summaryrefslogtreecommitdiffstats
path: root/docs/release-notes.rst
blob: 043cc59c176f93ea8167de44cf2871825c8069ba (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2017-2018 Huawei Technologies Co., Ltd.

Release Notes
=============

.. note::
   VNF onboarding is a challenge across the industry because of the lack of a
   standard format for VNFs.
   This project provides an ecosystem for ONAP compatible VNFs by:

   * developing tools for vendor CI/CD toolchains
   * developing validation and testing tools

 Version: 1.5.1
 --------------

 :Release Date: 2020-04-04
 :Docker Version: 1.5.1


 **New Features**
  * Pods are enabled to run as non root user
  * Direct Vulnerability issues are addressed
  * HTTPS enabled in OOM deployment
  * Added VTP2OVP result translation tool to support OVP 2019.12
  * VTP architecture is contributed into LFN CNTT under VNF testing framework
  * VTP REST API is contributed to TMF v19.5 specifications 704, 706, 707, 708, 709, 710


 **Bug Fixes**

 N/A

 **Known Issues**

 N/A

 **Security Notes**

 *Fixed Security Issues*

 *Known Security Issues*

 N/A

 *Known Vulnerabilities in Used Modules*

 **Upgrade Notes**

 N/A

 **Deprecation Notes**

 N/A

 **Other**

 N/A


Version: 1.4.0
--------------


:Release Date: 2019-10-07
:Docker Version: 1.4.0



**New Features**
    * TOSCA based VNF validation enabled for supporting OVP & CVC
    * TOSCA based VNF compliance check based on some operators requirements
    * SDC now integrated VNFSDK VTP on VNF validation
    * ETSI SOL004 security check (CMS signature validation) enabled
    * Code quality improvement(e.g. replace the Jackson to Gson, sonar issue fix)
    * A C++ implement of VES spec 7.0.1 on ves-agent.

**Bug Fixes**

N/A

**Known Issues**

N/A

**Security Notes**

*Fixed Security Issues*

*Known Security Issues*

    * In default deployment VNFSDK (refrepo) exposes HTTP port 30297 outside of cluster. [`OJSI-154 <https://jira.onap.org/browse/OJSI-154>`_]
    * CVE-2019-12126 - demo-vnfsdk-vnfsdk exposes JDWP port 8000 on localhost which allows to gain root privileges inside the container [`OJSI-88 <https://jira.onap.org/browse/OJSI-88>`_]

*Known Vulnerabilities in Used Modules*

**Upgrade Notes**

N/A

**Deprecation Notes**

N/A

**Other**

N/A


Version: 1.3.0
--------------


:Release Date: 2019-05-31



**New Features**
    * VTP (VNF Test Platform) is enabled with scenario and test case execution management
    * ONAP SDC is integrated with VTP for providing the validation as part of VSP on-boarding
    * CSAR validation is enabled with PNF and VNF compliance check for SOL004, SOL001 and VNFREQS
    *

**Bug Fixes**

N/A

**Known Issues**

N/A

**Security Notes**

*Fixed Security Issues*

*Known Security Issues*

    * In default deployment VNFSDK (refrepo) exposes HTTP port 30297 outside of cluster. [`OJSI-154 <https://jira.onap.org/browse/OJSI-154>`_]
    * CVE-2019-12126 - demo-vnfsdk-vnfsdk exposes JDWP port 8000 on localhost which allows to gain root privileges inside the container [`OJSI-88 <https://jira.onap.org/browse/OJSI-88>`_]

*Known Vulnerabilities in Used Modules*

**Upgrade Notes**

N/A

**Deprecation Notes**

N/A

**Other**

N/A

Version: 1.2.0
--------------


:Release Date: 2018-11-30



**New Features**
    * LFN CVC test support
    * Introduce VTP (VNF Test Platform) framework for test
    * Better integration with OPNFV Dovetail (VTP)
    * Experimental integration with OPNFV Dovetail
    * Preliminary implementation of VNF requirements
    * Support CSAR packaging SOL-004 option 1 (CSAR with TOSCA-Metadata directory)
    * Support HPA schema validation

**Bug Fixes**

N/A

**Known Issues**

N/A

**Security Notes**

VNFSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The VNFSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45298880>`_.

Quick Links:
     - `VNFSDK project page <https://wiki.onap.org/display/DW/VNF+SDK+Project>`_

     - `Passing Badge information for VNFSDK <https://bestpractices.coreinfrastructure.org/en/projects/1588>`_

     - `Project Vulnerability Review Table for VNFSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45298880>`_

**Upgrade Notes**

N/A

**Deprecation Notes**

N/A

**Other**

N/A

Version: 1.1.0
--------------


:Release Date: 2018-06-07



**New Features**
    * Integration with SDC for VNF Onboarding
    * Functional test support
    * Incorporation of ICE tools for HEAT validation
    * Experimental integration with OPNFV Dovetail
    * Preliminary support for SOL-004
    * Support for HTTPS

**Bug Fixes**
    * Fix localization support

**Known Issues**

N/A

**Security Notes**

VNFSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The VNFSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28377592>`_.

Quick Links:
     - `VNFSDK project page <https://wiki.onap.org/display/DW/VNF+SDK+Project>`_

     - `Passing Badge information for VNFSDK <https://bestpractices.coreinfrastructure.org/en/projects/1588>`_

     - `Project Vulnerability Review Table for VNFSDK <https://wiki.onap.org/pages/viewpage.action?pageId=28377592>`_

**Upgrade Notes**
    * Updated to use Swagger for APIs

**Deprecation Notes**

N/A

**Other**

N/A

Version: 1.0.0
--------------


:Release Date: 2017-11-16



**New Features**

The VNF SDK project delivers a set of tools designed to expand the VNF
ecosystem for ONAP.

It provides:

* VNF packaging tools, which bundle VNFs into an ONAP-compliant TOSCA CSAR file
* VNF Marketplace, which sits between VNF suppliers and operators. It provides
  a repository for uploading and downloading VNFs and tools to validate package
  consistency.
* VES Collector that may optionally be incorporated into VNFs

VNF SDK works with SDC to facilitate VNF Onboarding.

**Bug Fixes**

N/A

**Known Issues**

`VNFSDK-126 <https://jira.onap.org/browse/VNFSDK-126>`_ : The service 'GET /packageresource/csrs' ignores query parameters

**Security Issues**

N/A

**Upgrade Notes**

N/A

**Deprecation Notes**

N/A

**Other**

N/A