Security Verification (SV) Library Release Notes¶
Version 1.2.2, 13 Dec 2019¶
Version 1.2.1, 03 Dec 2019¶
This version corrects an issue with SV Scanning Service API endpoints. One configuration change is necessary:
for the Portal-BE, Onboarding, and Federation components, remove the path element in the SV API URL:
for Portal-BE, in the Spring environment under “portal.feature.sv”
"api": "http://sv-scanning-service:9082"
for Onboarding amd Microservice Generation, in the Spring environment under “security.verificationApiUrl”
"verificationApiUrl": "http://sv-scanning-service:9082"
for Federation, in the Spring environment under “verification.url”
"url": "http://sv-scanning-service:9082"
Version 1.2.0, 10 Oct 2019¶
- Removal of LMCL dependency - ACUMOS-3505
- Changed docker image for SV to follow acumos/ prefix
Version 1.1.0, 01 Oct 2019¶
Version 1.0.1, 19 Sept 2019¶
Version 0.0.24, 09 Jun 2019¶
Version update only; changes were to the SV Scanning Service
Version 0.0.22, 25 Jun 2019¶
Version 0.0.21, 07 Jun 2019¶
- 4632: Changing API - SV needs to accept logged in userId
- 4616: Rtu Verifier fixes
- ACUMOS-1373: S-V Scanning Service component with spring-based API
- Uprev to allow release of License Manager client library
Version 0.0.20, 30 May 2019¶
Version 0.0.19, 28 May 2019¶
Version 0.0.18, 23 May 2019¶
- Update license-manager-client-library version-0.0.7 in security-verification-client-library (ACUMOS-2954)
- 4489: Update design doc with recommended tests
- 4366: Updated release note
- 4291: Update SV and LM version for LF release
- ACUMOS-2830: Update license-manager-client-library, security-verification-client and security-verification-service For LF release
- 4262: Sonar 40% code coverage requirement on every repo
- 4206: S-V library implementation (https://gerrit.acumos.org/r/#/c/security-verification/+/4202/)
- 4202: S-V library implementation (https://gerrit.acumos.org/r/#/c/security-verification/+/4202/)
- 4202: S-V library implementation (https://gerrit.acumos.org/r/#/c/security-verification/+/4202/)
- 4201: S-V library implementation (https://gerrit.acumos.org/r/#/c/security-verification/+/4201/)
Version 0.0.17, 14 May 2019¶
- Artifact type cdump not found – when publishing in portal (ACUMOS-2860)
Version 0.0.16, 10 May 2019¶
- SecurityVerificationServiceImpl.createSiteConfig (ACUMOS-2865)
Version 0.0.15, 10 May 2019¶
- SecurityVerificationServiceImpl.createSiteConfig (ACUMOS-2865)
- Artifact type cdump not found – when publishing in portal (ACUMOS-2860)
- Dependencies should be installed part of the docker image of the component rather than directly in yaml file (ACUMOS-2845)
Version 0.0.12, 01 May 2019¶
- Update license-manager-client-library, security-verification-client and security-verification-service For LF release (ACUMOS-2830)
Version 0.0.11, 30 April 2019¶
- Security Verification throwing Unexected Error Message (ACUMOS-2815)
Version 0.1.0, 12 April 2019¶
Version 0.0.3, 05 April 2019¶
Security Verification (SV) Scanning Service Release Notes¶
Version 1.2.2, 13 Dec 2019¶
Version 1.2.1, 03 Dec 2019¶
Version 1.2.0, 16 Oct 2019¶
- ACUMOS-3428: Security Verification License Scan migration to Jenkins
- 5607: Revision version format change
- Fix Sv-Scanning service for new revision version format.
- Add verbose output to scan scripts.
- Remove unused scripts.
- 5607: Revision version format change
Version 1.1.0, 01 Oct 2019¶
- 5317: Security Verification 1.1.0 - jenkins and rtu
- ACUMOS-3428: Security Verification License Scan migration to Jenkins
- ACUMOS-3125: As a model User, when LUM provides denial of action to Acumos, Security Verification will not allow user action and Portal will display notification to user.
- Add LUM URL env parameter for LMCL
- Code formatting clean up
- Licensing RTU check updates
- Relocate/update scripts for Jenkins.
- Scan invokes Jenkins job.
- ScanResult handling from Jenkins.
Version 1.0.1, 19 Sept 2019¶
Version 0.0.24, 09 Jun 2019¶
This release restores the ability to deploy the SV Scanning Service with full functionality embedded in the docker container image. Updates with external configuration files (e.g. to update licenses/rules, or the scanning tool/scripts) is optional, as described by the updated user-guide.
Version 0.0.22, 25 Jun 2019¶
Version 0.0.21, 07 June 2019¶
Version 0.0.20, 30 May 2019¶
- ACUMOS-2559: S-V Library workflow permission determination
- Update artifact creation logic
Version 0.0.19, 28 May 2019¶
- ACUMOS-2559: S-V Library workflow permission determination
- 4524: Correct return of failure reason to user
- switch to curl (wget hangs), add logging
- 4524: Correct return of failure reason to user
Version 0.0.18, 23 May 2019¶
This release includes improvements and other updates as below, for the merged commits and related Jira items:
- 4489: Update design doc with recommended tests
- 4362: SecurityVerificationServiceImpl createSiteConfig
- ACUMOS-2860: Artifact type cdump not found – when publishing in portal
- 4462: Artifact type cdump not found in portal
- 4449: Artifact type cdump not found in portal
- 4443: Artifact type cdump not found in portal
- 4418: Artifact type cdump not found in portal
- 4408: Artifact type cdump not found in portal
- 4397: Artifact type cdump not found in portal
- 4351: Artifact type cdump not found when publishing
- 4338: Updated SV code
- 4262: Sonar 40% code coverage requirement on every repo
- 4179: S-V Library workflow permission determination
- ACUMOS-1373: S-V Scanning Service component with spring-based API
- 4156: S-V Library workflow permission determination
Version 0.1.0, 12 April 2019¶
This is the first test release of the SV Scanning Service. Docker-compose and kubernetes templates are in the system-integration repo folders AIO/docker/acumos and AIO/kubernetes, respectively. The implementation includes a combination of:
- A springboot application that serves the “/scan” API, per the design document
- A set of bash scripts as prototype implementations of the following functions,
built into the generated SV Scanning Service image. These will be migrated to
Java code as time permits:
- dump_model.sh: dump all to-be-scanned data for a model revision
- license_scan.sh: invoke the Scancode Toolkit on the dumped model data
- scan_all.sh: test script to scan all revisions in the CDS
- setup_verification_site_config.sh: test script to initialize the CDS site config for the SV Library and Scanning Service
Includes the merged commits and related Jira items:
Version 0.0.1, 04 April 2019¶
Includes the merged commits and related Jira items: