blob: 4205bf4ded53d9353a00171963ecaa930f4af131 [file] [log] [blame]
Chris Donley600f6792017-11-07 12:58:04 -08001.. This work is licensed under a Creative Commons Attribution 4.0 International License.
2.. http://creativecommons.org/licenses/by/4.0
Chris Donley1d4cdb12018-06-06 13:55:24 -07003.. Copyright 2017-2018 Huawei Technologies Co., Ltd.
LF Jenkins CI88c35c62020-04-07 20:18:39 +00004.. _release_notes:
Chris Donley600f6792017-11-07 12:58:04 -08005
6Release Notes
7=============
8
9.. note::
Chris Donleya3adf072017-11-09 15:17:45 -080010 VNF onboarding is a challenge across the industry because of the lack of a
11 standard format for VNFs.
12 This project provides an ecosystem for ONAP compatible VNFs by:
13
14 * developing tools for vendor CI/CD toolchains
15 * developing validation and testing tools
Chris Donley600f6792017-11-07 12:58:04 -080016
sharath reddy6a595f52022-03-17 14:59:12 +053017Istanbul Maintenance release
18---------------------------------
19
20As following VNFSDK components are having log4j transitive dependencies, they are verified for log4j vulnerability and no issues identified:
21
22 * refrepo
23 * validation
24
Kanagaraj Manickam9f90dbc2021-03-24 08:31:23 +053025Version: 1.6.3
26--------------
27
28 :Release Date: 2021-04-01
29 :Docker Version: 1.6.3
30
31 **New Features**
32
33 * Test cases are supported to add anotation about the release specific details
34 * CSAR validation is updated to report the table of test cases supported
35
36 **Bug Fixes**
37
38 N/A
39
40 **Known Issues**
41
42 N/A
43
44 **Security Notes**
45
46 *Fixed Security Issues*
47
48 N/A
49
50 *Known Security Issues*
51
52 N/A
53
54 *Known Vulnerabilities in Used Modules*
55
56 N/A
57
58 **Upgrade Notes**
59
60 N/A
61
62 **Deprecation Notes**
63
64 N/A
65
66 **Other**
67
68 N/A
69
Bartosz Gardziejewskia95f50b2020-10-08 08:12:56 +020070
Bartosz Gardziejewskib412d3c2020-11-03 09:13:26 +010071 Version: 1.6.2
72 --------------
73
74 :Release Date: 2020-11-03
75 :Docker Version: 1.6.2
76
77 **New Features**
78
Bartosz Gardziejewski347bcbb2020-11-18 08:05:55 +010079 * Added active scenario and profile management support
80 * Added integration with Robot CSIT tests
81 * Enabled auto discovery of test cases from 3rd party tool integration
Kanagaraj Manickamd315d442020-11-25 09:08:27 +053082 * Added support for cnf-conformance test support
Bartosz Gardziejewski347bcbb2020-11-18 08:05:55 +010083
Bartosz Gardziejewskib412d3c2020-11-03 09:13:26 +010084 **Bug Fixes**
85
86 * Fix oclip issue and set OCLIP version used during docker image build, to 6.0.0
87 - https://jira.onap.org/browse/CLI-325
88 * Fix JSON parsing error returned from GET request
89 - https://jira.onap.org/browse/VNFSDK-697
90 * Fixed rule R130206 handling of CSARs with no TOSCA meta and no Certificate in root directory
91 - https://jira.onap.org/browse/VNFSDK-481
92 * Fixed rule R816745 that was not reporting error when CMS and TOSCA meta file were present,
93 however TOSCA did not contain ETSI-Entry-Certificate
94 - https://jira.onap.org/browse/VNFSDK-660
95
96 **Known Issues**
97
98 N/A
99
100 **Security Notes**
101
102 *Fixed Security Issues*
103
104 N/A
105
106 *Known Security Issues*
107
108 N/A
109
110 *Known Vulnerabilities in Used Modules*
111
112 N/A
113
114 **Upgrade Notes**
115
116 N/A
117
118 **Deprecation Notes**
119
120 N/A
121
122 **Other**
123
124 N/A
125
126
Bartosz Gardziejewskia95f50b2020-10-08 08:12:56 +0200127 Version: 1.6.0
128 --------------
129
130 :Release Date: 2020-10-06
131 :Docker Version: 1.6.0
132
133
134 **New Features**
135 * R-972082: The PNF software information file is included in the package and it MUST be compliant to:
136 The file extension which contains the PNF software version must be .yaml
137 The PNF software version information must be specified as following: onap_pnf_sw_information: pnf_software_version: "<version>"
138 * R-130206: The VNF/PNF package shall contain a Digest (a.k.a. hash) for each of the components of the VNF package.
139 The table of hashes is included in the manifest file, which is signed with the VNF provider private key.
140 In addition, the VNF provider shall include a signing certificate that includes the VNF provider public key,
141 following a pre-defined naming convention and located either at the root of the archive or in a predefined location (e.g. directory).
142 * R-816745: The VNF or PNF PROVIDER MUST provide the Service Provider with PM Meta Data (PM Dictionary)
143 to support the analysis of PM events delivered to DCAE. The PM Dictionary is to be provided as a separate YAML artifact at onboarding and must follow
144 the VES Event Listener Specification and VES Event Registration Specification
145 which contain the format and content required.
146 * Add new field called "warnings" to oclip json response. All ignored errors are now reported as warnings.
147
148
149 **Bug Fixes**
150
151 * Fixed package integrity issue with non mano arifacts.
152 - https://jira.onap.org/browse/VNFSDK-581
153 * Fixed VNF/PNF package integrity issue with CMS signature not containing certificate.
154 - https://jira.onap.org/browse/VNFSDK-582
155 * Fixed bug that was showing errors during validation of CSAR,
156 when any other non_mano_artifact_set than onap_pnf_sw_information was present in manifest file.
157 - https://jira.onap.org/browse/VNFSDK-585
158 * Fixed bug that was generating invalid report when user run validation with all rules and single validation fails.
159 - https://jira.onap.org/browse/VNFSDK-586
160 * Fixed bug that was causing problem with loading rules properties.
161 - https://jira.onap.org/browse/VNFSDK-587
162 * Fixed package security SOL004 Option 1 make rule less restrictive as this rule is not implemented in SDC Onboarding
163 - https://jira.onap.org/browse/VNFSDK-595
164 * Fixed VNFSDK doesn't check if all files in package are listed in manifest file
165 - https://jira.onap.org/browse/VNFSDK-583
166 * Fixed rule R01123 that was reporting all files in ZIP as not present in manifest
167 - https://jira.onap.org/browse/VNFSDK-583
168 * Fixed rule R816745 that wasn't sending all exceptions connected with YAML parsing as validation error
169 - https://jira.onap.org/browse/VNFSDK-644
170 * Fixed rule R816745 that was searching for the path to PM_Dictionary in manifest file under name source,
171 instead of Source (starting with a capital letter).
172 Now both versions (source and Source) are accepted by this rule.
173 - https://jira.onap.org/browse/VNFSDK-645
174 * Fixed rule R130206 CMS and certificate searching and validation mechanism
175 - https://jira.onap.org/browse/VNFSDK-595
176
177
178 **Known Issues**
179
180 N/A
181
182 **Security Notes**
183
184 * Fixed Security Issues*
185
186 * Upgraded from java 8 to java 11
187 - https://jira.onap.org/browse/VNFSDK-646
188 * Added non-vulnerable log4j version
189 - https://jira.onap.org/browse/VNFSDK-553
190 * Update certs expiration date from default 30 days to 730 days (2 years)
191 - https://jira.onap.org/browse/VNFSDK-650
192
193
194 *Known Security Issues*
195
196 N/A
197
198 *Known Vulnerabilities in Used Modules*
199
200 **Upgrade Notes**
201
202 N/A
203
204 **Deprecation Notes**
205
206 N/A
207
208 **Other**
209
210 N/A
211
212
Kanagaraj Manickam8d766532020-05-26 19:10:56 +0530213 Version: 1.5.2
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530214 --------------
Victor Gao76cad782019-10-14 11:18:41 +0800215
Kanagaraj Manickam8d766532020-05-26 19:10:56 +0530216 :Release Date: 2020-05-26
217 :Docker Version: 1.5.2
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530218
219
220 **New Features**
Kanagaraj Manickam41c91c62020-04-04 10:15:31 +0530221 * Pods are enabled to run as non root user
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530222 * Direct Vulnerability issues are addressed
Kanagaraj Manickam41c91c62020-04-04 10:15:31 +0530223 * HTTPS enabled in OOM deployment
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530224 * Added VTP2OVP result translation tool to support OVP 2019.12
Kanagaraj Manickam41c91c62020-04-04 10:15:31 +0530225 * VTP architecture is contributed into LFN CNTT under VNF testing framework
226 * VTP REST API is contributed to TMF v19.5 specifications 704, 706, 707, 708, 709, 710
227
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530228
229 **Bug Fixes**
230
231 N/A
232
233 **Known Issues**
234
235 N/A
236
237 **Security Notes**
238
239 *Fixed Security Issues*
240
241 *Known Security Issues*
242
243 N/A
244
245 *Known Vulnerabilities in Used Modules*
246
247 **Upgrade Notes**
248
249 N/A
250
251 **Deprecation Notes**
252
253 N/A
254
255 **Other**
256
257 N/A
258
259
260Version: 1.4.0
Victor Gao76cad782019-10-14 11:18:41 +0800261--------------
262
263
264:Release Date: 2019-10-07
Victor Gaocd8a06a2019-10-14 14:41:30 +0800265:Docker Version: 1.4.0
Victor Gao76cad782019-10-14 11:18:41 +0800266
267
268
269**New Features**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530270 * TOSCA based VNF validation enabled for supporting OVP & CVC
271 * TOSCA based VNF compliance check based on some operators requirements
272 * SDC now integrated VNFSDK VTP on VNF validation
273 * ETSI SOL004 security check (CMS signature validation) enabled
274 * Code quality improvement(e.g. replace the Jackson to Gson, sonar issue fix)
275 * A C++ implement of VES spec 7.0.1 on ves-agent.
Victor Gao76cad782019-10-14 11:18:41 +0800276
277**Bug Fixes**
278
279N/A
280
281**Known Issues**
282
283N/A
284
285**Security Notes**
286
287*Fixed Security Issues*
288
289*Known Security Issues*
290
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530291 * In default deployment VNFSDK (refrepo) exposes HTTP port 30297 outside of cluster. [`OJSI-154 <https://jira.onap.org/browse/OJSI-154>`_]
292 * CVE-2019-12126 - demo-vnfsdk-vnfsdk exposes JDWP port 8000 on localhost which allows to gain root privileges inside the container [`OJSI-88 <https://jira.onap.org/browse/OJSI-88>`_]
Victor Gao76cad782019-10-14 11:18:41 +0800293
294*Known Vulnerabilities in Used Modules*
295
296**Upgrade Notes**
297
298N/A
299
300**Deprecation Notes**
301
302N/A
303
304**Other**
305
306N/A
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530307
308
kanagaraj Manickam k00365106871f1b62019-05-29 14:45:49 +0530309Version: 1.3.0
310--------------
311
312
313:Release Date: 2019-05-31
314
315
316
317**New Features**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530318 * VTP (VNF Test Platform) is enabled with scenario and test case execution management
319 * ONAP SDC is integrated with VTP for providing the validation as part of VSP on-boarding
320 * CSAR validation is enabled with PNF and VNF compliance check for SOL004, SOL001 and VNFREQS
321 *
kanagaraj Manickam k00365106871f1b62019-05-29 14:45:49 +0530322
323**Bug Fixes**
324
325N/A
326
327**Known Issues**
328
329N/A
330
331**Security Notes**
332
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200333*Fixed Security Issues*
334
335*Known Security Issues*
336
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530337 * In default deployment VNFSDK (refrepo) exposes HTTP port 30297 outside of cluster. [`OJSI-154 <https://jira.onap.org/browse/OJSI-154>`_]
338 * CVE-2019-12126 - demo-vnfsdk-vnfsdk exposes JDWP port 8000 on localhost which allows to gain root privileges inside the container [`OJSI-88 <https://jira.onap.org/browse/OJSI-88>`_]
Krzysztof Opasiak482a0272019-06-04 02:04:34 +0200339
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200340*Known Vulnerabilities in Used Modules*
341
kanagaraj Manickam k00365106871f1b62019-05-29 14:45:49 +0530342**Upgrade Notes**
343
344N/A
345
346**Deprecation Notes**
347
348N/A
349
350**Other**
351
352N/A
353
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800354Version: 1.2.0
355--------------
356
357
358:Release Date: 2018-11-30
359
360
361
362**New Features**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530363 * LFN CVC test support
364 * Introduce VTP (VNF Test Platform) framework for test
365 * Better integration with OPNFV Dovetail (VTP)
366 * Experimental integration with OPNFV Dovetail
367 * Preliminary implementation of VNF requirements
368 * Support CSAR packaging SOL-004 option 1 (CSAR with TOSCA-Metadata directory)
369 * Support HPA schema validation
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800370
371**Bug Fixes**
372
373N/A
374
375**Known Issues**
376
377N/A
378
379**Security Notes**
380
381VNFSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The VNFSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45298880>`_.
382
383Quick Links:
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530384 - `VNFSDK project page <https://wiki.onap.org/display/DW/VNF+SDK+Project>`_
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200385
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530386 - `Passing Badge information for VNFSDK <https://bestpractices.coreinfrastructure.org/en/projects/1588>`_
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200387
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530388 - `Project Vulnerability Review Table for VNFSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45298880>`_
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800389
390**Upgrade Notes**
391
392N/A
393
394**Deprecation Notes**
395
396N/A
397
398**Other**
399
400N/A
401
Chris Donley23a07502018-05-16 09:36:06 -0700402Version: 1.1.0
403--------------
404
405
Gildas Lanilis0b1f0322018-05-29 16:57:59 -0700406:Release Date: 2018-06-07
Chris Donley23a07502018-05-16 09:36:06 -0700407
408
409
410**New Features**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530411 * Integration with SDC for VNF Onboarding
412 * Functional test support
413 * Incorporation of ICE tools for HEAT validation
414 * Experimental integration with OPNFV Dovetail
415 * Preliminary support for SOL-004
416 * Support for HTTPS
Chris Donley23a07502018-05-16 09:36:06 -0700417
418**Bug Fixes**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530419 * Fix localization support
Chris Donley23a07502018-05-16 09:36:06 -0700420
421**Known Issues**
422
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800423N/A
424
Gildas Lanilis0b1f0322018-05-29 16:57:59 -0700425**Security Notes**
Chris Donley23a07502018-05-16 09:36:06 -0700426
Gildas Lanilisc214bd12018-05-30 10:53:20 -0700427VNFSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The VNFSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28377592>`_.
Gildas Lanilis0b1f0322018-05-29 16:57:59 -0700428
Gildas Lanilisc214bd12018-05-30 10:53:20 -0700429Quick Links:
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530430 - `VNFSDK project page <https://wiki.onap.org/display/DW/VNF+SDK+Project>`_
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200431
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530432 - `Passing Badge information for VNFSDK <https://bestpractices.coreinfrastructure.org/en/projects/1588>`_
Krzysztof Opasiakb2e3bf62019-06-04 01:58:36 +0200433
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530434 - `Project Vulnerability Review Table for VNFSDK <https://wiki.onap.org/pages/viewpage.action?pageId=28377592>`_
Chris Donley23a07502018-05-16 09:36:06 -0700435
436**Upgrade Notes**
Kanagaraj Manickam8294fe82020-03-25 12:06:11 +0530437 * Updated to use Swagger for APIs
Chris Donley23a07502018-05-16 09:36:06 -0700438
439**Deprecation Notes**
440
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800441N/A
Chris Donley23a07502018-05-16 09:36:06 -0700442
443**Other**
444
Gildas Lanilisfdcc4a32018-11-07 17:49:46 -0800445N/A
Chris Donley23a07502018-05-16 09:36:06 -0700446
Chris Donley600f6792017-11-07 12:58:04 -0800447Version: 1.0.0
448--------------
449
450
451:Release Date: 2017-11-16
452
453
454
455**New Features**
456
Chris Donleya3adf072017-11-09 15:17:45 -0800457The VNF SDK project delivers a set of tools designed to expand the VNF
458ecosystem for ONAP.
459
Chris Donley600f6792017-11-07 12:58:04 -0800460It provides:
461
462* VNF packaging tools, which bundle VNFs into an ONAP-compliant TOSCA CSAR file
Chris Donleya3adf072017-11-09 15:17:45 -0800463* VNF Marketplace, which sits between VNF suppliers and operators. It provides
464 a repository for uploading and downloading VNFs and tools to validate package
465 consistency.
Chris Donley600f6792017-11-07 12:58:04 -0800466* VES Collector that may optionally be incorporated into VNFs
467
468VNF SDK works with SDC to facilitate VNF Onboarding.
469
470**Bug Fixes**
Chris Donley24d831b2017-11-15 09:57:25 -0800471
Chris Donleya3adf072017-11-09 15:17:45 -0800472N/A
Chris Donley24d831b2017-11-15 09:57:25 -0800473
Chris Donley600f6792017-11-07 12:58:04 -0800474**Known Issues**
Chris Donley24d831b2017-11-15 09:57:25 -0800475
Manish Kumar08cdece2018-10-24 11:01:58 +0530476`VNFSDK-126 <https://jira.onap.org/browse/VNFSDK-126>`_ : The service 'GET /packageresource/csrs' ignores query parameters
Chris Donley24d831b2017-11-15 09:57:25 -0800477
Chris Donley600f6792017-11-07 12:58:04 -0800478**Security Issues**
Chris Donley24d831b2017-11-15 09:57:25 -0800479
Chris Donleya3adf072017-11-09 15:17:45 -0800480N/A
Chris Donley24d831b2017-11-15 09:57:25 -0800481
Chris Donley600f6792017-11-07 12:58:04 -0800482**Upgrade Notes**
Chris Donley24d831b2017-11-15 09:57:25 -0800483
Chris Donleya3adf072017-11-09 15:17:45 -0800484N/A
Chris Donley24d831b2017-11-15 09:57:25 -0800485
Chris Donley600f6792017-11-07 12:58:04 -0800486**Deprecation Notes**
Chris Donley24d831b2017-11-15 09:57:25 -0800487
Chris Donleya3adf072017-11-09 15:17:45 -0800488N/A
Chris Donley24d831b2017-11-15 09:57:25 -0800489
Chris Donley600f6792017-11-07 12:58:04 -0800490**Other**
Chris Donley24d831b2017-11-15 09:57:25 -0800491
Chris Donley1d4cdb12018-06-06 13:55:24 -0700492N/A