Skip to content
Tags give the ability to mark specific points in history as being important
  • v1.0.0-release Release: OpenCAPIF Release 1.0.0
    #### Registration Flow improved
    
    - Eliminated access from CAPIF to the Register user database when onboarding is performed.
    - Isolation between CCF and Register services, interaction now is only by HTTPS requested between Register, CCF and Vault.
    - Eliminated the "role" in user creation.
        - Now a user can be an invoker or a provider at the same time
    - Administrator User:
        - New entity in charge of registering and managing users of the register service.
    - UUID to identify users.
        - When you create a user, a uuid is associated with it
        - The uuid will be contained in the token requested by the user and will be used to relate invokers and providers with users.
    - Endpoints changed and created:
        - Administrator endpoints:
            - /createUser: /register endpoint changed to createUser. Used to register new users.
            - /deleteUser: /remove endpoint changed to this. Used to delete users and all the entities they had created.
            - /login: Allows administrator to log in to obtain the necessary tokens for their requests.
            - /refresh: Retrieve new access token token.
            - /getUsers: Returns the list with all registered users.
        - Customer User:
            - /getauth now also returns the urls needed to use CAPIF, used by customer.
    - Security improvements:
        - /login uses basic auth with administrator credentials.
        - /getauth uses basic auth with customer user credentials.
        - Other requests use the administrator access token obtained from login.
    
    - Current fields on user creation by administrator:
    ```
    required_fields = {
        "username": str,
        "password": str,
        "enterprise": str,
        "country": str,
        "email": str,
        "purpose": str
    }
    
    optional_fields = {
        "phone_number": str,
        "company_web": str,
        "description": str
    }
    ```
    
    - Test plan has been updated with the new register flow. Please check [OCF Registration Flow]
    - Video with explanation and demonstration of new register flow [New Registration Demo]
    
    #### New OpenCAPIF architecture
    
    - New arquitecture with separated namespaces for Vault, CCF and Register components. Communication between them now are only allowed by using REST APIs.
    - New helper service inside CCF, it will simplify integration with third parties like external management portals.
    
    - Helper endpoints:
        - /getInvokers : Get the list of invokers from CAPIF
        - /getProviders: Get the list of providers from CAPIF
        - /getServices : Get the list of services published in CAPIF
        - /getSecurityContext : Get the list of security contexts from CAPIF
        - /getEvents : Get the list of events subscriptions from CAPIF
        - /deleteEntities: Removes all entities registered by a user from the register
    
    - Security in the helper
        - To make requests to the helper you will need a superadmin certificate and password.
    
    #### Events API Upgrade
    
    - The event management at CCF is improved, EventNotification include Event Details with required information.
    - Events updated:
        - SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE with apiIds
        - SERVICE_API_UPDATE with serviceAPIDescriptions
        - API_INVOKER_ONBOARDED, API_INVOKER_UPDATED, API_INVOKER_OFFBOARDED with apiInvokerIds.
    - Events Included:
        - SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE with invocationLogs
    - Test plan include 7 new tests in order to check new events implemented and scenarios of each notification implemented, with a complete check of Event Notification.
    - Test plan documentation includes the new event tests [OCF Event test plan documentation].
    
    #### Inital implementation of CI/CD
    
    - The inital implementation of CI/CD on gitlab was performed.
    - Detailed information in the [CICD Wiki].
    - Implement initial CI/CD:
        - Description of the CI process.
            - In CI phase, created design, jobs and security checks when a branch is pushed.
            - The CI has jobs as:
                - Linting code, unit test (if needed),
                - Build and push artifacts (images) in Git OCI register
                - Security checks,
                - SCA, CVS, SAST
                - The vulnerabilities are exposed in Merge Request panel to be solved.
        - Description of the CD process:
            - Defined the environments to OCF.
                - Production env.
                - Pre-production env.
                - Validation env.
                - Dev-1, dev-2… envs (ephemeral)
            - Defined the naming convention to OCF releases
                - Tag in prod: v0.0.1-release
                - Tag non-prod: v0.0.1-rc
                - Other tags: v0.0.1-test, v0.0.1-smt
            - Defined the jobs of CD
                - CD ensures the deployment in multiple envs. Therefore, the CD pipeline has deploy-ocf, delete-ocf (if needed) jobs
        - ETSI HIVE Labs:
            - Designed, created and the Kuberntes OCF cluster is running to support OCFs deployments.
            - Iterating with ETSI HIVE’s support to solve computing issues.
                - CPU compatibilities with OCF services (MongoDB): Fixed
    
    
    ### **Documentation**
    
    #### Improvements on documentation
    
    - Documentation stored in [OCF Documentation Repository]
    - Continuous Integration included at repository for web documentation:
        - Develop version of documentation is automatically generated on each merge to develop branch.
        - Tagged version from main create documentation with related tag as version.
    
    ### **Technical Debt Solved**
    
    #### Improved Testing with Robot in order to cover
    
    - Support of new Register flows.
    - Allow different URLs for register, ccf and vault services.
    - New Variables included to manage new architecture under test.
    - Mock server developed to add the functionality of write tests involving notification from Service Under Test.
    - Docker image improved generation and libraries upgraded to Robot Framework 7.
    
    #### Improved security on DB
    
    - Credentials requested to access mongo databases.
    - Credentials requested also by mongo-express.
    
    #### Scripts upgraded
    
    - Docker compose version 2 used on them.
    - New cleaning script developed.
    - Scripts upgraded:
        - **check_services_are_running.sh**: Checks if all essential services (Vault, CCF and Register) are running.
        - **clean_capif_docker_services.sh**: Shutdowns and removes all services essential services.
        - **clean_capif_temporary_files.sh**: Removes temporaly files from local repository. 
        - **run.sh**: Launch Essential services locally using docker compose, also monitoring can be launched.
        - **run_capif_tests.sh**: Launch Robot Framwork Tests.
        - **show_logs.sh**: Show locally logs of Services running.
        - **run_mock_server.sh**: Launch mock server locally on all interfaces. This axiliary server is only used by tagged mockserver tests on Robot Framework.
        - **clean_mock_server.sh**: Remove mock server local deployment.
        - **deploy.sh**: This script simplify the way to download capif repository.
    
    #### Codebase Improvements
    
    - Documentation is now on splitted repository [OCF Documentation Repository]
    - Test plan was moved to [OCF Documentation Repository]
    - Obsolote data is removed.
    - Repository Reorganization: Enhanced structure and maintainability with a better directory layout and clearer module separation.
    - Code Quality Enhancements: Refactored code and fixed known issues
    
    #### Migration to GUNICORN
    
    - Include production server on each microservice: Release 0 use Flask developer server, now we use GUNICORN.
  • 0.0 Release: OpenCAPIF Release 0.0
    The APIs included in release 0 are:
    - JWT Authentication APIs
    - CAPIF Invoker Management API
    - CAPIF Publish API
    - CAPIF Discover API
    - CAPIF Security API
    - CAPIF Events API
    - CAPIF Provider Management API
    
    Testing Suite of all services implemented with robot.
    Also Postman suite can be used for a simple test.