OOM Montreal Release

Topics:

  • Security Enhancements

    • Internal AuthorizationPolicies (continue and test inter-component policies)

    • External OAuth2 proxy integration and AuthorizationPolicies for Ingress

  • Ingress enhancements

    • Gateway-API support → should replace Istio Gateway/VirtualService

    • template enhancement for AuthorizationPolicies

  • Chart Cleanup

    • MSB removal

    • ...

  • DB Operator introduction and update of DB versions

    • k8ssandra-operator

    • mariadb-operator

    • postgres

    • mongodb

    • ...

  • Helm versioning concept 

  • (DMaaP) MessageRouter removal → all clients should use native Kafka



Global requirements:

  • ONAP component external API/UIs should provide an oauth profile (Ingress interfaces should use an AuthorizatioPolicy to use Keycloak Authentication via Oauth2-proxy)

    • Portal-NG is using Oauth2 token

    • SDC-UI ?, other UIs ? 

  • ONAP component internal APIs should not use authentication (AuthorizationPolicy is provided instead)

    • new REQ created