VNF-SDK enhancements
Checking Content
| #6: PACKAGE SECURITY | Driven from SOL004: Option 1 (Supported in R4 Dublin): TOSCA.meta (exists) Meta-directory based, XML based approach. Option 2 (NOT support in R4 Dublin): CSAR without TOSCA.meta. Manifest (.mf) file that has everything (so the TOSCA.meta is redundant). Yaml-based approach. The Public Key a key to open the package. SOL004 Option 1, 2 and use key to open the package - X.509 certificates public key, private key to sign the package and private key correspond to the private key of the package also delivered with the package. a package, a signature, and public key certificate delivered together. There may be more than one signature. Option 1 there is a digest for every file. All of those digests are listed in the manifest file. The manifest file is signed, one signature on the manifest. One signature and one key/pair & 1 certificate. Still optional to sign other files. The signature is a file beside. myimage.iso myimage.xyz but the same file/directory. Every file signed should have a signature files. CSAR file signed in a .sm file, package signature. The public key is signed can be signed by a root certificate. An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate. (investigate) if VNF-SDK would like to use AAF as the CA. Can AAF perform the CA functions. To open the package need: (1) Public Key (to open the manifest file) (2) file input (3) certificate input. create a hash, the hash is verified against the signature. SHA-256 | |
| #7: PNF DESCRIPTOR | The descriptor. There is validation of the VNFD. PNF Descriptor: TOSCA descriptor, and validate the node type. Validation of TOSCA PNFD. Following TOSCA rules. Components required are there. (NEEDS INVESTIGATION) VNFSDK check the VNFD based on VNF requirements. ASSOCIATED DEVELOPMENT: VNFSDK-341 - Getting issue details... STATUS | R4 HIGH |
#8: PNF PACKAGE TESTING (Test Only) | Enhancement of Package Testing. A item to make sure that integration testing is performed and that VNF-SDK supports the functions as will be described in the Requirements work. Testing the package against the requirements (a user can enter a requirement#) VNF-RQTS project. It would be ideal if the PNF Package used by the VNF-SDK work is shared by the rest of the PNF preonboarding/onboarding development & integration. ASSOCIATED DEVELOPMENT: VNFSDK-343 - Getting issue details... STATUS | R4 HIGH |
| #F1: CREATE PACKAGE FUNCTION FOR PNF | The create package function creates the metadata files, and CSAR files. This needs to be modified to support SOL004. (NEEDS INVESTIGATION) [Low Priority] | R5 EL ALTO LOW PRI |
| #F2: TOSCA Metafile License Content Check | SDC license model check. Potential ARTIFACTS: Vendor license model & agreement, features. VNF can have >1 features, entitlement pool, license key pools, actual keys. [Low Priority] PUSH TO R5 EL ALTO. | R5 EL ALTO LOW PRI |