summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/release-notes.rst9
-rw-r--r--kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties2
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/values.yaml2
-rwxr-xr-xkubernetes/cds/charts/cds-command-executor/values.yaml2
-rwxr-xr-xkubernetes/cds/charts/cds-controller-blueprints/values.yaml2
-rw-r--r--kubernetes/cds/charts/cds-sdc-listener/values.yaml2
-rw-r--r--kubernetes/cds/charts/cds-ui/values.yaml2
-rw-r--r--kubernetes/clamp/charts/clamp-dash-kibana/values.yaml2
-rw-r--r--kubernetes/clamp/charts/clamp-dash-logstash/values.yaml2
-rw-r--r--kubernetes/clamp/values.yaml2
-rw-r--r--kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json2
-rwxr-xr-xkubernetes/oof/charts/oof-has/values.yaml2
-rw-r--r--kubernetes/oof/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/dmaap-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/ueb-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/values.yaml2
-rw-r--r--kubernetes/vnfsdk/values.yaml2
19 files changed, 27 insertions, 18 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 4972492afc..ae22cb25ee 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -49,6 +49,15 @@ Summary
**Security Notes**
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+
+*Known Vulnerabilities in Used Modules*
+
OOM code has been formally scanned during build time using NexusIQ and no
Critical vulnerability was found.
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
index 91ab8ff3ed..0e8b71cf53 100644
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
@@ -29,7 +29,7 @@ cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile
cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12
-cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb
+cadi_keystore_password=enc:tQTHVtbdCuzqrQY1TBRt9SkFL9tCY3OzwbsfaVyAa2dOfZlI0krFOJSBnkm1WdGr
#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
cadi_alias=appc@appc.onap.org
cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
index 43b5f498c9..51e8e5bed1 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
@@ -40,7 +40,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-blueprintsprocessor:0.4.4
+image: onap/ccsdk-blueprintsprocessor:0.4.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml
index 73f449bfd9..14432ecab2 100755
--- a/kubernetes/cds/charts/cds-command-executor/values.yaml
+++ b/kubernetes/cds/charts/cds-command-executor/values.yaml
@@ -40,7 +40,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-commandexecutor:0.4.4
+image: onap/ccsdk-commandexecutor:0.4.5
pullPolicy: Always
# application configuration
diff --git a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
index 9030000719..c924b2bd5c 100755
--- a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
+++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
@@ -38,7 +38,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.4.4
+image: onap/ccsdk-controllerblueprints:0.4.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/cds/charts/cds-sdc-listener/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
index d4c0cd72fb..cd2fbf5ad4 100644
--- a/kubernetes/cds/charts/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
@@ -37,7 +37,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-sdclistener:0.4.4
+image: onap/ccsdk-sdclistener:0.4.5
name: sdc-listener
pullPolicy: Always
diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml
index c7bf6ecdd5..036b888ea7 100644
--- a/kubernetes/cds/charts/cds-ui/values.yaml
+++ b/kubernetes/cds/charts/cds-ui/values.yaml
@@ -28,7 +28,7 @@ subChartsOnly:
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui-server:0.4.4
+image: onap/ccsdk-cds-ui-server:0.4.5
pullPolicy: Always
# application configuration
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
index 5965b4117e..954de3a953 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
@@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:4.0.3
+image: onap/clamp-dashboard-kibana:4.0.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
index 356d64b72e..893860b839 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
@@ -30,7 +30,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:4.0.3
+image: onap/clamp-dashboard-logstash:4.0.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 214eed6ccc..398c9ead9e 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -30,7 +30,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp:4.0.3
+image: onap/clamp:4.0.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
index 1db11ad476..7342ca633a 100644
--- a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
+++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
@@ -12,7 +12,7 @@
},
"policy_engine": {
"url": "https://{{ .Values.config.address.policy_xacml_pdp }}:6969",
- "path_decision": "/policy/pdpx/v1/decision"
+ "path_decision": "/policy/pdpx/v1/decision",
"path_notifications": "/pdp/notifications",
"path_api": "/pdp/api/",
"headers": {
diff --git a/kubernetes/oof/charts/oof-has/values.yaml b/kubernetes/oof/charts/oof-has/values.yaml
index 8bc3e176d3..e53c3422e9 100755
--- a/kubernetes/oof/charts/oof-has/values.yaml
+++ b/kubernetes/oof/charts/oof-has/values.yaml
@@ -25,7 +25,7 @@ global:
commonConfigPrefix: onap-oof-has
image:
readiness: oomk8s/readiness-check:2.0.0
- optf_has: onap/optf-has:1.3.0
+ optf_has: onap/optf-has:1.3.1
filebeat: docker.elastic.co/beats/filebeat:5.5.0
pullPolicy: Always
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index bf87f0fa6e..d72b1f0457 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -26,7 +26,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-osdf:1.3.0
+image: onap/optf-osdf:1.3.2
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index 65c1dcf09c..cd1a88793a 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -27,7 +27,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.5.3
+image: onap/sdnc-dmaap-listener-image:1.5.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index e5df37d557..a7e249a212 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -27,7 +27,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.5.3
+image: onap/sdnc-ansible-server-image:1.5.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index 2cfab8f6e1..ef76ed345a 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -27,7 +27,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.5.3
+image: onap/admportal-sdnc-image:1.5.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index 5e6fe53460..7c985ce1b6 100644
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -27,7 +27,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.5.3
+image: onap/sdnc-ueb-listener-image:1.5.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 4013486f05..9bd50a1c47 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -32,7 +32,7 @@ global:
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.5.3
+image: onap/sdnc-image:1.5.4
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index a6d7efc62d..2b6fd99b2e 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.3.0
+image: onap/vnfsdk/refrepo:1.3.2
postgresRepository: crunchydata
postgresImage: crunchy-postgres:centos7-10.3-1.8.2
pullPolicy: Always