diff options
Diffstat (limited to 'docs/sections/release-notes.rst')
-rw-r--r-- | docs/sections/release-notes.rst | 77 |
1 files changed, 29 insertions, 48 deletions
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst index 094d10bf..803ba056 100644 --- a/docs/sections/release-notes.rst +++ b/docs/sections/release-notes.rst @@ -11,19 +11,18 @@ OOM Certification Service Release Notes :depth: 2 .. -Version: 2.4.0 +Version: 2.5.0 ============== Abstract -------- -This document provides the release notes for the Istanbul release. +This document provides the release notes for the Jakarta release. Summary ------- -Certificate update use case is now available. For details go to: -:ref:`How to use instructions<how_to_use_certificate_update>` +Vulnerability Fix Release Data ------------ @@ -32,12 +31,12 @@ Release Data | **Project** | OOM | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0| +| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.5.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.5.0| | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Release designation** | Istanbul | +| **Release designation** | Jakarta | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ @@ -45,20 +44,8 @@ Release Data New features ------------ -- `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_ Implement certificate update in CMPv2 external issuer - -- `OOM-2753 <https://jira.onap.org/browse/OOM-2753>`_ Implement certificate update in CMPv2 CertService - -- `OOM-2744 <https://jira.onap.org/browse/OOM-2744>`_ Remove CertService Client mechanism from ONAP - -- `OOM-2649 <https://jira.onap.org/browse/OOM-2649>`_ Update contrib/ejbca to 7.x - **Bug fixes** -- `OOM-2771 <https://jira.onap.org/browse/OOM-2771>`_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer - -- `OOM-2764 <https://jira.onap.org/browse/OOM-2764>`_ Fix sonar issues in CertService - **Known Issues** If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions. @@ -102,7 +89,7 @@ Security Notes **Fixed Security Issues** -None +- `OOM-2903 <https://jira.onap.org/browse/OOM-2903>`_ Fix Apache Vulnerability [CVE-2021-44228] in CertService **Known Security Issues** @@ -124,21 +111,19 @@ For more information on the ONAP Istanbul release, please see: #. `ONAP Release Downloads`_ #. `ONAP Wiki Page`_ -Version: 2.3.3 +Version: 2.4.0 ============== Abstract -------- -This document provides the release notes for the Honolulu release. +This document provides the release notes for the Istanbul release. Summary ------- -Certification Service provides certificates signed by external CMPv2 server - such certificates are further called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP. - -This project was moved from Application Authorization Framework (AAF), to check previous release notes see, `AAF CertService release notes <https://docs.onap.org/projects/onap-aaf-certservice/en/frankfurt/sections/release-notes.html>`_ . - +Certificate update use case is now available. For details go to: +:ref:`How to use instructions<how_to_use_certificate_update>` Release Data ------------ @@ -147,13 +132,12 @@ Release Data | **Project** | OOM | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 | -| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.3| +| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 | +| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0| | | | +--------------------------------------+---------------------------------------------------------------------------------------+ -| **Release designation** | Honolulu | +| **Release designation** | Istanbul | | | | +--------------------------------------+---------------------------------------------------------------------------------------+ @@ -161,26 +145,24 @@ Release Data New features ------------ -- `OOM-2560 <https://jira.onap.org/browse/OOM-2560>`_ Integrated CMPv2 certificate provider with Cert-Manager +- `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_ Implement certificate update in CMPv2 external issuer - An CMPv2 certificate provider is a part of PKI infrastructure. It consumes CertificateRequest custom resource from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server. - During ONAP deployment, the CMPv2 certificate provider is enabled when flags cmpv2Enabled, CMPv2CertManagerIntegration and platform.enabled equals true. +- `OOM-2753 <https://jira.onap.org/browse/OOM-2753>`_ Implement certificate update in CMPv2 CertService - More information can be found on dedicated `wiki page <https://wiki.onap.org/display/DW/CertService+and+K8s+Cert-Manager+integration>`_ +- `OOM-2744 <https://jira.onap.org/browse/OOM-2744>`_ Remove CertService Client mechanism from ONAP -- `OOM-2632 <https://jira.onap.org/browse/OOM-2632>`_ Extended CertService API and clients to correctly support SANs parameters such as: e-mails, URIs and IP addresses. +- `OOM-2649 <https://jira.onap.org/browse/OOM-2649>`_ Update contrib/ejbca to 7.x **Bug fixes** -- `OOM-2656 <https://jira.onap.org/browse/OOM-2656>`_ Adjusted CertService API to RFC4210 - changed MAC protection algorithm and number of iteration for such algorithm. - -- `OOM-2657 <https://jira.onap.org/browse/OOM-2657>`_ Enhanced CertServiceAPI response in order to include CMP server error messages. +- `OOM-2771 <https://jira.onap.org/browse/OOM-2771>`_ Fix CertificateRequest resource was not found issue in CMPv2 external issuer -- `OOM-2658 <https://jira.onap.org/browse/OOM-2658>`_ Fixed KeyUsage extension sent to CMPv2 server +- `OOM-2764 <https://jira.onap.org/browse/OOM-2764>`_ Fix sonar issues in CertService **Known Issues** -None +If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions. +The required actions are described in :ref:`Troubleshooting section <troubleshooting>` Deliverables ------------ @@ -198,19 +180,19 @@ Known Limitations, Issues and Workarounds ----------------------------------------- System Limitations ------------------- +~~~~~~~~~~~~~~~~~~ Any known system limitations. Known Vulnerabilities ---------------------- +~~~~~~~~~~~~~~~~~~~~~ Any known vulnerabilities. Workarounds ------------ +~~~~~~~~~~~ Any known workarounds. @@ -235,15 +217,14 @@ Not applicable References ---------- -For more information on the ONAP Honolulu release, please see: +For more information on the ONAP Istanbul release, please see: #. `ONAP Home Page`_ #. `ONAP Documentation`_ #. `ONAP Release Downloads`_ #. `ONAP Wiki Page`_ - .. _`ONAP Home Page`: https://www.onap.org .. _`ONAP Wiki Page`: https://wiki.onap.org .. _`ONAP Documentation`: https://docs.onap.org -.. _`ONAP Release Downloads`: https://git.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org
\ No newline at end of file |