Release Notes¶
Version: 8.0.1¶
- Release Date:
2021-03-19
Honolulu Release tag - 8.0.1
Fix
EXTAPI-535 - Error in NBI serviceSpecification API
Details of NBI features for Honolulu are described in the readTheDoc documentation.
https://docs.onap.org/projects/onap-externalapi-nbi/en/latest/index.html#master-index
Known Issues
No new issues
Security Notes
External API pods security are as requested per TSC must have list
Quick Links:
Upgrade Notes
No major API changes. The API Major version is still 4.
Version: 7.0.2¶
- Release Date:
2020-11-16
Guilin Release tag - 7.0.2
Fix
EXTAPI-510 - 1 NBI pod has no limit
EXTAPI-509 - NBI has root pods
EXTAPI-197 - MSB registration
Details of NBI features for Guilin are described in the readTheDoc documentation.
https://docs.onap.org/projects/onap-externalapi-nbi/en/latest/index.html#master-index
Known Issues
No new issues
Security Notes
Updates may to External API pods security are per TSC must have list
Quick Links:
Upgrade Notes
No major API changes. The API Major version is still 4.
Version: 6.0.3¶
- Release Date:
2020-06-04
Frankfurt Release tag - 6.0.3
Fix
OJSI-136 - In default deployment EXTAPI (nbi) exposes HTTP port 30274 outside of cluster.
EXTAPI-347 - Move to mariadb galera instead of mariadb
EXTAPI-222 - Add support for HTTPS with AAF artefacts
EXTAPI-294 - Add support for Service Orders using new “Object” type
EXTAPI-304 - Update SO request to use GR_API instead of VNF_API
EXTAPI-342 - NBI to SO: new URL and new Header params
EXTAPI-343 - NBI to SO: cloudowner value to be taken from application.properties
EXTAPI-258 - Identify whether the Service is of A-la-carte or macro type
EXTAPI-370 - Java 11 & oparent 3.0.0-SNAPSHOT
EXTAPI-378 - Update swagger based on spectral
EXTAPI-384 - SECCOM Java 11 migration from v8 [REQ-219] in NBI
EXTAPI-397 - Update Service Order Swagger to align to ONAP Style Guidelines
EXTAPI-399 - Fix Docker File Image to point to correct base and use 3.0.0 in pom
EXTAPI-400 - Migrate and Fix sonarcloud code coverage issue
EXTAPI-401 - remove sonar.jacoco.reportMissing.force.zero
EXTAPI-415 - Configure NBI with http xor https support, using basic spring capabilities
EXTAPI-417 - Support http local docker and https OOM via Env Variable
EXTAPI-423 - Check for CST template is case sensitive
EXTAPI-424 - Public HTTP port open
EXTAPI-427 - DMaap https port enable
Detail of NBI features are described in the readTheDoc documentation.
https://onap.readthedocs.io/en/latest/submodules/externalapi/nbi.git/docs/index.html
Known Issues
No new issues
Security Notes
In the Frankfurt release, External API has been updated to expose a https interface via OOM installations, in response to OJSI-136. NBI has also upgraded to Java 11, using the base registry.gitlab.com/onap-integration/docker/onap-java image.
Quick Links:
Upgrade Notes
No major API changes. The API Major version is still 4.
/nbi/api/v4
Frankfurt API version is 4.1.0 i.e. Minor API changes only, as most changes are related to security updates. No new APIs. Swagger changes are mainly in the use of additional markdown for API understanding and conformance to ONAP API Swagger Style Guidelines https://wiki.onap.org/pages/viewpage.action?pageId=71834147
Version: 5.0.1¶
- Release Date:
2019-09-06
El Alto Release tag - 5.0.1
Fix
EXTAPI-248 - ExtAPI should not be polling SDC-DISTR-NOTIF-TOPIC-AUTO without authenticating
EXTAPI-249 - Change to oom dockers causing permissions failing when tosca parsing
EXTAPI-287 - NBI to SDC connectivity health checks fail
EXTAPI-305 - No Need for “ReadWriteMany” access on storage when deploying on Kubernetes
Detail of features described in the readTheDoc documentation.
https://onap.readthedocs.io/en/latest/submodules/externalapi/nbi.git/docs/index.html
Known Issues
No new issues
Security Notes
Same as Dublin 4.0.0
Quick Links:
Upgrade Notes
No major API change. The API Major version is still 4.
/nbi/api/v4
El Alto API version is 4.0.1 i.e. Patch only
Version: 4.0.0¶
- Release Date:
2019-05-30
New major version v4 for the API, see Upgrade Notes
Dedicated Postman collection can be found in the integration project see test/postman
All tests suites have been re written in Karate, see src/test/resources/karatetest for inspiration.
New Features
Main new features are supports of
Main functional changes for BBS:
EXTAPI-98 - Service inventory notification`
EXTAPI-161 - New service specificationInputSchemas operation`
Main functional change for CCVPN
EXTAPI-182 - Create SO -> ExtAPI interface`
Many other changes and improvement are listed in JIRA:
Known Issues
EXTAPI-197 - Bad hostname while registering on MSB
EXTAPI-222 - Add support for HTTPS
EXTAPI-249 - Change to oom dockers causing permissions failing when tosca parsing
EXTAPI-249 has limited impact on BBS use case: GET /serviceSpecification{id} returns empty serviceSpecCharacteristic.
Security Notes
Fixed Security Issues
NBI has been improved to reduce signs of vulnerabilities, especially by migrating from Springboot 1.x to Springboot 2 and using ONAP Parent pom.xml
Known Security Issues
- OJSI-136 - In default deployment EXTAPI (nbi) exposes HTTP port 30274 outside of cluster.
NBI exposes non TLS API endpoint on port 30274, meaning full plain text exchange with NBI API. TLS configuration, with ONAP Root CA signed certificate will be proposed in El Alto.
As a workaround it is quite easy to add HTTPS support to NBI by configuring SSL and activating strict https. Presuming you have a valid JKS keystore, with private key and a signed certificate:
src/main/resources/application.properties
# tls/ssl server.ssl.key-store-type=JKS server.ssl.key-store=classpath:certificate/yourkeystore.jks server.ssl.key-store-password=password server.ssl.key-alias=youralias # disable http and activate https security.require-ssl=true
Known Vulnerabilities in Used Modules
Quick Links:
Upgrade Notes
API is a new MAJOR v4 version due to the deletion of the ‘hasStarted’ attribute from getServiceById response GET /service/{id}
So don’t forget to use this new path:
/nbi/api/v4
before:
/nbi/api/v3
Deprecation Notes
API v3 is deprecated
Other
Version: 3.0.2¶
- Release Date:
2019-01-31
Part of Casablanca Maintenance Release tag - 3.0.1 January 31st, 2019
Fix
EXTAPI-164 - Start up failed without msb
EXTAPI-172 - Multiple service orders in a single request
Detail of features described in the readTheDoc documentation.
Known Issues
No new issues
Security Notes
Quick Links:
Version: 3.0.1¶
- Release Date:
2018-11-30
New Features
Main features are:
EXTAPI-96 - Add notification for serviceOrder API
EXTAPI-97 - Upgrade ServiceOrder API to manage modification UC
EXTAPI-100 - Improve ServiceInventory API
EXTAPI-101 - Integrate ExtAPI/NBI to MSB
EXTAPI-102 - Integrate ExtAPI/NBI to an E2E ONAP UC
EXTAPI-116 - Help NBI user to get information when Service order fails
EXTAPI-125 - Add support for progress percentage on ServiceOrder tracking
Detail of features described in the readTheDoc documentation.
Known Issues
No new issue (see Beijing ones)
Security Notes
Quick Links:
Upgrade Notes
No upgrade available from Beijing
Deprecation Notes
NA
Other
Version: 1.0.0¶
- Release Date:
2018-06-07
New Features
Main features are:
EXTAPI-39 - Retrieve SDC information (catalog information) for service level artifacts based on TMF633 open APIs - operation GET
EXTAPI-41 - Retrieve AAI information (inventory information) for service instance level artifacts based on TMF638 open APIs - operation GET
EXTAPI-42 - Create and retrieve SO service request for service level based on TMF641 open APIS - Operations POST & GET
Detail of features described in the readTheDoc documentation.
Bug Fixes
Not applicable - This is an initial release
Known Issues
For service catalog:
Find criteria are limited
For service inventory:
Customer information must be passed to get complete service representation.
Find criteria are limited.
For service order:
ServiceOrder will manage only ‘add’ and ‘delete’ operation (no change).
Only service level request is performed.
No request for VNF/VF and no call to SDNC.
EXTAPI-70 : links between customer/service instance and cloud/tenant not done (trigger VID issue).
Only active service state is considered to add a service.
Detail of limitations described in the readTheDoc documentation.
Security Notes
External API code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The External API open Critical security vulnerabilities and their risk assessment have been documented as part of the project. Authentication management and Data Access rights have not been implemented.
Quick Links:
Upgrade Notes
Not applicable - This is an initial release
Deprecation Notes
Not applicable - This is an initial release
Other
End of Release Notes