<li>Eliminated access from CAPIF to the Register user database when onboarding is performed.</li>
<li>Isolation between CCF and Register services, interaction now is only by HTTPS requested between Register, CCF and Vault.</li>
<li>Eliminated the "role" in user creation.<ul>
<li>Now a user can be an invoker or a provider at the same time</li>
</ul>
</li>
<li>Administrator User:<ul>
<li>New entity in charge of registering and managing users of the register service.</li>
</ul>
</li>
<li>UUID to identify users.<ul>
<li>When you create a user, a uuid is associated with it</li>
<li>The uuid will be contained in the token requested by the user and will be used to relate invokers and providers with users.</li>
</ul>
</li>
<li>Endpoints changed and created:<ul>
<li>Administrator endpoints:<ul>
<li>/createUser: /register endpoint changed to createUser. Used to register new users.</li>
<li>/deleteUser: /remove endpoint changed to this. Used to delete users and all the entities they had created.</li>
<li>/login: Allows administrator to log in to obtain the necessary tokens for their requests.</li>
<li>/refresh: Retrieve new access token token.</li>
<li>/getUsers: Returns the list with all registered users.</li>
</ul>
</li>
<li>Customer User:<ul>
<li>/getauth now also returns the urls needed to use CAPIF, used by customer.</li>
</ul>
</li>
</ul>
</li>
<li>
<p>Security improvements:</p>
<ul>
<li>/login uses basic auth with administrator credentials.</li>
<li>/getauth uses basic auth with customer user credentials.</li>
<li>Other requests use the administrator access token obtained from login.</li>
</ul>
</li>
<li>
<p>Current fields on user creation by administrator:</p>
</li>
</ul>
<pre><code>required_fields = {
"username": str,
"password": str,
"enterprise": str,
"country": str,
"email": str,
"purpose": str
}
optional_fields = {
"phone_number": str,
"company_web": str,
"description": str
}
</code></pre>
<ul>
<li>Test plan has been updated with the new register flow. Please check <ahref="https://ocf.etsi.org/documentation/latest/testing/testplan/common_operations/"title="OCF Registration Flow">OCF Registration Flow</a></li>
<li>Video with explanation and demonstration of new register flow <ahref="https://www.youtube.com/watch?v=sn-tN6eRvv8"title="New Registration Demo">New Registration Demo</a></li>
<li>isolation between CCF and Register services.</li>
<li>Improve security, with split resposability between administrator operations and common user.</li>
<li>New arquitecture with separated namespaces for Vault, CCF and Register components. Communication between them now are only allowed by using REST APIs.</li>
<li>
<p>New helper service inside CCF, it will simplify integration with third parties like external management portals.</p>
</li>
<li>
<p>Helper endpoints:</p>
<ul>
<li>/getInvokers : Get the list of invokers from CAPIF</li>
<li>/getProviders: Get the list of providers from CAPIF</li>
<li>/getServices : Get the list of services published in CAPIF</li>
<li>/getSecurityContext : Get the list of security contexts from CAPIF</li>
<li>/getEvents : Get the list of events subscriptions from CAPIF</li>
<li>/deleteEntities: Removes all entities registered by a user from the register</li>
</ul>
</li>
<li>
<p>Security in the helper</p>
<ul>
<li>To make requests to the helper you will need a superadmin certificate and password.</li>
</ul>
</li>
</ul>
<h4id="events-api-upgrade">Events API Upgrade</h4>
<ul>
<li>The event management at CCF is improved, EventNotification include Event Details with required information.</li>
<li>Events updated:<ul>
<li>SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE with apiIds</li>
<li>SERVICE_API_UPDATE with serviceAPIDescriptions</li>
<li>API_INVOKER_ONBOARDED, API_INVOKER_UPDATED, API_INVOKER_OFFBOARDED with apiInvokerIds.</li>
</ul>
</li>
<li>Events Included:<ul>
<li>SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE with invocationLogs</li>
</ul>
<p><strong>Improved Testing with Robot in order to cover:</strong></p>
</li>
<li>Test plan include 7 new tests in order to check new events implemented and scenarios of each notification implemented, with a complete check of Event Notification.</li>
<li>Test plan documentation includes the new event tests <ahref="https://ocf.etsi.org/documentation/latest/testing/testplan/api_events_service/"title="OCF Event test plan documentation">OCF Event test plan documentation</a>.</li>
</ul>
<h4id="inital-implementation-of-cicd">Inital implementation of CI/CD</h4>
<ul>
<li>New Register flows.</li>
<li>The inital implementation of CI/CD on gitlab was performed.</li>
<li>Detailed information in the <ahref="[https://](https://labs.etsi.org/rep/ocf/community/-/wikis/OCF-CICD)"title="CI/CD Wiki">CICD Wiki</a>.</li>
<li>Implement initial CI/CD:<ul>
<li>Description of the CI process.<ul>
<li>In CI phase, created design, jobs and security checks when a branch is pushed.</li>
<li>The CI has jobs as:<ul>
<li>Linting code, unit test (if needed),</li>
<li>Build and push artifacts (images) in Git OCI register</li>
<li>Security checks,</li>
<li>SCA, CVS, SAST</li>
<li>The vulnerabilities are exposed in Merge Request panel to be solved.</li>
</ul>
</li>
</ul>
</li>
<li>Description of the CD process:<ul>
<li>Defined the environments to OCF.<ul>
<li>Production env.</li>
<li>Pre-production env.</li>
<li>Validation env.</li>
<li>Dev-1, dev-2… envs (ephemeral)</li>
</ul>
</li>
<li>Defined the naming convention to OCF releases<ul>
<li>Tag in prod: v0.0.1-release</li>
<li>Tag non-prod: v0.0.1-rc</li>
<li>Other tags: v0.0.1-test, v0.0.1-smt</li>
</ul>
</li>
<li>Defined the jobs of CD<ul>
<li>CD ensures the deployment in multiple envs. Therefore, the CD pipeline has deploy-ocf, delete-ocf (if needed) jobs</li>
</ul>
</li>
</ul>
</li>
<li>ETSI HIVE Labs:<ul>
<li>Designed, created and the Kuberntes OCF cluster is running to support OCFs deployments.</li>
<li>Iterating with ETSI HIVE’s support to solve computing issues.<ul>
<li>CPU compatibilities with OCF services (MongoDB): Fixed</li>
<li>Initial review of release 18 from 3GPP. Check <ahref="[https://](https://labs.etsi.org/rep/ocf/community/-/wikis/?¿?¿?¿?¿?)"title="Upgrade Release 17 to 18 Wiki">Upgrade Release 17 to 18 Wiki</a></li>
<li><strong>show_logs.sh</strong>: Show locally logs of Services running.</li>
<li><strong>run_mock_server.sh</strong>: Launch mock server locally on all interfaces. This axiliary server is only used by tagged mockserver tests on Robot Framework.</li>
<li><strong>clean_mock_server.sh</strong>: Remove mock server local deployment.</li>
<li><strong>deploy.sh</strong>: This script simplify the way to download capif repository.</li>
</ul>
</li>
</ul>
<p><strong>Cleanup of capif repository:</strong></p>
<li>Documentation is now on splitted repository [OCF Documentation Repository]</li>
<li>Test plan was moved to [OCF Documentation Repository]</li>
<li>Documentation is now on splitted repository <ahref="https://labs.etsi.org/rep/ocf/documentation"title="OCF Documentation Repository">OCF Documentation Repository</a></li>
<li>Test plan was moved to <ahref="https://labs.etsi.org/rep/ocf/documentation"title="OCF Documentation Repository">OCF Documentation Repository</a></li>
<li>Obsolote data is removed.</li>
<li>Repository Reorganization: Enhanced structure and maintainability with a better directory layout and clearer module separation.</li>
<li>Code Quality Enhancements: Refactored code and fixed known issues</li>
</ul>
<h4id="migration-to-gunicorn">Migration to GUNICORN</h4>
<ul>
<li>Include production server on each microservice: Release 0 use Flask developer server, now we use GUNICORN.</li>