo repository.
lorraineawelch34712d12018-03-27 16:05:16 -0400211
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400212**Deprecation Notes**
213 * The encryption algorithm used in Portal is now changed from AES to AES/CBC/PKCS5PADDING.
214
215**Other**
216 * Below are the docker images released as part of Portal Platform project:
Welch, Lorraine (lb2391)05005db2018-05-30 14:59:48 -0400217 * onap/portal-db:v2.2.0
218 * onap/portal-apps:v2.2.0
219 * onap/portal-wms:v2.2.0
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400220 * onap//music/music-cassandra:v3.0
221 * zookeeper:v3.4.0
Welch, Lorraine (lb2391)05005db2018-05-30 14:59:48 -0400222 * portal/sdk - (Release branch: "release-2.2.0")
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400223
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500224Version: 1.3.0
225--------------
226
Gildas Lanilis8764d782018-05-31 10:28:40 -0700227:Release Date: 2017-11-16
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500228
Christopher Lott (cl778h)3b0029e2017-11-15 12:28:15 -0500229The ONAP Portal is a platform that provides the ability to integrate different ONAP applications into a centralized Portal Core. The platform seed code is improved with below listed enhancements in this release. This is technically the first release of ONAP Portal Platform, previous release was the seed code contribution. As such, the defects fixed in this release were raised during the course of the release and while its integration testing. Anything not closed is captured below under Known Issues. If you want to review the defects fixed in the Amsterdam release, refer to Jira (jira.onap.org).
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400230
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500231**New Features**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400232 * Digital Experience Control/UI upgrade.
233 * Portal Notification Enhancement and act on it w/o copy/paste, e.g. hyperlink to target function with context transfer.
234 * Prepared onboarding App process where the partner is ready for centralized user authentication via AAF.
235 * Source code of Portal Platform and its SDK is released under the following repositories on gerrit.onap.org
236 * portal - (Release branch: "release-1.3.0")
237 * portal/sdk - (Release branch: "release-1.3.2")
238
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500239**Bug Fixes**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400240 * Onboarding script updated due to user/role integration/synchronization issues with Partner Applications.
241 * Fixed search and remove bugs in Widget Onboarding.
242 * Fixed issues in the Application Onboarding.
243 * Fixed issues in the Microservice Onboarding.
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400244 * Fixed deployment scripts and streamlined the reference variables.
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500245
246**Known Issues**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400247 * `PORTAL-140 <https://jira.onap.org/browse/PORTAL-140>`_ - Portal role synch error with partner apps.
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500248
249**Security Issues**
Welch, Lorraine (lb2391)f62ab6d2018-09-20 16:45:24 -0400250 * The issue "`PORTAL-137 <https://jira.onap.org/browse/PORTAL-137>`_ -Enhance Authentication" is fixed in Portal and in its SDK. The Portal team recommend partnering apps like Policy, VID, AAI, and SDC to upgrade to SDK's 1.3.2 or latest version to address the login vulnerability.
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500251
252**Upgrade Notes**
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400253 * This is an initial release.
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500254
Welch, Lorraine (lb2391)787573a2018-04-25 18:17:24 -0400255**Deprecation Notes**
256 * This is an initial release.
257
258**Other**
259 * Below are the docker images released as part of Portal Platform project:
260 * onap/portal-db:v1.3.0
261 * onap/portal-apps:v1.3.0
262 * onap/portal-wms:v1.3.0
Christopher Lott (cl778h)6cf15692017-11-08 17:25:29 -0500263
264End of Release Notes