From 3c77810bef77e170667235565d34801e13d99e0e Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:15:02 +0200 Subject: [PATCH 01/52] add APIVersion folder --- src/SOL023/APIVersion/APIVersion.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 src/SOL023/APIVersion/APIVersion.yaml diff --git a/src/SOL023/APIVersion/APIVersion.yaml b/src/SOL023/APIVersion/APIVersion.yaml new file mode 100644 index 0000000..e975da6 --- /dev/null +++ b/src/SOL023/APIVersion/APIVersion.yaml @@ -0,0 +1,25 @@ +openapi: 3.0.2 + +info: + title: SOL023 - API version interface + description: | + SOL023 - API version interface + + IMPORTANT: Please note that this file might be not aligned to the current + version of the ETSI Group Specification it refers to. In case of + discrepancies the published ETSI Group Specification takes precedence. + + Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues + + contact: + name: NFV-SOL WG + license: + name: ETSI Forge copyright notice + url: https://forge.etsi.org/etsi-forge-copyright-notice.txt + version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 + +paths: + /cert/api_versions: + $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions + /vnflcm/api_versions: + $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions -- GitLab From dbbd7d649856fd20f55605889bfbaa69c9d74219 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:15:26 +0200 Subject: [PATCH 02/52] add CertificateManagement folder --- .../CertificateManagement.yaml | 593 ++++++++++++++++++ .../SOL023CertificateManagement_def.yaml | 233 +++++++ 2 files changed, 826 insertions(+) create mode 100644 src/SOL023/CertificateManagement/CertificateManagement.yaml create mode 100644 src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml new file mode 100644 index 0000000..698df02 --- /dev/null +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -0,0 +1,593 @@ +openapi: 3.0.2 + +info: + title: SOL023 - Certificate Management interface + description: | + SOL023 - Certificate Management interface + + IMPORTANT: Please note that this file might be not aligned to the current + version of the ETSI Group Specification it refers to. In case of + discrepancies the published ETSI Group Specification takes precedence. + + Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues + + contact: + name: NFV-SOL WG + license: + name: ETSI Forge copyright notice + url: https://forge.etsi.org/etsi-forge-copyright-notice.txt + version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 + +externalDocs: + description: ETSI GS NFV-SOL 023 V5.2.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + +servers: + - url: http://127.0.0.1/cm/v2 + - url: https://127.0.0.1/cm/v2 + +paths: + /api_versions: + $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions + + /subject: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + + post: + description: | + The POST method creates a new subject resource. See clause 5.5.3.3.1. + requestBody: + $ref: "#/components/requestBodies/CreateSubjectRequest" + responses: + "201": + $ref: "#/components/responses/SubjectInstance.Post.201" + "409": + $ref: "#/components/responses/SubjectInstance.Post.409" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + + /subject/{subjectId}: + parameters: + - $ref: "#/components/parameters/subjectId" + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + get: + description: | + The GET method retrieves information about a Subject instance by reading an "Individual Subject instance" resource. + See clause 5.5.4.3.2. + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + responses: + "200": + $ref: "#/components/responses/IndividualSubjectInstance.Get.200" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "416": + $ref: ../responses/SOL023_resp.yaml#/responses/416 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + delete: + description: | + This method deletes an "Individual Subject instance" resource. See clause 5.5.4.3.5. + responses: + "204": + $ref: "#/components/responses/IndividualSubjectInstance.Delete.204" + "409": + $ref: "#/components/responses/IndividualSubjectInstance.Delete.409" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + + + /subject/{subjectId}/certificate: + post: + description: | + The POST method creates a new Certificate resource with certificate for VNFCI and VNF OAM. See clause 5.5.5.3.1. + requestBody: + $ref: "#/components/requestBodies/CSRRequest" + responses: + "201": + $ref: "#/components/responses/CertificateInstance.Post.201" + "409": + $ref: "#/components/responses/CertificateInstance.Post.409" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "422": + $ref: ../responses/SOL023_resp.yaml#/responses/422 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + + /subject/{subjectId}/certificate/{certificateId}/certificate_content: + parameters: + - $ref: "#/components/parameters/subjectId" + - $ref: "#/components/parameters/certificateId" + get: + description: | + The GET method fetches the content of an individual certificate. See clause 5.5.x.3.2. + responses: + "200": + $ref: "#/components/responses/IndividualCertificateContentInstance.Get.200" + "206": + $ref: "#/components/responses/IndividualCertificateContentInstance.Get.206" + "409": + $ref: "#/components/responses/IndividualCertificateContentInstance.Get.409" + "416": + $ref: "#/components/responses/IndividualCertificateContentInstance.Get.416" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "422": + $ref: ../responses/SOL023_resp.yaml#/responses/422 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + +components: + parameters: + subjectId: + name: subjectId + in: path + description: | + Identifier of the Subject instance. See note 1. + + NOTE 1: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Subject instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. + required: true + style: simple + explode: false + schema: + type: string + + certificateId: + name: certificateId + in: path + description: | + certificateId Identifier of the Certificate instance. See note 2. + + NOTE 2: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Certificate instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. + required: true + style: simple + explode: false + schema: + type: string + + responses: + SubjectInstance.Post.201: + description: > + 201 CREATED + + Shall be returned when a new "Individual Subject instance" resource and the associated Subject instance identifier has been created successfully. + + The response body shall contain a representation of the created Subject instance, as defined in clause x.x.x.x. + + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. + headers: + Location: + description: | + The resource URI of the created subject resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/SubjectInstance" + + SubjectInstance.Post.409: + description: > + 409 CONFLICT + + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. + + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. + headers: + Location: + description: | + The resource URI of the created subject resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + + IndividualSubjectInstance.Get.200: + description: | + 200 OK + + Shall be returned when information about an individual Subject instance has been read successfully. + The response body shall contain a representation of the Subject instance, as defined in clause x.x.x.x. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + IndividualSubjectInstance.Delete.204: + description: | + 204 NO CONTENT + + Shall be returned when the "Individual Subject instance" resource and the associated + Subject identifier were deleted successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + IndividualSubjectInstance.Delete.409: + description: | + 409 CONFLICT + + Shall be returned upon the following error: The + operation cannot be executed currently, due to a + conflict with the state of the resource. + Typically, this is due to the fact that the "Individual + VNF instance" resource is in INSTANTIATED state. + The response body shall contain a ProblemDetails + structure, in which the "detail" attribute shall convey + more information about the error. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + CertificateInstance.Post.201: + description: > + 201 CREATED + + Shall be returned when a new "Individual Certificate instance" resource and the associated Certificate instance identifier has been created successfully. + + The response body shall contain a representation of the created Certificate instance, as defined in clause x.x.x.x. + + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Certificate instance. + headers: + Location: + description: | + The resource URI of the created subject resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" + + CertificateInstance.Post.409: + description: > + 409 CONFLICT + + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. + + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. + headers: + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + IndividualCertificateContentInstance.Get.200: + description: > + 200 OK + + Shall be returned when the whole content of the certificate file has been read successfully. + + The response body shall include a copy of the certificate file. + + The "Content-Type HTTP" header shall be set according to the type of the file, i.e. to "application/text" for a certificate content according to IETF RFC 7468[a]. + headers: + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + + IndividualCertificateContentInstance.Get.206: + description: | + 206 PARTIAL CONTENT + + If the CMF supports range requests, this response shall be returned when a single consecutive byte range from the content of the certificate file has been read successfully according to the request. + + The response body shall contain the requested part of the certificate file. + + The "Content-Range" HTTP header shall be provided according to IETF RFC 9110 [c]. + + The "Content-Type" HTTP header shall be set as defined above for the "200 OK" response. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Range: + required : true + style: simple + explode: false + schema: + type: string + content: + application/*: + schema: + type: string + format: binary + + IndividualCertificateContentInstance.Get.409: + description: > + 409 CONFLICT + + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. + + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. + headers: + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + IndividualCertificateContentInstance.Get.416: + description: | + 416 RANGE NOT SATISFIABLE + + Shall be returned upon the following error: The byte range passed in the "Range" header did not match any available byte range in the certificate file (e.g. "access after end of file"). + + The response body may contain a ProblemDetails structure. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + requestBodies: + CreateSubjectRequest: + description: > + Subject resource creation request. + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CreateSubjectRequest" + required: true + CSRRequest: + description: > + Certificate resource creation request. + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CSRRequest" + required: true \ No newline at end of file diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml new file mode 100644 index 0000000..37b0560 --- /dev/null +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -0,0 +1,233 @@ +definitions: + CreateSubjectRequest: + description: > + This type reqpresents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. + NOTE: As concept of the design of the type "CreateSubjectRequest", the attributes are profiling of mandatory defined + parameters in the CMP in IETF RFC 4210. + NOTE 1: At the time of sending CreateSubjectRequest, nothing about the sender is known to the sending + entity (the end entity may not know its own Distinguished Name (DN), e-mail name, IP address, etc.), + then the "sender" attribute shall contain a "NULL" value and the "senderKID" attribute shall be present. + NOTE 2: "senderKID" attribute and "recipKID" attribute can be used to protect the message. "senderKID" attribute + and "recipKID" attribute shall be present if required to uniquely identify a key, otherwise should be absent. + Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g., same approach of URN. + Editor’s note: it is FFS how to use to realize authenticated scheme. The mandatory to support basic authenticated scheme + uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. + + type: object + required: + - pkiHeader + - pkiBody + properties: + pkiHeader: + description: > + A common informatio0n of PKI message for addressing and transaction identification. The structure and + attributes are defined in IETF RFC 4210 and RFC 9480. + type: object + required: + - pvno + - sender + - recipient + - generalInfo + properties: + pvno: + description: > + Protocol Version Number. Fixed value "2" shall be set. + type: integer + sender: + description: > + Name of the sender of the Request. See note 1. + $ref: "#/definitions/GeneralName" + recipient: + description: > + Name of the recipient of the Request + $ref: "#/definitions/GeneralName" + senderKID: + description: > + Identifier that indicates to the receiver the appropriate shared secret information to use + to verify the message. See note 1 and 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + recipKID: + description: > + Identifier that indicates to the receiver the appropriate shared secret information to use + to veridy the message. See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + generalInfo: + description: > + It shall contain two of the attributes. + The first generalInfo shall contain the set of + - InfoType for Certificate type + - Infovalue for Choice of MANO or VNFC or VNF OAM + Unless the InfoValue of the first generalInfo is MANO, the second generalInfo shall contain + the set of + - InfoType for Type of VNFC certification handling + - InfoValue for Choice of direct or delegation + type: object + required: + - InfoType + properties: + infoType: + description: > + Indicate the type of Info. The namespaces and conventions for the values of this attribute + that is OID defined as clause x.x.x. + Permit values: + - Certificationb type + - Type of VNFC certification handling + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + infoValue: + description: > + If the value of "infoType" is "Certification type", it shall be set. + Permit values: + - MANO certificate + - VNFCI certificate + - VNF OAM certificate + If the value of "InfoType" is "Type of VNFC certification handling", it shall be set. + Permit values: + - Direct mode + - Delegation mode + Only the value "Delegation mode" is allowed for this version of the present document. + type: string + pkiBody: + description: > + Message specific information. The structure and attributes are aligned/defined in IETF + RFC 4210 and IETF RFC 9480. + type: object + required: + - ir + properties: + ir: + description: > + Information for Initialization Request. + $ref: "#/definitions/CertReqMessages" + + CertReqMessages: + description: > + This type represents a CertReqMessages. + type: object + required: + - CertReqMsg + properties: + CertReqMsg: + description: > + The structure and attributes are defined in IETF RFC 5912. + type: object + required: + - CertRequest + properties: + CertRequest: + description: > + Information for the certificate request. + type: object + required: + - CertTemplate + properties: + CertTemplate: + description: > + Information for the certificate to be issued. + type: object + required: + - subjectUID + properties: + subjectUID: + description: > + The value of the Identifier of the certificate target VNFCI as subject ID if + this operation is used for the VNFCI certificate or VNF OAM certificate. See note. + + NOTE: For the case of MANO certificate, this attribute is not supported in this + version of the present document. + type: integer + + CSRRequest: + description: > + This type represents request parameters for the "Certificate Signing Request" operation. + NOTE: As concept of the design of the type “CSRReuqest”, the attributes are aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 + Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g. same approach of URN. + Editor’s note: another contribution is required for CSRMessage. + Editor;s note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated scheme uses the IAK secret for this purpose. + Consequences of using/requiring other schemas shall be considered. + + type: object + required: + - pkiHeader + - pkiBody + properties: + pvno: + description: > + A common information of PKI message for addressing and transaction identification. + The structure and attributes are defined in IETF RFC 4210 and RFC 9480. + type: integer + sender: + description: > + Name of the sender of the Request. + $ref: "#/definitions/GeneralName" + recipient: + description: > + Name of the recipient of the Request. + $ref: "#/definitions/GeneralName" + generalInfo: + description: > + It shall contain two of the attributes. + The first generallInfo shall contain the set of + • InfoType for Certificate type + • Infovalue for Choice of MANO or VNFC or VNF OAM + + Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain + the set of + • InfoType for Type of VNFC certification handling + • Infovalue for Choice of direct or delegation + type: object + required: + - InfoType + properties: + InfoType: + description: > + Indicate the type of Info. The namespaces and conventions for the values of this attribute that is OID defined as clause x.x.x. + Permit values: + • Certification type + • Type of VNFC certification handling + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + InfoValue: + description: > + If the value of “InfoType” is “Certification type”, it shall be set. + Permit values: + • MANO certificate + • VNFCI certificate + • VNF OAM certificate + + If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. + Permit values: + • Direct mode + • Delegation mode + Only the value "Delegation mode" is allowed for this version of the present document. + type: string + pkiBody: + description: > + Message specific information. The structure and attributes are aligned/defined in IETF + RFC 4210 and IETF RFC 9480. + type: object + required: + - p10cr + properties: + p10cr: + description: > + Encoded Information for CSR Request. The structure and attributes are aligned and + defined in IETF RFC 2986. + $ref: "#/definitions/CSRMessage" + +############################################################# +######################## TODOs ############################## + + CertificateInstance: + description: > + TBD + + SubjectInstance: + description: > + TBD + + GeneralName: + description: > + TBD + + CSRMessage: + description: > + TBD -- GitLab From c7be4965c031f558f86410551d1f02301856e15b Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:15:47 +0200 Subject: [PATCH 03/52] add components folder --- src/SOL023/components/SOL023_params.yaml | 87 ++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 src/SOL023/components/SOL023_params.yaml diff --git a/src/SOL023/components/SOL023_params.yaml b/src/SOL023/components/SOL023_params.yaml new file mode 100644 index 0000000..2b7d561 --- /dev/null +++ b/src/SOL023/components/SOL023_params.yaml @@ -0,0 +1,87 @@ +components: + parameters: + Version: + name: Version + description: > + Version of the API requested to use when responding to this request. + in: header + required: true + schema: + type: string + + Accept: + name: Accept + description: > + Content-Types that are acceptable for the response. Reference: IETF RFC 7231. + in: header + required: true + schema: + type: string + + Authorization: + name: Authorization + description: > + The authorization token for the request. Reference: IETF RFC 7235. + in: header + required: false + schema: + type: string + + ContentType: + name: Content-Type + description: | + The MIME type of the body of the request. Reference: IETF RFC 7231 + in: header + required: true + schema: + type: string + + Range: + name: Range + description: | + Requested range of bytes from a file. + required: false + in: header + schema: + type: string + + all_fields_vnfm: + name: all_fields + description: > + Include all complex attributes in the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM shall support this parameter. + in: query + required: false + schema: + type: string + + fields_vnfm: + name: fields + description: > + Complex attributes to be included into the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + in: query + required: false + schema: + type: string + + exclude_fields_vnfm: + name: exclude_fields + description: > + Complex attributes to be excluded from the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + in: query + required: false + schema: + type: string + + nextpage_opaque_marker_vnfm: + name: nextpage_opaque_marker + description: > + Marker to obtain the next page of a paged response. Shall be supported by the VNFM + if the VNFM supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI + GS NFV-SOL 013 [8] for this resource. + in: query + required: false + schema: + type: string \ No newline at end of file -- GitLab From c2983d854843d639d07b2f22da3f38b26b78e3f0 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:16:10 +0200 Subject: [PATCH 04/52] add definitions folder --- src/SOL023/definitions/SOL023_def.yaml | 1318 ++++++++++++++++++++++++ 1 file changed, 1318 insertions(+) create mode 100644 src/SOL023/definitions/SOL023_def.yaml diff --git a/src/SOL023/definitions/SOL023_def.yaml b/src/SOL023/definitions/SOL023_def.yaml new file mode 100644 index 0000000..d84b6fd --- /dev/null +++ b/src/SOL023/definitions/SOL023_def.yaml @@ -0,0 +1,1318 @@ +definitions: + Identifier: + description: > + An identifier with the intention of being globally unique. + type: string + + Uri: + description: > + String formatted according to IETF RFC 3986. + type: string + + String: + description: > + A string defined in IETF RFC 8259. + type: string + + Version: + description: > + A version. + type: string + + IdentifierInVnfd: + description: > + An identifier that is unique within a VNF descriptor. + type: string + + IdentifierInVnf: + description: > + An identifier that is unique for the respective type within a VNF + instance, but may not be globally unique. + type: string + + IdentifierInVim: + description: > + An identifier maintained by the VIM or the CISM or other resource provider. It is + expected to be unique within the VIM instance. + type: string + + IdentifierLocal: + description: > + An identifier that is unique within a limited local scope other than above listed identifiers, + such as within a complex data structure or within a request-response pair. + Representation: string of variable length. + type: string + + KeyValuePairs: + description: > + This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, + a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 + of IETF RFC 8259. In the following example, a list of key-value pairs with four keys ("aString", "aNumber", + "anArray" and "anObject") is provided to illustrate that the values associated with different keys can be of + different type. + type: object + + Number: + description: > + A number defined in IETF RFC 8259. + type: number + + Boolean: + description: > + The Boolean is a data type having two values (true and false). + type: boolean + + Link: + description: > + This type represents a link to a resource using an absolute URI. + type: object + required: + - href + properties: + href: + description: > + URI of another resource referenced from a resource. + Shall be an absolute URI (i.e. a UTI that contains {apiRoot}). + $ref: "#/definitions/Uri" + + ApiVersionInformation: + description: > + This type represents API version information. + type: object + required: + - uriPrefix + - apiVersions + properties: + uriPrefix: + description: > + Specifies the prefix of the resource URI of the "API versions" + resource represented by this data structure. Depending on the + resource URI, it shall be in one of the two following forms: + {apiRoot}/{apiName}/{apiMajorVersion}/ or {apiRoot}/{apiName}/ + type: string + apiVersions: + description: > + Version(s) supported for the API signaled by the + uriPrefix attribute. + type: array + items: + type: object + required: + - version + properties: + version: + description: > + Identifies a supported version. The value of the + version attribute shall be a version identifier as + specified in clause 9.1 (SOL013). + type: string + isDeprecated: + description: > + If such information is available, this attribute indicates + whether use of the version signaled by the version + attribute is deprecated (true) or not (false). + + A deprecated version is still supported by the API producer but is recommended + not to be used any longer. + When a version is no longer supported, it does not appear in the response body. + type: boolean + retirementDate: + description: > + The date and time after which the API version will no + longer be supported. + This attribute may be included if the value of the + isDeprecated attribute is set to true and shall be + absent otherwise. + $ref: "#/definitions/DateTime" + + DateTime: + description: > + Date-time stamp. + Representation: String formatted according to IETF RFC 3339. + type: string + format: date-time + + ProblemDetails: + description: > + The definition of the general "ProblemDetails" data structure from + IETF RFC 7807 is reproduced inthis structure. Compared to the + general framework defined in IETF RFC 7807, the "status" and + "detail" attributes are mandated to be included by the present document, + to ensure that the response contains additional textual information about + an error. IETF RFC 7807 foresees extensibility of the + "ProblemDetails" type. It is possible that particular APIs in the present + document, or particular implementations, define extensions to define + additional attributes that provide more information about the error. + + The description column only provides some explanation of the meaning to + Facilitate understanding of the design. For a full description, see + IETF RFC 7807. + type: object + required: + - status + - detail + properties: + type: + description: > + A URI reference according to IETF RFC 3986 that identifies the + problem type. It is encouraged that the URI provides human-readable + documentation for the problem (e.g. using HTML) when dereferenced. + When this member is not present, its value is assumed to be + "about:blank". + type: string + format: URI + title: + description: > + A short, human-readable summary of the problem type. It should not + change from occurrence to occurrence of the problem, except for + purposes of localization. If type is given and other than + "about:blank", this attribute shall also be provided. + A short, human-readable summary of the problem + type. It SHOULD NOT change from occurrence to occurrence of the + problem, except for purposes of localization (e.g., using + proactive content negotiation; see [RFC7231], Section 3.4). + type: string + status: + description: > + The HTTP status code for this occurrence of the problem. + The HTTP status code ([RFC7231], Section 6) generated by the origin + server for this occurrence of the problem. + type: integer + detail: + description: > + A human-readable explanation specific to this occurrence of the + problem. + type: string + instance: + description: > + A URI reference that identifies the specific occurrence of the + problem. It may yield further information if dereferenced. + type: string + format: URI + + SubscriptionAuthentication: + description: > + * NOTE 1 : The clientId and clientPassword passed in a subscription shall not be the same as the clientId and + clientPassword that are used to obtain authorization for API requests. Client credentials may differ between + subscriptions. The value of clientPassword should be generated by a random process. + * NOTE 2: As a less secure alternative to OAUTH2_CLIENT_CERT which uses mutual authentication based on X.509 + certificates, this mode which uses client password to authenticate may be used in the access token request + toward the authorization server (as defined by IETF RFC 6749 [7]), only to support legacy implementations + (version 3.4.1 or earlier version of the present document). See clause 8.1 for more details. + * NOTE 3: The following values that were included up to version 3.4.1 of the present document have been removed: + "BASIC" (to signal the use of the basic HTTP authentication) has been removed because it is insecure. + "TLS_CERT" to signal an alternative non-token based authorization method using TLS certificates has been + removed because the method is no longer supported. + * NOTE 4: The client certificate is established by means outside the scope of the present document. + type: object + required: + - authType + properties: + authType: + description: > + Defines the types of Authentication / Authorization which the API + consumer is willing to accept when receiving a notification. + Permitted values (see note 3): + * OAUTH2_CLIENT_CREDENTIALS: In every + HTTP request to the notification endpoint, use + an OAuth 2.0 token, obtained using the client + credentials grant type after authenticating + using client identifier and client password + towards the token endpoint. + * OAUTH2_CLIENT_CERT: In every HTTP + request to the notification endpoint, use an + OAuth 2.0 token, obtained using the client + credentials grant type after mutually + authenticating using client identifier and X.509 + certificates towards the token endpoint. + type: array + items: + type: string + enum: + - OAUTH2_CLIENT_CREDENTIALS + - OAUTH2_CLIENT_CERT + paramsOauth2ClientCert: + description: > + Parameters for authentication/authorization using + OAUTH2_CLIENT_CERT. + + Shall be present if authType is "OAUTH2_CLIENT_CERT" and the contained + information has not been provisioned out of band. + + Shall be absent otherwise. + type: object + required: + - clientId + - certificateRef + - tokenEndpoint + properties: + clientId: + description: > + Client identifier to be used in the access token request + of the OAuth 2.0 client credentials grant type. The client + identifier is unique in the scope of the tokenEndpoint. + type: string + certificateRef: + description: > + Fingerprint of the client certificate. The hash function + shall use SHA256 or higher. See note 4. + type: string + required: + - type + - value + properties: + type: + description: > + The type of the fingerprint. + Permitted values: + - x5t#S256: The SHA-256 thumbprint of the + X.509 certificate as defined in section 4.1.8 of + IETF RFC 7515 [23]. + $ref: "#/definitions/String" + enum: + - x5t#S256 + value: + description: > + The fingerprint value as defined by the type. + $ref: "#/definitions/String" + tokenEndpoint: + description: > + The token endpoint from which the access token can be + obtained. + $ref: "#/definitions/Uri" + paramsOauth2ClientCredentials: + description: > + Parameters for authentication/authorization using + OAUTH2_CLIENT_CREDENTIALS. + + Shall be present if authType is + "OAUTH2_CLIENT_CREDENTIALS" and the contained + information has not been provisioned out of band. + + Shall be absent otherwise. + + See note 2. + type: object + properties: + clientId: + description: > + Client identifier to be used in the access token request + of the OAuth 2.0 client credentials grant type. The client + identifier is unique in the scope of the tokenEndpoint. + Shall be present if it has not been provisioned out of + band. + See note 1. + type: string + clientPassword: + description: > + Client password to be used in the access token request + of the OAuth 2.0 client credentials grant type. Shall be + present if it has not been provisioned out of band. See + note 1. + type: string + tokenEndpoint: + description: > + The token endpoint from which the access token can be obtained. + Shall be present if it has not been provisioned out of band. + $ref: "#/definitions/Uri" + + VnfInstanceSubscriptionFilter: + description: > + This type represents subscription filter criteria to match VNF + instances. + * NOTE 1: The attributes "vnfdIds" and "vnfProductsFromProviders" are alternatives to reference to VNF instances + that are based on certain VNFDs in a filter. They should not be used both in the same filter instance, + but one alternative should be chosen. + NOTE 2: The attributes "vnfInstanceIds" and "vnfInstanceNames" are alternatives to reference to particular VNF + instances in a filter. They should not be used both in the same filter instance, but one alternative + should be chosen. + type: object + anyOf: + - oneOf: + - required: + - vnfdId + - required: + - vnfProductsFromProviders + - oneOf: + - required: + - vnfInstanceIds + - required: + - vnfInstanceNames + properties: + vnfdIds: + description: > + If present, match VNF instances that were created based on a VNFD + identified by one of the vnfdId values listed in this attribute. See note 1. + type: array + items: + $ref: "#/definitions/Identifier" + vnfProductsFromProviders: + description: > + If present, match VNF instances that belong to VNF products from + certain providers. See note 1. + type: array + items: + type: object + required: + - vnfProvider + properties: + vnfProvider: + description: > + Name of the VNF provider to match. + type: string + vnfProducts: + description: > + If present, match VNF instances that belong to VNF products + with certain product names, from one particular provider. + type: array + items: + type: object + required: + - vnfProductName + properties: + vnfProductName: + description: > + Name of the VNF product to match. + type: string + versions: + description: > + If present, match VNF instances that belong to VNF + products with certain versions and a certain product + name, from one particular provider. + type: array + items: + type: object + required: + - vnfSoftwareVersion + properties: + vnfSoftwareVersion: + description: > + Software version to match. + $ref: "#/definitions/Version" + vnfdVersions: + description: > + If present, match VNF instances that belong to VNF + products with certain VNFD versions, a certain + software version and a certain product name, from + one particular provider. + type: array + items: + $ref: "#/definitions/Version" + vnfInstanceIds: + description: > + If present, match VNF instances with an instance identifier listed + in this attribute. See note 2. + type: array + items: + $ref: "#/definitions/Identifier" + vnfInstanceNames: + description: > + If present, match VNF instances with a VNF Instance Name listed in + this attribute. See note 2. + type: array + items: + type: string + + LcmOperationType: + description: > + The enumeration LcmOpType defines the permitted values to represent + VNF lifecycle operation types in VNF lifecycle management operation + occurrence resources and VNF lifecycle management operation occurrence + notifications. + + Value | Description + ------|------------ + INSTANTIATE | Represents the "Instantiate VNF" LCM operation. + SCALE | Represents the "Scale VNF" LCM operation. + SCALE_TO_LEVEL | Represents the "Scale VNF to Level" LCM operation. + CHANGE_FLAVOUR | Represents the "Change VNF Flavour" LCM operation. + TERMINATE | Represents the "Terminate VNF" LCM operation. + HEAL | Represents the "Heal VNF" LCM operation. + OPERATE | Represents the "Operate VNF" LCM operation. + CHANGE_EXT_CONN | Represents the "Change external VNF connectivity" LCM operation. + MODIFY_INFO | Represents the "Modify VNF Information" LCM operation. + CREATE_SNAPSHOT | Represents the "Create VNF Snapshot" LCM operation. + REVERT_TO_SNAPSHOT | Represents the “Revert-To VNF Snapshot" LCM operation. + CHANGE_VNFPKG | Represents the "Change current VNF package" LCM operation. + SELECT_DEPL_MODS | Represents the “Select VNF deployable modules” LCM operation + type: string + enum: + - INSTANTIATE + - SCALE + - SCALE_TO_LEVEL + - CHANGE_FLAVOUR + - TERMINATE + - HEAL + - OPERATE + - CHANGE_EXT_CONN + - MODIFY_INFO + - CREATE_SNAPSHOT + - REVERT_TO_SNAPSHOT + - CHANGE_VNFPKG + - SELECT_DEPL_MODS + + VimConnectionInfo: + description: > + This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing + the resources of a VNF instance. + + This structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related + parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP + repository may be configured into the VNFM by means outside the scope of the present document and + bound to the identifier of that VIM. + + * NOTE 1: If applicable, this attribute also provides information about the resourceGroupIds + that are accessible using a particular set of credentials. See definition of + "resourceGroupId" in clause 9.5.3.3. + * NOTE 2: Once the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided + through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be + established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the + "accessInfo" JSON data structure, and the sensitive data related information ("username"/"password" as + required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel + without additional encoding/encryption before transmitting it, making the sensitive data visible to the + endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the + interface endpoint of the VIM, CISM, CIR or MCIOP repository. + * NOTE 3: ETSI GS NFV-SOL 009 specifies the means to configure into the VNFM applicable VIM connection + information via the "NFV-MANO Configuration and Information Management" interface. + * NOTE 4: Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of + the present document, as well as in-band, by means specified in the present document, care should be taken to + avoid unintended conflicts in the VNFM when managing such information. + type: object + required: + - vimType + properties: + vimId: + description: > + The identifier of the VIM, CISM, CIR or MCIOP repository instance. This identifier is managed + by the NFVO. + Shall be present to address additional information about the VIM, CISM, CIR or MCIOP repository + if such information has been configured into the VNFM out-of-band by means outside the scope of + the present document and should be absent otherwise. See note 3. + $ref: "#/definitions/Identifier" + vimType: + description: > + Discriminator for the different types of the VIM information. The value of this attribute + determines the structure of the "interfaceInfo" and "accessInfo" attributes, based on the + type of the VIM., CISM, CIR or MCIOP repository. + The set of permitted values is expected to change over time as new types or versions of VIMs + become available. + The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo + definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry + is defined in annex C. + type: string + interfaceInfo: + description: > + Information about the interface or interfaces to the VIM, CISM, CIR or MCIOP repository, + if applicable, such as the URI of an interface endpoint to communicate with the + VIM, CISM, CIR or MCIOP repository. The applicable keys are dependent on the content of vimType. + Such information may have been configured into the VNFM out-of-band by means outside the scope of + the present document. See note 3. + If present and VimConnectionInfo has already been configured into the VNFM out-of-band, the + information values provided by the present attribute shall be used to perform resource management + for the VNF instance by the VNFM. See note 4. + $ref: "#/definitions/KeyValuePairs" + accessInfo: + description: > + Authentication credentials for accessing the VIM, CISM, CIR or MCIOP repository and other + access-related information such as tenants or infrastructure resource groups (see note 1). + The applicable keys are dependent on the content of vimType. + If the VimConnectionInfo structure is part of an HTTP response message content, sensitive + attributes that are children of this attributes (such as passwords) shall not be included. + If the VimConnectionInfo structure is part of an HTTP request message content, sensitive + attributes that are children of this attribute (such as passwords) shall be + present if they have not been provisioned out of band. See note 2. + Such information may have been configured into the VNFM out-of-band by means outside the scope of the + present document. See note 3. + If present and VimConnectionInfo has already been configured into the VNFM out-of-band, + the information values provided by the present attribute shall be used to perform resource + management for the VNF instance by the VNFM. See note 4. + $ref: "#/definitions/KeyValuePairs" + extra: + description: > + VIM, CISM, CIR or MCIOP repository type specific additional information. The applicable + structure, and whether or not this attribute is available, is dependent on the content of vimType. + Such information may have been configured into the VNFM out-of-band by means outside the + scope of the present document. + See note 3. + If present and VimConnectionInfo has already been configured into the VNFM out-of-band, + the information values provided by the present attribute shall be used to perform resource + management for the VNF instance by the VNFM. See note 4. + $ref: "#/definitions/KeyValuePairs" + + ScaleInfo: + description: > + This type represents the scale level of a VNF instance related to a scaling aspect. + type: object + required: + - aspectId + - scaleLevel + properties: + aspectId: + description: > + Identifier of the scaling aspect. + $ref: "#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId + attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final + failure). + $ref: "#/definitions/Identifier" + scaleToLevel: + description: > + Indicates the scale level. The minimum value shall be 0 + and the maximum value shall be ≤ maxScaleLevel as + described in the VNFD. + $ref: "#/definitions/Identifier" + + ResourceCapacityDefinition: + description: > + This type represents selected values for capacity related VDU attributes. + + * NOTE: Resource definitions not related to a VDU are not considered in this version of the present document. + type: object + required: + - type + properties: + tag: + description: > + Tag assigned by the issuer of a VNF LCM operation request that contains this data type with values to be applied to a VDU. + It is used for tracking purposes. + + The tag is preserved in the run time record as long as at least one value of the capacity + related attributes associated with that tag is still valid, i.e., it has not been modified by a later VNF LCM operation request. + + At most one tag can be included when the data type is used in a VNF LCM operation request. + + When the data type is used in the VnfInstance data type it may contain multiple tags, + namely those provided in VNF LCM requests, if at least one of the values provided in that request associated to that tag is still applicable in the VNFCs created from this VDU, i.e., it has not been modified by a later request. + type: array + items: + $ref: "#/definitions/String" + type: + description: > + Type of the resource definition referenced. + type: string + enum: + - COMPUTE + - STORAGE + - OSCONTAINER + vduId: + description: > + Reference to the related Vdu applicable to this resource in the VNFD. + It shall be present when the referenced resource definition is related to a VDU. See note. + $ref: "#/definitions/IdentifierInVnfd" + osContainerDescData: + description: > + Indicates values for resource capacity related attributes in an OsContainerDesc. + It shall be present when the attribute 'type' indicates OSCONTAINER and absent otherwise. + type: array + items: + $ref: "#/definitions/OsContainerDescData" + virtualComputeDescData: + description: > + Indicates values for resource capacity related attributes in an OsContainerDesc. + It shall be present when the attribute 'type' indicates OSCONTAINER and absent otherwise. + $ref: "#/definitions/VirtualComputeDescData" + virtualStorageDescData: + description: > + Indicates the value for the storage size related attribute in an VirtualStorageDesc. + It shall be present when the attribute 'type' indicates STORAGE and absent otherwise. + type: array + items: + $ref: "#/definitions/VirtualStorageDescData" + + OsContainerDescData: + description: > + This type represents selected values for capacity related VDU attributes of an OsContainer resource. + + * NOTE: At least one of the attributes shall be present. + type: object + required: + - resourceTemplateId + oneOf: + - required: + - requestedCpuResources + - required: + - requestedMemoryResources + - required: + - requestedEphemeralStorageResources + - required: + - extendedResourceRequests + - required: + - cpuResourceLimit + - required: + - memoryResourceLimit + - required: + - ephemeralStorageResourceLimit + - required: + - hugePageResources + properties: + resourceTemplateId: + description: > + Identifier of an osContainerDesc in the VNFD. + $ref: "#/definitions/IdentifierInVnfd" + requestedCpuResources: + description: > + Number of CPU resources requested for the container in milli-CPU. See note. + type: integer + requestedMemoryResources: + description: > + Amount of memory resources requested for the container expressed in the same units as + specified in the requested_memory_resources_valid_values property in VNFD (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. See note. + type: array + items: + $ref: "#/definitions/Number" + requestedEphemeralStorageResources: + description: > + Size of ephemeral storage resources requested for the container expressed in the same + units as specified in the requested_ephemeral_storage_resources_valid_values property VNFD (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. See note. + $ref: "#/definitions/Number" + extendedResourceRequests: + description: > + Map of the amount of extended resources of the type indicated in the key. + The key is a string that identifies an extended resource indicated in the extended_resource_requests property in the VNFD (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. + The value is an integer that indicates the required amount for a particular extended resource. + See note. + type: array + items: + type: integer + cpuResourceLimit: + description: > + Number of CPU resources the container can maximally use in milli-CPU. See note. + type: integer + memoryResourceLimit: + description: > + Amount of memory resources the container can maximally use expressed in the same units + as specified in the memory_resource_limit_valid_values property VNFD + (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. See note. + $ref: "#/definitions/Number" + ephemeralStorageResourceLimit: + description: > + Size of ephemeral storage resources the container can maximally use expressed in the + same units as specified in the ephemeral_storage_resource_limit_valid_values property VNFD + (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. See note. + $ref: "#/definitions/Number" + hugePageResources: + description: > + Map of the total size values required for all the hugepages of the size indicated in the key. + The key is a string and corresponds to one of the values of the hugepage sizes indicated in the huge_pages_resources property in the VNFD (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) for this container descriptor. + The value is a number that indicates the required total size expressed in the same units as in the huge_pages_resource property in the VNFD (clause 6.8.12 in ETSI GS NFV-SOL 001 [14]) that indicates the valid values for required total size for the particular hugepage size. + See note. + type: array + items: + $ref: "#/definitions/Number" + + VirtualComputeDescData: + description: > + This type represents selected values for capacity related VDU attributes of the virtual compute resource of a VM. + + * NOTE: At least one of the attributes shall be present. + type: object + required: + - resourceTemplateId + oneOf: + - required: + - numVirtualCpu + - required: + - virtualMemSize + - required: + - sizeOfVirtualDisk + - required: + - hugePagesRequirements + properties: + resourceTemplateId: + description: > + Identifier of an osContainerDesc in the VNFD. + $ref: "#/definitions/IdentifierInVnfd" + numVirtualCpu: + description: > + Number of virtual CPUs. See note. + type: integer + virtualMemSize: + description: > + Amount of virtual Memory expressed in the same units as specified in the + virtual_mem_size_valid_values property in the VNFD (clause 6.2.7.2 in ETSI GS NFV-SOL 001 [14]) for this virtual compute descriptor. See note. + $ref: "#/definitions/Number" + sizeOfVirtualDisk: + description: > + Size of virtualised storage resource expressed in the same units as specified in the + size_of_storage_valid_values property in the VNFD + (clause 6.2.39.2 in ETSI GS NFV-SOL 001 [14]) for this virtual compute descriptor. See note. + $ref: "#/definitions/Number" + hugePagesRequirements: + description: > + Map of the total size values required for all the hugepages of the size indicated in the key. + The key is a string and corresponds to one of the values of the hugepage sizes indicated + in the huge_pages_requirements property in the VNFD (clause 6.2.7.2 in ETSI GS NFV-SOL 001 [14]) for this virtual compute descriptor. + The value is a numberthat indicates the required total size expressed in the same units + as in the huge_pages_requirements property in the VNFD (clause 6.2.7.2 in ETSI GS NFV-SOL 001 [14]) that indicates the valid vaues for required total size for the particular hugepage size. + See note. + type: array + items: + $ref: "#/definitions/Number" + + VirtualStorageDescData: + description: > + This type represents selected values for capacity related VDU attributes of the virtual storage resource. + type: object + required: + - resourceTemplateId + - sizeOfStorage + properties: + resourceTemplateId: + description: > + Identifier of an osContainerDesc in the VNFD. + $ref: "#/definitions/IdentifierInVnfd" + sizeOfStorage: + description: > + If the 'typeOfStorage' attribute in the VirtualStorageDesc + (see clause 7.1.9.4.2.2 in ETSI GS NFV-IFA 011) referenced by the resourceTemplateId + indicates BLOCK or FILE it is the size of the virtualized storage resource, expressed + in the same units as specified in the size_of_storage_valid_values property in the VNFD + (clause 6.2.39.2 or 6.2.41.2, respectively, in ETSI GS NFV-SOL 001). + If the 'typeOfStorage' attribute in the VirtualStorageDesc (see clause 7.1.9.4.2.2 in + ETSI GS NFV-SOL 001) referenced by the resourceTemplateId indicates OBJECT it is + the maximum size of the virtualized storage resource expressed in the same units as specified in the max_size_of_storage_valid_values property in the VNFD (clause 6.2.40.2 in ETSI GS NFV-SOL 001). + $ref: "#/definitions/Number" + + SupportedProtocol: + description: Supported protocol by CMF instance. + type: string + enum: + - CMP + - CMPv2 + - EST + - SCEP + + IpAddress: + description: > + An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal + integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that + consists of groups of zero to four hexadecimal digits, separated by colons. + type: string + format: IP + + MacAddress: + description: > + A MAC address. Representation: string that consists of groups of two hexadecimal digits, + separated by hyphens or colons. + type: string + format: MAC + + ResourceHandle: + required: + - resourceId + type: object + description: > + This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. + Information about the resource is available from the VIM. + + * NOTE 1: The value set of the "vimLevelResourceType" attribute is within the scope of the VIM or CISM or the resource + provider and can be used as information that complements the ResourceHandle. This value set is different from + the value set of the "type" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container + infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of + resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, + e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition. + + * NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be + populated in the following way: + - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide + per resource type. + - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, + i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by + Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own + manifest. + - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of + the 'metadata.name' field in Kubernetes® manifest. + properties: + vimConnectionId: + description: > + Identifier of the VIM or CISM connection to manage the resource. + This attribute shall be supported when the resource is managed by a CISM. + When the resource is managed by a VIM, this attribute shall only be supported and present if VNF--related + resource management in direct mode is applicable. + The applicable "VimConnectionInfo" structure, which is referenced by vimConnectionId, can be obtained from + the "vimConnectionInfo" attribute of the "VnfInstance" structure. + $ref: "#/definitions/Identifier" + resourceProviderId: + description: > + Identifier of the entity responsible for the management of the + resource. This attribute shall only be supported and present when + VNF-related resource management in indirect mode is applicable. The + identification scheme is outside the scope of the present document. + $ref: "#/definitions/Identifier" + resourceId: + description: > + Identifier of the resource in the scope of the VIM or the + CISM or the resource provider. See note 2. + $ref: "#/definitions/IdentifierInVim" + vimLevelResourceType: + description: > + Type of the resource in the scope of the VIM or the CISM + or the resource provider. See note 1. + type: string + vimLevelAdditionalResourceInfo: + description: > + Additional resource information which is specific to this + resource and its type, and which is available from the + VIM or the CISM or the resource provider. + $ref: "#/definitions/AdditionalResourceInfo" + containerNamespace: + description: > + The value of the namespace in which the MCIO + corresponding to the resource is deployed. + This attribute shall be present if the resource is managed + by a CISM and it shall be absent otherwise. + type: string + + VnfExtCpData: + description: > + This type represents configuration information for external CPs created. + * NOTE 1: In case this identifier refers to a CPD with trunking enabled, the external CP instances created + from this CPD will represent ports in a trunk. + * NOTE 2: Within one VNF instance, all VNFC instances created from a particular VDU have the same external + connectivity. Thus, given a particular value of the "cpdId" attribute, there shall be one + "cpConfig" entry for each VNFC instance that has been or can be created from a VDU which includes + a CPD identified by the "cpdId" attribute. If the cpConfig represents a subport in a trunk, + all "cpConfig" entries in this list shall have the same segmentationId, which means they are + connected to the same set of external VLs via the trunk. + * NOTE 3: The map entry value shall be set to "null" in order to delete a "VnfExtCpConfig" entry identified + by a particular key value from the map, i.e. for the disconnection of an existing external + CP instance addressed by cpInstanceId in the deleted map entry from a particular external + virtual link, and deletion of that instance in case it represents a subport. Deleting the + last key from the map removes the affected instance of the "VnfExtCpData" structure from + its parent data structure. + * NOTE 4: If, as defined by the input parameters of a "ChangeVnfFlavour", "ChangeExtVnfConnectivity" or + "ChangeCurrentVnfPkg" operation or as part of the Grant response for any of these operations, a cpConfig + map entry identified by a particular map key value is moved into another "ExtVirtualLinkData" or + "VnfExtCpData" structure, this particular cpConfig map entry may be used by an external CP instance + different than the one that has used it before the operation, or by no external CP instance at all. + Renaming a CPD identifier during the "changeCurrentVnfPkg" operation does not count as moving the related + "cpConfig" map entries to a new "extCpData" structure. + * NOTE 5: Subports need not be used for containerized VNFCs. The application container can send and receive IP + packets with any VLAN tag as long as the network interface to connect to the secondary container cluster + network has been configured appropriately. Thus, no individual cpConfig, except the one representing the + trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point. + * NOTE 6: In the case that the cloud native template included in the MCIOP describes the set of VNFC instances, for + containerized VNFCs individual connection points need not be configured for each VNFC instance. It is only + required to configure one cpConfig per cpdId, not per VNFC instance. The case of using, for a scalable VDU, a + cloud native template in the MCIOP that describes one single VNFC instance is not specified in the present + document version. + type: object + required: + - cpdId + properties: + cpdId: + description: > + The identifier of the CPD in the VNFD. See note 1. + $ref: "#/definitions/IdentifierInVnfd" + cpConfig: + description: > + Map of instance data that need to be configured on the CP instances + created from the respective CPD. + The key of the map which identifies the individual VnfExtCpConfig entries is of type "IdentifierInVnf" + and is managed by the NFVO. + The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). + See notes 2, 3, 4, 5, 6. + type: object + additionalProperties: + $ref: "#/definitions/VnfExtCpConfig" + + VnfExtCpConfig: + description: > + This type represents an externally provided link port, or a network attachment definition resource of secondary + container cluster network, or network address information per instance of an external connection point. + In the case of VM-based deployment of the VNFC exposing the external CP: + 1. In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the + external VL. + 2. In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port + to connect the external CP to the external VL. + In the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network + attachment definition resource of secondary container cluster network when connecting the CP to the external VL. + + * NOTE 1: The following conditions apply to the attributes "linkPortId" and "cpProtocolData" for an external CP + instance connected or to be connected to a virtual network not categorized as secondary container cluster network: + 1) Void. + 2) At least one of the "linkPortId" and "cpProtocolData" attributes shall be present for an external CP instance + representing a subport that is to be created, or an external CP instance that is to be created by creating the + corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing + external CP instance that is to be re-configured or added to a particular external virtual link. + 3) If the "linkPortId" attribute is absent, the VNFM shall create a link port. + 4) If the "cpProtocolData" attribute is absent, the "linkPortId" attribute shall be provided referencing a + precreated link port, and the VNFM can use means outside the scope of the present document to obtain the + pre-configured address information for the connection point from the resource representing the link port. + 5) If both "cpProtocolData" and "linkportId" are provided, the NFVO shall ensure that the + cpProtocolData can be used with the pre-created link port referenced by "linkPortId". + + * NOTE 2: The following conditions apply to the attributes “netAttDefResourceId” and “cpProtocolData” for an external CP + instance connected or to be connected to a secondary container cluster network: + 1) Void. + 2) The "netAttDefResourceId" attribute shall be present and the "cpProtocolData" attribute may be present for + a to-be-created external CP instance or an existing external CP instance. + * NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment + definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link + redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong + to the same namespace as defined by the corresponding "containerNamespace" attribute in the "resourceHandle" a attribute in the + "NetAttDefResourceData". + * NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both. + anyOf: + - required: + - linkPortId + - required: + - cpProtocolData + - required: + - netAttDefResourceId + type: object + properties: + parentCpConfigId: + description: > + Value of the key that identifies the "VnfExtCpConfig" map entry which corresponds to the parent port of the + trunk. Reference to the "VnfExtCpConfig" entry that corresponds to the parent port of the trunk. Only present + in "VnfExtCpConfig" structures that provide configuration information for a CP which represents a sub-port in + a trunk, and if parent ports are supported. + $ref: "#/definitions/IdentifierInVnf" + + linkPortId: + description: > + Identifier of a pre-configured link port to which the external CP + will be associated. See notes 1 and 4. + $ref: "#/definitions/Identifier" + + createExtLinkPort: + description: > + Indicates to the VNFM the need to create a dedicated link port for the external CP. + If set to True, the VNFM shall create a link port. + If set to False, the VNFM shall not create a link port. + This attribute is only applicable for external CP instances without a floating IP address that expose a VIP CP + instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise. + type: boolean + + netAttDefResourceId: + description: > + Identifier of the “NetAttDefResourceData” structure that + provides the specification of the interface to attach the + external CP to a secondary container cluster network. + It is only applicable if the external CP is connected or to + be connected to a secondary container cluster network. It + shall not be present if the external CP is related to a + virtual network not categorized as secondary container + cluster network. + See notes 2, 3 and 4. + type: array + items: + $ref: "#/definitions/Identifier" + + cpProtocolData: + description: > + Parameters for configuring the network protocols on the + link port that connects the CP to a VL. See notes 1 and 2. + type: array + items: + $ref: "#/definitions/CpProtocolData" + + CpProtocolData: + description: > + This type represents network protocol data. + * NOTE: This attribute allows to signal the addition of further types of layer and protocol + in future versions of the present document in a backwards-compatible way. In the current + version of the present document, only IP over Ethernet is supported. + type: object + required: + - layerProtocol + properties: + layerProtocol: + description: > + Identifier of layer(s) and protocol(s). + Permitted values: + - IP_OVER_ETHERNET. + - IP_FOR_VIRTUAL_CP + See note + type: string + enum: + - IP_OVER_ETHERNET + - IP_FOR_VIRTUAL_CP + ipOverEthernet: + description: > + Network address data for IP over Ethernet to assign to the external CP + instance. Shall be present if layerProtocol is equal to + "IP_OVER_ETHERNET", and shall be absent otherwise. + $ref: "#/definitions/IpOverEthernetAddressData" + virtualCpAddress: + description: > + IP address data to assign to an external CP + instance exposing a virtual CP. It shall be + present if layerProtocol is equal to + “IP_FOR_VIRTUAL_CP” and the external CP + instance exposes a virtual CP and shall not be + present otherwise. + $ref: "#/definitions/VirtualCpAddressData" + + IpOverEthernetAddressData: + description: > + This type represents network address data for IP over Ethernet. + * NOTE 1: At least one of "macAddress" or "ipAddresses" shall be present. + * NOTE 2: Exactly one of "fixedAddresses", "numDynamicAddresses" or "ipAddressRange" shall be present. + * NOTE 3: If the CP instance represents a subport in a trunk, segmentationId shall be present. + Otherwise it shall not be present. + * NOTE 4: Depending on the NFVI networking infrastructure, the segmentationId may indicate the actual + network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header + of the packets or it may be an identifier used between the application and the NFVI networking + infrastructure to identify the network sub-interface of the trunk port in question. In the latter + case the NFVI infrastructure will map this local segmentationId to whatever segmentationId is + actually used by the NFVI's transport technology. + type: object + anyOf: + - required: + - macAddress + - required: + - ipAddresses + properties: + macAddress: + description: > + MAC address. If this attribute is not present, it shall be chosen by + the VIM. See note 1. + $ref: "#/definitions/MacAddress" + segmentationType: + description: > + Specifies the encapsulation type for the traffics coming in and out of the trunk subport. + Permitted values: + - VLAN: the subport uses VLAN as encapsulation type. + - INHERIT: the subport gets its segmentation type from the network it's connected to. + This attribute may be present for CP instances that represent subports in a trunk and shall be + absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used. + type: string + enum: + - VLAN + - INHERIT + + segmentationId: + description: > + Identification of the network segment to which the CP instance connects to. See note 3 and note 4. + type: string + ipAddresses: + description: > + List of IP addresses to assign to the CP instance. Each entry + represents IP address data for fixed or dynamic IP address + assignment per subnet. + If this attribute is not present, no IP address shall be assigned. See note 1. + type: array + items: + type: object + required: + - type + oneOf: + - required: + - fixedAddresses + - required: + - numDynamicAddresses + - required: + - addressRange + properties: + type: + description: > + The type of the IP addresses. + Permitted values: IPV4, IPV6. + type: string + enum: + - IPV4 + - IPV6 + fixedAddresses: + description: > + Fixed addresses to assign (from the subnet defined by + "subnetId" if provided). See note 2. + type: array + items: + $ref: "#/definitions/IpAddress" + numDynamicAddresses: + description: > + Number of dynamic addresses to assign (from the subnet defined + by "subnetId" if provided). See note 2. + type: integer + addressRange: + description: > + An IP address range to be used, e.g. in case of egress + connections. + In case this attribute is present, IP addresses from the range + will be used. See note 2. + type: object + required: + - minAddress + - maxAddress + properties: + minAddress: + description: > + Lowest IP address belonging to the range. + $ref: "#/definitions/IpAddress" + maxAddress: + description: > + Highest IP address belonging to the range. + $ref: "#/definitions/IpAddress" + subnetId: + description: > + Subnet defined by the identifier of the subnet resource in the + VIM. + In case this attribute is present, IP addresses from that + subnet will be assigned; otherwise, IP addresses not bound to + a subnet will be assigned. + $ref: "#/definitions/IdentifierInVim" + + VirtualCpAddressData: + description: > + This type represents network address data for a virtual CP. + + * NOTE 1: The loadBalancerIp and the loadBalancerSourceRanges attributes are only used if the CIS cluster is set up to be + able to configure an external load balancer. Otherwise it shall be ignored. + * NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container + cluster will assign an IP address. + * NOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP + address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for + Kubernetes® that supports configuration of address pools for load balancer services. + * NOTE 4: The loadBalancerIp, addressPoolName and the externalIp attributes shall not be present at the same time. + type: object + required: + - type + properties: + type: + description: > + The type of the IP addresses. + Permitted values: IPV4, IPV6. + type: string + enum: + - IPV4 + - IPV6 + loadBalancerIp: + description: > + Fixed address to assign to an external load balancer. + See notes 1,2 and 4. + $ref: "#/definitions/IpAddress" + externalIp: + description: > + An external IP address assigned to the virtual CP. + This IP address is not managed by CISM. See note 4. + $ref: "#/definitions/IpAddress" + addressPoolName: + description: > + Name of an address pool from which the CIS + cluster will assign an IP address to the virtual CP. See + notes 3 and 4. + type: string + loadBalancerSourceRanges: + description: > + List of client IP address ranges allowed to access an external load balancer. See note 1. + type: array + items: + type: object + required: + - minAddress + - maxAddress + properties: + minAddress: + description: > + Lowest IP address belonging to the range. + $ref: "#/definitions/IpAddress" + maxAddress: + description: > + Highest IP address belonging to the range. + $ref: "#/definitions/IpAddress" + + AdditionalResourceInfo: + description: > + This type represents additional resource information which resource and resource type + specific, and which is available from the VIM or the CISM or the resource provider. + + * NOTE: At least one attribute shall be present. + type: object + properties: + hostName: + description: > + Name of the host where the resource is allocated. It shall + be present for compute resources in the scope of the + CISM and shall be absent otherwise. See note. + type: string + persistentVolume: + description: > + Name of the persistent volume to which the persistent + volume claim representing the storage resource is bound. + It may be present for storage resources in the scope of + the CISM and shall be absent otherwise. See note. + type: string + additionalInfo: + description: > + Information related to other properties directly owned by + the resource and available from the VIM or CISM or the + resource provider. See note. + $ref: "#/definitions/KeyValuePairs" + + PaasServiceHandle: + description: > + This type provides information enabling the access and use of the PaaS Service by the VNF instance. + The type and format of the handle depends on the form that the PaaS Service is formed. + type: object + required: + - id + properties: + id: + description: > + Identifier of this PaaS Service handle. + $ref: "#/definitions/Identifier" + interfaceInfo: + description: > + Information of the interface or interfaces to the PaaS Service instance, if applicable, such + as the URI of an interface endpoint to communicate with the PaaS Service instance. + $ref: "#/definitions/KeyValuePairs" + accessInfo: + description: > + Authentication credentials for accessing the PaaS Service instance. + + If the PaasServiceHandle structure is part of an HTTP GET response payload body, sensitive attributes + that are children of this attribute (such as passwords) shall not be included. + $ref: "#/definitions/KeyValuePairs" + extra: + description: > + PaaS Service instance specific additional information. The applicable structure, and whether + or not this attribute is available, is dependent on the type of the PaaS Service. + $ref: "#/definitions/KeyValuePairs" + + LcmCoordResultType: + description: > + The enumeration LcmCoordResultType defines the permitted values + to represent the result of executing an LCM coordination action. + The coordination result also implies the action to be performed by + the VNFM as the follow-up to this coordination. + Value | Description + ------|------------ + CONTINUE | The related LCM operation shall be continued, staying in the state "PROCESSING". + ABORT | The related LCM operation shall be aborted by transitioning into the state "FAILED_TEMP". + CANCELLED | The coordination action has been cancelled upon request of the API consumer, i.e. the VNFM. + The related LCM operation shall be aborted by transitioning into the state "FAILED_TEMP". + type: string + enum: + - CONTINUE + - ABORT + - CANCELLED + + ChangeType: + description: Signals the type of change. + type: string + enum: + - ADD + - REMOVE + - MODIFY + + NotificationLink: + description: > + This type represents a link to a resource in a notification, using an absolute or relative URI. + type: object + required: + - href + properties: + href: + description: > + URI of a resource referenced from a notification. + Should be an absolute URI (i.e. a URI that contains + {apiRoot}), however, may be a relative URI (i.e. a URI + where the {apiRoot} part is omitted) if the {apiRoot} + information is not available. + $ref: "#/definitions/Uri" \ No newline at end of file -- GitLab From a6e67148b1683bae99b30f8d8f87a20cb0a46d7c Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:16:36 +0200 Subject: [PATCH 05/52] add endpoints folder --- src/SOL023/endpoints/SOL023_endpoints.yaml | 90 ++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 src/SOL023/endpoints/SOL023_endpoints.yaml diff --git a/src/SOL023/endpoints/SOL023_endpoints.yaml b/src/SOL023/endpoints/SOL023_endpoints.yaml new file mode 100644 index 0000000..a9917d8 --- /dev/null +++ b/src/SOL023/endpoints/SOL023_endpoints.yaml @@ -0,0 +1,90 @@ +# Copyright (c) ETSI 2017. +# https://forge.etsi.org/etsi-forge-copyright-notice.txt +endpoints: + api-versions: + get: + description: > + The GET method reads API version information. This method shall follow the provisions specified in SOL013 table 9.3.3.3.2-1 + for request and response data structures, and response codes. URI query parameters are not supported. + responses: + "200": + $ref: '#/components/responses/ApiVersions.Get.200' + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "413": + $ref: ../responses/SOL023_resp.yaml#/responses/413 + "414": + $ref: ../responses/SOL023_resp.yaml#/responses/414 + "416": + $ref: ../responses/SOL023_resp.yaml#/responses/416 + "422": + $ref: ../responses/SOL023_resp.yaml#/responses/422 + "429": + $ref: ../responses/SOL023_resp.yaml#/responses/429 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + post: + description: > + This method is not supported. When this method is requested on this resource, the API producer shall return a "405 + Method Not Allowed" response as defined in SOL013 clause 6.4. + responses: + 405: + $ref: ../responses/SOL023_resp.yaml#/responses/405 + put: + description: > + This method is not supported. When this method is requested on this resource, the API producer shall return a "405 + Method Not Allowed" response as defined in SOL013 clause 6.4. + responses: + 405: + $ref: ../responses/SOL023_resp.yaml#/responses/405 + patch: + description: > + This method is not supported. When this method is requested on this resource, the API producer shall return a "405 + Method Not Allowed" response as defined in SOL013 clause 6.4. + responses: + 405: + $ref: ../responses/SOL023_resp.yaml#/responses/405 + delete: + description: > + This method is not supported. When this method is requested on this resource, the API producer shall return a "405 + Method Not Allowed" response as defined in SOL013 clause 6.4. + responses: + 405: + $ref: ../responses/SOL023_resp.yaml#/responses/405 + +components: + responses: + ApiVersions.Get.200: + description: > + API version information was read successfully. + The response body shall contain API version + information, as defined in clause 7.1.6. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + Version: + description: The used API version. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: '../definitions/SOL023_def.yaml#/definitions/ApiVersionInformation' \ No newline at end of file -- GitLab From 72df2b16e22a38da48f2bad04abc9d34af9638df Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:16:53 +0200 Subject: [PATCH 06/52] add responses folder --- src/SOL023/responses/SOL023_resp.yaml | 630 ++++++++++++++++++++++++++ 1 file changed, 630 insertions(+) create mode 100644 src/SOL023/responses/SOL023_resp.yaml diff --git a/src/SOL023/responses/SOL023_resp.yaml b/src/SOL023/responses/SOL023_resp.yaml new file mode 100644 index 0000000..d3b8524 --- /dev/null +++ b/src/SOL023/responses/SOL023_resp.yaml @@ -0,0 +1,630 @@ +responses: + 206: + description: > + 206 PARTIAL CONTENT + headers: + Content-Type: + description: > + The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + Content-Range: + description: > + The Content-Range response HTTP header indicates where in a full body message a partial message belongs. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 400: + description: > + 400 BAD REQUEST + + 400 code can be returned in the following specified cases, the specific cause has to be proper specified in the + "ProblemDetails" structure to be returned. + + If the request is malformed or syntactically incorrect (e.g. if the request URI contains incorrect + query parameters or the payload body contains a syntactically incorrect data structure), + the API producer shall respond with this response code. The "ProblemDetails" structure shall be provided, + and should include in the "detail" attribute more information about the source of the problem. + + If the response to a GET request which queries a container resource would be so big that the performance + of the API producer is adversely affected, and the API producer does not support paging for the affected resource, + it shall respond with this response code. The "ProblemDetails" structure shall be provided, and should include + in the "detail" attribute more information about the source of the problem. + + If there is an application error related to the client's input that cannot be easily mapped to any other + HTTP response code ("catch all error"), the API producer shall respond with this response code. + The "ProblemDetails" structure shall be provided, and shall include in the "detail" attribute more information + about the source of the problem. + + If the request contains a malformed access token, the API producer should respond with this response. + The details of the error shall be returned in the WWW Authenticate HTTP header, as defined in IETF RFC 6750 + and IETF RFC 7235. The ProblemDetails structure may be provided. + + The use of this HTTP error response code described above is applicable to the use of the OAuth 2.0 + for the authorization of API requests and notifications, as defined in clauses 4.5.3.3 and 4.5.3.4. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 401: + description: > + 401 UNAUTHORIZED + + If the request contains no access token even though one is required, or if the request contains an authorization + token that is invalid (e.g. expired or revoked), the API producer should respond with this response. + The details of the error shall be returned in the WWW-Authenticate HTTP header, as defined in IETF RFC 6750 + and IETF RFC 7235. The ProblemDetails structure may be provided. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 403: + description: > + 403 FORBIDDEN + + If the API consumer is not allowed to perform a particular request to a particular resource, + the API producer shall respond with this response code. The "ProblemDetails" structure shall be provided. + It should include in the "detail" attribute information about the source of the problem, + and may indicate how to solve it. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 404: + description: > + 404 NOT FOUND + + If the API producer did not find a current representation for the resource addressed by the URI passed + in the request or is not willing to disclose that one exists, it shall respond with this response code. + The "ProblemDetails" structure may be provided, including in the "detail" attribute information about + the source of the problem, e.g. a wrong resource URI variable. + + This response code is not appropriate in case the resource addressed by the URI is a container resource + which is designed to contain child resources, but does not contain any child resource at the time + the request is received. For a GET request to an existing empty container resource, a typical response + contains a 200 OK response code and a payload body with an empty array. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 405: + description: > + 405 METHOD NOT ALLOWED + + If a particular HTTP method is not supported for a particular resource, the API producer shall respond + with this response code. The "ProblemDetails" structure may be omitted. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 406: + description: > + 406 NOT ACCEPTABLE + + If the "Accept" HTTP header does not contain at least one name of a content type + that is acceptable to the API producer, the API producer shall respond with this + response code. The "ProblemDetails" structure may be omitted. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 409: + description: > + 409 CONFLICT + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 412: + description: > + 412 PRECONDITION FAILED + + Error: A precondition given in an HTTP request header is not fulfilled. + Typically, this is due to an ETag mismatch, indicating that the resource was modified by another entity. + The response body should contain a ProblemDetails structure, in which the "detail" attribute should convey + more information about the error. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 413: + description: > + 413 PAYLOAD TOO LARGE + + If the payload body of a request is larger than the amount of data the API producer is willing or able to process, + it shall respond with this response code, following the provisions in IETF RFC 7231 for the use + of the "Retry-After" HTTP header and for closing the connection. The "ProblemDetails" structure may be omitted. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 414: + description: > + 414 URI TOO LONG + + If the request URI of a request is longer than the API producer is willing or able to process, + it shall respond with this response code. This condition can e.g. be caused by passing long queries + in the request URI of a GET request. The "ProblemDetails" structure may be omitted. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 416: + description: > + 416 Range Not Satisfiable + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 422: + description: > + 422 UNPROCESSABLE ENTITY + + If the payload body of a request contains syntactically correct data (e.g. well-formed JSON) but the data + cannot be processed (e.g. because it fails validation against a schema), the API producer shall respond + with this response code. The "ProblemDetails" structure shall be provided, and should include in the "detail" + attribute more information about the source of the problem. + + This error response code is only applicable for methods that have a request body. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 429: + description: > + 429 TOO MANY REQUESTS + + If the API consumer has sent too many requests in a defined period of time and the API producer is able + to detect that condition ("rate limiting"), the API producer shall respond with this response code, + following the provisions in IETF RFC 6585 [17] for the use of the "Retry-After" HTTP header. + The "ProblemDetails" structure shall be provided and shall include in the "detail" attribute more information + about the source of the problem. + + The period of time and allowed number of requests are configured within the API producer by means + outside the scope of the present document. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 500: + description: > + 500 INTERNAL SERVER ERROR + + If there is an application error not related to the client's input that cannot be easily mapped to any other + HTTP response code ("catch all error"), the API producer shall respond with this response code. + The "ProblemDetails" structure shall be provided, and shall include in the "detail" attribute more information + about the source of the problem. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 503: + description: > + 503 SERVICE UNAVAILABLE + + If the API producer encounters an internal overload situation of itself or of a system it relies on, + it should respond with this response code, following the provisions in IETF RFC 7231 for the use of + the "Retry-After" HTTP header and for the alternative to refuse the connection. The "ProblemDetails" + structure may be omitted. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + 504: + description: > + 504 GATEWAY TIMEOUT + + If the API producer encounters a timeout while waiting for a response from an upstream server + (i.e. a server that the API producer communicates with when fulfilling a request), it should respond + with this response code. + headers: + Content-Type: + description: The MIME type of the body of the response. + schema: + type: string + maximum: 1 + minimum: 1 + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + maximum: 1 + minimum: 0 + Version: + description: > + Version of the API used in the response. + schema: + type: string + maximum: 1 + minimum: 1 + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" \ No newline at end of file -- GitLab From 5b6dbb57252b121136d13d98304a346ad3438446 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:17:20 +0200 Subject: [PATCH 07/52] add VNFLCMManagement folder --- .../VNFLifecycleManagement.yaml | 866 +++++ .../SOL023VNFLifecycleManagement_def.yaml | 3223 +++++++++++++++++ 2 files changed, 4089 insertions(+) create mode 100644 src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml create mode 100644 src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml new file mode 100644 index 0000000..475fefb --- /dev/null +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -0,0 +1,866 @@ +openapi: 3.0.2 + +info: + title: SOL023 - VNF Lifecycle Management interface + description: | + SOL023 - VNF Lifecycle Management interface + + IMPORTANT: Please note that this file might be not aligned to the current + version of the ETSI Group Specification it refers to. In case of + discrepancies the published ETSI Group Specification takes precedence. + + Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues + + contact: + name: NFV-SOL WG + license: + name: ETSI Forge copyright notice + url: https://forge.etsi.org/etsi-forge-copyright-notice.txt + version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 + +externalDocs: + description: ETSI GS NFV-SOL 023 V5.2.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + +servers: + - url: http://127.0.0.1/vnflcm/v2 + - url: https://127.0.0.1/vnflcm/v2 + +paths: + + /api_versions: + $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions + + /vnf_instances: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + get: + description: | + The GET method queries information about multiple VNF instances. See clause 5.4.2.3.2. + parameters: + - $ref: '#/components/parameters/filter_vnf_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_vnfm + - $ref: '#/components/parameters/exclude_default_vnf_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + responses: + 200: + $ref: '#/components/responses/VNFInstances.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 416: + $ref: "../responses/SOL023_resp.yaml#/responses/416" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /vnf_instances/{vnfInstanceId}: + parameters: + - $ref: '#/components/parameters/VnfInstanceId' + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + get: + description: | + The GET method retrieves information about a VNF instance by reading an "Individual VNF instance" resource. + See clause 5.4.3.3.2. + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + responses: + 200: + $ref: '#/components/responses/IndividualVnfInstance.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 416: + $ref: "../responses/SOL023_resp.yaml#/responses/416" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /vnf_lcm_op_occs: + get: + description: | + The API consumer can use this method to query status information about multiple VNF lifecycle management + operation occurrences. See clause 5.4.12.3.2. + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: '#/components/parameters/filter_vnf_lcm_op_occs' + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_vnfm + - $ref: '#/components/parameters/exclude_default_vnf_lcm_op_occs' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + responses: + 200: + $ref: '#/components/responses/VnfLcmOpOccs.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /vnf_lcm_op_occs/{vnfLcmOpOccId}: + parameters: + - $ref: '#/components/parameters/VnfLcmOpOccId' + get: + description: | + The API consumer can use this method to retrieve status information about a VNF lifecycle management operation + occurrence by reading an "Individual VNF LCM operation occurrence" resource. See clause 5.4.13.3.2. + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + responses: + 200: + $ref: '#/components/responses/IndividualVnfLcmOpOcc.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /subscriptions: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: + description: | + The POST method creates a new subscription. See clause 5.4.18.3.1. + requestBody: + $ref: '#/components/requestBodies/LccnSubscriptionRequest' + responses: + 201: + $ref: '#/components/responses/Subscriptions.Post.201' + 303: + $ref: '#/components/responses/Subscriptions.Post.303' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 422: + $ref: '#/components/responses/Subscriptions.Post.422' + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + get: + description: | + The GET method queries the list of active subscriptions of the functional block that invokes the method. + It can be used e.g. for resynchronization after error situations. See clause 5.4.18.3.2. + parameters: + - $ref: '#/components/parameters/filter_subscriptions' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + responses: + 200: + $ref: '#/components/responses/Subscriptions.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /subscriptions/{subscriptionId}: + parameters: + - $ref: '#/components/parameters/SubscriptionId' + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + get: + description: | + The GET method retrieves information about a subscription by reading an "Individual subscription" resource. + See clause 5.4.19.3.2. + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + responses: + 200: + $ref: '#/components/responses/IndividualSubscription.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + delete: + description: | + The DELETE method terminates an individual subscription. See clause 5.4.19.3.5. + responses: + 204: + $ref: '#/components/responses/IndividualSubscription.Delete.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + +components: + parameters: + filter_vnf_instances: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI + GS NFV-SOL 013. + The VNFM shall support receiving this parameter as part of the URI query string. The + NFVO may supply this parameter. + All attribute names that appear in the VnfInstance and in data types referenced from it + shall be supported by the VNFM in the filter expression. + in: query + required: false + schema: + type: string + + exclude_default_vnf_instances: + name: exclude_default + in: query + description: >- + Indicates to exclude the following complex attributes from the response. See clause 5.3 + of ETSI GS NFV-SOL 013 for details. The VNFM shall support this parameter. + The following attributes shall be excluded from the VnfInstance structure in the + response body if this parameter is provided, or none of the parameters "all_fields", + "fields", "exclude_fields", "exclude_default" are provided: + • vnfConfigurableProperties + • vimConnectionInfo + • instantiatedVnfInfo + • metadata + • extensions + required: false + schema: + type: string + + VnfInstanceId: + name: vnfInstanceId + in: path + description: | + Identifier of the VNF instance for the VNF snapshot to be reverted to. This identifier can be retrieved from the resource + referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual VNF instance" resource. + It can also be retrieved from the "id" attribute in the message content of that response. + required: true + style: simple + explode: false + schema: + type: string + + filter_vnf_lcm_op_occs: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI + GS NFV-SOL 013 [8]. + The VNFM shall support receiving this parameter as part of the URI query + string. The NFVO may supply this parameter. + All attribute names that appear in the VnfLcmOpOcc and in data types + referenced from it shall be supported by the VNFM in the filter expression. + in: query + required: false + schema: + type: string + + exclude_default_vnf_lcm_op_occs: + name: exclude_default + in: query + description: >- + Indicates to exclude the following complex attributes from the response. See + clause 5.3 of ETSI GS NFV-SOL 013 [8] for details. The VNFM shall support + this parameter. + The following attributes shall be excluded from the VnfLcmOpOcc structure in + the response body if this parameter is provided, or none of the parameters + "all_fields," "fields", "exclude_fields", "exclude_default" are provided: + - operationParams + - error + - resourceChanges + - changedInfo + - changedExtConnectivity + - lcmCoordinations + - modificationsTriggeredByVnfPkgChange + - warnings + required: false + schema: + type: string + + VnfLcmOpOccId: + name: vnfLcmOpOccId + in: path + description: | + Identifier of a VNF lifecycle management operation occurrence. This identifier can be retrieved from the resource + referenced by the "Location" HTTP header in the response to a PATCH or POST request triggering a VNF LCM operation. + It can also be retrieved from the "vnfLcmOpOccId" attribute in the VnfLcmOperationOccurrenceNotification. + required: true + style: simple + explode: false + schema: + type: string + + filter_subscriptions: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI + GS NFV-SOL 013 [8]. + The VNFM shall support receiving this parameter as part of the URI query + string. The NFVO may supply this parameter. + All attribute names that appear in the LccnSubscription and in data types + referenced from it shall be supported by the VNFM in the filter expression. + in: query + required: false + schema: + type: string + + SubscriptionId: + name: subscriptionId + in: path + description: | + Identifier of this subscription. This identifier can be retrieved from the resource referenced by the "Location" + HTTP header in the response to a POST request creating a new subscription resource. It can also be retrieved from + the "id" attribute in the message content of that response. + required: true + style: simple + explode: false + schema: + type: string + + requestBodies: + LccnSubscriptionRequest: + description: | + Details of the subscription to be created. + content: + application/json: + schema: + $ref: "./definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/LccnSubscriptionRequest" + required: true + + responses: + VNFInstances.Get.200: + description: | + 200 OK + + Shall be returned when information about zero or more VNF instances has been queried successfully. + The response body shall contain in an array the representations of zero or more VNF instances, + as defined in clause 5.5.2.2. + If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" + (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response + body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of + ETSI GS NFV-SOL 013, respectively. + If the VNFM supports alternative 2 (paging) according to clause 5.4.7.2.1 of ETSI GS NFV-SOL 013 + for this resource, inclusion of the Link HTTP header in this response shall follow the provisions + in clause 4.7.2.3.5.4.2.3 of ETSI GS NFV-SOL 013. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document, see clause 4.7.2.1. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: "./definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfInstance" + + IndividualVnfInstance.Get.200: + description: | + 200 OK + + Shall be returned when information about an individual VNF instance has been read successfully. + The response body shall contain a representation of the VNF instance, as defined in clause 5.5.2.2. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + ETag: + description: > + Used to provide the current entity-tag for the selected resource representation. It can be sent in + "200 OK", "201 Created" and "204 No Content" responses. + style: simple + schema: + type: string + + Last-Modified: + description: > + Used to provide a timestamp indicating the date and time at which the server believes the selected resource + representation was last modified. It can be sent in "200 OK", "201 Created" and "204 No Content" responses. + style: simple + schema: + type: string + format: date-time + content: + application/json: + schema: + $ref: "./definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfInstance" + + VnfLcmOpOccs.Get.200: + description: | + 200 OK + + Shall be returned when status information for zero or more VNF lifecycle management + operation occurrences has been queried successfully. + The response body shall contain in an array the status information about zero or more + VNF lifecycle operation occurrences, as defined in clause 5.5.2.13. + If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), + "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, + the data in the response body shall have been transformed according to the rules specified + in clauses 5.2.2 and 5.3.2 of ETSI GS NFV-SOL 013, respectively. + If the VNFM supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV-SOL 013 + for this resource, inclusion of the Link HTTP header in this response shall follow the provisions + in clause 5.4.2.3 of ETSI GS NFV-SOL 013. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document, see clause 4.7.2.1. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: "./definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfLcmOpOcc" + + IndividualVnfLcmOpOcc.Get.200: + description: | + 200 OK + + Shall be returned when information about a VNF LCM operation occurrence washas been read successfully. + The response body shall contain status information about a VNF lifecycle management operation occurrence + (see clause 5.5.2.13). + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "./definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfLcmOpOcc" + + Subscriptions.Post.201: + description: | + 201 CREATED + + Shall be returned when the subscription has been created successfully. + The response body shall contain a representation of the created "Individual subscription" resource. + The HTTP response shall include a "Location" HTTP header that points to the created + "Individual subscription" resource. + headers: + Location: + description: | + The resource URI of the created subscription resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/LccnSubscription" + + Subscriptions.Post.303: + description: | + 303 See Other + + Shall be returned if a subscription with the same + callback URI and the same filter already exists + and the policy of the VNFM is to not create + redundant subscriptions. + The HTTP response shall include a "Location" + HTTP header that contains the resource URI of + the existing "Individual subscription" resource. + The response body shall be empty. + headers: + Location: + description: | + The resource URI of the created subscription resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + + Subscriptions.Post.422: + description: | + 422 Unprocessable Content + + Shall be returned upon the following error: The content type of the message content is supported + and the message content of a request contains syntactically correct data but the data cannot be processed. + The general cause for this error and its handling is specified in clause 6.4 of ETSI + GS NFV-SOL 013 [8], including rules for the presence of the response body. + Specifically in case of this resource, the response code 422 shall also be returned if the VNFM has + tested the Notification endpoint as described in clause 5.4.20.3.2 and the test has failed. + In this case, the "detail" attribute in the "ProblemDetails" structure shall convey more + information about the error. + headers: + Location: + description: | + The resource URI of the created subscription resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + + Subscriptions.Get.200: + description: | + 200 OK + + Shall be returned when the list of subscriptions has been queried successfully. + The response body shall contain in an array the representations of all active subscriptions of + the functional block that invokes the method, i.e. zero or more representations of lifecycle change + notification subscriptions as defined in clause 5.5.2.16. + If the "filter" URI parameter was supplied in the request, the data in the response body shall have been + transformed according to the rules specified in clause 5.2.2 of ETSI GS NFV-SOL 013. + If the VNFM supports alternative 2 (paging) according to clause 5.4.7.2.1 of ETSI GS NFV-SOL 013 + for this resource, inclusion of the Link HTTP header in this response shall follow the provisions + in clause 4.7.2.3.5.4.2.3 of ETSI GS NFV-SOL 013. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document, see clause 4.7.2.1. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: "definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/LccnSubscription" + + IndividualSubscription.Get.200: + description: | + 200 OK + + Shall be returned when information about an individual subscription has been read successfully. + The response body shall contain a representation of the "Individual subscription" resource. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/LccnSubscription" + + IndividualSubscription.Delete.204: + description: | + 204 NO CONTENT + + Shall be returned when the "Individual subscription" resource has been deleted successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + + + + + + + + + + + diff --git a/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml b/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml new file mode 100644 index 0000000..84fc217 --- /dev/null +++ b/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml @@ -0,0 +1,3223 @@ +definitions: + LccnSubscriptionRequest: + description: > + This type represents a subscription request related to notifications + about VNF lifecycle changes. + type: object + required: + - callbackUri + properties: + filter: + description: > + Filter settings for this subscription, to define the subset of all + notifications this subscription relates to. A particular + notification is sent to the subscriber if the filter matches, or if + there is no filter. + $ref: "#/definitions/LifecycleChangeNotificationsFilter" + callbackUri: + description: > + The URI of the endpoint to send the notification to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Uri" + authentication: + description: > + Authentication parameters to configure the use of Authorization when + sending notifications corresponding to this subscription, as defined + in clause 8.3.4 of ETSI GS NFV-SOL 013. + This attribute shall only be present if the subscriber requires + authorization of notifications. + $ref: "../../definitions/SOL023_def.yaml#/definitions/SubscriptionAuthentication" + verbosity: + description: > + This attribute signals the requested verbosity of LCM operation occurrence notifications. If it is not present, + it shall default to the value "FULL". + $ref: "#/definitions/LcmOpOccNotificationVerbosityType" + + LcmOpOccNotificationVerbosityType: + description: > + The enumeration LcmOpOccNotificationVerbosityType provides values to control the verbosity of LCM operation + occurrence notifications. + * FULL: This signals a full notification which contains all change details. + * SHORT: This signals a short notification which omits large-volume change details to reduce the size of data to + be sent via the notification mechanism. + type: string + enum: + - FULL + - SHORT + + LifecycleChangeNotificationsFilter: + description: > + This type represents a subscription filter related to notifications about VNF lifecycle changes. + + At a particular nesting level in the filter structure, the following applies: All attributes shall + match in order for the filter to match (logical "and" between different filter attributes). + If an attribute is an array, the attribute shall match if at least one of the values in the array + matches (logical "or" between the values of one filter attribute). + + NOTE: The permitted values of the "notificationTypes" attribute are spelled exactly as the names of + the notification types to facilitate automated code generation systems. + type: object + properties: + vnfInstanceSubscriptionFilter: + description: > + Filter criteria to select VNF instances about which to notify. + $ref: "../../definitions/SOL023_def.yaml#/definitions/VnfInstanceSubscriptionFilter" + notificationTypes: + description: > + Match particular notification types. + + Permitted values: + - VnfLcmOperationOccurrenceNotification + - VnfIdentifierCreationNotification + - VnfIdentifierDeletionNotification + See note. + type: array + items: + type: string + enum: + - VnfLcmOperationOccurrenceNotification + - VnfIdentifierCreationNotification + - VnfIdentifierDeletionNotification + operationTypes: + description: > + Match particular VNF lifecycle operation types for the notification + of type VnfLcmOperationOccurrenceNotification. + May be present if the "notificationTypes" attribute contains the + value "VnfLcmOperationOccurrenceNotification", and shall be absent + otherwise. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/LcmOperationType" + operationStates: + description: > + Match particular LCM operation state values as reported in + notifications of type VnfLcmOperationOccurrenceNotification. + May be present if the "notificationTypes" attribute contains the + value "VnfLcmOperationOccurrenceNotification", and shall be absent + otherwise. + type: array + items: + $ref: "#/definitions/LcmOperationStateType" + + LcmOperationStateType: + description: > + STARTING: The LCM operation is starting. + PROCESSING: The LCM operation is currently in execution. + COMPLETED: The LCM operation has been completed successfully. + FAILED_TEMP: The LCM operation has failed and execution has stopped, + but the execution of the operation is not considered to be closed. + FAILED: The LCM operation has failed and it cannot be retried or rolled back, + as it is determined that such action won't succeed. + ROLLING_BACK: The LCM operation is currently being rolled back. + ROLLED_BACK: The LCM operation has been successfully rolled back, + i.e. The state of the VNF prior to the original operation invocation has been restored as closely as possible. + type: string + enum: + - STARTING + - PROCESSING + - COMPLETED + - FAILED_TEMP + - FAILED + - ROLLING_BACK + - ROLLED_BACK + + VnfInstance: + description: > + This type represents a VNF instance. + + NOTE: Clause B.3.2 provides examples illustrating the relationship among the different run-time + information elements (CP, VL and link ports) used to represent the connectivity of a VNF. + + NOTE 1: Modifying the value of this attribute shall not be performed when conflicts exist between + the previous and the newly referred VNF package, i.e. when the new VNFD is changed with + respect to the previous VNFD in other aspects than merely referencing to other VNF software + images. In order to avoid misalignment of the VnfInstance with the current VNF's on-boarded + VNF Package, the values of attributes in the VnfInstance that have corresponding attributes + in the VNFD shall be kept in sync with the values in the VNFD. + NOTE 2: ETSI GS NFV-SOL 001 [14] specifies the structure and format of the VNFD based on TOSCA specifications. + NOTE 3: VNF configurable properties are sometimes also referred to as configuration parameters applicable + to a VNF. Some of these are set prior to instantiation and cannot be modified if the VNF is instantiated, + some are set prior to instantiation (are part of initial configuration) and can be modified later, + and others can be set only after instantiation. The applicability of certain configuration may + depend on the VNF and the required operation of the VNF at a certain point in time. + NOTE 4: Upon creation of the VnfInstance structure, the VNFM shall create and initialize all child attributes + of "vnfConfigurableProperties", "metadata" and "extensions" that were declared in the VNFD with a defined + initial value. The defined initial values can be declared in the VNFD, and/or, in case of "metadata", + obtained from the "CreateVnfRequest" structure. Child attributes of "vnfConfigurableProperties", + "metadata" and "extensions" that have no defined initial value shall not be created, in order to be + consistent with the semantics of the JSON Merge Patch method (see IETF RFC 7396) that interprets null + values as deletion request. + NOTE 5: It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a + multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same + VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed + multi-site VL instance (refer to clause 5.5.3.3). + NOTE 6: Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall + not be listed in the "vnfVirtualLinkResourceInfo" attribute as this would be redundant. + NOTE 7: Subports need not be used for containerized VNFCs. The application container can send and receive IP + packets with any VLAN tag as long as the network interface to connect to the secondary container cluster + network has been configured appropriately. Thus, no individual vnfcCpInfo, except the one representing + the trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point. + NOTE 8: For a scaling aspect whose related VNFCs have not been instantiated due to the selection of deployable + modules, the “scaleStatus” indicates the scale level that would be applicable to the aspect if a VNF LCM + operation changes the selected deployable modules and the related VNFCs are instantiated, unless the + VNF LCM operation explicitly indicates the scale level for the aspect. + type: object + required: + - id + - vnfdId + - vnfProvider + - vnfProductName + - vnfSoftwareVersion + - vnfdVersion + - instantiationState + - _links + properties: + id: + description: > + Identifier of the VNF instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfInstanceName: + description: > + Name of the VNF instance. + This attribute can be modified with the PATCH method. + type: string + vnfInstanceDescription: + description: > + Human-readable description of the VNF instance. + This attribute can be modified with the PATCH method. + type: string + vnfdId: + description: > + Identifier of the VNFD on which the VNF instance is based. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfProvider: + description: > + Provider of the VNF and the VNFD. The value is copied from the VNFD. + type: string + vnfProductName: + description: > + Name to identify the VNF Product. The value is copied from the VNFD. + type: string + vnfSoftwareVersion: + description: > + Software version of the VNF. The value is copied from the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfdVersion: + description: > + Identifies the version of the VNFD. The value is copied from the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfConfigurableProperties: + description: > + Additional VNF-specific attributes that provide the current values of the configurable + properties of the VNF instance. + + These attributes represent values that are stored persistently in the VnfInstance structure + and that correspond to configuration parameters of the VNF instance. + + Modifying these attributes affects the configuration of the VNF instance either directly + (if the VNF instance is in INSTANTIATED state at the time of the modification) or as part + of the subsequent VNF instantiation operation (if the VNF instance is in NOT_INSTANTIATED + state at the time of the modification). + + Configurable properties referred in these attributes are declared in the VNFD. The declaration + of configurable properties in the VNFD can optionally contain the specification of initial values. + See notes 2, 3 and 4. The VNFM shall reject requests to write configurable properties that are + not declared in the VNFD with a "422 Unprocessable Content" error response as defined in clause + 6.4 of ETSI GS NFV SOL 013. + + These configurable properties include the following standard attributes, which are declared in + the VNFD if auto-scaling and/or auto-healing are supported by the VNF: + - isAutoscaleEnabled: If present, the VNF supports auto-scaling. If set to true, auto-scaling + is currently enabled. If set to false, auto-scaling is currently disabled. + - isAutohealEnabled: If present, the VNF supports auto-healing. If set to true, auto-healing is + currently enabled. If set to false, auto-healing is currently disabled. + + These configurable properties can be initialized with default values from the VNFD (see note 4). + + Configurable properties can be modified with values passed in the request structures of certain + LCM operations, such as the InstantiateVnfRequest structure. + + Further, these configurable properties can be created, modified or deleted with the PATCH method. + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + vimConnectionInfo: + description: > + Information about VIM or CISM connections to be used for managing the resources for + the VNF instance. The keys of the map, each of which identifies information about a + particular VIM connection, are managed by the NFVO and referenced from other data + structures via the "vimConnectionId" attribute. + This attribute shall only be supported and present if + - the resources of at least of the VNFCs are managed by a VIM and + VNF-related resource management in direct mode is applicable. + - the resources of at least of the VNFCs are managed by a CISM. + This attribute can be modified with the PATCH method. + If VIM connection information is provisioned to the VNFM by means outside the scope of + the present document, the information in the "vimConnectionInfo" attribute provides + necessary information for binding the VnfInstance representing the "Individual VNF + instance" to the applicable VIM connection information used to perform resource + management for the VNF instance. See also the definition of the "VimConnectionInfo" in + clause 4.4.1.6. + type: object + additionalProperties: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VimConnectionInfo" + cirConnectionInfo: + description: > + Information about the CIR connection for + managing OS container images for the VNF + instance. + Shall be present when all or part of the VNF + is realized by a set of OS containers and + shall be absent otherwise. + type: object + additionalProperties: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VimConnectionInfo" + mciopRepositoryInfo: + description: > + Information about the MCIOP repository for + the VNF instance. + Shall be present when all or part of the VNF + is realized by a set of OS containers and + shall be absent otherwise. + See note 1. + type: object + additionalProperties: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VimConnectionInfo" + certificateInfo: + description: > + Information about certificate and certificate management in this VNF. Shall be present + when using delegation mode, otherwise shall be absent.This attribute can be modified with the + PATCH method.Content of this attribute shall not be either added (if previously not set) or removed (if + previously set) by using the Modify VNF Information operation. See note 3. + $ref: "#/definitions/CertificateInfo" + instantiationState: + description: > + The instantiation state of the VNF. + Permitted values: + - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. + - INSTANTIATED: The VNF instance is instantiated. + type: string + enum: + - NOT_INSTANTIATED + - INSTANTIATED + instantiatedVnfInfo: + description: > + Information specific to an instantiated VNF instance. This attribute + shall be present if the instantiateState attribute value is + INSTANTIATED. + type: object + required: + - flavourId + - vnfState + properties: + flavourId: + description: > + Identifier of the VNF deployment flavour applied to this VNF instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfState: + description: > + The state of the VNF instance. + $ref: "#/definitions/VnfOperationalStateType" + scaleStatus: + description: > + Scale status of the VNF, one entry per aspect. Represents for every scaling aspect + how "big" the VNF has been scaled w.r.t. that aspect. + + This attribute shall be present if the VNF supports scaling. + See clause B.2 for an explanation of VNF scaling. + + For an aspect that has not been deployed because the related deployableModule has + not been selected, it indicates the scale level that has been requested in the instantiation + or in a scaling operation, or, if none has been requested in any of them, the scale level + applicable to the aspect based on the default instantiation level. See note 8. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/ScaleInfo" + maxScaleLevels: + description: > + Maximum allowed scale levels of the VNF, one entry per aspect. + This attribute shall be present if the VNF supports scaling. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/ScaleInfo" + selectedDeployableModule: + description: > + References a currently selected deployable module, as defined in the VNFD, that has + already completed the instantiation of its VNFCs. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + resourceCapacityDefinition: + description: > + Shows current values of VDU attributes related to resource capacity, + if different to the default values from the VNFD, as indicated in the + (one or more) request(s) of all completed VNF LCM operation(s) that + contain this attribute. If an attribute value has been modified multiple times, + only the last value is shown. The values indicated in this attribute are + applicable to all VNFC instances based on the VDU to which the + resourceCapacityDefinition is related. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceCapacityDefinition" + + extCpInfo: + description: > + Information about the external CPs exposed by the VNF instance. When trunking is enabled, + the list of entries includes both, external CPs corresponding to parent ports of a trunk, + and external CPs associated to sub-ports of a trunk.See note 7. + type: array + items: + $ref: "#/definitions/VnfExtCpInfo" + vipCpInfo: + description: > + VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC + instance is associated to an external CP of the VNF instance. + May be present otherwise. + type: array + minItems: 1 + items: + $ref: "#/definitions/VipCpInfo" + virtualCpInfo: + description: > + Virtual CPs that are part of the VNF instance. Shall be present when a particular Virtual CP + is associated to an external CP of the VNF instance. + May be present otherwise. + type: array + items: + $ref: "#/definitions/VirtualCpInfo" + extVirtualLinkInfo: + description: > + Information about the external VLs the VNF instance is connected to. + type: array + items: + $ref: "#/definitions/ExtVirtualLinkInfo" + extManagedVirtualLinkInfo: + description: > + Information about the externally-managed internal VLs of the VNF instance. See notes 5 and 6. + type: array + items: + $ref: "#/definitions/ExtManagedVirtualLinkInfo" + monitoringParameters: + description: > + Active monitoring parameters. + type: array + items: + $ref: "#/definitions/MonitoringParameter" + localizationLanguage: + description: > + Information about localization language of the VNF (includes e.g. + strings in the VNFD). The localization languages supported by a VNF + can be declared in the VNFD, and localization language selection can + take place at instantiation time. + The value shall comply with the format defined in IETF RFC 5646. + type: string + vnfcResourceInfo: + description: > + Information about the virtualised compute and storage resources used + by the VNFCs of the VNF instance. + type: array + items: + $ref: "#/definitions/VnfcResourceInfo" + vnfVirtualLinkResourceInfo: + description: > + Information about the virtualised network resources used by the VLs of the VNF instance. See note 6. + type: array + items: + $ref: "#/definitions/VnfVirtualLinkResourceInfo" + virtualStorageResourceInfo: + description: > + Information on the virtualised storage resource(s) used as storage for the VNF instance. + type: array + items: + $ref: "#/definitions/VirtualStorageResourceInfo" + mcioInfo: + description: > + Information on the MCIO(s) representing + VNFC instance(s) realized by one or a set of + OS containers and created from the same + VDU for the VNF instance. + type: array + items: + $ref: "#/definitions/McioInfo" + vnfPaasServiceInfo: + description: > + Information on the PaaS Services assigned and used by the VNF instance. + type: array + items: + $ref: "#/definitions/PaasServiceInfo" + metadata: + description: > + Additional VNF-specific attributes that provide metadata describing the VNF instance. + + These attributes represent values that are stored persistently in the VnfInstance structure for + consumption by functional blocks that invoke the VNF lifecycle management interface. They are not + consumed by the VNFM, or the lifecycle management scripts. + + Modifying the values of these attributes has no effect on the VNF instance, it only affects the + information represented in the VnfInstance structure. + + Metadata that the VNF provider foresees are expected to be declared in the VNFD. The declaration + of metadata in the VNFD can optionally contain the specification of initial values. See notes 2 and 4. + The VNFM shall accept requests to write metadata that are not declared in the VNFD. + + These attributes can be initialized with default values from the VNFD (see note 4) or with values + passed in the CreateVnfRequest structure (see clause 5.4.2.3.1). + + These attributes can be created, modified or removed with the PATCH method. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + extensions: + description: > + Additional VNF-specific attributes that affect the lifecycle management of this VNF instance. + + These attributes represent values that are stored persistently in the VnfInstance structure for + consumption by the VNFM or the lifecycle management scripts during the execution of VNF lifecycle + management operations. + + All extensions that are allowed for the VNF are declared in the VNFD. The declaration of an extension + in the VNFD contains information on whether its presence is optional or required, and optionally can + specify an initial value. See notes 2 and 4. The VNFM shall reject requests to write extension attributes + that are not declared in the VNFD with a "422 Unprocessable Content" error response as defined in clause + 6.4 of ETSI GS NFV-SOL 013. + + Modifying the values of these attributes has no direct effect on the VNF instance; however, the modified + attribute values can be considered during subsequent VNF lifecycle management operations, which means that + the modified values can indirectly affect the configuration of the VNF instance. + + These attributes can be initialized with default values from the VNFD (see note 4). + + These attributes can be modified with values passed in the request structures of certain LCM operations, + such as the InstantiateVnfRequest structure. + + Further, these attributes can be created, modified or deleted with the PATCH method. + + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + properties: + self: + description: URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + indicators: + description: Indicators related to this VNF instance, if applicable. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + instantiate: + description: > + Link to the "Instantiate VNF task" resource, if the related operation + is possible based on the current status of this VNF instance + resource (i.e. VNF instance in NOT_INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + terminate: + description: > + Link to the "Terminate VNF task" resource, if the related operation + is possible based on the current status of this VNF instance + resource (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + scale: + description: > + Link to the "Scale VNF task" resource, if the related operation is + supported for this VNF instance, and is possible based on the + current status of this VNF instance resource (i.e. VNF instance + is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + scaleToLevel: + description: > + Link to the "Scale VNF to level task" resource, if the related + operation is supported for this VNF instance, and is possible + based on the current status of this VNF instance resource + (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + changeFlavour: + description: > + Link to the "Change VNF flavour task" resource, if the related + operation is supported for this VNF instance, and is possible + based on the current status of this VNF instance resource + (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + heal: + description: > + Link to the "Heal VNF task" resource, if the related operation is + supported for this VNF instance, and is possible based on the + current status of this VNF instance resource + (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + operate: + description: > + Link to the "Operate VNF task" resource, if the related operation is + supported for this VNF instance, and is possible based on the + current status of this VNF instance resource + (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + changeExtConn: + description: > + Link to the "Change external VNF connectivity task" resource, if the related + operation is possible based on the current status of this VNF + instance resource (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + createSnapshot: + description: > + Link to the "Create VNF snapshot task" resource, if the related operation is + supported for this VNF instance and is possible based on the current status of + this VNF instance resource (i.e., VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + revertToSnapshot: + description: > + Link to the "Revert to VNF snapshot task" resource, if the related operation is + supported for this VNF instance and is possible based on the current status of + this VNF instance resource (i.e., VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + changeCurrentVnfPkg: + description: > + Link to the "Change current VNF package task" resource, if the related + operation is possible based on the current status of this VNF instance resource + (i.e. VNF instance is in INSTANTIATED state). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + + CertificateInfo: + description: > + This type provides input information related to certificate and certificate management. + type: object + required: + - id + properties: + id: + description: Identifier of this certificate information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateConfigurationInfo: + description: > + Configuration for certificate management such as certificate profile + and security policy. + $ref: "#/definitions/CertificateConfigurationInfo" + certificateContents: + description: > + Information for contents of issued certificates. The information + contained in this attribute may be updated over time during the VNF + LCM, e.g., certificate(s) renewal. + type: array + items: + $ref: "#/definitions/CertificateContent" + + CertificateConfigurationInfo: + description: > + This type provides input information related to certificate management. + type: object + required: + - securityPolicy + properties: + certificateBaseProfile: + description: Information for certificate profile. + type: array + items: + $ref: "#/definitions/CertificateBaseProfile" + securityPolicy: + description: Information for security policy to be satisfied for certificate. + type: array + items: + $ref: "#/definitions/SecurityPolicy" + delegationSupportedCertificateManagements: + description: Describes supported certificate management information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + cmfInfo: + description: Information for CMF. + $ref: "#/definitions/CmfInfo" + + CertificateContent: + description: > + This type provides input information related to certificate content. + + NOTE: The CertificateDesc data type is defined in clause 7.1.19.2 of ETSI GS NFV IFA 011 [10]. + type: object + required: + - id + - certificateDescId + - certificateType + properties: + id: + description: Identifier of this certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateDescId: + description: > + Identifier of certificate description in VNFD to be used to issue + this certificate. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + certificateType: + description: Type of this certificate. + type: string + enum: + - VNFCI_CERT + - VNFOAM_CERT + supportedCertificateManagements: + description: Describes supported certificate management information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + version: + description: Version of this certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + serialNumber: + description: Serial number of this certificate. + type: integer + signatureAlgorithm: + description: Algorithm of this certificate's signature. + type: string + issuer: + description: Issuer of this certificate. + type: string + notBefore: + description: Start date of the valid period for this certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + notAfter: + description: End date of the valid period for this certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + subject: + description: Subject of this certificate. + type: string + publicKeyAlgorithm: + description: Algorithm of this certificate's public key. + type: string + publicKey: + description: Public key of this certificate. + type: string + certificateExtensions: + description: Extension of this certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + VnfOperationalStateType: + description: > + STARTED: The VNF instance is up and running. + STOPPED: The VNF instance has been shut down. + type: string + enum: + - STARTED + - STOPPED + + VnfExtCpInfo: + description: > + This type represents information about an external CP of a VNF. + + NOTE 1: The attributes "associatedVnfcCpId", "associatedVipCpId", "associatedVirtualCpId" and + "associatedVnfVirtualLinkId" are mutually exclusive. Exactly one shall be present. + NOTE 2: An external CP instance is not associated to a link port in the cases indicated for the + “extLinkPorts” attribute in clause 4.4.1.11. + NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network + attachment definition resource is needed to fulfil the connectivity requirements of the external + CP, e.g. to build a link redundant mated pair in SR-IOV cases. + NOTE 4: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace. + type: object + required: + - id + - cpdId + - cpConfigId + - cpProtocolInfo + oneOf: + - required: + - associatedVnfcCpId + - required: + - associatedVipCpId + - required: + - associatedVnfVirtualLinkId + properties: + id: + description: > + Identifier of the external CP instance and the related information instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpdId: + description: > + Identifier of the external CPD, VnfExtCpd, in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + cpConfigId: + description: > + Identifier that references the applied "VnfExtCpConfig" entry in the "cpConfig" map of the "currentVnfExtCpData" + in the "ExtVirtualLinkInfo" structure. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + cpProtocolInfo: + description: > + Network protocol information for this CP. + type: array + items: + $ref: "#/definitions/CpProtocolInfo" + extLinkPortId: + description: > + Identifier of the "ExtLinkPortInfo" structure inside the "ExtVirtualLinkInfo" structure. + Shall be present if the CP is associated to a link port. See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this external CP. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + associatedVnfcCpId: + description: > + Identifier of the "vnfcCpInfo" structure in "VnfcResourceInfo" structure that represents the VNFC CP + which is exposed by this external CP instance, either directly or via a floating IP address. + Shall be present in case this CP instance maps to a VNFC CP. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + associatedVipCpId: + description: > + Identifier of the VIP CP instance that is exposed as this VnfExtCp instance, either directly or via a + floating IP address, and the related "VipCpInfo" structure in "VnfInstance". Shall be present if the + cpdId of this VnfExtCp has a vipCpd attribute. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + associatedVirtualCpId: + description: > + Identifier of the "VirtualCpInfo" structure that represents the Virtual CP that is exposed by this + external CP instance. Shall be present in case this CP instance maps to a Virtual CP. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + associatedVnfVirtualLinkId: + description: > + Identifier of the "VnfVirtualLinkResourceInfo" structure that represents the internal VL or of the + "ExtManagedVirtualLinkInfo" structure that represents the externally-managed internal VL which is + exposed by this external CP instance. Shall be present in case this CP instance maps to an internal + VL (including externally-managed internal VL). See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + netAttDefResourceId: + description: > + Identifier of the “NetAttDefResourceInfo” structure that provides the specification of the interface to attach the + connection point to a secondary container cluster network. See notes 3 and 4. + + It shall be present if the external CP is associated to a VNFC realized by one or a set of OS containers and + is connected to a secondary container cluster network. It shall not be present otherwise. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateContentId: + description: > + Identifier of the "CertificateContent" structure that provides the information of the certificate that this + VNF CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present. + This attribute shall be supported when delegation mode in certificate management is applicable. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + + VipCpInfo: + description: > + This type provides information related to virtual IP (VIP) CP. + + NOTE 1: It is possible that there is no associated VnfcCp because the VIP CP is available but not + associated yet. + NOTE 2: If only the value or the presence of this attribute is changed in the "VipCpInfo" structure + by an LCM operation occurrence, this does not represent a change that requires including a related + "AffectedVipCp" structure in the VNF LCM operation occurrence notifications or the "VnfLcmOpOcc" + structure related to this LCM operation occurrence. + type: object + required: + - cpInstanceId + - cpdId + properties: + cpInstanceId: + description: > + Identifier of this VIP CP instance and of this VipCpInfo. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpdId: + description: > + Identifier of the VIP Connection Point Descriptor, VipCpd, in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance + (e.g. during a "Change current VNF package" operation or due to its final failure). See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfExtCpId: + description: > + When the VIP CP is exposed as external CP of the VNF, the identifier of this external VNF CP instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpProtocolInfo: + description: > + Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. + There may be one cpProtocolInfo for layer 2. + type: array + items: + $ref: "#/definitions/CpProtocolInfo" + associatedVnfcCpIds: + description: > + Identifiers of the VnfcCps that share the virtual IP addresse allocated to the VIP CP instance. See note. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vnfLinkPortId: + description: > + Identifier of the "VnfLinkPortInfo" structure in the "VnfVirtualLinkResourceInfo" or + "ExtManagedVirtualLinkInfo" structure. Shall be present if the CP is associated to a + link port on an internal VL (including externally-managed internal VL). + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + metadata: + description: > + Metadata about this VIP CP. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + VirtualCpInfo: + description: > + This type provides information related to a virtual CP instance of a VNF. + + NOTE 1: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing the service + accessible via the virtual CP instance by querying the "vnfcResourceInfo" from the "InstantiatedVnfInfo" + and filtering by corresponding "vduIds" values. + NOTE 2: The information can be omitted because it is already available as part of the external CP information in the + VnfExtCpInfo structure. + type: object + required: + - cpInstanceId + - cpdId + - resourceHandle + - vduIds + properties: + cpInstanceId: + description: > + Identifier of this virtual CP instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpdId: + description: > + Identifier of the VirtualCpd in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + resourceHandle: + description: > + Reference to the virtualised resource realizing this virtual CP. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + vnfExtCpId: + description: > + When the virtual CP is exposed as external CP of the VNF, the identifier of this external VNF CP instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpProtocolInfo: + description: > + Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported. + This attribute may be omitted if the virtual CP is exposed as an external CP. See note 2. + type: array + items: + $ref: "#/definitions/CpProtocolInfo" + vduIds: + description: > + Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note 1. + type: array + minItems: 1 + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + additionalServiceInfo: + description: > + Additional service identification information of the virtual CP instance. + type: array + items: + $ref: "#/definitions/AdditionalServiceInfo" + metadata: + description: > + Metadata about this virtual CP instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + ExtVirtualLinkInfo: + description: > + This type represents information about an external VL. + + NOTE: This attribute reflects the current configuration information that has resulted from merging into this attribute + the "VnfExtCpData" information which was passed as part of the "ExtVirtualLinkData" structure in the input of the + most recent VNF LCM operation such as "InstantiateVnfRequest", "ChangeExtVnfConnectivityRequest", "ChangeVnfFlavourRequest" + or "ChangeCurrentVnfPkgRequest", or in the Grant response. If applying such change results in an empty list of + "currentVnfExtCpData" structure instances, the affected instance of "ExtVirtualLinkInfo" shall be removed from its + parent data structure. + type: object + required: + - id + - resourceHandle + - currentVnfExtCpData + properties: + id: + description: > + Identifier of the external VL and the related external VL + information instance. + The identifier is assigned by the NFV-MANO entity that manages this + VL instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + resourceHandle: + description: > + Reference to the resource realizing this VL. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + extLinkPorts: + description: > + Link ports of this VL. + type: array + items: + $ref: "#/definitions/ExtLinkPortInfo" + currentVnfExtCpData: + description: > + Allows the API consumer to read the current CP configuration information for the connection of external CPs + to the external virtual link. See note. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VnfExtCpData" + extNetAttDefResource: + description: > + Network attachment definition resources that provide the specification of the interface to attach connection points + to this VL. + type: array + items: + $ref: "#/definitions/NetAttDefResourceInfo" + + MonitoringParameter: + description: > + This type represents a monitoring parameter that is tracked by the VNFM, + type: object + required: + - id + - performanceMetric + properties: + id: + description: > + Identifier of the monitoring parameter defined in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + name: + description: > + Human readable name of the monitoring parameter, as defined in the + VNFD. + type: string + performanceMetric: + description: > + Performance metric that is monitored. This attribute shall contain the + related "Measurement Name" value as defined in clause 7.2 of ETSI GS NFV-IFA 027. + type: string + + ExtManagedVirtualLinkInfo: + type: object + required: + - id + - vnfVirtualLinkDescId + - networkResource + properties: + id: + description: > + Identifier of the externally-managed internal VL and the related + externally-managed VL information instance. + The identifier is assigned by the NFV-MANO entity that manages this + VL instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfVirtualLinkDescId: + description: > + Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + networkResource: + description: > + Reference to the VirtualNetwork resource providing this VL. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + vnfLinkPorts: + description: > + Link ports of this VL. + type: array + items: + $ref: "#/definitions/VnfLinkPortInfo" + vnfNetAttDefResource: + description: > + Network attachment definition resources that provide the specification of the interface to attach connection + points to this VL. + type: array + items: + $ref: "#/definitions/NetAttDefResourceInfo" + extManagedMultisiteVirtualLinkId: + description: > + Identifier of the externally-managed multi-site VL instance. The identifier is assigned by the NFV-MANO entity + that manages the externally managed multi-site VL instance. It shall be present when the externally-managed + internal VL is part of a multi-site VL, e.g., in support of multi-site VNF spanning several VIMs. + All externally-managed internal VL instances corresponding to an internal VL created based on the same + virtualLinkDescId shall refer to the same extManagedMultisiteVirtualLinkId. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + + VnfcResourceInfo: + description: > + This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. + Depending on the form of virtualisation container of the VNFC: + - For a VNFC based on VM, a reference to the corresponding VirtualCompute shall be provided, and + - For a VNFC based on OS container(s), a reference to the Compute MCIO shall be provided. Hence, exposure of + information by the VNFM to the NFVO is at the MCIO level. + In addition, the references to the storage resources depend on the form of the VNFC: + a) For a VNFC based on VM, storage resource identifiers shall refer to VirtualStorage resources, and + b) For a VNFC based on OS container(s), storage resource identifiers shall refer to Storage MCIOs. + + NOTE 1: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on + TOSCA specifications. + NOTE 2: A VNFC CP is "connected to" an external CP if the VNFC CP is connected to an + internal VL that exposes an external CP. A VNFC CP is "exposed as" an external + CP if it is connected directly to an external VL. + NOTE 3: The information can be omitted because it is already available as part of the + external CP information. + NOTE 4: If only the value or the presence of this attribute is changed in the "VnfcResourceInfo" + structure by an LCM operation occurrence, this does not represent a change that requires + including a related "AffectedVnfc" structure in the VNF LCM operation occurrence notifications + or the "VnfLcmOpOcc" structure related to this LCM operation occurrence. + NOTE 5: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment + definition resource is needed to fulfil the connectivity requirements of the internal CP, e.g. to build a link + redundant mated pair in SR-IOV cases. + NOTE 6: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace. + NOTE 7: Subports need not be used for containerized VNFCs. The application container can send and receive IP + packets with any VLAN tag as long as the network interface to connect to the secondary container cluster + network has been configured appropriately. Thus, no individual vnfcCpInfo, except the one representing the + trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point. + type: object + required: + - id + - vduId + - computeResource + properties: + id: + description: > + Identifier of this VnfcResourceInfo instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vduId: + description: > + Reference to the applicable VDU in the VNFD. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). See note 4. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + computeResource: + description: > + Reference to the VirtualCompute resource or reference to a Compute MCIO. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + zoneId: + description: > + The identifier of the resource zone, as managed by the + resource management layer (typically, the VIM), where + the referenced VirtualCompute resource is placed. + Shall be provided if this information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + storageResourceIds: + description: > + References to the VirtualStorage resources or references to Storage MCIOs. + The value refers to a VirtualStorageResourceInfo item in the VnfInstance. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + reservationId: + description: > + The reservation identifier applicable to the resource. It shall be + present when an applicable reservation exists. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfcCpInfo: + description: > + CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance + is exposed as an external CP of the VNF instance or is connected to an external CP of the + VNF instance. See note 2. May be present otherwise. See note 7. + type: array + items: + type: object + required: + - id + - cpdId + properties: + id: + description: > + Identifier of this VNFC CP instance and the associated array + entry. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpdId: + description: > + Identifier of the VDU CPD, cpdId, in the VNFD. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfExtCpId: + description: > + Identifier of the related external CP. Shall be present when the VNFC CP is exposed as an + external CP of the VNF instance or connected to an external CP of the VNF instance (see note 2) + and shall be absent otherwise. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpProtocolInfo: + description: > + Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. + See note 3. + type: array + items: + $ref: "#/definitions/CpProtocolInfo" + vnfLinkPortId: + description: > + Identifier of the "VnfLinkPortInfo" structure in the "VnfVirtualLinkResourceInfo" or "ExtManagedVirtualLinkInfo" structure. + Shall be present if the CP is associated to a link port on an internal VL (including externally-managed internal VL) + of the VNF instance and shall be absent otherwise. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + parentCpId: + description: > + Identifier of another VNFC CP instance that corresponds to the parent port of a trunk that the present VNFC CP + instance participates in. Shall be provided if the present CP instance participates in a trunk as subport, and + the referred VNFC CP instances are also present in the vnfcCpInfo attribute. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + netAttDefResourceId: + description: > + Identifier of the “NetAttDefResourceInfo” structure that provides the specification of the interface to attach the + connection point to a secondary container cluster network. See notes 5 and 6. + It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS containers and is + connected to a secondary container cluster network. It shall not be present otherwise. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this CP. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + certificateContentId: + description: > + Identifier of the "CertificateContent" structure that provides the information of the certificate that this VNFC + CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present. + This attribute shall be supported when delegation mode in certificate management is applicable + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + certificateContentId: + description: > + Identifier of the "CertificateContent" structure that provides the information of the certificate that this VNFC + instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present. + This attribute shall be supported when delegation mode in certificate management is applicable. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + + VnfVirtualLinkResourceInfo: + description: > + This type represents the information that allows addressing a virtualised + resource that is used by an internal VL instance in a VNF instance. + + Note: If only the value or the presence of this attribute is changed in the "VnfVirtualLinkResourceInfo" + structure by an LCM operation occurrence, this does not represent a change that requires including + a related "AffectedVirtualLink" structure in the VNF LCM operation occurrence notifications or the + "VnfLcmOpOcc" structure related to this LCM operation occurrence. + type: object + required: + - id + - vnfVirtualLinkDescId + - networkResource + properties: + id: + description: > + Identifier of this VnfVirtualLinkResourceInfo instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vnfVirtualLinkDescId: + description: > + Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + networkResource: + description: > + Reference to the VirtualNetwork resource or reference to a Network MCIO. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + zoneId: + description: > + The identifier of the resource zone, as managed by the resource + management layer (typically, the VIM), where the referenced + VirtualNetwork resource is placed. Shall be provided if this + information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + reservationId: + description: > + The reservation identifier applicable to the resource. It shall be + present when an applicable reservation exists. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfLinkPorts: + description: > + Links ports of this VL. + Shall be present when the linkPort is used for external connectivity + by the VNF (refer to VnfLinkPortInfo). + May be present otherwise. + type: array + items: + $ref: "#/definitions/VnfLinkPortInfo" + metadata: + description: > + Metadata about this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + VirtualStorageResourceInfo: + description: > + This type represents the information that allows addressing a virtualised + resource that is used by a VNF instance. + + Note: If only the value or the presence of this attribute is changed in the "VirtualStorageResourceInfo" + structure by an LCM operation occurrence, this does not represent a change that requires + including a related "AffectedVirtualStorage" structure in the VNF LCM operation occurrence + notifications or the "VnfLcmOpOcc" structure related to this LCM operation occurrence. + type: object + required: + - id + - virtualStorageDescId + - storageResource + properties: + id: + description: > + Identifier of this VirtualStorageResourceInfo instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + virtualStorageDescId: + description: > + Identifier of the VirtualStorageDesc in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case the value differs from the vnfdId attribute of the VnfInstance (e.g. during a "Change + current VNF package" operation or due to its final failure). See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + storageResource: + description: > + Reference to the VirtualStorage resource or reference to a Storage MCIO. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + zoneId: + description: > + The identifier of the resource zone, as managed by the resource + management layer (typically, the VIM), where the referenced + VirtualStorage resource is placed. Shall be provided if this + information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + reservationId: + description: > + The reservation identifier applicable to the resource. It shall be + present when an applicable reservation exists. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + McioInfo: + description: > + This type provides information about an MCIO representing the set of VNFC instances realized by one + or a set of OS containers which have been created based on the same VDU. + Within the CISM, an MCIO controller monitors the actual state of an MCIO representing the set of VNFC + instances realized by one or a set of OS containers and compare it to the desired state For an MCIO related to a VDU that has the + attribute isNumOfInstancesClusterBased set to FALSE the desired state is specified in the respective declarative + descriptor. For an MCIO related to a VDU that has the attribute isNumOfInstancesClusterBased set to TRUE, the + desired state is determined by the number of CIS-nodes in the cluster that fulfil the VDU requirements.as specified in + the respective declarative descriptor. It triggers actions toward the CIS to align the actual to + the desired state. Monitoring the actual state includes monitoring the number of MCIO instances available + at any specific point in time. In addition, an MCIO controller maintains properties and runtime information + on the MCIO instances which have been created based on the same VDU. + The McioInfo data structure provides the runtime information on the MCIOs obtained from the MCIO controller. + + NOTE: There are different types of MCIOs. The set of VNFC instances based on the same VDU is represented + by one MCIO, e.g. of type Deployment. Each individual VNFC instance is represented by another type + of MCIO, e.g. a POD. + + Runtime information of the set of OS containers realizing an individual VNFC instance is not part of the + McioInfo data structure; such runtime information is provided in the ResourceHandle data structure + referenced from the VnfcResourceInfo. The McioInfo does not provide runtime information of a constituent + VNFC instance created based on a specific VDU. + + NOTE 1: The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from + the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes®, the type of MCIO corresponds to the + “kind” property of the declarative descriptor. + NOTE 2: If the attribute additionalInfo is present, it may contain runtime information on the actual and + desired state of the MCIO(s). + NOTE 3: When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined + values from the kind and name fields of the Kubernetes resource object, separated by a slash. + Example: "Deployment/abcd". + NOTE 4: When the container infrastructure service is a Kubernetes® instance, the mcioName is the name + field of the resource object. + type: object + required: + - mcioId + - mcioName + - mcioNamespace + - vduId + - cismId + - mcioType + - desiredInstances + - availableInstances + properties: + mcioId: + description: > + Identifier of this MCIO, created by the CISM. See note 3. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + mcioName: + description: > + Human readable name of this MCIO. See note 4. + type: string + mcioNamespace: + description: > + Namespace of this MCIO. + type: string + vduId: + description: > + Reference to the related VDU in the VNFD applicable to this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + cismId: + description: > + Identifier of the CISM managing this MCIO. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + mcioType: + description: > + The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause + 5.5.4.9. Additional values are also permitted. + See note 1. + type: string + enum: + - Deployment + - Statefulset + - DaemonSet + desiredInstances: + description: > + Number of desired MCIO instances. + type: integer + availableInstances: + description: > + Number of available MCIO instances. + type: integer + additionalInfo: + decription: > + Additional information which is specific to the MCIO, its type, and which is available + from the CISM. + See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + certificateContentId: + description: > + Identifier of the "CertificateContent" structure that provides the information of the certificate that this + MCIO instance uses. Shall be present when using in delegation mode. Otherwise shall not be present. + This attribute shall be supported when delegation mode in certificate management is applicable. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + + PaasServiceInfo: + description: > + This type provides input information about a PaaS Service that is used by + a VNF instance. The PaasServiceInfo is comprised of various sets of + information. Some information comes from the VNFD, other information comes + from the PaaS Service assets provided by the NFVO to the VNFM, and other + information is provided at runtime information about the usage of the PaaS + Service. + type: object + required: + - id + - paasServiceId + - paasServiceType + - paasServiceRequestId + - paasServiceHandle + properties: + id: + description: Identifier of this PaaS Service Information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + paasServiceId: + description: Identifier of the assigned PaaS Service as managed by the PaaS Services Management (PSM) function. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + paasServiceType: + description: The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR. + type: string + paasServiceVersion: + description: Version of the PaaS Service. It shall be present if the PaaS Service is versioned. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + paasServiceRequestId: + description: Identifier of the PaaS Service request in the VNFD that maps to the assigned PaaS Service. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + paasServiceHandle: + description: A handle enabling the access and use of the PaaS Service by the VNF instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/PaasServiceHandle" + additionalInfo: + description: Additional information which is specific to the PaaS Service, its type, and which is available from the PaaS Service instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + CertificateBaseProfile: + description: > + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + + This type provides input information to override certificate base profile + for certificate management. + type: object + required: + - id + properties: + id: + description: The identifier of this certificate profile. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + issuer: + description: Issuer of certificates. See note. + type: string + issuerUniqueIdentifier: + description: Identifier of this issuer of certificates. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + subject: + description: Subject of certificates. See note. + $ref: "#/definitions/CertSubjectData" + subjectUniqueIdentifier: + description: Identifier of this subject of certificates. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + basicConstraints: + description: Basic constraints of certificates. See note. + type: string + issuerAltName: + description: Alternative name of issuer of certificates in this NS. See note. + type: array + items: + type: string + subjectAltName: + description: > + Alternative name of subject of certificates. Shall be present when + this certificate is used for encrypted communication using IP + address and subjectAltName attribute of CertificateBaseProfile in + CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [14], + clause 7.1.19.4). See note. + type: array + items: + type: string + nameConstraints: + description: Name constraints of certificates. See note. + type: array + items: + type: string + + CmfInfo: + description: > + This type provides input information related to CMF for certificate management. + type: object + required: + - id + - endPoint + - supportedProtocol + properties: + id: + description: Identifier of this CMF information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + endPoint: + description: End point of CMF instance. + type: object + properties: + ipAddress: + description: An IP address of this end point. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IpAddress" + link: + description: A link to this end point. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + supportedProtocol: + description: Supported protocols by CMF instance. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/SupportedProtocol" + certificateChain: + description: Certificate chain that this CMF provides. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + SecurityPolicy: + description: > + This type provides input information related to security policy for certificate management. + type: object + required: + - id + properties: + id: + description: Identifier of this security policy. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + maxValidityPeriod: + description: Allowed max validity period for certificates. + type: number + allowedAlgorithm: + description: Allowed signature algorithm. + type: string + minimumKeyLength: + description: Minimum key length for certificates. + type: number + + CpProtocolInfo: + description: > + This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses. + + NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the + present document in a backwards-compatible way. In the current version of the present document, only IP over + Ethernet is supported. + type: object + required: + - layerProtocol + properties: + layerProtocol: + description: > + The identifier of layer(s) and protocol(s) associated to the network address information. + + Permitted values: + - IP_OVER_ETHERNET + - IP_FOR_VIRTUAL_CP + See note. + type: string + enum: + - IP_OVER_ETHERNET + - IP_FOR_VIRTUAL_CP + ipOverEthernet: + description: > + IP addresses over Ethernet to assign to the extCP instance. Shall be + present if layerProtocol is equal to " IP_OVER_ETHERNET", and shall + be absent otherwise. + $ref: "#/definitions/IpOverEthernetAddressInfo" + virtualCpAddress: + description: > + IP address data assigned to an external CP instance exposing a virtual CP. It shall be present if + layerProtocol is equal to “IP_FOR_VIRTUAL_CP” and the external CP instance exposes a virtual CP and + shall not be present otherwise. + $ref: "#/definitions/VirtualCpAddressInfo" + + AdditionalServiceInfo: + description: > + This type provides additional service information of the virtual CP instance used to expose properties of the + virtual CP to NFV-MANO. + + NOTE: This attribute shall only be present if additional information is needed to identify the service + termination within the VNF, such as for example a URL path information in an HTTP request required + to allow a single virtual CP IP address to be used for several HTTP based services that use the + same port number. + type: object + required: + - portInfo + properties: + portInfo: + description: > + Service port numbers exposed by the virtual CP instance. + minItems: 1 + type: array + items: + $ref: "#/definitions/ServicePortInfo" + serviceInfo: + description: > + Service matching information exposed by the virtual CP instance. + See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + ExtLinkPortInfo: + description: > + This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to + an NS VL. + + NOTE 1: The use cases UC#4 and UC#5 in clause A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. + NOTE 2: The value of "trunkResourceId" is scoped by the value of "vimConnectionId" in the "resourceHandle" attribute. + type: object + required: + - id + - resourceHandle + properties: + id: + description: > + Identifier of this link port as provided by the entity that has + created the link port. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + resourceHandle: + description: > + Reference to the virtualised resource realizing this link + port. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + cpInstanceId: + description: > + Identifier of the external CP of the VNF connected to this link + port. There shall be at most one link port associated with any + external connection point instance. The value refers to an + "extCpInfo" item in the VnfInstance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + secondaryCpInstanceId: + description: > + Additional external CP of the VNF connected to this link port. + If present, this attribute shall refer to a "secondary" ExtCpInfo item in the VNF instance that exposes a virtual + IP CP instance which shares this linkport with the external CP instance referenced by the "cpInstanceId" attribute. + See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + trunkResourceId: + description: > + Identifier of the trunk resource in the VIM. + Shall be present if the present link port corresponds to the parent port that the trunk resource is associated with. + See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVim" + + NetAttDefResourceInfo: + description: > + This type contains information related to a network attachment definition resource that provides the + specification of the interface used to connect one or multiple connection points to a secondary container + cluster network. + type: object + required: + - netAttDefResourceInfoId + - netAttDefResource + properties: + netAttDefResourceInfoId: + description: > + Identifier of this network attachment definition resource as provided by the entity that has + created it. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + netAttDefResource: + description: > + Resource handle of the resource in the scope of the CISM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + associatedExtCpId: + description: > + Identifier of the external CP associated to this network attachment definition resource. Shall be present + when the network attachment definition resource is used for external connectivity by the VNF. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + associatedVnfcCpId: + description: > + Identifier of the VNFC CP associated to this network attachment definition resource. May be present when + the network attachment definition resource is used for internal connectivity by the VNF. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + + VnfLinkPortInfo: + description: > + This type represents a link port of an internal VL of a VNF. + + NOTE 1: Either cpInstanceId with cpInstanceType set to "EXT_CP" or any combination of cpInstanceId + with cpInstanceType set to "VNFC_CP" and vipCpInstanceId (i.e. one or both of them) shall be + present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to "VNFC_CP" + and vipCpInstanceId are present, the two different CP instances share the linkport. + NOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId + and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or + only vipCpInstanceId is present (UC6 and UC#6-b). + NOTE 3: The value of "trunkResourceId" is scoped by the value of "vimConnectionId" in the "resourceHandle" + attribute. + type: object + required: + - id + - resourceHandle + properties: + id: + description: > + Identifier of this link port as provided by the entity that has created the link port. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + resourceHandle: + description: > + Reference to the virtualised resource realizing this link + port. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + cpInstanceId: + description: > + When the link port is used for external connectivity by the VNF, this attribute represents the + identifier of the external CP associated with this link port. + + When the link port is used for internal connectivity in the VNF, this attribute represents the + identifier of the VNFC CP to be connected to this link port. + + Shall be present when the link port is used for external connectivity by the VNF. + May be present if used to reference a VNFC CP instance. + There shall be at most one link port associated with any external connection point instance or + internal connection point (i.e. VNFC CP) instance. + The value refers to an "extCpInfo" item in the VnfInstance or a "vnfcCpInfo" item of a "vnfcResourceInfo" + item in the VnfInstance. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpInstanceType: + description: > + Type of the CP instance that is identified by cpInstanceId. + Shall be present if "cpInstanceId" is present and shall be absent otherwise. + + Permitted values: + - VNFC_CP: The link port is connected to a VNFC CP. + - EXT_CP: The link port is associated to an external CP. + See note 1. + type: string + enum: + - VNFC_CP + - EXT_CP + vipCpInstanceId: + description: > + VIP CP instance of the VNF connected to this link port. May be present. + See notes 1, and 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + trunkResourceId: + description: > + Identifier of the trunk resource in the VIM. + Shall be present if the present link port corresponds to the parent port that the trunk resource is associated with. + See note 3. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVim" + + CertSubjectData: + description: > + This type provides input information related to the subject of the certificate. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: object + properties: + commonName: + description: > + Information of the certification target subject FQDN. Can be set + empty when this certificate is used for encrypted communication + using IP address. See note. + type: string + organization: + description: Information of the certification target subject Organization. See note. + type: string + country: + description: Information of the certification target subject Country. See note. + type: string + state: + description: Information of the certification target subject State. See note. + type: string + locality: + description: Information of the certification target subject Locality. See note. + type: string + emailAddress: + description: Information of the certification contact email address. See note. + type: string + + IpOverEthernetAddressInfo: + description: > + This type represents information about a network address that has been assigned. + + NOTE 1: At least one of "macAddress" or "ipAddresses" shall be present. + NOTE 2: Exactly one of "addresses" or "addressRange" shall be present. + NOTE 3: If the Cp instance represents a subport in a trunk, segmentationId shall be present. + Otherwise it shall not be present. + NOTE 4: Depending on the NFVI networking infrastructure, the segmentationId may indicate the + actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the + transport header of the packets or it may be an identifier used between the application + and the NFVI networking infrastructure to identify the network sub-interface of the trunk + port in question. In the latter case the NFVI infrastructure will map this local segmentationId + to whatever segmentationId is actually used by the NFVI's transport technology. + type: object + anyOf: + - required: + - macAddress + - required: + - ipAddresses + properties: + macAddress: + description: > + MAC address, if assigned. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/MacAddress" + segmentationId: + description: > + Identification of the network segment to which the Cp instance connects to. See notes 3 and 4. + type: string + ipAddresses: + description: > + Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or + dynamic IP address assignment per subnet. See note 1. + type: array + items: + type: object + required: + - type + oneOf: + - required: + - addresses + - required: + - addressRange + properties: + type: + description: > + The type of the IP addresses. + Permitted values: IPV4, IPV6. + type: string + enum: + - IPV4 + - IPV6 + addresses: + description: > + Fixed addresses assigned (from the subnet defined by "subnetId" if provided). See note 2. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IpAddress" + isDynamic: + description: > + Indicates whether this set of addresses was assigned + dynamically (true) or based on address information provided as + input from the API consumer (false). Shall be present if + "addresses" is present and shall be absent otherwise. + type: boolean + addressRange: + description: > + An IP address range used, e.g. in case of egress connections. See note 2. + type: object + required: + - minAddress + - maxAddress + properties: + minAddress: + description: > + Lowest IP address belonging to the range. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IpAddress" + maxAddress: + description: > + Highest IP address belonging to the range + $ref: "../../definitions/SOL023_def.yaml#/definitions/IpAddress" + subnetId: + description: > + Subnet defined by the identifier of the subnet resource in + the VIM. + In case this attribute is present, IP addresses are bound + to that subnet. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVim" + + VirtualCpAddressInfo: + description: > + This type represents information about a network address that has been assigned to a virtual CP. + type: object + required: + - type + properties: + type: + description: > + The type of the IP addresses. Permitted values: + - IPV4 + - IPV6 + type: string + enum: + - IPV4 + - IPV6 + loadBalancerIp: + description: > + Fixed addresses assigned to an external load balancer. + $ref: '../../definitions/SOL023_def.yaml#/definitions/IpAddress' + addressPoolName: + description: > + Name of an address pool from which an IP address is + assigned to the virtual CP. + type: string + + ServicePortInfo: + description: > + This type describes the service identifying port properties exposed by the virtual CP instance. + type: object + required: + - name + - port + - portConfigurable + properties: + name: + description: > + The name of the port exposed by the virtual CP instance. + type: string + protocol: + description: > + The L4 protocol for this port exposed by the virtual CP instance. + + Permitted values: + - TCP + - UDP + - SCTP + type: string + enum: + - TCP + - UDP + - SCTP + port: + description: > + The L4 port number exposed by the virtual CP instance. + type: integer + portConfigurable: + description: + Specifies whether the port attribute value is allowed to be configurable. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Boolean" + + VnfLcmOpOcc: + description: > + This type represents a VNF lifecycle management operation occurrence. + + NOTE 1: This allows the NFVO to obtain the information contained in the latest + "result" notification if it has not received it due to an error or a + wrongly configured subscription filter. + NOTE 2: Not more than one of changedInfo and modificationsTriggeredByVnfPkgChange + shall be present. + NOTE 3: For a particular affected VL, there shall be as many "AffectedVirtualLink" + entries as needed for signalling the different types of changes, i.e. one + per virtual link and change type. For instance, in the case of signaling + affected VL instances involving the addition of a particular VL instance + with links ports, one "AffectedVirtualLink" entry signals the addition of + the VL by using the "changeType" attribute of "AffectedVirtualLink" structure + equal to "ADDED", and another "AffectedVirtualLink" entry signals the addition + of externally visible VNF link ports of the VL by using the "changeType" equal + to "LINK_PORT_ADDED". + NOTE 4: A coordination action has timed out if the VNFM has not been able to read the + "Individual coordination action" resource within a timeout interval after requesting + the coordination to be started or to be cancelled. The length of the timeout interval + is defined by means outside the scope of the present document. + NOTE 5: The list of rejected coordinations may be garbage collected if the LCM operation + occurrence has reached a terminal state, i.e. one of "COMPLETED", "FAILED" and "ROLLED_BACK". + type: object + oneOf: + - required: + - changedInfo + - required: + - modificationsTriggeredByVnfPkgChange + required: + - id + - operationState + - stateEnteredTime + - startTime + - vnfInstanceId + - operation + - isAutomaticInvocation + - isCancelPending + properties: + id: + description: > + Identifier of this VNF lifecycle management operation occurrence. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + operationState: + description: > + The state of the LCM operation. + $ref: "#/definitions/LcmOperationStateType" + stateEnteredTime: + description: > + Date-time when the current state has been entered. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + startTime: + description: > + Date-time of the start of the operation. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + vnfInstanceId: + description: > + Identifier of the VNF instance to which the operation applies + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + grantId: + description: > + Identifier of the grant related to this VNF LCM operation + occurrence. Shall be set to the value of the "id" attribute + in the "Grant" representing the associated "Individual Grant", + if such grant exists. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + operation: + description: > + Type of the actual LCM operation represented by this VNF LCM + operation occurrence. + $ref: "../../definitions/SOL023_def.yaml#/definitions/LcmOperationType" + isAutomaticInvocation: + description: > + Set to true if this VNF LCM operation occurrence has been triggered + by an automated procedure inside the VNFM (i.e. + ScaleVnf / ScaleVnfToLevel triggered by auto-scale, or HealVnf + triggered by auto-heal). Set to false otherwise. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Boolean" + operationParams: + description: > + Input parameters of the LCM operation. This attribute shall be + formatted according to the request data type of the related LCM + operation. In addition, the provisions in clause 5.7 shall apply. + + The following mapping between operationType and the + data type of this attribute shall apply: + * INSTANTIATE: InstantiateVnfRequest + * SCALE: ScaleVnfRequest + * SCALE_TO_LEVEL: ScaleVnfToLevelRequest + * CHANGE_FLAVOUR: ChangeVnfFlavourRequest + * OPERATE: OperateVnfRequest + * HEAL: HealVnfRequest + * CHANGE_EXT_CONN: ChangeExtVnfConnectivityRequest + * TERMINATE: TerminateVnfRequest + * MODIFY_INFO: VnfInfoModifications + * CREATE_SNAPSHOT: CreateVnfSnapshotRequest + * REVERT_TO_SNAPSHOT: RevertToVnfSnapshotRequest + * CHANGE_VNFPKG: ChangeCurrentVnfPkgRequest + * SELECT_DEPL_MODS: SelectVnfDeployableModulesRequest + type: object + isCancelPending: + description: > + If the VNF LCM operation occurrence is in "STARTING", "PROCESSING" + or "ROLLING_BACK" state and the operation is being cancelled, this + attribute shall be set to true. Otherwise, it shall be set to false. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Boolean" + cancelMode: + description: > + The mode of an ongoing cancellation. Shall be present when + isCancelPending=true, and shall be absent otherwise. + $ref: "#/definitions/CancelModeType" + error: + description: > + If "operationState" is "FAILED_TEMP" or "FAILED" or "operationState" + is "PROCESSING" or "ROLLING_BACK" and previous value of + "operationState" was "FAILED_TEMP", this attribute shall be present + and contain error information, unless it has been requested to be + excluded via an attribute selector. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + resourceChanges: + description: > + This attribute contains information about the cumulative changes to + virtualised resources that were performed so far by the LCM + operation since its start, if applicable. + type: object + properties: + affectedVnfcs: + description: > + Information about VNFC instances that were affected during the lifecycle operation. + See note 1. + type: array + items: + $ref: "#/definitions/AffectedVnfc" + affectedVirtualLinks: + description: > + Information about VL instances that were affected during the lifecycle operation. + See notes 1 and 3. + type: array + items: + $ref: "#/definitions/AffectedVirtualLink" + affectedExtLinkPorts: + description: > + Information about external VNF link ports that were affected during the lifecycle operation. + See note 1. + type: array + items: + $ref: "#/definitions/AffectedExtLinkPort" + affectedVirtualStorages: + description: > + Information about virtualised storage instances that were affected during the lifecycle operation. + See note 1. + type: array + items: + $ref: "#/definitions/AffectedVirtualStorage" + changedInfo: + description: > + Information about the changed VNF instance information, including VNF configurable properties, + if applicable. See note 1 and note 2. + $ref: "#/definitions/VnfInfoModifications" + affectedVipCps: + description: > + Information about virtual IP CP instances that were affected during + the execution of the lifecycle management operation. + type: array + items: + $ref: "#/definitions/AffectedVipCp" + changedExtConnectivity: + description: > + Information about changed external connectivity, if applicable. See note 1. + type: array + items: + $ref: "#/definitions/ExtVirtualLinkInfo" + modificationsTriggeredByVnfPkgChange: + description: > + Information about performed changes of "VnfInstance" attributes triggered by changing the current VNF package, + if applicable. Shall be absent if the "operation" attribute is different from "CHANGE_VNFPKG". + See notes 1 and 2. + $ref: "#/definitions/ModificationsTriggeredByVnfPkgChange" + vnfSnapshotInfoId: + description: > + Identifier of the "individual VNF snapshot" resource. Shall be present if applicable to the type of LCM operation, + i.e., if the value of the "operation" attribute is either "CREATE_SNAPSHOT" or "REVERT_TO_SNAPSHOT". + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + lcmCoordinations: + description: > + Information about LCM coordination actions (see clause 10 in ETSI GS NFV-SOL002) related to this LCM operation occurrence. + type: array + items: + type: object + required: + - id + - coordinationActionName + - startTime + - endpointType + properties: + id: + description: > + Identifier of this coordination action. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + coordinationActionName: + description: > + Indicator of the actual coordination action. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + coordinationResult: + description: > + The result of executing the coordination action which also implies the action to be performed by the VNFM as + the result of this coordination. + + Shall be present if the coordination has been finished. Shall be absent if the coordination is ongoing or has + timed out (see note 4). + $ref: "../../definitions/SOL023_def.yaml#/definitions/LcmCoordResultType" + startTime: + description: > + The time when the VNFM has received the confirmation that the coordination action has been started. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + endTime: + description: > + The time when the VNFM has received the confirmation that the coordination action has finished or has been + cancelled, or the time when a coordination action has timed out. Shall be present for a coordination + action that has finished or timed out (see note 4) and shall be absent if the coordination is ongoing. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + delay: + description: > + The end of the delay period. + This attribute shall be present if the last known HTTP response related to this coordination has + contained a "Retry-After" header, and shall be absent otherwise. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + endpointType: + description: > + The endpoint type used by this coordination action. + Valid values: + • MGMT: coordination with other operation supporting management systems (e.g. EM) + • VNF: coordination with the VNF instance + type: string + enum: + - MGMT + - VNF + rejectedLcmCoordinations: + description: > + Information about LCM coordination actions (see clause 10 in ETSI GS NFV-SOL002) that were rejected + by 503 error which means they can be tried again after a delay. See note 5. + type: array + items: + type: object + required: + - coordinationActionName + - rejectionTime + - endpointType + - delay + properties: + coordinationActionName: + description: > + Indicator of the actual coordination action. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + rejectionTime: + description: > + The time when the VNFM has received the 503 response that rejects the actual coordination. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + delay: + description: > + The end of the delay period, as calculated from the startTime and "Retry-After" header. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + endpointType: + description: > + The endpoint type used by this coordination action. + Valid values: + • MGMT: coordination with other operation supporting management systems (e.g. EM) + • VNF: coordination with the VNF instance + type: string + enum: + - MGMT + - VNF + warnings: + description: > + Warning messages that were generated while the operation was executing. + + If the operation has included LCM coordination actions and these have resulted + in warnings, such warnings should be added to this attribute. + type: array + items: + type: string + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + - vnfInstance + properties: + self: + description: > + URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + vnfInstance: + description: > + Link to the VNF instance that the operation applies to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + grant: + description: > + Link to the grant for this operation, if one exists. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + cancel: + description: > + Link to the task resource that represents the "cancel" operation + for this VNF LCM operation occurrence, if cancelling is + currently allowed. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + retry: + description: > + Link to the task resource that represents the "retry" operation + for this VNF LCM operation occurrence, if retrying is currently + allowed. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + rollback: + description: > + Link to the task resource that represents the "rollback" + operation for this VNF LCM operation occurrence, if rolling back + is currently allowed. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + fail: + description: > + Link to the task resource that represents the "fail" operation + for this VNF LCM operation occurrence, if declaring as failed is + currently allowed. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + vnfSnapshot: + description: > + Link to the VNF snapshot resource, if the VNF LCM operation occurrence is related to a VNF snapshot. + Shall be present if operation="CREATE_SNAPSHOT" or operation="REVERT_TO_SNAPSHOT". + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + + LccnSubscription: + description: > + This type represents a subscription related to notifications about VNF + lifecycle changes. + type: object + required: + - id + - callbackUri + - verbosity + - _links + properties: + id: + description: > + Identifier of this subscription resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + filter: + description: > + Filter settings for this subscription, to define the subset of all + notifications this subscription relates to. A particular + notification is sent to the subscriber if the filter matches, or if + there is no filter. + $ref: "#/definitions/LifecycleChangeNotificationsFilter" + callbackUri: + description: > + The URI of the endpoint to send the notification to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Uri" + verbosity: + description: > + This attribute signals the verbosity of LCM operation occurrence notifications. + $ref: "#/definitions/LcmOpOccNotificationVerbosityType" + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + properties: + self: + description: > + URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + + CancelModeType: + description: > + Cancellation mode. + GRACEFUL: If the VNF LCM operation occurrence is in "PROCESSING" or + "ROLLING_BACK" state, the VNFM shall not start any new resource + management operation and shall wait for the ongoing resource management + operations in the underlying system, typically the VIM, to finish + execution or to time out. After that, the VNFM shall put the operation + occurrence into the FAILED_TEMP state. + If the VNF LCM operation occurrence is in "STARTING" state, the VNFM + shall not start any resource management operation and shall wait for + the granting request to finish execution or time out. After that, the + VNFM shall put the operation occurrence into the ROLLED_BACK state. + FORCEFUL: If the VNF LCM operation occurrence is in "PROCESSING" or + "ROLLING_BACK" state, the VNFM shall not start any new resource + management operation, shall cancel the ongoing resource management + operations in the underlying system, typically the VIM, and shall wait + for the cancellation to finish or to time out. After that, the VNFM + shall put the operation occurrence into the FAILED_TEMP state. + If the VNF LCM operation occurrence is in "STARTING" state, the VNFM + shall not start any resource management operation and put the operation + occurrence into the ROLLED_BACK state. + type: string + enum: + - GRACEFUL + - FORCEFUL + + AffectedVnfc: + description: > + This type provides information about added, deleted, modified and temporary VNFCs. + + NOTE: The "resourceDefinitionId" attribute provides information to the API consumer + (i.e. the NFVO) to assist in correlating the resource changes performed during + the LCM operation with the granted resources in a specific Grant exchange, which + is identified by the "grantId" available in the "Individual VNF lifecycle management + operation occurrence" and the "id" in the "Individual Grant". + type: object + required: + - id + - vduId + - changeType + - computeResource + properties: + id: + description: > + Identifier of the Vnfc instance, identifying the applicable + "vnfcResourceInfo" entry in the "VnfInstance" data type. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vduId: + description: > + Identifier of the related VDU in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case of a "change current VNF Package" to identify whether the affected + VNFC instance is associated to a VDU which is referred from the source or destination VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: > + Signals the type of change. Permitted values: + * ADDED + * REMOVED + * MODIFIED + * TEMPORARY + For a temporary resource, an AffectedVnfc structure exists as long + as the temporary resource exists. + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + - TEMPORARY + computeResource: + description: > + Reference to the VirtualCompute resource or reference to a Compute MCIO. + Detailed information is (for new and modified resources) or has been (for removed resources) + available from the VIM or the CISM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + resourceDefinitionId: + description: > + The identifier of the "ResourceDefinition" in the granting exchange related to the LCM operation + occurrence. It shall be present when an applicable GrantInfo for thegranted resource exists. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierLocal" + zoneId: + description: > + The identifier of the resource zone, as managed by the resource management + layer (typically, the VIM), where the referenced VirtualCompute resource is placed. + Shall be provided if this information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this resource. + The content of this attribute shall be a copy of the content of the + "metadata" attribute of the VnfcResourceInfo structure. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + affectedVnfcCpIds: + description: > + Identifiers of CP(s) of the VNFC instance that were affected by the + change. + Shall be present for those affected CPs of the VNFC instance that + are associated to an external CP of the VNF instance. + May be present for further affected CPs of the VNFC instance. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + addedStorageResourceIds: + description: > + References to VirtualStorage resources that have been added. Each + value refers to a VirtualStorageResourceInfo item in the + VnfInstance that was added to the VNFC. It shall be provided if at + least one storage resource was added to the VNFC. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + removedStorageResourceIds: + description: > + References to VirtualStorage resources that have been removed. + The value contains the identifier of a VirtualStorageResourceInfo + item that has been removed from the VNFC, and might no longer exist + in the VnfInstance. + It shall be provided if at least one storage resource was removed + from the VNFC. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + + AffectedVirtualLink: + description: > + This type provides information about added, deleted, modified and + temporary VLs, and added or removed VNF link ports. + + NOTE 1: When signalling the addition (LINK_PORT_ADDED) or removal (LINK_PORT_REMOVED) of VNF link ports, + the "networkResource" and "resourceDefinitionId" attributes refer to the affected virtual link + instance, not the link port instance. The resource handles of the affected VNF link ports can be + found by dereferencing the identifiers in the "vnfLinkPortIds" attribute. + NOTE 2: The "resourceDefinitionId" attribute provides information to the API consumer (i.e. the NFVO) to + assist in correlating the resource changes performed during the LCM operation with the granted + resources in a specific Grant exchange, which is identified by the "grantId" available in the + "Individual VNF lifecycle management operation occurrence" and the "id" in the "Individual Grant". + type: object + required: + - id + - vnfVirtualLinkDescId + - changeType + - networkResource + properties: + id: + description: > + Identifier of the virtual link instance, identifying the applicable + "vnfVirtualLinkResourceInfo" or "extManagedVirtualLinkInfo" entry in the "VnfInstance" data type. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + vnfVirtualLinkDescId: + description: > + Identifier of the related VLD in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case of a "change current VNF Package" to identify whether the affected VL instance is + associated to a VLD which is referred from the source or destination VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: > + Signals the type of change. + + Permitted values: + - ADDED + - REMOVED + - MODIFIED + - TEMPORARY + - LINK_PORT_ADDED + - LINK_PORT_REMOVED + For a temporary resource, an AffectedVirtualLink structure exists as long as the temporary resource exists. + See note 1. + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + - TEMPORARY + - LINK_PORT_ADDED + - LINK_PORT_REMOVED + networkResource: + description: > + Reference to the VirtualNetwork resource or reference to a Network MCIO. + Detailed information is (for new and modified resources) or has been (for removed resources) + available from the VIM or the CISM. + See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + vnfLinkPortIds: + description: > + Identifiers of the link ports of the affected VL related to the change. Each identifier references + a "VnfLinkPortInfo" structure. + + Shall be set when changeType is equal to "LINK_PORT_ADDED" or "LINK_PORT_REMOVED", and the + related "VnfLinkPortInfo" structures are present (case "added") or have been present (case "removed") + in the "VnfVirtualLinkResourceInfo" or "ExtManagedVirtualLinkInfo" structures that are represented + by the "vnfVirtualLinkResource¬Info" or "extManagedVirtualLinkInfo" attribute in the "VnfInstance" + structure. See note 1. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + resourceDefinitionId: + description: > + The identifier of the "ResourceDefinition" in the granting exchange related to the LCM operation occurrence. + It shall be present when an applicable GrantInfo for the granted resource exists. See note 1 and note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierLocal" + zoneId: + description: > + The identifier of the resource zone, as managed by the resource + management layer (typically, the VIM), where the referenced VirtualNetwork + resource is placed. Shall be provided if this information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this resource. + The content of this attribute shall be a copy of the content of the + "metadata" attribute of the applicable "vnfVirtualLinkResourceInfo” + structure if such structure is referenced by the "id" attribute and it has metadata. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + AffectedVirtualStorage: + description: > + This type provides information about added, deleted, modified and temporary virtual storage resources. + + NOTE: The "resourceDefinitionId" attribute provides information to the API consumer (i.e. the NFVO) to + assist in correlating the resource changes performed during the LCM operation with the granted + resources in a specific Grant exchange, which is identified by the "grantId" available in the + "Individual VNF lifecycle management operation occurrence" and the "id" in the "Individual Grant". + type: object + required: + - id + - virtualStorageDescId + - changeType + - storageResource + properties: + id: + description: > + Identifier of the storage instance, identifying the applicable + "virtualStorageResourceInfo" entry in the "VnfInstance" data type. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + virtualStorageDescId: + description: > + Identifier of the related VirtualStorage descriptor in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Identifier of the VNFD. + Shall be present in case of a "change current VNF Package" to identify whether the affected virtual storage + instance is associated to a VirtualStorage descriptor which is referred from the source or destination VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: > + Signals the type of change. Permitted values: + * ADDED + * REMOVED + * MODIFIED + * TEMPORARY + For a temporary resource, an AffectedVirtualStorage structure exists + as long as the temporary resource exists. + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + - TEMPORARY + storageResource: + description: > + Reference to the VirtualStorage resource or reference to a Storage MCIO. + Detailed information is (for new and modified resources) or has been (for removed + resources) available from the VIM or the CISM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + resourceDefinitionId: + description: > + The identifier of the "ResourceDefinition" in the granting exchange related to the LCM operation occurrence. + It shall be present when an applicable GrantInfo for the granted resource exists. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierLocal" + zoneId: + description: > + The identifier of the resource zone, as managed by the resource + management layer (typically, the VIM), where the referenced VirtualNetwork + resource is placed. Shall be provided if this information is available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + metadata: + description: > + Metadata about this resource. + The content of this attribute shall be a copy of the content of the + "metadata" attribute of the VirtualStorageResourceInfo structure. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + + AffectedExtLinkPort: + description: > + This type provides information about added and deleted external link ports (link ports attached to external virtual links). + + NOTE: The "resourceDefinitionId" attribute provides information to the API consumer (i.e. the NFVO) to assist in correlating + the resource changes performed during the LCM operation with the granted resources in a specific Grant exchange, which + is identified by the "grantId" available in the "Individual VNF lifecycle management operation occurrence" and the "id" + in the "Individual Grant". + type: object + required: + - id + - changeType + - extCpInstanceId + - resourceHandle + properties: + id: + description: > + Identifier of the link port, identifying the applicable "extLinkPorts" entry in the "ExtVirtualLinkInfo" data + type (see clause 5.5.3.2). + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: > + Signals the type of change. + Permitted values: + - ADDED + - MODIFIED + - REMOVED + type: string + enum: + - ADDED + - MODIFIED + - REMOVED + extCpInstanceId: + description: > + Identifier of the related external CP instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + resourceHandle: + description: > + Reference to the link port resource. + Detailed information is (for added resources) or has been (for removed resources) available from the VIM. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ResourceHandle" + resourceDefinitionId: + description: > + The identifier of the "ResourceDefinition" in the granting exchange related to the LCM operation occurrence. + It shall be present when an applicable GrantInfo for the granted resource exists. See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierLocal" + + VnfInfoModifications: + description: > + This type represents attribute modifications that were performed on an "Individual + VNF instance" resource. The attributes that can be included consist of those requested + to be modified explicitly in the "VnfInfoModificationRequest" data structure, and + additional attributes of the "VnfInstance" data structure that were modified implicitly + e.g. when modifying the referenced VNF package. + + NOTE: If present, this attribute (which depends on the value of the "vnfdId" attribute) + was modified implicitly following a request to modify the "vnfdId" attribute, by + copying the value of this attribute from the VNFD in the VNF Package identified by + the "vnfdId" attribute. + type: object + properties: + vnfInstanceName: + description: > + If present, this attribute signals modifications of the + "vnfInstanceName" attribute in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/String" + vnfInstanceDescription: + description: > + If present, this attribute signals modifications of the + "vnfInstanceDescription" attribute in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/String" + vnfConfigurableProperties: + description: > + If present, this attribute signals modifications of the + "vnfConfigurableProperties" attribute in "VnfInstance". + + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + metadata: + description: > + If present, this attribute signals modifications of the "metadata" + attribute in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + extensions: + description: > + If present, this attribute signals modifications of the "extensions" + attribute in "VnfInstance". + + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + vimConnectionInfo: + description: > + If present, this attribute signals modifications the "vimConnectionInfo" + attribute array in "VnfInstance". + type: object + additionalProperties: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VimConnectionInfo" + vnfdId: + description: > + If present, this attribute signals modifications of the "vnfdId" + attribute in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfProvider: + description: > + If present, this attribute signals modifications of the "vnfProvider" attribute + in "VnfInstance". See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/String" + vnfProductName: + description: > + If present, this attribute signals modifications of the "vnfProductName" attribute + in "VnfInstance". See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/String" + vnfSoftwareVersion: + description: > + If present, this attribute signals modifications of the "vnfSoftwareVersion" attribute + in "VnfInstance". See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfdVersion: + description: > + If present, this attribute signals modifications of the "vnfdVersion" attribute + in "VnfInstance". See note. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + + AffectedVipCp: + description: > + This type provides information about added, deleted and modified virtual IP CP instances. + type: object + required: + - cpInstanceId + - cpdId + - changeType + properties: + cpInstanceId: + description: > + Identifier of the virtual IP CP instance and the related "VipCpInfo" structure in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + + cpdId: + description: > + Identifier of the VipCpd in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + + vnfdId: + description: > + Reference to the VNFD. + Shall be present in case of a "change current VNF Package" to + identify whether the affected virtual CP instance is associated + to a VipCpd which is referred from the source or destination VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + + changeType: + description: > + Signals the type of change. + Permitted values: + - ADDED + - REMOVED + - MODIFIED + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + + ModificationsTriggeredByVnfPkgChange: + description: > + This type represents attribute modifications that were performed on an "Individual VNF instance" resource + when changing the current VNF package. The attributes that can be included consist of those requested to + be modified explicitly in the "ChangeCurrentVnfPkgRequest" data structure, and additional attributes of the + "VnfInstance" data structure that were modified implicitly during the operation. + + NOTE 1: This attribute represents the delta (semantics as per IETF RFC 7396, JSON Merge Patch) between the value + of the attribute at the start of the "Change current VNF package" operation and the value of the attribute + at its completion. + NOTE 2: If present, this attribute (which depends on the value of the "vnfdId" attribute) was modified implicitly + during the related operation and contains a copy of the value of the related attribute from the VNFD in the + VNF Package identified by the "vnfdId" attribute. + type: object + properties: + vnfConfigurableProperties: + description: > + This attribute signals the modifications of the "vnfConfigurableProperties" attribute in "VnfInstance" performed + by the operation and shall be present if that attribute was modified during the operation. See note 1. + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + metadata: + description: > + This attribute signals the modifications of the "metadata" attribute in "VnfInstance" performed by the operation and + shall be present if that attribute was modified during the operation. See note 1. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + extensions: + description: > + This attribute signals the modifications of the "extensions" attribute in "VnfInstance" performed by the operation and + shall be present if that attribute was modified during the operation. See note 1. + In addition, the provisions in clause 5.7 shall apply. + $ref: "../../definitions/SOL023_def.yaml#/definitions/KeyValuePairs" + vnfdId: + description: > + If present, this attribute signals the new value of the "vnfdId" attribute in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfProvider: + description: > + If present, this attribute signals the new value of the "vnfProvider" attribute in "VnfInstance". See note 2. + type: string + vnfProductName: + description: > + If present, this attribute signals the new value of the "vnfProductName" attribute in "VnfInstance". See note 2. + type: string + vnfSoftwareVersion: + description: > + If present, this attribute signals the new value of the "vnfSoftwareVersion" attribute in "VnfInstance". See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfdVersion: + description: > + If present, this attribute signals the new value of the "vnfdVersion" attribute in "VnfInstance". See note 2. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vimConnectionInfo: + description: > + If present, this attribute signals the changes to VIM connection info that were passed in the related + "ChangeCurrentVnfPkgRequest" structure. + type: object + additionalProperties: + $ref: "../../definitions/SOL023_def.yaml#/definitions/VimConnectionInfo" + + VnfLcmOperationOccurrenceNotification: + description: > + This type represents a VNF lifecycle management operation occurrence notification, which + informs the receiver of changes in the VNF lifecycle caused by a VNF LCM operation occurrence. + + The support of the notification is mandatory. + + This notification shall be triggered by the VNFM when there is a change in the state of a VNF LCM + operation occurrence that changes the VNF lifecycle, which represents an occurrence of one the + following LCM operations: + - Instantiation of the VNF + - Scaling of the VNF instance (including auto-scaling) + - Healing of the VNF instance (including auto-healing) + - Change of the state of the VNF instance (i.e. Operate VNF) + - Change of the deployment flavour of the VNF instance + - Change of the external connectivity of the VNF instance + - Change of the current VNF package + - Selection of deployable modules of the VNF instance + - Termination of the VNF instance + - Modification of VNF instance information and/or VNF configurable properties through the "PATCH" + method on the "Individual VNF instance" resource + - Creation of a VNF snapshot + - Reversion of the VNF instance to a VNF snapshot + + Clause 5.6.2 defines the states and state transition of a VNF LCM operation occurrence, and also + specifies details of the notifications to be emitted at each state transition. + If this is the initial notification about the start of a VNF LCM operation occurrence, it is assumed + that the notification is sent by the VNFM before any action (including sending the grant request) is + taken as part of the LCM operation. Due to possible race conditions, the "start" notification, the grant + request and the LCM operation acknowledgment (i.e. the "202 Accepted" response) can arrive in any order + at the NFVO, and the NFVO shall be able to handle such a situation. + If this is a notification about a final or intermediate result state of a VNF LCM operation occurrence, + the notification shall be sent after all related actions of the LCM operation that led to this state have + been executed. + The new state shall be set in the "Individual VNF LCM operation occurrence" resource before the notification + about the state change is sent. + The amount of information provided in the LCM operation occurrence notifications to be issued by the VNFM when + a particular subscription matches can be controlled by the API consumer using the "verbosity" attribute in the + subscription request (see clause 5.5.2.15). The "verbosity" setting in a particular individual subscription shall + only apply to the LCM operation occurrence notifications triggered by that subscription. However, it shall not + affect the amount of information in the "VnfLcmOpOcc" structure (see clause 5.5.2.13) which represents the "Individual + LCM operation occurrence" resource associated with each of the notifications. + See clause 5.6.2.2 for further provisions regarding sending this notification, including in cases of handling LCM + operation errors. + + NOTE 1: Shall be present if the "notificationStatus" is set to "RESULT", the "verbosity" attribute is set to "FULL" + and the operation has performed any resource modification. Shall be absent otherwise. This attribute contains + information about the cumulative changes to virtualised resources that were performed so far by the VNF LCM + operation occurrence and by any of the error handling procedures for that operation occurrence. + NOTE 2: For a particular affected VL, there shall be as many "AffectedVirtualLink" entries as needed for signalling + the different types of changes, i.e. one per virtual link and change type. For instance, in the case of signaling + affected VL instances involving the addition of a particular VL instance with links ports, one "AffectedVirtualLink" + entry signals the addition of the VL by using the "changeType" attribute of "AffectedVirtualLink" structure equal to + "ADDED", and another "AffectedVirtualLink" entry signals the addition of externally visible VNF link ports of the VL + by using the "changeType" equal to "LINK_PORT_ADDED". + Note 3: Not more than one of changedInfo and modificationsTriggeredByVnfPkgChange shall be present. + type: object + required: + - id + - notificationType + - subscriptionId + - timeStamp + - notificationStatus + - operationState + - vnfInstanceId + - operation + - isAutomaticInvocation + - vnfLcmOpOccId + - _links + properties: + id: + description: > + Identifier of this notification. If a notification is sent multiple + times due to multiple subscriptions, the "id" attribute of all these + notifications shall have the same value. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + notificationType: + description: > + Discriminator for the different notification types. Shall be set to + "VnfLcmOperationOccurrenceNotification" for this notification type. + type: string + enum: + - VnfLcmOperationOccurrenceNotification + subscriptionId: + description: > + Identifier of the subscription that this notification relates to.Shall be set to the value of the "id" attribute + of the "LccnSubscription" representing the associated "Individual subscription" resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + timeStamp: + description: > + Date-time of the generation of the notification. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + notificationStatus: + description: > + Indicates whether this notification reports about the start of a + lifecycle operation or the result of a lifecycle operation. + Permitted values: + * START: Informs about the start of the VNF LCM operation + occurrence. + * RESULT: Informs about the final or intermediate result of the VNF + LCM operation occurrence. + type: string + enum: + - START + - RESULT + operationState: + description: > + The state of the VNF LCM operation occurrence. + $ref: "#/definitions/LcmOperationStateType" + vnfInstanceId: + description: > + The identifier of the VNF instance affected. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + operation: + description: > + The lifecycle management operation. + $ref: "../../definitions/SOL023_def.yaml#/definitions/LcmOperationType" + isAutomaticInvocation: + description: > + Set to true if this VNF LCM operation occurrence has been triggered + by an automated procedure inside the VNFM + (i.e. ScaleVnf / ScaleVnfToLevel triggered by auto-scale, or HealVnf + triggered by auto-heal). + Set to false otherwise. + type: boolean + verbosity: + description: > + This attribute signals the verbosity of the notification. If it is not present, it shall default to the value "FULL". + If the value is "SHORT", full change details can be obtained by performing a GET request on the "Individual LCM + operation occurrence" resource that is signalled by the "vnfLcmOpOcc" child attribute of the "_links" attribute. + $ref: '#/definitions/LcmOpOccNotificationVerbosityType' + vnfLcmOpOccId: + description: > + The identifier of the VNF lifecycle management operation occurrence associated to the notification. Shall be + set to the value of the "id" attribute of the "VnfLcmOpOcc" representing the associate "Individual VNF lifecycle + management operation occurrence" resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + affectedVnfcs: + description: > + Information about VNFC instances that were affected during the lifecycle operation. See note 1. + type: array + items: + $ref: "#/definitions/AffectedVnfc" + affectedVirtualLinks: + description: > + Information about VL instances that were affected during the lifecycle operation. See note 1 and note 2. + type: array + items: + $ref: "#/definitions/AffectedVirtualLink" + affectedExtLinkPorts: + description: > + Information about external VNF link ports that were affected during the lifecycle operation. See note 1. + type: array + items: + $ref: "#/definitions/AffectedExtLinkPort" + affectedVirtualStorages: + description: > + Information about virtualised storage instances that were affected during the lifecycle operation. See note 1. + type: array + items: + $ref: "#/definitions/AffectedVirtualStorage" + changedInfo: + description: > + Information about the changed VNF instance information, including + changed VNF configurable properties. + Shall be present if the "notificationStatus" is set to "RESULT", + the "operation" attribute is not equal to "CHANGE_VNFPKG", the + "verbosity" attribute is set to "FULL" and the operation has performed + any changes to VNF instance information, including VNF configurable + properties. Shall be absent otherwise. See note 3. + $ref: "#/definitions/VnfInfoModifications" + + affectedVipCps: + description: > + Information about virtual IP CP instances that were affected during the execution of the lifecycle management + operation, if this notification represents the result of a lifecycle management operation occurrence. + + Shall be present if the "notificationStatus" is set to "RESULT", the "verbosity" attribute is set to "FULL" + and the operation has made any changes to the VIP CP instances of the VNF instance. Shall be absent otherwise. + Only information about VIP CP instances that have been added, deleted or modified shall be provided. + type: array + items: + $ref: "#/definitions/AffectedVipCp" + + affectedVirtualCps: + description: + Information about virtual CP instances that were affected during the execution of the lifecycle + management operation, if this notification represents the result of a lifecycle management operation + occurrence. + Shall be present if the "notificationStatus" is set to "RESULT", the "verbosity" attribute is set to "FULL" + and the operation has made any changes to the virtual CP instances of the VNF instance. Shall be absent + otherwise. Only information about virtual CP instances that have been added, deleted or modified shall be + provided. + type: array + items: + $ref: "#/definitions/AffectedVirtualCp" + affectedCertificates: + description: > + Information about certificate content that were affected during the execution of the lifecycle management + operation, if this notification represents the result of a lifecycle management operation occurrence. + Shall be present when using delegation mode, otherwise shall be absent. + This attribute shall be supported when delegation mode in certificate management is applicable + type: array + items: + $ref: "#/definitions/AffectedCertificate" + changedExtConnectivity: + description: > + Information about changed external connectivity, if this notification + represents the result of a lifecycle operation occurrence. + Shall be present if the "notificationStatus" is set to "RESULT", + the "verbosity" attribute is set to "FULL" and the operation has made + any changes to the external connectivity of the VNF instance. Shall be + absent otherwise. Only information about external VL instances that + have been added or modified shall be provided. + type: array + items: + $ref: "#/definitions/ExtVirtualLinkInfo" + modificationsTriggeredByVnfPkgChange: + description: > + Information about performed changes of "VnfInstance" attributes triggered by changing the current VNF package. + Shall be present if the "notificationStatus" is set to "RESULT", the "operation" attribute is equal to + "CHANGE_VNFPKG", the "verbosity" attribute is set to "FULL" and the operation has performed any changes to + "VnfInstance" attributes. Shall be absent otherwise. See note 3. + $ref: "#/definitions/ModificationsTriggeredByVnfPkgChange" + error: + description: > + Details of the latest error, if one has occurred during executing + the LCM operation (see clause 6.3 of ETSI GS NFV-SOL 013). + Shall be present if the "operationState" attribute is "FAILED_TEMP", "FAILED" + or "ROLLED_BACK" and shall be absent otherwise. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + _links: + description: > + Links to resources related to this notification. + The link URIs in this structure shall be set to point to the + resources identified by the corresponding identifier attributes + in this notification. + $ref: "#/definitions/LccnLinks" + + VnfIdentifierCreationNotification: + description: > + This type represents a VNF identifier creation notification, which + informs the receiver of the creation of a new "Individual VNF instance" resource and + the associated VNF instance identifier. + This notification shall be triggered by the VNFM when it has created an + "Individual VNF instance" resource and the associated VNF instance identifier. + type: object + required: + - id + - notificationType + - subscriptionId + - timeStamp + - vnfInstanceId + - _links + properties: + id: + description: > + Identifier of the VNF instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + notificationType: + description: > + Discriminator for the different notification types. Shall be set to + "VnfIdentifierCreationNotification" for this notification type. + type: string + enum: + - VnfIdentifierCreationNotification + subscriptionId: + description: > + Identifier of the subscription that this notification relates to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + timeStamp: + description: > + Date-time of the generation of the notification. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + vnfInstanceId: + description: > + The created VNF instance identifier. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + _links: + description: > + Links to resources related to this notification. + $ref: "#/definitions/LccnLinks" + + VnfIdentifierDeletionNotification: + description: > + This type represents a VNF identifier deletion notification, which + informs the receiver of the deletion of a new "Individual VNF instance" resource and + the associated VNF instance identifier. + This notification shall be triggered by the VNFM when it has deleted an + "Individual VNF instance" resource and the associated VNF instance identifier. + type: object + required: + - id + - notificationType + - subscriptionId + - timeStamp + - vnfInstanceId + - _links + properties: + id: + description: > + Identifier of this notification. If a notification is sent multiple + times due to multiple subscriptions, the "id" attribute of all these + notifications shall have the same value. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + notificationType: + description: > + Discriminator for the different notification types. Shall be set to + "VnfIdentifierDeletionNotification" for this notification type. + type: string + enum: + - VnfIdentifierDeletionNotification + subscriptionId: + description: > + Identifier of the subscription that this notification relates to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + timeStamp: + description: > + Date-time of the generation of the notification. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + vnfInstanceId: + description: > + The deleted VNF instance identifier. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + _links: + description: > + Links to resources related to this notification. + $ref: "#/definitions/LccnLinks" + + AffectedVirtualCp: + description: > + This type provides information about added, deleted and modified virtual CP instances. + type: object + required: + - cpInstanceId + - cpdId + - changeType + properties: + cpInstanceId: + description: > + Identifier of the virtual CP instance and the related "VirtualCpInfo" + structure in "VnfInstance". + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnf" + cpdId: + description: > + Identifier of the VirtualCpd in the VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/IdentifierInVnfd" + vnfdId: + description: > + Reference to the VNFD. + Shall be present in case of a "change current VNF Package" to identify whether + the affected virtual CP instance is associated to a VirtualCpd which is referred + from the source or destination VNFD. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: > + Signals the type of change. + + Permitted values: + - ADDED + - REMOVED + - MODIFIED + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + + AffectedCertificate: + description: > + This type provides input information about added, deleted, and modified certificate contents. + type: object + required: + - certificateInfoId + - changeType + properties: + certificateInfoId: + description: Identifier of certificate information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateBaseProfileId: + description: Identifier of certificate base profile. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + securityPolicyId: + description: Identifier of security policy. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + cmfInfoId: + description: Identifier of CMF information. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateContentId: + description: Identifier of certificate content. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + changeType: + description: Signals the type of change. + $ref: "../../definitions/SOL023_def.yaml#/definitions/ChangeType" + + LccnLinks: + description: > + This type represents the links to resources that a notification can + contain. + type: object + required: + - vnfInstance + - subscription + properties: + vnfInstance: + description: > + Link to the resource representing the VNF instance to which the + notified change applies. + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" + subscription: + description: > + Link to the related subscription. + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" + vnfLcmOpOcc: + description: > + Link to the VNF lifecycle management operation occurrence that this + notification is related to. Shall be present if there is a related + lifecycle operation occurrence. + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" \ No newline at end of file -- GitLab From bb2b6412dcf8b0f446a1f8ad908cc137e1f06773 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:17:47 +0200 Subject: [PATCH 08/52] add VNFLCMManagementNotification folder --- .../VNFLifecycleManagementNotification.yaml | 347 ++++++++++++++++++ 1 file changed, 347 insertions(+) create mode 100644 src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml diff --git a/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml new file mode 100644 index 0000000..8030377 --- /dev/null +++ b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml @@ -0,0 +1,347 @@ +openapi: 3.0.2 + +info: + title: SOL023 - VNF Lifecycle Management interface + description: | + SOL023 - VNF Lifecycle Management interface + + IMPORTANT: Please note that this file might be not aligned to the current + version of the ETSI Group Specification it refers to. In case of + discrepancies the published ETSI Group Specification takes precedence. + + Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues + + contact: + name: NFV-SOL WG + license: + name: ETSI Forge copyright notice + url: https://forge.etsi.org/etsi-forge-copyright-notice.txt + version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 + +externalDocs: + description: ETSI GS NFV-SOL 023 V5.2.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + +servers: + - url: http://127.0.0.1/vnflcm/v2 + - url: https://127.0.0.1/vnflcm/v2 + +paths: + ############################################################################### + # Notification endpoint VnfLcmOperationOccurrenceNotification # + ############################################################################### + /URI_is_provided_by_the_client_when_creating_the_subscription-VnfLcmOperationOccurrenceNotification: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: + description: | + The POST method delivers a notification from the API producer to an API consumer. The API consumer shall + have previously created an "Individual subscription" resource with a matching filter. See clause 5.4.20.3.1. + requestBody: + $ref: '#/components/requestBodies/VnfLcmOperationOccurrenceNotification' + responses: + 204: + $ref: '#/components/responses/VnfLcmOperationOccurrenceNotification.Post.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + get: + description: | + The GET method allows the API producer to test the notification endpoint that is provided by the API consumer, + e.g. during subscription. See clause 5.4.20.3.2. + responses: + 204: + $ref: '#/components/responses/VnfLcmOperationOccurrenceNotification.Get.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + ############################################################################### + # Notification endpoint VnfIdentifierCreationNotification # + ############################################################################### + /URI_is_provided_by_the_client_when_creating_the_subscription-VnfIdentifierCreationNotification: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: + description: | + The POST method delivers a notification from the API producer to an API consumer. The API consumer shall + have previously created an "Individual subscription" resource with a matching filter. See clause 5.4.20.3.1. + requestBody: + $ref: '#/components/requestBodies/VnfIdentifierCreationNotification' + responses: + 204: + $ref: '#/components/responses/VnfIdentifierCreationNotification.Post.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + get: + description: | + The GET method allows the API producer to test the notification endpoint that is provided by the API consumer, + e.g. during subscription. See clause 5.4.20.3.2. + responses: + 204: + $ref: '#/components/responses/VnfIdentifierCreationNotification.Get.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + ############################################################################### + # Notification endpoint VnfIdentifierDeletionNotification # + ############################################################################### + /URI_is_provided_by_the_client_when_creating_the_subscription-VnfIdentifierDeletionNotification: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: + description: | + The POST method delivers a notification from the API producer to an API consumer. The API consumer shall + have previously created an "Individual subscription" resource with a matching filter. See clause 5.4.20.3.1. + requestBody: + $ref: '#/components/requestBodies/VnfIdentifierDeletionNotification' + responses: + 204: + $ref: '#/components/responses/VnfIdentifierDeletionNotification.Post.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + get: + description: | + The GET method allows the API producer to test the notification endpoint that is provided by the API consumer, + e.g. during subscription. See clause 5.4.20.3.2. + responses: + 204: + $ref: '#/components/responses/VnfIdentifierDeletionNotification.Get.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + +components: + requestBodies: + VnfLcmOperationOccurrenceNotification: + description: | + A notification about lifecycle changes triggered by a VNF LCM operation occurrence.. + content: + application/json: + schema: + $ref: "../VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfLcmOperationOccurrenceNotification" + required: true + + VnfIdentifierCreationNotification: + description: | + A notification about the creation of a VNF identifier and the related "Individual VNF instance" resource. + content: + application/json: + schema: + $ref: "../VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfIdentifierCreationNotification" + required: true + + VnfIdentifierDeletionNotification: + description: | + A notification about the deletion of a VNF identifier and the related "Individual VNF instance" resource. + content: + application/json: + schema: + $ref: "../VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml#/definitions/VnfIdentifierDeletionNotification" + required: true + + responses: + VnfLcmOperationOccurrenceNotification.Post.204: + description: | + 204 NO CONTENT + + Shall be returned when the notification has been delivered successfully. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + VnfLcmOperationOccurrenceNotification.Get.204: + description: | + 204 NO CONTENT + + Shall be returned to indicate that the notification endpoint has been tested successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + VnfIdentifierCreationNotification.Post.204: + description: | + 204 NO CONTENT + + Shall be returned when the notification has been delivered successfully. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + VnfIdentifierCreationNotification.Get.204: + description: | + 204 NO CONTENT + + Shall be returned to indicate that the notification endpoint has been tested successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + VnfIdentifierDeletionNotification.Post.204: + description: | + 204 NO CONTENT + + Shall be returned when the notification has been delivered successfully. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + VnfIdentifierDeletionNotification.Get.204: + description: | + 204 NO CONTENT + + Shall be returned to indicate that the notification endpoint has been tested successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string \ No newline at end of file -- GitLab From d2823f5fc93fd2f1c8de2f3632d176ec1b992c11 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:18:37 +0200 Subject: [PATCH 09/52] add README.md folder --- README.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..7627075 --- /dev/null +++ b/README.md @@ -0,0 +1,25 @@ +# NFV SOL023 APIs + +This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.2.1. + +The APIs described in this repository are defined for the following reference point + +* Cm-Vnfm + +**IMPORTANT: In case of discrepancies the published ETSI Group Specification takes precedence.** + +More information at [NFV Solutions wiki](https://nfvwiki.etsi.org/index.php?title=NFV_Solutions). + +## How to raise issues + +Please report errors, bugs or other issues [here](https://forge.etsi.org/rep/nfv/SOL023/issues). + +## How to contribute + +ETSI Forge uses Gitlab to manage submissions to the repository. Check the project page [here](https://forge.etsi.org/rep/nfv/SOL023). +More information is available [here](https://nfvwiki.etsi.org/index.php?title=SOL_OpenAPI_Main_Page#How_to_Contribute). + +## License + +The content of this repository and the files contained are released under the BSD-3-Clause license. +See the attached LICENSE file or visit https://forge.etsi.org/legal-matters. -- GitLab From 9059400149f2f4c7f1980292ca0aa5e2e9c0548b Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:20:14 +0200 Subject: [PATCH 10/52] commits alignment with SOL(24)000337r1 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7627075..50867af 100644 --- a/README.md +++ b/README.md @@ -22,4 +22,4 @@ More information is available [here](https://nfvwiki.etsi.org/index.php?title=SO ## License The content of this repository and the files contained are released under the BSD-3-Clause license. -See the attached LICENSE file or visit https://forge.etsi.org/legal-matters. +See the attached LICENSE file or visit https://forge.etsi.org/legal-matters. \ No newline at end of file -- GitLab From ec92bdf89b52ae8b98f4823dc8be1c03ee60a327 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:44:34 +0200 Subject: [PATCH 11/52] add new TBD data models in SOL023CM_def yaml --- .../definitions/SOL023CertificateManagement_def.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 37b0560..79c3131 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -231,3 +231,15 @@ definitions: CSRMessage: description: > TBD + + pkiHeader: + description: > + TBD + + CertRepMessages: + description: > + TBD + + PKIStatusInfoType: + description: > + TBD \ No newline at end of file -- GitLab From aab96b869deb5b22ee19ce37aa2bbd74b85cd468 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:49:07 +0200 Subject: [PATCH 12/52] update filter names in SOL023_params.yaml --- src/SOL023/components/SOL023_params.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/SOL023/components/SOL023_params.yaml b/src/SOL023/components/SOL023_params.yaml index 2b7d561..b6cbf6f 100644 --- a/src/SOL023/components/SOL023_params.yaml +++ b/src/SOL023/components/SOL023_params.yaml @@ -45,7 +45,7 @@ components: schema: type: string - all_fields_vnfm: + all_fields_cmf: name: all_fields description: > Include all complex attributes in the response. See clause 5.3 of ETSI @@ -55,7 +55,7 @@ components: schema: type: string - fields_vnfm: + fields_cmf: name: fields description: > Complex attributes to be included into the response. See clause 5.3 of ETSI @@ -65,7 +65,7 @@ components: schema: type: string - exclude_fields_vnfm: + exclude_fields_cmf: name: exclude_fields description: > Complex attributes to be excluded from the response. See clause 5.3 of ETSI @@ -75,7 +75,7 @@ components: schema: type: string - nextpage_opaque_marker_vnfm: + nextpage_opaque_marker_cmf: name: nextpage_opaque_marker description: > Marker to obtain the next page of a paged response. Shall be supported by the VNFM -- GitLab From 1dd0f95cbfdbd1db90e2af768f3e776eafe742c5 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:51:01 +0200 Subject: [PATCH 13/52] update filter parameters names in VNFLCM.yaml --- .../VNFLifecycleManagement.yaml | 32 ++++++------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 475fefb..af04559 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -41,11 +41,11 @@ paths: The GET method queries information about multiple VNF instances. See clause 5.4.2.3.2. parameters: - $ref: '#/components/parameters/filter_vnf_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_vnfm - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_vnfm - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf - $ref: '#/components/parameters/exclude_default_vnf_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf responses: 200: $ref: '#/components/responses/VNFInstances.Get.200' @@ -114,11 +114,11 @@ paths: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - $ref: '#/components/parameters/filter_vnf_lcm_op_occs' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_vnfm - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_vnfm - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf - $ref: '#/components/parameters/exclude_default_vnf_lcm_op_occs' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf - $ref: ../components/SOL023_params.yaml#/components/parameters/Version responses: 200: @@ -216,7 +216,7 @@ paths: It can be used e.g. for resynchronization after error situations. See clause 5.4.18.3.2. parameters: - $ref: '#/components/parameters/filter_subscriptions' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_vnfm + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf responses: 200: $ref: '#/components/responses/Subscriptions.Get.200' @@ -851,16 +851,4 @@ components: style: simple explode: false schema: - type: string - - - - - - - - - - - - + type: string \ No newline at end of file -- GitLab From 2a2a21f645d388e32ffde32097e91329e16e13ac Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 16:53:02 +0200 Subject: [PATCH 14/52] add new interfaces and methods in CertificateManagement.yaml --- .../CertificateManagement.yaml | 429 +++++++++++++++++- 1 file changed, 417 insertions(+), 12 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 698df02..662099d 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -64,16 +64,51 @@ paths: $ref: ../responses/SOL023_resp.yaml#/responses/503 "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 - + + get: + description: | + The GET method queries information about multiple subject instances. See clause 5.5.3.3.2. + parameters: + - $ref: '#/components/parameters/filter_subject_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf + - $ref: '#/components/parameters/exclude_default_subject_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + responses: + "200": + $ref: "#/components/responses/SubjectInstances.Get.200" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "416": + $ref: ../responses/SOL023_resp.yaml#/responses/416 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + /subject/{subjectId}: parameters: - $ref: "#/components/parameters/subjectId" - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + get: description: | - The GET method retrieves information about a Subject instance by reading an "Individual Subject instance" resource. - See clause 5.5.4.3.2. + The GET method retrieves information about a Subject instance by reading an "Individual Subject instance" + resource. See clause 5.5.4.3.2. parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept responses: @@ -99,6 +134,7 @@ paths: $ref: ../responses/SOL023_resp.yaml#/responses/503 "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 + delete: description: | This method deletes an "Individual Subject instance" resource. See clause 5.5.4.3.5. @@ -124,8 +160,12 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - /subject/{subjectId}/certificate: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: description: | The POST method creates a new Certificate resource with certificate for VNFCI and VNF OAM. See clause 5.5.5.3.1. @@ -157,10 +197,108 @@ paths: "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 + get: + description: | + The GET method queries information about multiple subject instances. See clause 5.5.5.3.2. + parameters: + - $ref: '#/components/parameters/filter_certificate_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf + - $ref: '#/components/parameters/exclude_default_certificate_instances' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + responses: + "200": + $ref: "#/components/responses/CertificateInstances.Get.200" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "416": + $ref: ../responses/SOL023_resp.yaml#/responses/416 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + + /subject/{subjectId}/certificate/{certificateId}: + parameters: + - $ref: "#/components/parameters/subjectId" + - $ref: "#/components/parameters/certificateId" + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + + get: + description: | + The GET method retrieves information about a Certificate instance by reading an + "Individual Certificate instance" resource. See clause 5.5.x.1 + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + + responses: + "200": + $ref: "#/components/responses/IndividualCertificateInstance.Get.200" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "416": + $ref: ../responses/SOL023_resp.yaml#/responses/416 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + "504": + $ref: ../responses/SOL023_resp.yaml#/responses/504 + + delete: + description: | + This method deletes an "Individual Certificate instance" resource. See clause 5.5.x.2. + responses: + "204": + $ref: "#/components/responses/IndividualCertificateInstance.Delete.204" + "409": + $ref: "#/components/responses/IndividualCertificateInstance.Delete.409" + "400": + $ref: ../responses/SOL023_resp.yaml#/responses/400 + "401": + $ref: ../responses/SOL023_resp.yaml#/responses/401 + "403": + $ref: ../responses/SOL023_resp.yaml#/responses/403 + "404": + $ref: ../responses/SOL023_resp.yaml#/responses/404 + "405": + $ref: ../responses/SOL023_resp.yaml#/responses/405 + "406": + $ref: ../responses/SOL023_resp.yaml#/responses/406 + "500": + $ref: ../responses/SOL023_resp.yaml#/responses/500 + "503": + $ref: ../responses/SOL023_resp.yaml#/responses/503 + /subject/{subjectId}/certificate/{certificateId}/certificate_content: parameters: - $ref: "#/components/parameters/subjectId" - $ref: "#/components/parameters/certificateId" + get: description: | The GET method fetches the content of an individual certificate. See clause 5.5.x.3.2. @@ -196,13 +334,69 @@ paths: components: parameters: + filter_subject_instances: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. + The CMF shall support receiving this parameter as part of the URI query string. The VNFM may + supply this parameter. + All attribute names that appear in the SubjectInstance and in data types referenced from it + shall be supported by the CMF in the filter expression. + in: query + required: false + schema: + type: string + + exclude_default_subject_instances: + name: exclude_default + in: query + description: >- + Indicates to exclude the following complex attributes from the response. See clause 5.3 of + ETSI GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. + The following attributes shall be excluded from the SubjectInstance structure in the response + body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", + "exclude_default" are provided: + - pkiBody + required: false + schema: + type: string + + filter_certificate_instances: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. + The CMF shall support receiving this parameter as part of the URI query string. The VNFM may + supply this parameter. + All attribute names that appear in the SubjectInstance and in data types referenced from it + shall be supported by the CMF in the filter expression. + in: query + required: false + schema: + type: string + + exclude_default_certificate_instances: + name: exclude_default + in: query + description: >- + Indicates to exclude the following complex attributes from the response. See clause 5.3 of + ETSI GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. + The following attributes shall be excluded from the SubjectInstance structure in the response + body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", + "exclude_default" are provided: + - pkiBody + required: false + schema: + type: string + subjectId: name: subjectId in: path description: | Identifier of the Subject instance. See note 1. - NOTE 1: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Subject instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. + NOTE 1: This identifier can be retrieved from the resource referenced by the "Location" HTTP + header in the response to a POST request creating a new "Individual Subject instance" resource. + It can also be retrieved from the "id" attribute in the message content of that response. required: true style: simple explode: false @@ -215,7 +409,9 @@ components: description: | certificateId Identifier of the Certificate instance. See note 2. - NOTE 2: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Certificate instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. + NOTE 2: This identifier can be retrieved from the resource referenced by the "Location" HTTP + header in the response to a POST request creating a new "Individual Certificate instance" resource. + It can also be retrieved from the "id" attribute in the message content of that response. required: true style: simple explode: false @@ -227,11 +423,14 @@ components: description: > 201 CREATED - Shall be returned when a new "Individual Subject instance" resource and the associated Subject instance identifier has been created successfully. + Shall be returned when a new "Individual Subject instance" resource and the associated Subject + instance identifier has been created successfully. - The response body shall contain a representation of the created Subject instance, as defined in clause x.x.x.x. + The response body shall contain a representation of the created Subject instance, as defined in + clause x.x.x.x. - The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the + created Subject instance. headers: Location: description: | @@ -269,9 +468,11 @@ components: description: > 409 CONFLICT - Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. + Shall be returned upon the following error: The operation cannot be executed currently, due to a + conflict with the state of the resource. - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall + convey more information about the error. headers: Location: description: | @@ -300,7 +501,70 @@ components: explode: false schema: type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + SubjectInstances.Get.200: + description: > + 201 OK + Shall be returned when information about zero or more subject instances has been queried successfully. + + The response body shall contain in an array the representations of zero or more subject instances, as + defined in clause 5.6.2.x. + + If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" + (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response + body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of + ETSI GS NFV SOL 013 [8], respectively. + + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 [8] for + this resource, inclusion of the Link HTTP header in this response shall follow the provisions in + clause 5.4.2.3 of ETSI GS NFV SOL 013 [8]. + headers: + Location: + description: | + The resource URI of the created subject resource. + style: simple + explode: false + schema: + type: string + format: url + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/SubjectInstance" + IndividualSubjectInstance.Get.200: description: | 200 OK @@ -330,7 +594,7 @@ components: content: application/json: schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/SubjectInstance" IndividualSubjectInstance.Delete.204: description: | @@ -461,6 +725,147 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + CertificateInstances.Get.200: + description: > + 201 OK + + Shall be returned when information about zero or more subject instances has been queried successfully. + + The response body shall contain in an array the representations of zero or more subject instances, as + defined in clause 5.6.2.x. + + If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" + (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response + body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of + ETSI GS NFV SOL 013 [8], respectively. + + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 [8] for + this resource, inclusion of the Link HTTP header in this response shall follow the provisions in + clause 5.4.2.3 of ETSI GS NFV SOL 013 [8]. + headers: + WWW-Authenticate: + description: > + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" + + IndividualCertificateInstance.Get.200: + description: > + 200 OK + + Shall be returned when information about an individual Certificate instance has been read successfully. + The response body shall contain a representation of the Certificate instance, as defined in clause 5.6.x. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided + authorization, or error details if the corresponding HTTP + request has provided an invalid authorization token. + schema: + type: string + Version: + description: > + Version of the API used in the response. + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 9110 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" + + IndividualCertificateInstance.Delete.204: + description: | + 204 NO CONTENT + + Shall be returned when the "Individual Certificate instance" resource and the associated + Certificate identifier were deleted successfully. + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + IndividualCertificateInstance.Delete.409: + description: | + 409 CONFLICT + + Shall be returned upon the following error: The operation cannot be executed currently, due to a + conflict with the state of the resource. + Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey + more information about the error. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. Reference: IETF RFC 7231 + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + IndividualCertificateContentInstance.Get.200: description: > 200 OK -- GitLab From b12752dbb23708c7be353ec981d8f17e4a541df3 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 17:10:14 +0200 Subject: [PATCH 15/52] update IETF RFCs references --- .../CertificateManagement.yaml | 4 +- .../VNFLifecycleManagement.yaml | 18 +++---- src/SOL023/components/SOL023_params.yaml | 6 +-- src/SOL023/definitions/SOL023_def.yaml | 4 +- src/SOL023/responses/SOL023_resp.yaml | 53 ++++++++++--------- 5 files changed, 45 insertions(+), 40 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 662099d..3cbf305 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -648,7 +648,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -856,7 +856,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index af04559..3ac94a6 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -462,7 +462,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -504,7 +504,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -562,7 +562,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -605,7 +605,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -648,7 +648,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -695,7 +695,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -738,7 +738,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -779,7 +779,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: @@ -821,7 +821,7 @@ components: type: string Content-Type: description: | - The MIME type of the body of the response. Reference: IETF RFC 7231 + The MIME type of the body of the response. Reference: IETF RFC 9110 style: simple explode: false schema: diff --git a/src/SOL023/components/SOL023_params.yaml b/src/SOL023/components/SOL023_params.yaml index b6cbf6f..2ea7c74 100644 --- a/src/SOL023/components/SOL023_params.yaml +++ b/src/SOL023/components/SOL023_params.yaml @@ -12,7 +12,7 @@ components: Accept: name: Accept description: > - Content-Types that are acceptable for the response. Reference: IETF RFC 7231. + Content-Types that are acceptable for the response. Reference: IETF RFC 9110. in: header required: true schema: @@ -21,7 +21,7 @@ components: Authorization: name: Authorization description: > - The authorization token for the request. Reference: IETF RFC 7235. + The authorization token for the request. Reference: IETF RFC 9110. in: header required: false schema: @@ -30,7 +30,7 @@ components: ContentType: name: Content-Type description: | - The MIME type of the body of the request. Reference: IETF RFC 7231 + The MIME type of the body of the request. Reference: IETF RFC 9110 in: header required: true schema: diff --git a/src/SOL023/definitions/SOL023_def.yaml b/src/SOL023/definitions/SOL023_def.yaml index d84b6fd..559a4c0 100644 --- a/src/SOL023/definitions/SOL023_def.yaml +++ b/src/SOL023/definitions/SOL023_def.yaml @@ -170,12 +170,12 @@ definitions: A short, human-readable summary of the problem type. It SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization (e.g., using - proactive content negotiation; see [RFC7231], Section 3.4). + proactive content negotiation; see [RFC9110], Section 3.4). type: string status: description: > The HTTP status code for this occurrence of the problem. - The HTTP status code ([RFC7231], Section 6) generated by the origin + The HTTP status code ([RFC9110], Section 6) generated by the origin server for this occurrence of the problem. type: integer detail: diff --git a/src/SOL023/responses/SOL023_resp.yaml b/src/SOL023/responses/SOL023_resp.yaml index d3b8524..43d5494 100644 --- a/src/SOL023/responses/SOL023_resp.yaml +++ b/src/SOL023/responses/SOL023_resp.yaml @@ -45,27 +45,32 @@ responses: 400 code can be returned in the following specified cases, the specific cause has to be proper specified in the "ProblemDetails" structure to be returned. - If the request is malformed or syntactically incorrect (e.g. if the request URI contains incorrect - query parameters or the payload body contains a syntactically incorrect data structure), - the API producer shall respond with this response code. The "ProblemDetails" structure shall be provided, - and should include in the "detail" attribute more information about the source of the problem. - - If the response to a GET request which queries a container resource would be so big that the performance - of the API producer is adversely affected, and the API producer does not support paging for the affected resource, - it shall respond with this response code. The "ProblemDetails" structure shall be provided, and should include - in the "detail" attribute more information about the source of the problem. - - If there is an application error related to the client's input that cannot be easily mapped to any other - HTTP response code ("catch all error"), the API producer shall respond with this response code. - The "ProblemDetails" structure shall be provided, and shall include in the "detail" attribute more information - about the source of the problem. - - If the request contains a malformed access token, the API producer should respond with this response. - The details of the error shall be returned in the WWW Authenticate HTTP header, as defined in IETF RFC 6750 - and IETF RFC 7235. The ProblemDetails structure may be provided. - - The use of this HTTP error response code described above is applicable to the use of the OAuth 2.0 - for the authorization of API requests and notifications, as defined in clauses 4.5.3.3 and 4.5.3.4. + If the request is malformed or syntactically incorrect (e.g. if the request URI + contains incorrect query parameters or the message content contains a syntactically + incorrect data structure), the API producer shall respond with this response code. + More details are defined in IETF RFC 9110 [24]. The "ProblemDetails" structure + shall be provided, and should include in the "detail" attribute more information + about the source of the problem. + + If the response to a GET request which queries a container resource would be so big + that the performance of the API producer is adversely affected, and the API + producer does not support paging for the affected resource, it shall respond with this + response code. Clause 5.4.2.2 specifies provisions for the "ProblemDetails" structure + provided in the response body. + + If there is an application error related to the client's input that cannot be easily + mapped to any other HTTP response code ("catch all error"), the API producer shall + respond with this response code. The "ProblemDetails" structure shall be provided, + and shall include in the "detail" attribute more information about the source of the + problem. + + If the request contains a malformed access token, the API producer should respond + with this response. The details of the error shall be returned in the + WWW-Authenticate HTTP header, as defined in IETF RFC 6750 [8]. The + ProblemDetails structure may be provided. + + The use of this HTTP error response code described above is applicable to the use of the OAuth 2.0 for + the authorization of API requests and notifications, as defined in clauses 8.3.3 and 8.3.4. headers: Content-Type: description: The MIME type of the body of the response. @@ -101,7 +106,7 @@ responses: If the request contains no access token even though one is required, or if the request contains an authorization token that is invalid (e.g. expired or revoked), the API producer should respond with this response. The details of the error shall be returned in the WWW-Authenticate HTTP header, as defined in IETF RFC 6750 - and IETF RFC 7235. The ProblemDetails structure may be provided. + and IETF RFC 9110. The ProblemDetails structure may be provided. headers: Content-Type: description: The MIME type of the body of the response. @@ -348,7 +353,7 @@ responses: 413 PAYLOAD TOO LARGE If the payload body of a request is larger than the amount of data the API producer is willing or able to process, - it shall respond with this response code, following the provisions in IETF RFC 7231 for the use + it shall respond with this response code, following the provisions in IETF RFC 9110 for the use of the "Retry-After" HTTP header and for closing the connection. The "ProblemDetails" structure may be omitted. headers: Content-Type: @@ -563,7 +568,7 @@ responses: 503 SERVICE UNAVAILABLE If the API producer encounters an internal overload situation of itself or of a system it relies on, - it should respond with this response code, following the provisions in IETF RFC 7231 for the use of + it should respond with this response code, following the provisions in IETF RFC 9110 for the use of the "Retry-After" HTTP header and for the alternative to refuse the connection. The "ProblemDetails" structure may be omitted. headers: -- GitLab From 185daebadbada27a8a53ad981d5c1de49f6eeb9c Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 14 Oct 2024 17:27:54 +0200 Subject: [PATCH 16/52] fix identation for CM yamls --- src/SOL023/CertificateManagement/CertificateManagement.yaml | 1 + .../definitions/SOL023CertificateManagement_def.yaml | 5 ++--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 3cbf305..ccc9521 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -988,6 +988,7 @@ components: schema: $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CreateSubjectRequest" required: true + CSRRequest: description: > Certificate resource creation request. diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 79c3131..c5b3a02 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -10,9 +10,8 @@ definitions: NOTE 2: "senderKID" attribute and "recipKID" attribute can be used to protect the message. "senderKID" attribute and "recipKID" attribute shall be present if required to uniquely identify a key, otherwise should be absent. Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g., same approach of URN. - Editor’s note: it is FFS how to use to realize authenticated scheme. The mandatory to support basic authenticated scheme + Editor's note: it is FFS how to use to realize authenticated scheme. The mandatory to support basic authenticated scheme uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. - type: object required: - pkiHeader @@ -72,7 +71,7 @@ definitions: Permit values: - Certificationb type - Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" infoValue: description: > If the value of "infoType" is "Certification type", it shall be set. -- GitLab From 09f72d788ba2feb0da26c2ef96e536d5149f93ee Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 15:27:56 +0200 Subject: [PATCH 17/52] minor fixes in CertificateManagement.yaml --- .../CertificateManagement.yaml | 28 +++++++++---------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index ccc9521..d4d29c2 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -241,7 +241,7 @@ paths: get: description: | The GET method retrieves information about a Certificate instance by reading an - "Individual Certificate instance" resource. See clause 5.5.x.1 + "Individual Certificate instance" resource. See clause 5.5.6.3.2. parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept @@ -271,7 +271,7 @@ paths: delete: description: | - This method deletes an "Individual Certificate instance" resource. See clause 5.5.x.2. + This method deletes an "Individual Certificate instance" resource. See clause 5.5.6.3.5. responses: "204": $ref: "#/components/responses/IndividualCertificateInstance.Delete.204" @@ -301,7 +301,8 @@ paths: get: description: | - The GET method fetches the content of an individual certificate. See clause 5.5.x.3.2. + The GET method fetches the content of a certificate content identified by the certificate + identifier allocated by the CMF. See clause 5.5.7.3.2. responses: "200": $ref: "#/components/responses/IndividualCertificateContentInstance.Get.200" @@ -427,7 +428,7 @@ components: instance identifier has been created successfully. The response body shall contain a representation of the created Subject instance, as defined in - clause x.x.x.x. + clause 5.6.2.2. The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. @@ -513,7 +514,7 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.x. + defined in clause 5.6.2.2. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response @@ -570,7 +571,7 @@ components: 200 OK Shall be returned when information about an individual Subject instance has been read successfully. - The response body shall contain a representation of the Subject instance, as defined in clause x.x.x.x. + The response body shall contain a representation of the Subject instance, as defined in clause 5.6.2.2. headers: WWW-Authenticate: description: | @@ -623,13 +624,10 @@ components: description: | 409 CONFLICT - Shall be returned upon the following error: The - operation cannot be executed currently, due to a + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. - Typically, this is due to the fact that the "Individual - VNF instance" resource is in INSTANTIATED state. - The response body shall contain a ProblemDetails - structure, in which the "detail" attribute shall convey + Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. headers: WWW-Authenticate: @@ -664,7 +662,7 @@ components: Shall be returned when a new "Individual Certificate instance" resource and the associated Certificate instance identifier has been created successfully. - The response body shall contain a representation of the created Certificate instance, as defined in clause x.x.x.x. + The response body shall contain a representation of the created Certificate instance, as defined in clause 5.6.2.3. The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Certificate instance. headers: @@ -732,7 +730,7 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.x. + defined in clause 5.6.2.3. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response @@ -781,7 +779,7 @@ components: 200 OK Shall be returned when information about an individual Certificate instance has been read successfully. - The response body shall contain a representation of the Certificate instance, as defined in clause 5.6.x. + The response body shall contain a representation of the Certificate instance, as defined in clause 5.6.2.3. headers: WWW-Authenticate: description: | -- GitLab From f0440b6e7a17feb0e61a70abe603eeacc87e2272 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 15:32:40 +0200 Subject: [PATCH 18/52] update Data Models in SOL023CertificateManagement_def.yaml --- .../SOL023CertificateManagement_def.yaml | 410 +++++++++++------- 1 file changed, 265 insertions(+), 145 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index c5b3a02..d93d37a 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -1,17 +1,197 @@ definitions: + PkiHeader: + description: > + This type represents a PkiHeadear. + + NOTE: At the time of use "PkiHeader" data type, e.g. for CreateSubjectRequest, nothing about the + sender is known to the sending entity (the end entity may not know its own Distinguished Name (DN), + e-mail name, IP address, etc.), then the "sender" field shall contain a "NULL" value. + + NOTE: The attributes in the table 4.3.2.1-1 are aligned to the mandatory-defined parameters + in the CMPv2 in IETF RFC 4210. + + Editor's note: it is FFS how to use OID for “generalInfo” attribute in ETSI NFV, e.g. same approach of URN. + + Editor's note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated + scheme uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. + type: object + required: + - pvno + - sender + - recipient + - generalInfo + properties: + pvno: + description: > + Protocol Version Number. Fixed value “2” shall be set. + type: integer + sender: + description: > + Name of the sender of the Request. + $ref: "#/definitions/GeneralName" + recipient: + description: > + Name of the recipient of the Request. + $ref: "#/definitions/GeneralName" + generalInfo: + description: > + It shall contain two of the attributes. + The first generallInfo shall contain the set of + • InfoType for Certificate type + • Infovalue for Choice of MANO or VNFC or VNF OAM + + Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain + the set of + • InfoType for Type of VNFC certification handling + • Infovalue for Choice of direct or delegation + type: object + required: + - InfoType + properties: + InfoType: + description: > + Indicate the type of Info. The namespaces and conventions for the values of this attribute that + is OID defined as clause x.x.x. + Permit values: + • Certification type + • Type of VNFC certification handling + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + InfoValue: + description: > + If the value of “InfoType” is “Certification type”, it shall be set. + Permit values: + • MANO certificate + • VNFCI certificate + • VNF OAM certificate + + If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. + Permit values: + • Direct mode + • Delegation mode + Only the value "Delegation mode" is allowed for this version of the present document. + type: string + + CertRepMessages: + description: > + This type represents a CertRepMessages. + + NOTE: For the case of MANO certificate, this attribute is not supported in this version of the present document. + type: object + required: + - certResponse + properties: + certResponse: + description: > + The structure and attributes are defined in IETF RFC 5912. + type: object + required: + - certReqId + - status + properties: + certReqId: + description: > + Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". + type: integer + status: + description: > + State of the subject. + $ref: "#/definitions/PKIStatusInfoType" + + SubjectInstance: + description: > + This type represents a subject instance. + + NOTE: As concept of the design of the type "SubjectInstance", the attributes in the table 5.6.2.2-1 + are aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 with extending to RESTful design. + type: object + required: + - pkiHeader + - pkiBody + - _links + properties: + pkiHeader: + description: > + A common information of PKI message for addressing and transaction identification. + The structure and attributes are defined in IETF RFC 4210 and RFC 9480. + $ref: "#/definitions/PkiHeader" + pkiBody: + description: > + Message-specific information. The structure and attributes are aligned/defined in + IETF RFC 4210 and IETF RFC 9480. + type: object + required: + - ir + - ip + properties: + ir: + description: > + Information for Initialization request. + $ref: "#/definitions/CertReqMessages" + ip: + description: > + Information for Initialization response. + $ref: "#/definitions/CertRepMessages" + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + properties: + self: + description: > + URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + + CertificateInstance: + description: > + This type represents a certificate instance. It shall comply with the provisions defined in table 5.6.2.3-1. + + NOTE: As concept of the design of the type "CertificateInstance", the attributes in the table 5.6.2.3-1 are + aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 with extending to RESTful design. + type: object + required: + - pkiHeader + - pkiBody + - _links + properties: + pkiHeader: + description: > + A common information of PKI message for addressing and transaction identification. + The structure and attributes are defined in IETF RFC 4210 and RFC 9480. + $ref: "#/definitions/PkiHeader" + pkiBody: + description: > + Message-specific information. The structure and attributes are aligned/defined in + IETF RFC 4210 and IETF RFC 9480. + type: object + required: + - p10cr + - cp + properties: + p10cr: + description: > + Encoded Information for CSR Request. The structure and attributes are aligned and defined in IETF RFC 2986. + $ref: "#/definitions/CSRRequest" + cp: + description: > + Information for CSR response. + $ref: "#/definitions/CertRepMessages" + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + properties: + self: + description: > + URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" + CreateSubjectRequest: description: > - This type reqpresents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. - NOTE: As concept of the design of the type "CreateSubjectRequest", the attributes are profiling of mandatory defined - parameters in the CMP in IETF RFC 4210. - NOTE 1: At the time of sending CreateSubjectRequest, nothing about the sender is known to the sending - entity (the end entity may not know its own Distinguished Name (DN), e-mail name, IP address, etc.), - then the "sender" attribute shall contain a "NULL" value and the "senderKID" attribute shall be present. - NOTE 2: "senderKID" attribute and "recipKID" attribute can be used to protect the message. "senderKID" attribute - and "recipKID" attribute shall be present if required to uniquely identify a key, otherwise should be absent. - Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g., same approach of URN. - Editor's note: it is FFS how to use to realize authenticated scheme. The mandatory to support basic authenticated scheme - uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. + This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. type: object required: - pkiHeader @@ -21,68 +201,96 @@ definitions: description: > A common informatio0n of PKI message for addressing and transaction identification. The structure and attributes are defined in IETF RFC 4210 and RFC 9480. + $ref: "#/definitions/PkiHeader" + pkiBody: + description: > + Message specific information. The structure and attributes are aligned/defined in IETF + RFC 4210 and IETF RFC 9480. + type: object + required: + - ir + properties: + ir: + description: > + Information for Initialization Request. + $ref: "#/definitions/CertReqMessages" + + CSRRequest: + description: > + This type represents request parameters for the "Certificate Signing Request" operation. + + NOTE: As concept of the design of the type “CSRReuqest”, the attributes are aligned to the mandatory-defined + parameters in the CMPv2 in IETF RFC 4210 + + Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g. same approach of URN. + + Editor's note: another contribution is required for CSRMessage. + + Editor's note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated + scheme uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. + type: object + required: + - pkiHeader + - pkiBody + properties: + pkiHeader: + description: > + A common information of PKI message for addressing and transaction identification. + The structure and attributes are defined in IETF RFC 4210 and RFC 9480. type: object required: - - pvno - - sender + - pvno + - sender - recipient - generalInfo properties: pvno: description: > - Protocol Version Number. Fixed value "2" shall be set. + Protocol Version Number. Fixed value “2” shall be set. type: integer sender: description: > - Name of the sender of the Request. See note 1. + Name of the sender of the Request. $ref: "#/definitions/GeneralName" recipient: description: > - Name of the recipient of the Request + Name of the recipient of the Request. $ref: "#/definitions/GeneralName" - senderKID: - description: > - Identifier that indicates to the receiver the appropriate shared secret information to use - to verify the message. See note 1 and 2. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - recipKID: - description: > - Identifier that indicates to the receiver the appropriate shared secret information to use - to veridy the message. See note 2. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" generalInfo: description: > It shall contain two of the attributes. - The first generalInfo shall contain the set of - - InfoType for Certificate type - - Infovalue for Choice of MANO or VNFC or VNF OAM - Unless the InfoValue of the first generalInfo is MANO, the second generalInfo shall contain + The first generallInfo shall contain the set of + • InfoType for Certificate type + • Infovalue for Choice of MANO or VNFC or VNF OAM + + Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain the set of - - InfoType for Type of VNFC certification handling - - InfoValue for Choice of direct or delegation + • InfoType for Type of VNFC certification handling + • Infovalue for Choice of direct or delegation type: object required: - InfoType properties: - infoType: + InfoType: description: > - Indicate the type of Info. The namespaces and conventions for the values of this attribute - that is OID defined as clause x.x.x. + Indicate the type of Info. The namespaces and conventions for the values of this attribute that + is OID defined as clause x.x.x. Permit values: - - Certificationb type - - Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - infoValue: + • Certification type + • Type of VNFC certification handling + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + InfoValue: description: > - If the value of "infoType" is "Certification type", it shall be set. + If the value of “InfoType” is “Certification type”, it shall be set. Permit values: - - MANO certificate - - VNFCI certificate - - VNF OAM certificate - If the value of "InfoType" is "Type of VNFC certification handling", it shall be set. + • MANO certificate + • VNFCI certificate + • VNF OAM certificate + + If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. Permit values: - - Direct mode - - Delegation mode + • Direct mode + • Delegation mode Only the value "Delegation mode" is allowed for this version of the present document. type: string pkiBody: @@ -91,13 +299,14 @@ definitions: RFC 4210 and IETF RFC 9480. type: object required: - - ir + - p10cr properties: - ir: + p10cr: description: > - Information for Initialization Request. - $ref: "#/definitions/CertReqMessages" - + Encoded Information for CSR Request. The structure and attributes are aligned and + defined in IETF RFC 2986. + $ref: "#/definitions/CSRMessage" + CertReqMessages: description: > This type represents a CertReqMessages. @@ -134,95 +343,10 @@ definitions: NOTE: For the case of MANO certificate, this attribute is not supported in this version of the present document. type: integer - - CSRRequest: - description: > - This type represents request parameters for the "Certificate Signing Request" operation. - NOTE: As concept of the design of the type “CSRReuqest”, the attributes are aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 - Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g. same approach of URN. - Editor’s note: another contribution is required for CSRMessage. - Editor;s note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated scheme uses the IAK secret for this purpose. - Consequences of using/requiring other schemas shall be considered. - - type: object - required: - - pkiHeader - - pkiBody - properties: - pvno: - description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - type: integer - sender: - description: > - Name of the sender of the Request. - $ref: "#/definitions/GeneralName" - recipient: - description: > - Name of the recipient of the Request. - $ref: "#/definitions/GeneralName" - generalInfo: - description: > - It shall contain two of the attributes. - The first generallInfo shall contain the set of - • InfoType for Certificate type - • Infovalue for Choice of MANO or VNFC or VNF OAM - - Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain - the set of - • InfoType for Type of VNFC certification handling - • Infovalue for Choice of direct or delegation - type: object - required: - - InfoType - properties: - InfoType: - description: > - Indicate the type of Info. The namespaces and conventions for the values of this attribute that is OID defined as clause x.x.x. - Permit values: - • Certification type - • Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - InfoValue: - description: > - If the value of “InfoType” is “Certification type”, it shall be set. - Permit values: - • MANO certificate - • VNFCI certificate - • VNF OAM certificate - - If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. - Permit values: - • Direct mode - • Delegation mode - Only the value "Delegation mode" is allowed for this version of the present document. - type: string - pkiBody: - description: > - Message specific information. The structure and attributes are aligned/defined in IETF - RFC 4210 and IETF RFC 9480. - type: object - required: - - p10cr - properties: - p10cr: - description: > - Encoded Information for CSR Request. The structure and attributes are aligned and - defined in IETF RFC 2986. - $ref: "#/definitions/CSRMessage" ############################################################# ######################## TODOs ############################## - CertificateInstance: - description: > - TBD - - SubjectInstance: - description: > - TBD - GeneralName: description: > TBD @@ -231,14 +355,10 @@ definitions: description: > TBD - pkiHeader: - description: > - TBD - - CertRepMessages: - description: > - TBD - PKIStatusInfoType: description: > - TBD \ No newline at end of file + TBD + type: string + enum: + - TBD + - TBD1 \ No newline at end of file -- GitLab From 4cd87a718d02e67a85d661e6577da9d2e9c6d299 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 18:28:39 +0200 Subject: [PATCH 19/52] Add Subs Data Models in SOL023CertificateManagement_def.yaml --- .../SOL023CertificateManagement_def.yaml | 34 ++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index d93d37a..b2f509e 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -361,4 +361,36 @@ definitions: type: string enum: - TBD - - TBD1 \ No newline at end of file + - TBD1 + + ####################################################################### + ################# Subscriptions Related Data Models ################### + ####################################################################### + + CertificateSubscriptionRequest: + description: > + TBD + + CertificateSubscription: + description: > + TBD + + CertificateLifecycleStateChangeNotification: + description: > + TBD + + CertificateChangeNotificationsFilter: + description: > + TBD + + AffectedSubject: + description: > + TBD + + AffectedCertificate: + description: > + TBD + + CertificateNotificationVerbosityType: + description: > + TBD \ No newline at end of file -- GitLab From 12ba3bef3f9af331c3d273b14cecf3f6d1be1cc0 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 18:29:30 +0200 Subject: [PATCH 20/52] Add callback notif endpoints for CertificateManagement --- .../CertificateNotification.yaml | 147 ++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 src/SOL023/CertificateNotification/CertificateNotification.yaml diff --git a/src/SOL023/CertificateNotification/CertificateNotification.yaml b/src/SOL023/CertificateNotification/CertificateNotification.yaml new file mode 100644 index 0000000..ab44bcb --- /dev/null +++ b/src/SOL023/CertificateNotification/CertificateNotification.yaml @@ -0,0 +1,147 @@ +openapi: 3.0.2 + +info: + title: SOL023 - Certificate Notification interface + description: | + SOL023 - Certificate Notification interface + + IMPORTANT: Please note that this file might be not aligned to the current + version of the ETSI Group Specification it refers to. In case of + discrepancies the published ETSI Group Specification takes precedence. + + Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues + + contact: + name: NFV-SOL WG + license: + name: ETSI Forge copyright notice + url: https://forge.etsi.org/etsi-forge-copyright-notice.txt + version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 + +externalDocs: + description: ETSI GS NFV-SOL 023 V5.2.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + +servers: + - url: http://127.0.0.1/callback/v2 + - url: https://127.0.0.1/callback/v2 +paths: + + ####################################################################### + ## Notification endpoint CertificateLifecycleStateChangeNotification ## + ####################################################################### + + /URI_is_provided_by_the_client_when_creating_the_subscription-CertificateLifecycleStateChangeNotification: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + post: + description: | + The POST method delivers a notification from the API producer to an API consumer. The API consumer shall + have previously created an "Individual subscription" resource with a matching filter. See clause 5.4.20.3.1. + requestBody: + $ref: '#/components/requestBodies/CertificateLifecycleStateChangeNotification' + responses: + 204: + $ref: '#/components/responses/CertificateLifecycleStateChangeNotification.Post.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + + get: + description: | + The GET method allows the API producer to test the notification endpoint that is provided by the API consumer, + e.g. during subscription. See clause 5.4.20.3.2. + responses: + 204: + $ref: '#/components/responses/CertificateLifecycleStateChangeNotification.Get.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + +components: + requestBodies: + CertificateLifecycleStateChangeNotification: + description: | + A notification about certificate changes triggered by a certificate management operation occurrence. + content: + application/json: + schema: + $ref: "../CertificateManagement/definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateLifecycleStateChangeNotification" + required: true + + responses: + CertificateLifecycleStateChangeNotification.Post.204: + description: | + 204 NO CONTENT + + Shall be returned when the notification has been delivered successfully. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + CertificateLifecycleStateChangeNotification.Get.204: + description: | + 204 NO CONTENT + + Shall be returned to indicate that the notification endpoint has been tested successfully. + + The response body shall be empty. + headers: + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Version: + description: The used API version. + style: simple + explode: false + schema: + type: string + + + + + + + + + -- GitLab From bc1e2655f34d98d10bab5c8d4ce9c7e059dbab9e Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 18:30:03 +0200 Subject: [PATCH 21/52] Add subs endpoints in CertificateManagement.yaml --- .../CertificateManagement.yaml | 430 ++++++++++++++++++ 1 file changed, 430 insertions(+) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index d4d29c2..4be78bf 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -333,6 +333,136 @@ paths: "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 +####################################################################### +###################### Subscriptions Endpoints ######################## +####################################################################### + + /subscriptions: + parameters: + - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept + - $ref: ../components/SOL023_params.yaml#/components/parameters/ContentType + + post: + description: | + The POST method creates a new subscription. See clause 7.5.3.3.1. + requestBody: + $ref: "#/components/requestBodies/CertificateSubscriptionRequest" + responses: + 201: + $ref: '#/components/responses/Subscriptions.Post.201' + 303: + $ref: '#/components/responses/Subscriptions.Post.303' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 422: + $ref: '#/components/responses/Subscriptions.Post.422' + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + get: + description: | + + parameters: + - $ref: '#/components/parameters/filter_subscriptions' + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + responses: + 200: + $ref: '#/components/responses/Subscriptions.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 422: + $ref: "../responses/SOL023_resp.yaml#/responses/422" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + /subscriptions/{subscriptionId}: + parameters: + - $ref: '#/components/parameters/SubscriptionId' + - $ref: ../components/SOL023_params.yaml#/components/parameters/Version + - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization + + get: + description: | + The GET method reads an individual subscription. See clause 11.4.3.3.2. + responses: + 200: + $ref: '#/components/responses/IndividualSubscription.Get.200' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 422: + $ref: "../responses/SOL023_resp.yaml#/responses/422" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + + delete: + description: | + The DELETE method terminates an individual subscription. See clause 11.4.3.3.5. + responses: + 204: + $ref: '#/components/responses/IndividualSubscription.Delete.204' + 400: + $ref: "../responses/SOL023_resp.yaml#/responses/400" + 401: + $ref: "../responses/SOL023_resp.yaml#/responses/401" + 403: + $ref: "../responses/SOL023_resp.yaml#/responses/403" + 404: + $ref: "../responses/SOL023_resp.yaml#/responses/404" + 405: + $ref: "../responses/SOL023_resp.yaml#/responses/405" + 422: + $ref: "../responses/SOL023_resp.yaml#/responses/422" + 406: + $ref: "../responses/SOL023_resp.yaml#/responses/406" + 500: + $ref: "../responses/SOL023_resp.yaml#/responses/500" + 503: + $ref: "../responses/SOL023_resp.yaml#/responses/503" + 504: + $ref: "../responses/SOL023_resp.yaml#/responses/504" + components: parameters: filter_subject_instances: @@ -419,6 +549,38 @@ components: schema: type: string +############################# For Subscriptions Resources ############################# + + filter_subscriptions: + name: filter + description: > + Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. + + The CMF shall support receiving this parameter as part of the URI query string. The VNFM + may supply this parameter. + + All attribute names that appear in the CertificateSubscription and in data types referenced + from it shall be supported by the CMF in the filter expression. + in: query + required: false + schema: + type: string + + SubscriptionId: + name: subscriptionId + in: path + description: | + Identifier of this subscription. + This identifier can be retrieved from the resource referenced by the + "Location" HTTP header in the response to a POST request creating a + new "Individual subscription" resource. It can also be retrieved from the "id" + attribute in the message content of that response. + required: true + style: simple + explode: false + schema: + type: string + responses: SubjectInstance.Post.201: description: > @@ -977,6 +1139,261 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + ####################################################################### + ################ Subscriptions Endpoints Response Bodies ############## + ####################################################################### + + Subscriptions.Post.201: + description: | + 201 CREATED + + Shall be returned when the subscription has been created successfully. + + The response body shall contain a representation of the created "Individual subscription" resource. + + The HTTP response shall include a "Location" HTTP header that points to the created + "Individual subscription" resource. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + Location: + description: | + The resource URI of the created VNF instance + style: simple + explode: false + schema: + type: string + format: url + content: + application/json: + schema: + $ref: ./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateSubscription + + Subscriptions.Post.303: + description: | + 303 See Other + + Shall be returned if a subscription with the same callback URI and the same filter already exists and + the policy of the CMF is to not create redundant subscriptions. + + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the existing + "Individual subscription" resource. + + The response body shall be empty. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + Location: + description: | + The resource URI of the created VNF instance + style: simple + explode: false + schema: + type: string + format: url + + Subscriptions.Post.422: + description: | + 422 Unprocessable Content + + Shall be returned upon the following error: The content type of the message content is supported + and the message content of a request contains syntactically correct data but the data cannot be processed. + + The general cause for this error and its handling is specified in clause 6.4 of ETSI GS NFV SOL 013, + including rules for the presence of the response body. + + Specifically in case of this resource, the response code 422 shall also be returned if the CMF has tested + the Notification endpoint as described in clause 7.5.5.3.2 and the test has failed. + + In this case, the "detail" attribute in the "ProblemDetails" structure shall convey more information about + the error. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + + Subscriptions.Get.200: + description: | + 200 OK + + Shall be returned when the list of subscriptions has been queried successfully. + + The response body shall contain in an array the representations of all active subscriptions + of the functional block that invokes the method, i.e. zero or more representations of certificate + change notification subscriptions as defined in clause X.X.X.X. + + If the "filter" URI parameter was supplied in the request, the data in the response body shall have + been transformed according to the rules specified in clause 5.2.2 of ETSI GS NFV-SOL 013. + + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 + for this resource, inclusion of the Link HTTP header in this response shall follow the provisions in + clause 5.4.2.3 of ETSI GS NFV SOL 013. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + Link: + description: | + Reference to other resources. Used for paging in the present document, see clause 4.7.2.1. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: ./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateSubscription + + IndividualSubscription.Get.200: + description: | + 200 OK + + Shall be returned when information about an individual subscription has been read successfully. + + The response body shall contain a representation of the "Individual subscription" resource. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: ./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateSubscription + + IndividualSubscription.Delete.204: + description: | + No Content + + Shall be returned when the "Individual subscription" resource has been deleted successfully. + + The response body shall be empty. + headers: + Version: + description: | + The used API version. + style: simple + explode: false + schema: + type: string + WWW-Authenticate: + description: | + Challenge if the corresponding HTTP request has not provided authorization, or error details if the + corresponding HTTP request has provided an invalid authorization token. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The MIME type of the body of the response. + style: simple + explode: false + schema: + type: string + requestBodies: CreateSubjectRequest: description: > @@ -994,4 +1411,17 @@ components: application/json: schema: $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CSRRequest" + required: true + + ####################################################################### + ################ Subscriptions Endpoints Request Bodies ############### + ####################################################################### + + CertificateSubscriptionRequest: + description: | + Details of the subscription to be created. + content: + application/json: + schema: + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateSubscriptionRequest" required: true \ No newline at end of file -- GitLab From f14f4a0afd0fb457bc4a217d5de62fdfe988403e Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 15 Oct 2024 18:33:27 +0200 Subject: [PATCH 22/52] remove extra spaces from CertificateNotification.yaml --- .../CertificateNotification.yaml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/src/SOL023/CertificateNotification/CertificateNotification.yaml b/src/SOL023/CertificateNotification/CertificateNotification.yaml index ab44bcb..d100608 100644 --- a/src/SOL023/CertificateNotification/CertificateNotification.yaml +++ b/src/SOL023/CertificateNotification/CertificateNotification.yaml @@ -135,13 +135,4 @@ components: style: simple explode: false schema: - type: string - - - - - - - - - + type: string \ No newline at end of file -- GitLab From 81dda531a4fae63978120dffd226ec2c974f1ba7 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 11:35:24 +0200 Subject: [PATCH 23/52] add subscriptions related Data Types in CertificateManagement def yaml --- .../SOL023CertificateManagement_def.yaml | 273 +++++++++++++++++- 1 file changed, 266 insertions(+), 7 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index b2f509e..7f636df 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -369,28 +369,287 @@ definitions: CertificateSubscriptionRequest: description: > - TBD + This type represents request parameters for the "subscribe" operation as defined in ETSI GS NFV-IFA 033. + type: object + required: + - callbackUri + properties: + filter: + description: > + Filter settings for this subscription, to define the subset of all notifications this + subscription relates to. A particular notification is sent to the subscriber if the filter + matches, or if there is no filter. + $ref: "#/definitions/CertificateChangeNotificationsFilter" + callbackUri: + description: > + The URI of the endpoint to send the notification to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Uri" + authentication: + description: > + Authentication parameters to configure the use of Authorization when sending notifications + corresponding to this subscription, as defined in clause 8.3.4 of ETSI GS NFV-SOL 013. + + This attribute shall only be present if the subscriber requires authorization of notifications. + $ref: "../../definitions/SOL023_def.yaml#/definitions/SubscriptionAuthentication" + verbosity: + description: > + This attribute signals the requested verbosity of certificate notifications. If it is not + present, it shall default to the value "FULL". + $ref: "#/definitions/CertificateNotificationVerbosityType" + CertificateSubscription: description: > - TBD + This type represents a subscription related to notification about Certificate. + type: object + required: + - id + - callbackUri + - _links + properties: + id: + description: > + Identifier of this subscription resource. + type: integer + filter: + description: > + Filter settings for this subscription, to define the subset of all notifications this + subscription relates to. A particular notification is sent to the subscriber if the filter + matches, or if there is no filter. + $ref: "#/definitions/CertificateChangeNotificationsFilter" + callbackUri: + description: > + The URI of the endpoint to send the notification to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Uri" + verbosity: + description: > + This attribute signals the requested verbosity of certificate notifications. If it is not + present, it shall default to the value "FULL". + $ref: "#/definitions/CertificateNotificationVerbosityType" + _links: + description: > + Links to resources related to this resource. + type: object + required: + - self + properties: + self: + description: > + URI of this resource. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" CertificateLifecycleStateChangeNotification: description: > - TBD - + This type represents a subscription related to notification about Certificate. + type: object + required: + - id + - notificationType + - subscriptionId + - timeStamp + - cetificateState + - certificateId + - _links + properties: + id: + description: > + Identifier of this subscription resource. + type: integer + notificationTypes: + description: > + Discriminator for the different notification types. + Shall be set to "CertificateLifecycleStateChangeNotification" for this notification type. + type: string + subscriptionId: + description: > + Identifier of the subscription that this notification relates to. Shall be set to the value of + the "id" attribute of the "CertificateSubscription" representing the associated + "Individual subscription" resource. + type: integer + timeStamp: + description: > + Date-time of the generation of the notification. + $ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime" + cetificateState: + description: > + The state of the Certificate. + $ref: "#/definitions/CertificateStateType" + certificateId: + description: > + The identifier of the Certificate affected. + type: integer + verbosity: + description: + This attribute signals the verbosity of the notification. If it is not present, it shall + default to the value "FULL". + + If the value is "SHORT", full change details can be obtained by performing a GET request + on the "Individual Certificate" resource. + $ref: "#/definitions/CertificateNotificationVerbosityType" + affectedSubject: + description: + Information about subject instances that were affected. + $ref: "#/definitions/AffectedSubject" + affectedCertificate: + description: + Information about certificate instances that were affected. + type: array + items: + $ref: "#/definitions/AffectedCertificate" + error: + description: + Details of the latest error, if one has occurred during executing the certificate management + (see clause 6.3 of ETSI GS NFV-SOL 013). + $ref: "../../definitions/SOL023_def.yaml#/definitions/ProblemDetails" + _links: + description: > + Links to resources related to this notification. The link URIs in this structure shall be set + to point to the resources identified by the corresponding identifier attributes in this notification. + type: object + required: + - subject: + - certificate + properties: + subject: + description: > + Link to the resource representing the subject instance to which the notified change applies. + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" + certificate: + description: > + Links to the resource representing the certificate instance to which the notified change applies. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" + CertificateChangeNotificationsFilter: description: > - TBD + This type represents a CertificateChangeNotificationsFilter. + type: object + properties: + vnfInstanceSubscriptionFilter: + description: > + Filter criteria to select VNF instances about which to notify. + $ref: "#/definitions/VnfInstanceSubscriptionFilter" + cetificateState: + description: > + Match particular Certificate state values as reported in notifications of type + CertificateLifecycleStateChangeNotification. + + May be present if the "notificationTypes" attribute contains the value + "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. + type: array + items: + $ref: "#/definitions/PKIStatusInfoType" + certificationType: + description: > + Match particular certificate types. + + Permitted values: + • MANO certificate + • VNFCI certificate + • VNF OAM certificate + type: array + enum: + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate AffectedSubject: description: > - TBD + This type represents a AffectedSubject. + type: object + required: + - id + - changeType + - pkiBody + properties: + id: + description: > + Identifier of the subject instance. + type: integer + changeType: + description: > + Signals the type of change. + + Permitted values: + • ADDED + • REMOVED + • MODIFIED + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + pkiBody: + description: > + Message-specific information. + + The structure and attributes are aligned/defined in IETF RFC 4210 and IETF RFC 9480. + type: object + required: + - ip + properties: + ip: + description: > + Information for Initialization response. + $ref: "#/definitions/CertRepMessages" AffectedCertificate: description: > - TBD + This type represents a AffectedCertificate. + type: object + required: + - id + - changeType + - pkiBody + properties: + id: + description: > + Identifier of the certificate instance. + type: integer + changeType: + description: > + Signals the type of change. + + Permitted values: + • ADDED + • REMOVED + • MODIFIED + type: string + enum: + - ADDED + - REMOVED + - MODIFIED + pkiBody: + description: > + Message-specific information. + + The structure and attributes are aligned/defined in IETF RFC 4210 and IETF RFC 9480. + type: object + required: + - ip + properties: + cp: + description: > + Information for CSR response. + $ref: "#/definitions/CertRepMessages" CertificateNotificationVerbosityType: + description: > + The enumeration CertificateNotificationVerbosityType provides values to control the verbosity + of certificate notifications. + type: string + enum: + - FULL + - SHORT + + ############################################################# + ######################## TODOs ############################## + + VnfInstanceSubscriptionFilter: + description: > + TBD + + CertificateStateType: description: > TBD \ No newline at end of file -- GitLab From cde23dbacd7f03e894562572ca6652b4f350c5de Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 11:35:58 +0200 Subject: [PATCH 24/52] fix comments --- src/SOL023/CertificateManagement/CertificateManagement.yaml | 6 +++--- .../definitions/SOL023VNFLifecycleManagement_def.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 4be78bf..bce2e2a 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -334,7 +334,7 @@ paths: $ref: ../responses/SOL023_resp.yaml#/responses/504 ####################################################################### -###################### Subscriptions Endpoints ######################## +###################### Subscription Endpoints ######################## ####################################################################### /subscriptions: @@ -1140,7 +1140,7 @@ components: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" ####################################################################### - ################ Subscriptions Endpoints Response Bodies ############## + ################# Subscription Endpoints Response Bodies ############## ####################################################################### Subscriptions.Post.201: @@ -1414,7 +1414,7 @@ components: required: true ####################################################################### - ################ Subscriptions Endpoints Request Bodies ############### + ################# Subscription Endpoints Request Bodies ############### ####################################################################### CertificateSubscriptionRequest: diff --git a/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml b/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml index 84fc217..f1d7c4e 100644 --- a/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml +++ b/src/SOL023/VNFLifecycleManagement/definitions/SOL023VNFLifecycleManagement_def.yaml @@ -1377,7 +1377,7 @@ definitions: Number of available MCIO instances. type: integer additionalInfo: - decription: > + description: > Additional information which is specific to the MCIO, its type, and which is available from the CISM. See note 2. -- GitLab From 305961f2fe7620f67415b853123d2abbd8158bff Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 11:41:32 +0200 Subject: [PATCH 25/52] fix required tag in _links in CM def yaml --- .../definitions/SOL023CertificateManagement_def.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 7f636df..2c0f53e 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -507,7 +507,7 @@ definitions: to point to the resources identified by the corresponding identifier attributes in this notification. type: object required: - - subject: + - subject - certificate properties: subject: -- GitLab From 487f4272612cfe127a47bdeb50234fb547238d75 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 11:51:50 +0200 Subject: [PATCH 26/52] update filters for VNFLCM --- .../VNFLifecycleManagement.yaml | 18 +++---- src/SOL023/components/SOL023_params.yaml | 53 +++++++++++++++++-- 2 files changed, 58 insertions(+), 13 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 3ac94a6..496254c 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -41,11 +41,11 @@ paths: The GET method queries information about multiple VNF instances. See clause 5.4.2.3.2. parameters: - $ref: '#/components/parameters/filter_vnf_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields - $ref: '#/components/parameters/exclude_default_vnf_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker responses: 200: $ref: '#/components/responses/VNFInstances.Get.200' @@ -114,11 +114,11 @@ paths: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - $ref: '#/components/parameters/filter_vnf_lcm_op_occs' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields + - $ref: ../components/SOL023_params.yaml#/components/parameters/fields + - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields - $ref: '#/components/parameters/exclude_default_vnf_lcm_op_occs' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker - $ref: ../components/SOL023_params.yaml#/components/parameters/Version responses: 200: @@ -216,7 +216,7 @@ paths: It can be used e.g. for resynchronization after error situations. See clause 5.4.18.3.2. parameters: - $ref: '#/components/parameters/filter_subscriptions' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf + - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker responses: 200: $ref: '#/components/responses/Subscriptions.Get.200' diff --git a/src/SOL023/components/SOL023_params.yaml b/src/SOL023/components/SOL023_params.yaml index 2ea7c74..6dd911d 100644 --- a/src/SOL023/components/SOL023_params.yaml +++ b/src/SOL023/components/SOL023_params.yaml @@ -49,7 +49,7 @@ components: name: all_fields description: > Include all complex attributes in the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The VNFM shall support this parameter. + GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. in: query required: false schema: @@ -59,7 +59,7 @@ components: name: fields description: > Complex attributes to be included into the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + GS NFV-SOL 013 [8] for details. The CMF should support this parameter. in: query required: false schema: @@ -69,18 +69,63 @@ components: name: exclude_fields description: > Complex attributes to be excluded from the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + GS NFV-SOL 013 [8] for details. The CMF should support this parameter. in: query required: false schema: type: string nextpage_opaque_marker_cmf: + name: nextpage_opaque_marker + description: > + Marker to obtain the next page of a paged response. Shall be supported by the CMF + if the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI + GS NFV-SOL 013 [8] for this resource. + in: query + required: false + schema: + type: string + + ######################################################### + ######## Filters for VNFLifeCycleManagement ############# + ######################################################### + + all_fields: + name: all_fields + description: > + Include all complex attributes in the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM shall support this parameter. + in: query + required: false + schema: + type: string + + fields: + name: fields + description: > + Complex attributes to be included into the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + in: query + required: false + schema: + type: string + + exclude_fields: + name: exclude_fields + description: > + Complex attributes to be excluded from the response. See clause 5.3 of ETSI + GS NFV-SOL 013 [8] for details. The VNFM should support this parameter. + in: query + required: false + schema: + type: string + + nextpage_opaque_marker: name: nextpage_opaque_marker description: > Marker to obtain the next page of a paged response. Shall be supported by the VNFM if the VNFM supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI - GS NFV-SOL 013 [8] for this resource. + GS NFV-SOL 013 for this resource. in: query required: false schema: -- GitLab From c1ff98df5b3837a5387f56748318b94d6c748ac7 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 12:00:41 +0200 Subject: [PATCH 27/52] update identifier ref tags in CM def yaml --- .../definitions/SOL023CertificateManagement_def.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 2c0f53e..954b33a 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -410,7 +410,7 @@ definitions: id: description: > Identifier of this subscription resource. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" filter: description: > Filter settings for this subscription, to define the subset of all notifications this @@ -454,7 +454,7 @@ definitions: id: description: > Identifier of this subscription resource. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" notificationTypes: description: > Discriminator for the different notification types. @@ -465,7 +465,7 @@ definitions: Identifier of the subscription that this notification relates to. Shall be set to the value of the "id" attribute of the "CertificateSubscription" representing the associated "Individual subscription" resource. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" timeStamp: description: > Date-time of the generation of the notification. @@ -477,7 +477,7 @@ definitions: certificateId: description: > The identifier of the Certificate affected. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" verbosity: description: This attribute signals the verbosity of the notification. If it is not present, it shall @@ -566,7 +566,7 @@ definitions: id: description: > Identifier of the subject instance. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" changeType: description: > Signals the type of change. @@ -606,7 +606,7 @@ definitions: id: description: > Identifier of the certificate instance. - type: integer + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" changeType: description: > Signals the type of change. -- GitLab From 71226b8277507683551dedaed45c19b395c2edef Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 12:06:58 +0200 Subject: [PATCH 28/52] fix identation in VNFLCM --- src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 496254c..c3b2bd4 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -271,7 +271,6 @@ paths: $ref: "../responses/SOL023_resp.yaml#/responses/503" 504: $ref: "../responses/SOL023_resp.yaml#/responses/504" - delete: description: | The DELETE method terminates an individual subscription. See clause 5.4.19.3.5. -- GitLab From 27b38ba695ee057b89a51271e5dee6f7085035f1 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 12:09:51 +0200 Subject: [PATCH 29/52] OAS align with NFVSOL(24)000380 draft --- .../definitions/SOL023CertificateManagement_def.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 954b33a..1e60f63 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -652,4 +652,5 @@ definitions: CertificateStateType: description: > - TBD \ No newline at end of file + TBD + \ No newline at end of file -- GitLab From 1798917abc94b1191b8652ba0143b2021ccdbe13 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 16 Oct 2024 14:21:37 +0200 Subject: [PATCH 30/52] fix minor issues: endpoints name and NFVO to CMF --- .../CertificateManagement/CertificateManagement.yaml | 10 +++++----- .../VNFLifecycleManagement/VNFLifecycleManagement.yaml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index bce2e2a..8b3e135 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -30,7 +30,7 @@ paths: /api_versions: $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions - /subject: + /subjects: parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization @@ -99,7 +99,7 @@ paths: "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 - /subject/{subjectId}: + /subjects/{subjectId}: parameters: - $ref: "#/components/parameters/subjectId" - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization @@ -160,7 +160,7 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - /subject/{subjectId}/certificate: + /subjects/{subjectId}/certificates: parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization @@ -231,7 +231,7 @@ paths: "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 - /subject/{subjectId}/certificate/{certificateId}: + /subjects/{subjectId}/certificate/{certificateId}: parameters: - $ref: "#/components/parameters/subjectId" - $ref: "#/components/parameters/certificateId" @@ -294,7 +294,7 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - /subject/{subjectId}/certificate/{certificateId}/certificate_content: + /subjects/{subjectId}/certificates/{certificateId}/certificate_content: parameters: - $ref: "#/components/parameters/subjectId" - $ref: "#/components/parameters/certificateId" diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index c3b2bd4..3399c08 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -304,7 +304,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013. The VNFM shall support receiving this parameter as part of the URI query string. The - NFVO may supply this parameter. + CFM may supply this parameter. All attribute names that appear in the VnfInstance and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query @@ -349,7 +349,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013 [8]. The VNFM shall support receiving this parameter as part of the URI query - string. The NFVO may supply this parameter. + string. The CFM may supply this parameter. All attribute names that appear in the VnfLcmOpOcc and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query @@ -398,7 +398,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013 [8]. The VNFM shall support receiving this parameter as part of the URI query - string. The NFVO may supply this parameter. + string. The CFM may supply this parameter. All attribute names that appear in the LccnSubscription and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query -- GitLab From 1b33daff2c5903f58ce4cda8586f184db209792b Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 22 Oct 2024 08:57:30 +0200 Subject: [PATCH 31/52] update CFM to CMF in VNF LCM YAML file --- .../VNFLifecycleManagement/VNFLifecycleManagement.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 3399c08..1605d54 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -304,7 +304,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013. The VNFM shall support receiving this parameter as part of the URI query string. The - CFM may supply this parameter. + CMF may supply this parameter. All attribute names that appear in the VnfInstance and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query @@ -349,7 +349,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013 [8]. The VNFM shall support receiving this parameter as part of the URI query - string. The CFM may supply this parameter. + string. The CMF may supply this parameter. All attribute names that appear in the VnfLcmOpOcc and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query @@ -398,7 +398,7 @@ components: Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV-SOL 013 [8]. The VNFM shall support receiving this parameter as part of the URI query - string. The CFM may supply this parameter. + string. The CMF may supply this parameter. All attribute names that appear in the LccnSubscription and in data types referenced from it shall be supported by the VNFM in the filter expression. in: query -- GitLab From d5a05efa31e57563bd5faf3efa3d48c66c464839 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Fri, 22 Nov 2024 11:38:09 +0100 Subject: [PATCH 32/52] OAS align with NFVSOL(24)000403r3 draft --- .../CertificateManagement.yaml | 33 +- .../SOL023CertificateManagement_def.yaml | 425 ++++++++++++------ src/SOL023/components/SOL023_params.yaml | 8 +- 3 files changed, 306 insertions(+), 160 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 8b3e135..e43ce31 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -231,7 +231,7 @@ paths: "504": $ref: ../responses/SOL023_resp.yaml#/responses/504 - /subjects/{subjectId}/certificate/{certificateId}: + /subjects/{subjectId}/certificates/{certificateId}: parameters: - $ref: "#/components/parameters/subjectId" - $ref: "#/components/parameters/certificateId" @@ -483,7 +483,7 @@ components: in: query description: >- Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. + ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. The following attributes shall be excluded from the SubjectInstance structure in the response body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: @@ -510,7 +510,7 @@ components: in: query description: >- Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. + ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. The following attributes shall be excluded from the SubjectInstance structure in the response body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: @@ -523,9 +523,9 @@ components: name: subjectId in: path description: | - Identifier of the Subject instance. See note 1. + Identifier of the Subject instance. See note. - NOTE 1: This identifier can be retrieved from the resource referenced by the "Location" HTTP + NOTE: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Subject instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. required: true @@ -538,9 +538,9 @@ components: name: certificateId in: path description: | - certificateId Identifier of the Certificate instance. See note 2. + certificateId Identifier of the Certificate instance. See note. - NOTE 2: This identifier can be retrieved from the resource referenced by the "Location" HTTP + NOTE: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual Certificate instance" resource. It can also be retrieved from the "id" attribute in the message content of that response. required: true @@ -570,8 +570,9 @@ components: name: subscriptionId in: path description: | - Identifier of this subscription. - This identifier can be retrieved from the resource referenced by the + Identifier of this subscription. see note. + + NOTE: This identifier can be retrieved from the resource referenced by the "Location" HTTP header in the response to a POST request creating a new "Individual subscription" resource. It can also be retrieved from the "id" attribute in the message content of that response. @@ -681,11 +682,11 @@ components: If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013 [8], respectively. + ETSI GS NFV SOL 013, respectively. - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 [8] for + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013 [8]. + clause 5.4.2.3 of ETSI GS NFV SOL 013. headers: Location: description: | @@ -897,11 +898,11 @@ components: If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013 [8], respectively. + ETSI GS NFV SOL 013, respectively. - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 [8] for + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013 [8]. + clause 5.4.2.3 of ETSI GS NFV SOL 013. headers: WWW-Authenticate: description: > @@ -1283,7 +1284,7 @@ components: The response body shall contain in an array the representations of all active subscriptions of the functional block that invokes the method, i.e. zero or more representations of certificate - change notification subscriptions as defined in clause X.X.X.X. + change notification subscriptions as defined in clause 7.7.2.3. If the "filter" URI parameter was supplied in the request, the data in the response body shall have been transformed according to the rules specified in clause 5.2.2 of ETSI GS NFV-SOL 013. diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 1e60f63..839979e 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -6,39 +6,26 @@ definitions: NOTE: At the time of use "PkiHeader" data type, e.g. for CreateSubjectRequest, nothing about the sender is known to the sending entity (the end entity may not know its own Distinguished Name (DN), e-mail name, IP address, etc.), then the "sender" field shall contain a "NULL" value. - - NOTE: The attributes in the table 4.3.2.1-1 are aligned to the mandatory-defined parameters - in the CMPv2 in IETF RFC 4210. - - Editor's note: it is FFS how to use OID for “generalInfo” attribute in ETSI NFV, e.g. same approach of URN. - - Editor's note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated - scheme uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. type: object required: - - pvno - sender - recipient - generalInfo properties: - pvno: - description: > - Protocol Version Number. Fixed value “2” shall be set. - type: integer sender: description: > - Name of the sender of the Request. - $ref: "#/definitions/GeneralName" + Name of the sender of the Request. See note. + type: string recipient: description: > Name of the recipient of the Request. - $ref: "#/definitions/GeneralName" + type: string generalInfo: description: > It shall contain two of the attributes. The first generallInfo shall contain the set of • InfoType for Certificate type - • Infovalue for Choice of MANO or VNFC or VNF OAM + • Infovalue for Choice of VNFC or VNF OAM Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain the set of @@ -51,20 +38,19 @@ definitions: InfoType: description: > Indicate the type of Info. The namespaces and conventions for the values of this attribute that - is OID defined as clause x.x.x. + is OID defined as clause 5.7. Permit values: - • Certification type + • Certificate type • Type of VNFC certification handling $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" InfoValue: description: > - If the value of “InfoType” is “Certification type”, it shall be set. + If the value of “InfoType” is “Certificate type”, it shall be set. Permit values: - • MANO certificate • VNFCI certificate • VNF OAM certificate - If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. + If the value of “InfoType” is “Type of certificate handling”, it shall be set. Permit values: • Direct mode • Delegation mode @@ -74,8 +60,6 @@ definitions: CertRepMessages: description: > This type represents a CertRepMessages. - - NOTE: For the case of MANO certificate, this attribute is not supported in this version of the present document. type: object required: - certResponse @@ -101,14 +85,19 @@ definitions: description: > This type represents a subject instance. - NOTE: As concept of the design of the type "SubjectInstance", the attributes in the table 5.6.2.2-1 - are aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 with extending to RESTful design. + NOTE: Wherever mentioned, attributes of the type "SubjectInstance", in the table 5.6.2.2-1 + are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. type: object required: + - id - pkiHeader - pkiBody - _links properties: + id: + description: > + Identifier of the Subject instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" pkiHeader: description: > A common information of PKI message for addressing and transaction identification. @@ -116,7 +105,7 @@ definitions: $ref: "#/definitions/PkiHeader" pkiBody: description: > - Message-specific information. The structure and attributes are aligned/defined in + Message-specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: @@ -147,14 +136,19 @@ definitions: description: > This type represents a certificate instance. It shall comply with the provisions defined in table 5.6.2.3-1. - NOTE: As concept of the design of the type "CertificateInstance", the attributes in the table 5.6.2.3-1 are - aligned to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210 with extending to RESTful design. + NOTE: Wherever mentioned, attributes of the type "CertificateInstance", in the table 5.6.2.3-1 + are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. type: object required: + - id - pkiHeader - pkiBody - _links properties: + id: + description: > + Identifier of the Certificate instance. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" pkiHeader: description: > A common information of PKI message for addressing and transaction identification. @@ -162,7 +156,7 @@ definitions: $ref: "#/definitions/PkiHeader" pkiBody: description: > - Message-specific information. The structure and attributes are aligned/defined in + Message-specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: @@ -171,7 +165,8 @@ definitions: properties: p10cr: description: > - Encoded Information for CSR Request. The structure and attributes are aligned and defined in IETF RFC 2986. + Encoded Information for CSR Request. The structure and attributes are aligned and defined + in IETF RFC 2986. $ref: "#/definitions/CSRRequest" cp: description: > @@ -192,6 +187,9 @@ definitions: CreateSubjectRequest: description: > This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. + + NOTE: As concept of the design of the type “CreateSubjectReuquest”, the attributes in the table 5.6.2.4-1 + are profiled with the mandatory-defined parameters in the CMP in IETF RFC 4210. type: object required: - pkiHeader @@ -204,8 +202,7 @@ definitions: $ref: "#/definitions/PkiHeader" pkiBody: description: > - Message specific information. The structure and attributes are aligned/defined in IETF - RFC 4210 and IETF RFC 9480. + Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - ir @@ -219,15 +216,8 @@ definitions: description: > This type represents request parameters for the "Certificate Signing Request" operation. - NOTE: As concept of the design of the type “CSRReuqest”, the attributes are aligned to the mandatory-defined - parameters in the CMPv2 in IETF RFC 4210 - - Editor's note: it is FFS how to use OID for "generalInfo" attribute in ETSI NFV, e.g. same approach of URN. - - Editor's note: another contribution is required for CSRMessage. - - Editor's note: it is FFS how to realize authenticated scheme. The mandatory to support basic authenticated - scheme uses the IAK secret for this purpose. Consequences of using/requiring other schemas shall be considered. + NOTE: As concept of the design of the type “CSRRequest”, the attributes in the table 5.6.2.5-1 + are profiled to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. type: object required: - pkiHeader @@ -235,68 +225,12 @@ definitions: properties: pkiHeader: description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - type: object - required: - - pvno - - sender - - recipient - - generalInfo - properties: - pvno: - description: > - Protocol Version Number. Fixed value “2” shall be set. - type: integer - sender: - description: > - Name of the sender of the Request. - $ref: "#/definitions/GeneralName" - recipient: - description: > - Name of the recipient of the Request. - $ref: "#/definitions/GeneralName" - generalInfo: - description: > - It shall contain two of the attributes. - The first generallInfo shall contain the set of - • InfoType for Certificate type - • Infovalue for Choice of MANO or VNFC or VNF OAM - - Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain - the set of - • InfoType for Type of VNFC certification handling - • Infovalue for Choice of direct or delegation - type: object - required: - - InfoType - properties: - InfoType: - description: > - Indicate the type of Info. The namespaces and conventions for the values of this attribute that - is OID defined as clause x.x.x. - Permit values: - • Certification type - • Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - InfoValue: - description: > - If the value of “InfoType” is “Certification type”, it shall be set. - Permit values: - • MANO certificate - • VNFCI certificate - • VNF OAM certificate - - If the value of “InfoType” is “Type of VNFC certification handling”, it shall be set. - Permit values: - • Direct mode - • Delegation mode - Only the value "Delegation mode" is allowed for this version of the present document. - type: string + A common information of PKI message for addressing and transaction identification. The structure + and attributes are defined in IETF RFC 4210 and RFC 9480. + $ref: "#/definitions/PkiHeader" pkiBody: description: > - Message specific information. The structure and attributes are aligned/defined in IETF - RFC 4210 and IETF RFC 9480. + Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - p10cr @@ -344,25 +278,6 @@ definitions: version of the present document. type: integer -############################################################# -######################## TODOs ############################## - - GeneralName: - description: > - TBD - - CSRMessage: - description: > - TBD - - PKIStatusInfoType: - description: > - TBD - type: string - enum: - - TBD - - TBD1 - ####################################################################### ################# Subscriptions Related Data Models ################### ####################################################################### @@ -373,6 +288,7 @@ definitions: type: object required: - callbackUri + - authentication properties: filter: description: > @@ -388,8 +304,6 @@ definitions: description: > Authentication parameters to configure the use of Authorization when sending notifications corresponding to this subscription, as defined in clause 8.3.4 of ETSI GS NFV-SOL 013. - - This attribute shall only be present if the subscriber requires authorization of notifications. $ref: "../../definitions/SOL023_def.yaml#/definitions/SubscriptionAuthentication" verbosity: description: > @@ -397,7 +311,6 @@ definitions: present, it shall default to the value "FULL". $ref: "#/definitions/CertificateNotificationVerbosityType" - CertificateSubscription: description: > This type represents a subscription related to notification about Certificate. @@ -473,7 +386,7 @@ definitions: cetificateState: description: > The state of the Certificate. - $ref: "#/definitions/CertificateStateType" + $ref: "#/definitions/PKIStatusInfoType" certificateId: description: > The identifier of the Certificate affected. @@ -493,9 +406,7 @@ definitions: affectedCertificate: description: Information about certificate instances that were affected. - type: array - items: - $ref: "#/definitions/AffectedCertificate" + $ref: "#/definitions/AffectedCertificate" error: description: Details of the latest error, if one has occurred during executing the certificate management @@ -507,9 +418,14 @@ definitions: to point to the resources identified by the corresponding identifier attributes in this notification. type: object required: + - subscription - subject - certificate properties: + subscription: + description: > + Link to the resource representing the subscription that this notification relates to. + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" subject: description: > Link to the resource representing the subject instance to which the notified change applies. @@ -517,9 +433,7 @@ definitions: certificate: description: > Links to the resource representing the certificate instance to which the notified change applies. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" + $ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink" CertificateChangeNotificationsFilter: description: > @@ -545,12 +459,10 @@ definitions: Match particular certificate types. Permitted values: - • MANO certificate • VNFCI certificate • VNF OAM certificate type: array enum: - - MANO_certificate - VNFCI_certificate - VNF_OAM_certificate @@ -584,7 +496,7 @@ definitions: description: > Message-specific information. - The structure and attributes are aligned/defined in IETF RFC 4210 and IETF RFC 9480. + The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - ip @@ -624,7 +536,7 @@ definitions: description: > Message-specific information. - The structure and attributes are aligned/defined in IETF RFC 4210 and IETF RFC 9480. + The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - ip @@ -642,15 +554,248 @@ definitions: enum: - FULL - SHORT + + PKIStatusInfoType: + description: > + The enumeration PKIStatusInfoType shall comply with the provisions defined in table 4.3.4.1-1. + type: string + enum: + - ACCEPTED + - GRANTED_WITH_MODS + - REJECTED + - WAITING + - REVOCATION_WARNING + - REVOCATION_NOTIFICATION + - KEY_UPDATE_WARNING + VnfInstanceSubscriptionFilter: + description: > + This type represents subscription filter criteria to match VNF + instances. + * NOTE 1: The attributes "vnfdIds" and "vnfProductsFromProviders" are alternatives to reference to VNF instances + that are based on certain VNFDs in a filter. They should not be used both in the same filter instance, + but one alternative should be chosen. + NOTE 2: The attributes "vnfInstanceIds" and "vnfInstanceNames" are alternatives to reference to particular VNF + instances in a filter. They should not be used both in the same filter instance, but one alternative + should be chosen. + type: object + anyOf: + - oneOf: + - required: + - vnfdIds + - required: + - vnfProductsFromProviders + - oneOf: + - required: + - vnfInstanceIds + - required: + - vnfInstanceNames + properties: + vnfdIds: + description: > + If present, match VNF instances that were created based on a VNFD + identified by one of the vnfdId values listed in this attribute. See note 1. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfProductsFromProviders: + description: > + If present, match VNF instances that belong to VNF products from + certain providers. See note 1. + type: array + items: + type: object + required: + - vnfProvider + properties: + vnfProvider: + description: > + Name of the VNF provider to match. + type: string + vnfProducts: + description: > + If present, match VNF instances that belong to VNF products + with certain product names, from one particular provider. + type: array + items: + type: object + required: + - vnfProductName + properties: + vnfProductName: + description: > + Name of the VNF product to match. + type: string + versions: + description: > + If present, match VNF instances that belong to VNF + products with certain versions and a certain product + name, from one particular provider. + type: array + items: + type: object + required: + - vnfSoftwareVersion + properties: + vnfSoftwareVersion: + description: > + Software version to match. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfdVersions: + description: > + If present, match VNF instances that belong to VNF + products with certain VNFD versions, a certain + software version and a certain product name, from + one particular provider. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" + vnfInstanceIds: + description: > + If present, match VNF instances with an instance identifier listed + in this attribute. See note 2. + type: array + items: + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + vnfInstanceNames: + description: > + If present, match VNF instances with a VNF Instance Name listed in + this attribute. See note 2. + type: array + items: + type: string + ############################################################# ######################## TODOs ############################## - - VnfInstanceSubscriptionFilter: + + CSRMessage: description: > TBD - CertificateStateType: + ############################################################### + + CertificationRequest: description: > - TBD - \ No newline at end of file + The top-level Certification Request, which contains certification request information and its signature. + type: object + required: + - certificationRequestInfo + - signatureAlgorithm + - signature + properties: + certificationRequestInfo: + $ref: "#/definitions/CertificationRequestInfo" + signatureAlgorithm: + $ref: "#/definitions/AlgorithmIdentifier" + signature: + description: > + The signature of the certification request, encoded as a bit string (base64). + type: string + format: byte + + CertificationRequestInfo: + description: > + Contains the information about the certification request, which is signed. + type: object + required: + - version + - subject + - subjectPKInfo + properties: + version: + description: > + The version number of the certification request. This field is intended for future updates to + the certification request format. For this version of the specification (RFC 2986), the version + is set to 0. If the format changes in future versions of the specification, this number may be + incremented to indicate the new version of the certification request format. + type: integer + enum: + - 0 + subject: + $ref: "#/definitions/Name" + subjectPKInfo: + $ref: "#/definitions/SubjectPublicKeyInfo" + attributes: + type: array + items: + $ref: "#/definitions/Attribute" + description: Optional attributes associated with the certification request. + + Name: + type: object + description: Distinguished Name (DN) of the subject. This includes the attributes of the entity requesting the certificate. + properties: + commonName: + type: string + description: > + Common Name of the subject. + organization: + type: string + description: > + Organization of the subject. + organizationalUnit: + type: string + description: > + Organizational Unit of the subject. + country: + type: string + description: > + Country of the subject. + stateOrProvince: + type: string + description: > + State or Province of the subject. + locality: + type: string + description: > + Locality of the subject. + + SubjectPublicKeyInfo: + description: Information about the subject's public key, including the algorithm and the public key itself. + type: object + required: + - algorithm + - subjectPublicKey + properties: + algorithm: + $ref: "#/definitions/AlgorithmIdentifier" + subjectPublicKey: + description: > + The public key in BIT STRING format, base64 encoded. + type: string + format: byte + + AlgorithmIdentifier: + description: > + Defines the algorithm used in the request (either for the public key or for the signature). + type: object + required: + - algorithm + properties: + algorithm: + type: string + description: > + The object identifier (OID) of the algorithm. + parameters: + description: > + Optional parameters for the algorithm (e.g., for EC algorithms). + type: string + + Attribute: + description: > + Represents a single attribute in the certification request. + type: object + required: + - type + - values + properties: + type: + description: > + The OID for the attribute type. + type: string + values: + description: > + The values associated with the attribute. + type: array + items: + type: string \ No newline at end of file diff --git a/src/SOL023/components/SOL023_params.yaml b/src/SOL023/components/SOL023_params.yaml index 6dd911d..a0e338e 100644 --- a/src/SOL023/components/SOL023_params.yaml +++ b/src/SOL023/components/SOL023_params.yaml @@ -49,7 +49,7 @@ components: name: all_fields description: > Include all complex attributes in the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The CMF shall support this parameter. + GS NFV-SOL 013 for details. The CMF shall support this parameter. in: query required: false schema: @@ -59,7 +59,7 @@ components: name: fields description: > Complex attributes to be included into the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The CMF should support this parameter. + GS NFV-SOL 013 for details. The CMF should support this parameter. in: query required: false schema: @@ -69,7 +69,7 @@ components: name: exclude_fields description: > Complex attributes to be excluded from the response. See clause 5.3 of ETSI - GS NFV-SOL 013 [8] for details. The CMF should support this parameter. + GS NFV-SOL 013 for details. The CMF should support this parameter. in: query required: false schema: @@ -80,7 +80,7 @@ components: description: > Marker to obtain the next page of a paged response. Shall be supported by the CMF if the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI - GS NFV-SOL 013 [8] for this resource. + GS NFV-SOL 013 for this resource. in: query required: false schema: -- GitLab From 2c3e9e69889c8d14d7d52770b24f49e95f88129a Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Mon, 25 Nov 2024 17:53:13 +0100 Subject: [PATCH 33/52] OAS align with NFVSOL(24)000403r5 draft --- .../definitions/SOL023CertificateManagement_def.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 839979e..da6d9a8 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -676,7 +676,8 @@ definitions: CertificationRequest: description: > - The top-level Certification Request, which contains certification request information and its signature. + The top-level Certification Request, which contains certification request information + and its signature. type: object required: - certificationRequestInfo @@ -723,7 +724,9 @@ definitions: Name: type: object - description: Distinguished Name (DN) of the subject. This includes the attributes of the entity requesting the certificate. + description: > + Distinguished Name (DN) of the subject. This includes the attributes of the entity + requesting the certificate. properties: commonName: type: string @@ -751,7 +754,9 @@ definitions: Locality of the subject. SubjectPublicKeyInfo: - description: Information about the subject's public key, including the algorithm and the public key itself. + description: > + Information about the subject's public key, including the algorithm and + the public key itself. type: object required: - algorithm -- GitLab From 65e3790869ce09714ec09fc3e8d8a5d918cb2398 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 26 Nov 2024 16:57:24 +0100 Subject: [PATCH 34/52] alligned with NFVSOL(24)000403r7 --- .../SOL023CertificateManagement_def.yaml | 148 +----------------- 1 file changed, 7 insertions(+), 141 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index da6d9a8..9b04973 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -240,7 +240,13 @@ definitions: Encoded Information for CSR Request. The structure and attributes are aligned and defined in IETF RFC 2986. $ref: "#/definitions/CSRMessage" - + + CSRMessage: + description: > + Encoded Information for CSR Request. The structure and attributes are aligned + and defined in IETF RFC 2986. + type: object + CertReqMessages: description: > This type represents a CertReqMessages. @@ -662,145 +668,5 @@ definitions: If present, match VNF instances with a VNF Instance Name listed in this attribute. See note 2. type: array - items: - type: string - - ############################################################# - ######################## TODOs ############################## - - CSRMessage: - description: > - TBD - - ############################################################### - - CertificationRequest: - description: > - The top-level Certification Request, which contains certification request information - and its signature. - type: object - required: - - certificationRequestInfo - - signatureAlgorithm - - signature - properties: - certificationRequestInfo: - $ref: "#/definitions/CertificationRequestInfo" - signatureAlgorithm: - $ref: "#/definitions/AlgorithmIdentifier" - signature: - description: > - The signature of the certification request, encoded as a bit string (base64). - type: string - format: byte - - CertificationRequestInfo: - description: > - Contains the information about the certification request, which is signed. - type: object - required: - - version - - subject - - subjectPKInfo - properties: - version: - description: > - The version number of the certification request. This field is intended for future updates to - the certification request format. For this version of the specification (RFC 2986), the version - is set to 0. If the format changes in future versions of the specification, this number may be - incremented to indicate the new version of the certification request format. - type: integer - enum: - - 0 - subject: - $ref: "#/definitions/Name" - subjectPKInfo: - $ref: "#/definitions/SubjectPublicKeyInfo" - attributes: - type: array - items: - $ref: "#/definitions/Attribute" - description: Optional attributes associated with the certification request. - - Name: - type: object - description: > - Distinguished Name (DN) of the subject. This includes the attributes of the entity - requesting the certificate. - properties: - commonName: - type: string - description: > - Common Name of the subject. - organization: - type: string - description: > - Organization of the subject. - organizationalUnit: - type: string - description: > - Organizational Unit of the subject. - country: - type: string - description: > - Country of the subject. - stateOrProvince: - type: string - description: > - State or Province of the subject. - locality: - type: string - description: > - Locality of the subject. - - SubjectPublicKeyInfo: - description: > - Information about the subject's public key, including the algorithm and - the public key itself. - type: object - required: - - algorithm - - subjectPublicKey - properties: - algorithm: - $ref: "#/definitions/AlgorithmIdentifier" - subjectPublicKey: - description: > - The public key in BIT STRING format, base64 encoded. - type: string - format: byte - - AlgorithmIdentifier: - description: > - Defines the algorithm used in the request (either for the public key or for the signature). - type: object - required: - - algorithm - properties: - algorithm: - type: string - description: > - The object identifier (OID) of the algorithm. - parameters: - description: > - Optional parameters for the algorithm (e.g., for EC algorithms). - type: string - - Attribute: - description: > - Represents a single attribute in the certification request. - type: object - required: - - type - - values - properties: - type: - description: > - The OID for the attribute type. - type: string - values: - description: > - The values associated with the attribute. - type: array items: type: string \ No newline at end of file -- GitLab From 20bffceac3bbe0707e9bad8a173ad104329f5bbd Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 26 Nov 2024 20:36:48 +0100 Subject: [PATCH 35/52] fix minor issues of array and parameter in CM --- .../CertificateManagement/CertificateManagement.yaml | 1 + .../definitions/SOL023CertificateManagement_def.yaml | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index e43ce31..fdfa8f3 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -162,6 +162,7 @@ paths: /subjects/{subjectId}/certificates: parameters: + - $ref: "#/components/parameters/subjectId" - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - $ref: ../components/SOL023_params.yaml#/components/parameters/Version diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 9b04973..d880dd6 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -468,9 +468,11 @@ definitions: • VNFCI certificate • VNF OAM certificate type: array - enum: - - VNFCI_certificate - - VNF_OAM_certificate + items: + type: string + enum: + - VNFCI_certificate + - VNF_OAM_certificate AffectedSubject: description: > -- GitLab From 49717561a2a3304986997124731b54129ff9e839 Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Mon, 30 Jun 2025 15:42:00 +0000 Subject: [PATCH 36/52] MR to align SOL023 v0.0.12 --- src/SOL023/APIVersion/APIVersion.yaml | 2 +- .../CertificateManagement.yaml | 550 +----------------- .../SOL023CertificateManagement_def.yaml | 398 ++++++------- 3 files changed, 173 insertions(+), 777 deletions(-) diff --git a/src/SOL023/APIVersion/APIVersion.yaml b/src/SOL023/APIVersion/APIVersion.yaml index e975da6..7520890 100644 --- a/src/SOL023/APIVersion/APIVersion.yaml +++ b/src/SOL023/APIVersion/APIVersion.yaml @@ -19,7 +19,7 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 paths: - /cert/api_versions: + /nfv-cert/api_versions: $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions /vnflcm/api_versions: $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index fdfa8f3..7f7701f 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/cm/v2 @@ -38,9 +38,9 @@ paths: post: description: | - The POST method creates a new subject resource. See clause 5.5.3.3.1. + The POST method creates a new subject resource. See clause 5.6.3.3.3.1. requestBody: - $ref: "#/components/requestBodies/CreateSubjectRequest" + $ref: "#/components/requestBodies/RegistrationRequest" responses: "201": $ref: "#/components/responses/SubjectInstance.Post.201" @@ -67,7 +67,7 @@ paths: get: description: | - The GET method queries information about multiple subject instances. See clause 5.5.3.3.2. + The GET method queries information about multiple subject instances. See clause 5.6.3.3.3.2. parameters: - $ref: '#/components/parameters/filter_subject_instances' - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf @@ -108,7 +108,7 @@ paths: get: description: | The GET method retrieves information about a Subject instance by reading an "Individual Subject instance" - resource. See clause 5.5.4.3.2. + resource. See clause 5.6.3.4.3.2. parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept responses: @@ -137,7 +137,7 @@ paths: delete: description: | - This method deletes an "Individual Subject instance" resource. See clause 5.5.4.3.5. + This method deletes an "Individual Subject instance" resource. See clause 5.6.3.4.3.5. responses: "204": $ref: "#/components/responses/IndividualSubjectInstance.Delete.204" @@ -160,179 +160,6 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - /subjects/{subjectId}/certificates: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - - $ref: ../components/SOL023_params.yaml#/components/parameters/Version - - post: - description: | - The POST method creates a new Certificate resource with certificate for VNFCI and VNF OAM. See clause 5.5.5.3.1. - requestBody: - $ref: "#/components/requestBodies/CSRRequest" - responses: - "201": - $ref: "#/components/responses/CertificateInstance.Post.201" - "409": - $ref: "#/components/responses/CertificateInstance.Post.409" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "422": - $ref: ../responses/SOL023_resp.yaml#/responses/422 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - get: - description: | - The GET method queries information about multiple subject instances. See clause 5.5.5.3.2. - parameters: - - $ref: '#/components/parameters/filter_certificate_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf - - $ref: '#/components/parameters/exclude_default_certificate_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf - responses: - "200": - $ref: "#/components/responses/CertificateInstances.Get.200" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "416": - $ref: ../responses/SOL023_resp.yaml#/responses/416 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - /subjects/{subjectId}/certificates/{certificateId}: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: "#/components/parameters/certificateId" - - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - - $ref: ../components/SOL023_params.yaml#/components/parameters/Version - - get: - description: | - The GET method retrieves information about a Certificate instance by reading an - "Individual Certificate instance" resource. See clause 5.5.6.3.2. - parameters: - - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - - responses: - "200": - $ref: "#/components/responses/IndividualCertificateInstance.Get.200" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "416": - $ref: ../responses/SOL023_resp.yaml#/responses/416 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - delete: - description: | - This method deletes an "Individual Certificate instance" resource. See clause 5.5.6.3.5. - responses: - "204": - $ref: "#/components/responses/IndividualCertificateInstance.Delete.204" - "409": - $ref: "#/components/responses/IndividualCertificateInstance.Delete.409" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - - /subjects/{subjectId}/certificates/{certificateId}/certificate_content: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: "#/components/parameters/certificateId" - - get: - description: | - The GET method fetches the content of a certificate content identified by the certificate - identifier allocated by the CMF. See clause 5.5.7.3.2. - responses: - "200": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.200" - "206": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.206" - "409": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.409" - "416": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.416" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "422": - $ref: ../responses/SOL023_resp.yaml#/responses/422 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 ####################################################################### ###################### Subscription Endpoints ######################## @@ -488,34 +315,7 @@ components: The following attributes shall be excluded from the SubjectInstance structure in the response body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: - - pkiBody - required: false - schema: - type: string - - filter_certificate_instances: - name: filter - description: > - Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. - The CMF shall support receiving this parameter as part of the URI query string. The VNFM may - supply this parameter. - All attribute names that appear in the SubjectInstance and in data types referenced from it - shall be supported by the CMF in the filter expression. - in: query - required: false - schema: - type: string - - exclude_default_certificate_instances: - name: exclude_default - in: query - description: >- - Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. - The following attributes shall be excluded from the SubjectInstance structure in the response - body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", - "exclude_default" are provided: - - pkiBody + - subjectId required: false schema: type: string @@ -535,20 +335,6 @@ components: schema: type: string - certificateId: - name: certificateId - in: path - description: | - certificateId Identifier of the Certificate instance. See note. - - NOTE: This identifier can be retrieved from the resource referenced by the "Location" HTTP - header in the response to a POST request creating a new "Individual Certificate instance" resource. - It can also be retrieved from the "id" attribute in the message content of that response. - required: true - style: simple - explode: false - schema: - type: string ############################# For Subscriptions Resources ############################# @@ -820,326 +606,6 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - CertificateInstance.Post.201: - description: > - 201 CREATED - - Shall be returned when a new "Individual Certificate instance" resource and the associated Certificate instance identifier has been created successfully. - - The response body shall contain a representation of the created Certificate instance, as defined in clause 5.6.2.3. - - The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Certificate instance. - headers: - Location: - description: | - The resource URI of the created subject resource. - style: simple - explode: false - schema: - type: string - format: url - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - CertificateInstance.Post.409: - description: > - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. - - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - CertificateInstances.Get.200: - description: > - 201 OK - - Shall be returned when information about zero or more subject instances has been queried successfully. - - The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.3. - - If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" - (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response - body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013, respectively. - - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for - this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Link: - description: | - Reference to other resources. Used for paging in the present document. - style: simple - explode: false - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - type: array - items: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - IndividualCertificateInstance.Get.200: - description: > - 200 OK - - Shall be returned when information about an individual Certificate instance has been read successfully. - The response body shall contain a representation of the Certificate instance, as defined in clause 5.6.2.3. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - IndividualCertificateInstance.Delete.204: - description: | - 204 NO CONTENT - - Shall be returned when the "Individual Certificate instance" resource and the associated - Certificate identifier were deleted successfully. - The response body shall be empty. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - - IndividualCertificateInstance.Delete.409: - description: | - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a - conflict with the state of the resource. - Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey - more information about the error. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - IndividualCertificateContentInstance.Get.200: - description: > - 200 OK - - Shall be returned when the whole content of the certificate file has been read successfully. - - The response body shall include a copy of the certificate file. - - The "Content-Type HTTP" header shall be set according to the type of the file, i.e. to "application/text" for a certificate content according to IETF RFC 7468[a]. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - - IndividualCertificateContentInstance.Get.206: - description: | - 206 PARTIAL CONTENT - - If the CMF supports range requests, this response shall be returned when a single consecutive byte range from the content of the certificate file has been read successfully according to the request. - - The response body shall contain the requested part of the certificate file. - - The "Content-Range" HTTP header shall be provided according to IETF RFC 9110 [c]. - - The "Content-Type" HTTP header shall be set as defined above for the "200 OK" response. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - Content-Range: - required : true - style: simple - explode: false - schema: - type: string - content: - application/*: - schema: - type: string - format: binary - - IndividualCertificateContentInstance.Get.409: - description: > - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. - - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - IndividualCertificateContentInstance.Get.416: - description: | - 416 RANGE NOT SATISFIABLE - - Shall be returned upon the following error: The byte range passed in the "Range" header did not match any available byte range in the certificate file (e.g. "access after end of file"). - - The response body may contain a ProblemDetails structure. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" ####################################################################### ################# Subscription Endpoints Response Bodies ############## diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index d880dd6..47ba096 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -1,86 +1,4 @@ definitions: - PkiHeader: - description: > - This type represents a PkiHeadear. - - NOTE: At the time of use "PkiHeader" data type, e.g. for CreateSubjectRequest, nothing about the - sender is known to the sending entity (the end entity may not know its own Distinguished Name (DN), - e-mail name, IP address, etc.), then the "sender" field shall contain a "NULL" value. - type: object - required: - - sender - - recipient - - generalInfo - properties: - sender: - description: > - Name of the sender of the Request. See note. - type: string - recipient: - description: > - Name of the recipient of the Request. - type: string - generalInfo: - description: > - It shall contain two of the attributes. - The first generallInfo shall contain the set of - • InfoType for Certificate type - • Infovalue for Choice of VNFC or VNF OAM - - Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain - the set of - • InfoType for Type of VNFC certification handling - • Infovalue for Choice of direct or delegation - type: object - required: - - InfoType - properties: - InfoType: - description: > - Indicate the type of Info. The namespaces and conventions for the values of this attribute that - is OID defined as clause 5.7. - Permit values: - • Certificate type - • Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - InfoValue: - description: > - If the value of “InfoType” is “Certificate type”, it shall be set. - Permit values: - • VNFCI certificate - • VNF OAM certificate - - If the value of “InfoType” is “Type of certificate handling”, it shall be set. - Permit values: - • Direct mode - • Delegation mode - Only the value "Delegation mode" is allowed for this version of the present document. - type: string - - CertRepMessages: - description: > - This type represents a CertRepMessages. - type: object - required: - - certResponse - properties: - certResponse: - description: > - The structure and attributes are defined in IETF RFC 5912. - type: object - required: - - certReqId - - status - properties: - certReqId: - description: > - Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". - type: integer - status: - description: > - State of the subject. - $ref: "#/definitions/PKIStatusInfoType" - SubjectInstance: description: > This type represents a subject instance. @@ -90,88 +8,76 @@ definitions: type: object required: - id - - pkiHeader - - pkiBody + - certType + - subjectId + - typeOfVnfcCertHandling - _links properties: id: description: > Identifier of the Subject instance. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message-specific information. The structure and attributes are defined in - IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - ir - - ip - properties: - ir: - description: > - Information for Initialization request. - $ref: "#/definitions/CertReqMessages" - ip: - description: > - Information for Initialization response. - $ref: "#/definitions/CertRepMessages" - _links: - description: > - Links to resources related to this resource. - type: object - required: - - self - properties: - self: - description: > - URI of this resource. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" - - CertificateInstance: - description: > - This type represents a certificate instance. It shall comply with the provisions defined in table 5.6.2.3-1. - - NOTE: Wherever mentioned, attributes of the type "CertificateInstance", in the table 5.6.2.3-1 - are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. - type: object - required: - - id - - pkiHeader - - pkiBody - - _links - properties: - id: - description: > - Identifier of the Certificate instance. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: + certType: description: > - Message-specific information. The structure and attributes are defined in - IETF RFC 4210 and IETF RFC 9480. + Indicate the type of target certificate. The possible values are (see note 1): + ・ MANO certificate + ・ VNFCI certificate + ・ VNF OAM certificate + + NOTE 1: Registration of target certificates of type ‘MANO certificate’ is + not covered in this version of the present document. + type: string + enum: + - MANO certificate + - VNFCI certificate + - VNF OAM certificate + subjectId: + description: > + Data about subjects and their certificates that need to be registered. + This attribute shall be present only if certType is VNFCI certificate + or VNF OAM certificate. type: object required: - - p10cr - - cp + - subjectId + - certificateData properties: - p10cr: + subjectId: description: > - Encoded Information for CSR Request. The structure and attributes are aligned and defined - in IETF RFC 2986. - $ref: "#/definitions/CSRRequest" - cp: + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateData: description: > - Information for CSR response. - $ref: "#/definitions/CertRepMessages" + Data related to certificates for the target VNFCI. + type: object + required: + - certificateData + properties: + subjectName: + description: > + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "#/definitions/CertSubjectData" + subjectAlternateName: + description: > + Subject alternate names of VNFCI certificates. + type: array + items: + type: string + typeOfVnfcCertHandling: + description: > + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. + It indicates the mode of certificate management for the target entity. + The possible values are: + • direct mode + • delegation mode + See note 2. + + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + enum: + - direct mode + - delegation mode _links: description: > Links to resources related to this resource. @@ -184,7 +90,7 @@ definitions: URI of this resource. $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" - CreateSubjectRequest: + RegistrationRequest: description: > This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. @@ -192,97 +98,71 @@ definitions: are profiled with the mandatory-defined parameters in the CMP in IETF RFC 4210. type: object required: - - pkiHeader - - pkiBody + - certType + - subjectId + - typeOfVnfcCertHandling properties: - pkiHeader: + certType: description: > - A common informatio0n of PKI message for addressing and transaction identification. The structure and - attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - ir - properties: - ir: - description: > - Information for Initialization Request. - $ref: "#/definitions/CertReqMessages" - - CSRRequest: - description: > - This type represents request parameters for the "Certificate Signing Request" operation. - - NOTE: As concept of the design of the type “CSRRequest”, the attributes in the table 5.6.2.5-1 - are profiled to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. - type: object - required: - - pkiHeader - - pkiBody - properties: - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. The structure - and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - p10cr - properties: - p10cr: - description: > - Encoded Information for CSR Request. The structure and attributes are aligned and - defined in IETF RFC 2986. - $ref: "#/definitions/CSRMessage" + Indicate the type of target certificate. The possible values are (see note 1): + ・ MANO certificate + ・ VNFCI certificate + ・ VNF OAM certificate - CSRMessage: - description: > - Encoded Information for CSR Request. The structure and attributes are aligned - and defined in IETF RFC 2986. - type: object - - CertReqMessages: - description: > - This type represents a CertReqMessages. - type: object - required: - - CertReqMsg - properties: - CertReqMsg: - description: > - The structure and attributes are defined in IETF RFC 5912. + NOTE 1: Registration of target certificates of type ‘MANO certificate’ is + not covered in this version of the present document. + type: string + enum: + - MANO certificate + - VNFCI certificate + - VNF OAM certificate + subjectId: + description: > + Data about subjects and their certificates that need to be registered. + This attribute shall be present only if certType is VNFCI certificate + or VNF OAM certificate. type: object required: - - CertRequest + - subjectId + - certificateData properties: - CertRequest: + subjectId: description: > - Information for the certificate request. + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateData: + description: > + Data related to certificates for the target VNFCI. type: object - required: - - CertTemplate + required: + - certificateData properties: - CertTemplate: + subjectName: description: > - Information for the certificate to be issued. - type: object - required: - - subjectUID - properties: - subjectUID: - description: > - The value of the Identifier of the certificate target VNFCI as subject ID if - this operation is used for the VNFCI certificate or VNF OAM certificate. See note. + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "#/definitions/CertSubjectData" + subjectAlternateName: + description: > + Subject alternate names of VNFCI certificates. + type: array + items: + type: string + typeOfVnfcCertHandling: + description: > + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. + It indicates the mode of certificate management for the target entity. + The possible values are: + • direct mode + • delegation mode + See note 2. - NOTE: For the case of MANO certificate, this attribute is not supported in this - version of the present document. - type: integer + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + enum: + - direct mode + - delegation mode ####################################################################### ################# Subscriptions Related Data Models ################### @@ -671,4 +551,54 @@ definitions: this attribute. See note 2. type: array items: - type: string \ No newline at end of file + type: string + + CertSubjectData: + description: > + This type provides input information related to subject of certificate. + type: object + properties: + commonName: + description: > + Information of certification target subject FQDN. + Can be set empty when this certificate is used for encrypted communication using IP address. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + organization: + description: > + Information of certification target subject Organization. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + country: + description: > + Information of certification target subject Country. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + state: + description: > + Information of certification target subject State. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + locality: + description: > + Information of certification target subject Locality. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + emailAddress: + description: > + Information of certification contact email address. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + -- GitLab From 4a509f84fcc10f78da0ec301a441b47f19ca417d Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Tue, 1 Jul 2025 06:36:19 +0000 Subject: [PATCH 37/52] Update file CertificateManagement.yaml --- .../CertificateManagement.yaml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 7f7701f..ad41c0a 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -174,7 +174,7 @@ paths: description: | The POST method creates a new subscription. See clause 7.5.3.3.1. requestBody: - $ref: "#/components/requestBodies/CertificateSubscriptionRequest" + $ref: "#/components/requestBodies/RegistrationRequest" responses: 201: $ref: '#/components/responses/Subscriptions.Post.201' @@ -863,23 +863,15 @@ components: type: string requestBodies: - CreateSubjectRequest: + RegistrationRequest: description: > Subject resource creation request. content: application/json: schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CreateSubjectRequest" + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/RegistrationRequest" required: true - CSRRequest: - description: > - Certificate resource creation request. - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CSRRequest" - required: true ####################################################################### ################# Subscription Endpoints Request Bodies ############### -- GitLab From 411633f1aa2df036d12156c27207739258b3155f Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Tue, 1 Jul 2025 07:11:58 +0000 Subject: [PATCH 38/52] fixed bug from pipeline --- .../CertificateManagement.yaml | 4 ++-- .../SOL023CertificateManagement_def.yaml | 24 +++++++++++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index ad41c0a..de594e4 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -378,7 +378,7 @@ components: instance identifier has been created successfully. The response body shall contain a representation of the created Subject instance, as defined in - clause 5.6.2.2. + clause 5.6.3.4. The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. @@ -464,7 +464,7 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.2. + defined in clause 5.6.3.4. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 47ba096..cd9d6bb 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -553,6 +553,30 @@ definitions: items: type: string + CertRepMessages: + description: > + This type represents a CertRepMessages. + type: object + required: + - certResponse + properties: + certResponse: + description: > + The structure and attributes are defined in IETF RFC 5912. + type: object + required: + - certReqId + - status + properties: + certReqId: + description: > + Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". + type: integer + status: + description: > + State of the subject. + $ref: "#/definitions/PKIStatusInfoType" + CertSubjectData: description: > This type provides input information related to subject of certificate. -- GitLab From 5523c698f5abbf9743082af534961908994b7e09 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:09:58 +0200 Subject: [PATCH 39/52] update SOL023CertificateManagement_def.yaml based on SOL023 v0.0.12 final draft --- .../SOL023CertificateManagement_def.yaml | 342 +++++------------- 1 file changed, 90 insertions(+), 252 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index cd9d6bb..3f44e46 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -3,8 +3,10 @@ definitions: description: > This type represents a subject instance. - NOTE: Wherever mentioned, attributes of the type "SubjectInstance", in the table 5.6.2.2-1 - are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. + NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version + of the present document. + + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: object required: - id @@ -20,22 +22,18 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - ・ MANO certificate - ・ VNFCI certificate - ・ VNF OAM certificate - - NOTE 1: Registration of target certificates of type ‘MANO certificate’ is - not covered in this version of the present document. + - MANO certificate + - VNFCI certificate + - VNF OAM certificate type: string enum: - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate subjectId: description: > - Data about subjects and their certificates that need to be registered. - This attribute shall be present only if certType is VNFCI certificate - or VNF OAM certificate. + Data about subjects and their certificates that need to be registered. This attribute shall be present + only if certType is VNFCI certificate or VNF OAM certificate. type: object required: - subjectId @@ -43,41 +41,36 @@ definitions: properties: subjectId: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for + the VNFCI certificate or VNF OAM certificate. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" certificateData: description: > Data related to certificates for the target VNFCI. type: object required: - - certificateData + - subjectAlternateName properties: subjectName: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization, + country etc. $ref: "#/definitions/CertSubjectData" subjectAlternateName: description: > Subject alternate names of VNFCI certificates. - type: array - items: - type: string + type: string typeOfVnfcCertHandling: description: > - This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. - It indicates the mode of certificate management for the target entity. - The possible values are: - • direct mode - • delegation mode + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the + mode of certificate management for the target entity. The possible values are: + - direct mode + - delegation mode See note 2. - - NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: string enum: - - direct mode - - delegation mode + - direct_mode + - delegation_mode _links: description: > Links to resources related to this resource. @@ -94,8 +87,9 @@ definitions: description: > This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. - NOTE: As concept of the design of the type “CreateSubjectReuquest”, the attributes in the table 5.6.2.4-1 - are profiled with the mandatory-defined parameters in the CMP in IETF RFC 4210. + NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version of the + present document. + NOTE 2: Only the value "delegation mode" is allowed for this version of the present document. type: object required: - certType @@ -105,22 +99,18 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - ・ MANO certificate - ・ VNFCI certificate - ・ VNF OAM certificate - - NOTE 1: Registration of target certificates of type ‘MANO certificate’ is - not covered in this version of the present document. + - MANO certificate + - VNFCI certificate + - VNF OAM certificate type: string enum: - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate subjectId: description: > - Data about subjects and their certificates that need to be registered. - This attribute shall be present only if certType is VNFCI certificate - or VNF OAM certificate. + Data about subjects and their certificates that need to be registered. This attribute shall be present + only if certType is VNFCI certificate or VNF OAM certificate. type: object required: - subjectId @@ -128,41 +118,69 @@ definitions: properties: subjectId: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for + the VNFCI certificate or VNF OAM certificate. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" certificateData: description: > Data related to certificates for the target VNFCI. type: object required: - - certificateData + - subjectAlternateName properties: subjectName: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization, + country etc. $ref: "#/definitions/CertSubjectData" subjectAlternateName: description: > Subject alternate names of VNFCI certificates. - type: array - items: - type: string + type: string typeOfVnfcCertHandling: description: > - This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. - It indicates the mode of certificate management for the target entity. - The possible values are: - • direct mode - • delegation mode + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the + mode of certificate management for the target entity. The possible values are: + - direct mode + - delegation mode See note 2. - - NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: string enum: - - direct mode - - delegation mode + - direct_mode + - delegation_mode + + CertSubjectData: + description: > + This type provides input information related to subject of certificate. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: object + properties: + commonName: + description: > + Information of certification target subject FQDN. Can be set empty when this certificate is used for encrypted + communication using IP address. See note. + type: string + organization: + description: > + Information of certification target subject Organization. See note. + type: string + country: + description: > + Information of certification target subject Country. See note. + type: string + state: + description: > + Information of certification target subject State. See note. + type: string + locality: + description: > + Information of certification target subject Locality. See note. + type: string + emailAddress: + description: > + Information of certification contact email address. See note. + type: string ####################################################################### ################# Subscriptions Related Data Models ################### @@ -272,7 +290,8 @@ definitions: cetificateState: description: > The state of the Certificate. - $ref: "#/definitions/PKIStatusInfoType" + # TODO + # $ref: "#/definitions/PKIStatusInfoType" certificateId: description: > The identifier of the Certificate affected. @@ -329,7 +348,7 @@ definitions: vnfInstanceSubscriptionFilter: description: > Filter criteria to select VNF instances about which to notify. - $ref: "#/definitions/VnfInstanceSubscriptionFilter" + $ref: "../../definitions/SOL023_def.yaml#/definitions/VnfInstanceSubscriptionFilter" cetificateState: description: > Match particular Certificate state values as reported in notifications of type @@ -339,7 +358,8 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - $ref: "#/definitions/PKIStatusInfoType" + # TODO + # $ref: "#/definitions/PKIStatusInfoType" certificationType: description: > Match particular certificate types. @@ -392,7 +412,8 @@ definitions: ip: description: > Information for Initialization response. - $ref: "#/definitions/CertRepMessages" + # TODO + # $ref: "#/definitions/CertRepMessages" AffectedCertificate: description: > @@ -432,7 +453,8 @@ definitions: cp: description: > Information for CSR response. - $ref: "#/definitions/CertRepMessages" + # TODO + # $ref: "#/definitions/CertRepMessages" CertificateNotificationVerbosityType: description: > @@ -441,188 +463,4 @@ definitions: type: string enum: - FULL - - SHORT - - PKIStatusInfoType: - description: > - The enumeration PKIStatusInfoType shall comply with the provisions defined in table 4.3.4.1-1. - type: string - enum: - - ACCEPTED - - GRANTED_WITH_MODS - - REJECTED - - WAITING - - REVOCATION_WARNING - - REVOCATION_NOTIFICATION - - KEY_UPDATE_WARNING - - VnfInstanceSubscriptionFilter: - description: > - This type represents subscription filter criteria to match VNF - instances. - * NOTE 1: The attributes "vnfdIds" and "vnfProductsFromProviders" are alternatives to reference to VNF instances - that are based on certain VNFDs in a filter. They should not be used both in the same filter instance, - but one alternative should be chosen. - NOTE 2: The attributes "vnfInstanceIds" and "vnfInstanceNames" are alternatives to reference to particular VNF - instances in a filter. They should not be used both in the same filter instance, but one alternative - should be chosen. - type: object - anyOf: - - oneOf: - - required: - - vnfdIds - - required: - - vnfProductsFromProviders - - oneOf: - - required: - - vnfInstanceIds - - required: - - vnfInstanceNames - properties: - vnfdIds: - description: > - If present, match VNF instances that were created based on a VNFD - identified by one of the vnfdId values listed in this attribute. See note 1. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - vnfProductsFromProviders: - description: > - If present, match VNF instances that belong to VNF products from - certain providers. See note 1. - type: array - items: - type: object - required: - - vnfProvider - properties: - vnfProvider: - description: > - Name of the VNF provider to match. - type: string - vnfProducts: - description: > - If present, match VNF instances that belong to VNF products - with certain product names, from one particular provider. - type: array - items: - type: object - required: - - vnfProductName - properties: - vnfProductName: - description: > - Name of the VNF product to match. - type: string - versions: - description: > - If present, match VNF instances that belong to VNF - products with certain versions and a certain product - name, from one particular provider. - type: array - items: - type: object - required: - - vnfSoftwareVersion - properties: - vnfSoftwareVersion: - description: > - Software version to match. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" - vnfdVersions: - description: > - If present, match VNF instances that belong to VNF - products with certain VNFD versions, a certain - software version and a certain product name, from - one particular provider. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" - vnfInstanceIds: - description: > - If present, match VNF instances with an instance identifier listed - in this attribute. See note 2. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - vnfInstanceNames: - description: > - If present, match VNF instances with a VNF Instance Name listed in - this attribute. See note 2. - type: array - items: - type: string - - CertRepMessages: - description: > - This type represents a CertRepMessages. - type: object - required: - - certResponse - properties: - certResponse: - description: > - The structure and attributes are defined in IETF RFC 5912. - type: object - required: - - certReqId - - status - properties: - certReqId: - description: > - Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". - type: integer - status: - description: > - State of the subject. - $ref: "#/definitions/PKIStatusInfoType" - - CertSubjectData: - description: > - This type provides input information related to subject of certificate. - type: object - properties: - commonName: - description: > - Information of certification target subject FQDN. - Can be set empty when this certificate is used for encrypted communication using IP address. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - organization: - description: > - Information of certification target subject Organization. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - country: - description: > - Information of certification target subject Country. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - state: - description: > - Information of certification target subject State. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - locality: - description: > - Information of certification target subject Locality. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - emailAddress: - description: > - Information of certification contact email address. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - + - SHORT \ No newline at end of file -- GitLab From bbbc8507448f2599b2d900fdd9a94144faf8c9b2 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:10:24 +0200 Subject: [PATCH 40/52] update CertificateManagement.yaml based on SOL023 v0.0.12 final draft --- .../CertificateManagement.yaml | 66 ++++++++++--------- 1 file changed, 34 insertions(+), 32 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index de594e4..f33f09c 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -160,7 +160,6 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - ####################################################################### ###################### Subscription Endpoints ######################## ####################################################################### @@ -296,9 +295,9 @@ components: filter_subject_instances: name: filter description: > - Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. - The CMF shall support receiving this parameter as part of the URI query string. The VNFM may - supply this parameter. + Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013. + The CMF shall support receiving this parameter as part of the URI query string. The VNFM + may supply this parameter. All attribute names that appear in the SubjectInstance and in data types referenced from it shall be supported by the CMF in the filter expression. in: query @@ -310,12 +309,12 @@ components: name: exclude_default in: query description: >- - Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. - The following attributes shall be excluded from the SubjectInstance structure in the response - body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", + Indicates to exclude the following complex attributes from the response. See clause 5.3 of ETSI + GS NFV-SOL 013 for details. The CMF shall support this parameter. + The following attributes shall be excluded from the SubjectInstance structure in the response body + if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: - - subjectId + - subjectId required: false schema: type: string @@ -335,9 +334,10 @@ components: schema: type: string + ####################################################################### + ################# Parameters for Subscriptions Resources ############## + ####################################################################### -############################# For Subscriptions Resources ############################# - filter_subscriptions: name: filter description: > @@ -374,14 +374,13 @@ components: description: > 201 CREATED - Shall be returned when a new "Individual Subject instance" resource and the associated Subject - instance identifier has been created successfully. + Shall be returned when a new "Individual Subject instance" resource and the associated Subject instance + identifier has been created successfully. - The response body shall contain a representation of the created Subject instance, as defined in - clause 5.6.3.4. + The response body shall contain a representation of the created Subject instance, as defined in clause 5.6.2.2. - The HTTP response shall include a "Location" HTTP header that contains the resource URI of the - created Subject instance. + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created + Subject instance. headers: Location: description: | @@ -464,16 +463,16 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.3.4. + defined in clause 5.6.b.2.2. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response - body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013, respectively. + body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of ETSI GS + NFV SOL 013, respectively. - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for - this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013. + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for this + resource, inclusion of the Link HTTP header in this response shall follow the provisions in clause 5.4.2.3 + of ETSI GS NFV SOL 013. headers: Location: description: | @@ -521,7 +520,8 @@ components: 200 OK Shall be returned when information about an individual Subject instance has been read successfully. - The response body shall contain a representation of the Subject instance, as defined in clause 5.6.2.2. + + The response body shall contain a representation of the Subject instance, as defined in clause 5.6.4.2.2. headers: WWW-Authenticate: description: | @@ -551,8 +551,9 @@ components: description: | 204 NO CONTENT - Shall be returned when the "Individual Subject instance" resource and the associated - Subject identifier were deleted successfully. + Shall be returned when the "Individual Subject instance" resource and the associated Subject + identifier were deleted successfully. + The response body shall be empty. headers: WWW-Authenticate: @@ -574,9 +575,12 @@ components: description: | 409 CONFLICT - Shall be returned upon the following error: The operation cannot be executed currently, due to a - conflict with the state of the resource. - Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict + with the state of the resource. + + Typically, this is due to the fact that not all certificates under the “Individual Subject instance” are + either expired or have been revoked. + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. headers: @@ -606,7 +610,6 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - ####################################################################### ################# Subscription Endpoints Response Bodies ############## ####################################################################### @@ -865,13 +868,12 @@ components: requestBodies: RegistrationRequest: description: > - Subject resource creation request. + Subject resource creation request. Defined in clause 5.6.4.2.3. content: application/json: schema: $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/RegistrationRequest" required: true - ####################################################################### ################# Subscription Endpoints Request Bodies ############### -- GitLab From b52cba9c1c2952e367d911c5baa0a95a1c0c9ad5 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:10:55 +0200 Subject: [PATCH 41/52] update CertificateNotification.yaml based on SOL023 v0.0.12 final draft --- .../CertificateNotification/CertificateNotification.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/CertificateNotification/CertificateNotification.yaml b/src/SOL023/CertificateNotification/CertificateNotification.yaml index d100608..73898fc 100644 --- a/src/SOL023/CertificateNotification/CertificateNotification.yaml +++ b/src/SOL023/CertificateNotification/CertificateNotification.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/callback/v2 -- GitLab From bf5768d555364d4edc6c482e07e28795ab5807d8 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:11:23 +0200 Subject: [PATCH 42/52] update SOL023_def.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/definitions/SOL023_def.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/SOL023/definitions/SOL023_def.yaml b/src/SOL023/definitions/SOL023_def.yaml index 559a4c0..77591ea 100644 --- a/src/SOL023/definitions/SOL023_def.yaml +++ b/src/SOL023/definitions/SOL023_def.yaml @@ -197,7 +197,7 @@ definitions: subscriptions. The value of clientPassword should be generated by a random process. * NOTE 2: As a less secure alternative to OAUTH2_CLIENT_CERT which uses mutual authentication based on X.509 certificates, this mode which uses client password to authenticate may be used in the access token request - toward the authorization server (as defined by IETF RFC 6749 [7]), only to support legacy implementations + toward the authorization server (as defined by IETF RFC 6749), only to support legacy implementations (version 3.4.1 or earlier version of the present document). See clause 8.1 for more details. * NOTE 3: The following values that were included up to version 3.4.1 of the present document have been removed: "BASIC" (to signal the use of the basic HTTP authentication) has been removed because it is insecure. -- GitLab From ec5b2253d4b7cc7d4b9ebb0da47584dcc5489a97 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:11:46 +0200 Subject: [PATCH 43/52] update SOL023_resp.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/responses/SOL023_resp.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SOL023/responses/SOL023_resp.yaml b/src/SOL023/responses/SOL023_resp.yaml index 43d5494..0136c4b 100644 --- a/src/SOL023/responses/SOL023_resp.yaml +++ b/src/SOL023/responses/SOL023_resp.yaml @@ -48,7 +48,7 @@ responses: If the request is malformed or syntactically incorrect (e.g. if the request URI contains incorrect query parameters or the message content contains a syntactically incorrect data structure), the API producer shall respond with this response code. - More details are defined in IETF RFC 9110 [24]. The "ProblemDetails" structure + More details are defined in IETF RFC 9110. The "ProblemDetails" structure shall be provided, and should include in the "detail" attribute more information about the source of the problem. @@ -66,7 +66,7 @@ responses: If the request contains a malformed access token, the API producer should respond with this response. The details of the error shall be returned in the - WWW-Authenticate HTTP header, as defined in IETF RFC 6750 [8]. The + WWW-Authenticate HTTP header, as defined in IETF RFC 6750. The ProblemDetails structure may be provided. The use of this HTTP error response code described above is applicable to the use of the OAuth 2.0 for @@ -493,7 +493,7 @@ responses: If the API consumer has sent too many requests in a defined period of time and the API producer is able to detect that condition ("rate limiting"), the API producer shall respond with this response code, - following the provisions in IETF RFC 6585 [17] for the use of the "Retry-After" HTTP header. + following the provisions in IETF RFC 6585 for the use of the "Retry-After" HTTP header. The "ProblemDetails" structure shall be provided and shall include in the "detail" attribute more information about the source of the problem. -- GitLab From 906514ba59e362d544d614bcb52ac75a461c288c Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:12:24 +0200 Subject: [PATCH 44/52] update VNFLifecycleManagement.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 1605d54..707fae8 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/vnflcm/v2 -- GitLab From a71f97835beb3b3d0295c4ed0d102ad8de53e154 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:13:12 +0200 Subject: [PATCH 45/52] update VNFLifecycleManagementNotification.yaml based on SOL023 v0.0.12 final draft --- .../VNFLifecycleManagementNotification.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml index 8030377..0437a7b 100644 --- a/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml +++ b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/vnflcm/v2 -- GitLab From b7c90979e02988b3b1db909f71fe613eaf3f871a Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:13:48 +0200 Subject: [PATCH 46/52] update README.md based on SOL023 v0.0.12 final draft --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 50867af..a094ed3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # NFV SOL023 APIs -This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.2.1. +This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.3.1. The APIs described in this repository are defined for the following reference point -- GitLab From 9126a324640e1237e158ad7d4d020b983c7f97cf Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:25:36 +0200 Subject: [PATCH 47/52] fix ref issues in SOL023CertificateManagement_def.yaml --- .../SOL023CertificateManagement_def.yaml | 24 +++++++++++++++---- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 3f44e46..eec786f 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -290,8 +290,10 @@ definitions: cetificateState: description: > The state of the Certificate. - # TODO + # ToDo # $ref: "#/definitions/PKIStatusInfoType" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" certificateId: description: > The identifier of the Certificate affected. @@ -358,8 +360,10 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - # TODO + # ToDo # $ref: "#/definitions/PKIStatusInfoType" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" certificationType: description: > Match particular certificate types. @@ -412,8 +416,10 @@ definitions: ip: description: > Information for Initialization response. - # TODO + # ToDo # $ref: "#/definitions/CertRepMessages" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" AffectedCertificate: description: > @@ -453,8 +459,10 @@ definitions: cp: description: > Information for CSR response. - # TODO + # ToDo # $ref: "#/definitions/CertRepMessages" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" CertificateNotificationVerbosityType: description: > @@ -463,4 +471,10 @@ definitions: type: string enum: - FULL - - SHORT \ No newline at end of file + - SHORT + + # Adding this datatype to pass the pipeline validation # ToDo + ToDo: + description: > + ToDO + type: string \ No newline at end of file -- GitLab From 02f03940f1513145bd07a13ae9cad7619a9159f9 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:29:08 +0200 Subject: [PATCH 48/52] fix ToDo ref issues in SOL023CertificateManagement_def.yaml --- .../definitions/SOL023CertificateManagement_def.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index eec786f..4a05d37 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -293,7 +293,7 @@ definitions: # ToDo # $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -363,7 +363,7 @@ definitions: # ToDo # $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -419,7 +419,7 @@ definitions: # ToDo # $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" AffectedCertificate: description: > @@ -462,7 +462,7 @@ definitions: # ToDo # $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" CertificateNotificationVerbosityType: description: > @@ -473,8 +473,8 @@ definitions: - FULL - SHORT - # Adding this datatype to pass the pipeline validation # ToDo + # Adding this temporary datatype to pass the pipeline validation # ToDo ToDo: description: > - ToDO + ToDo type: string \ No newline at end of file -- GitLab From f9890d6641577604cc330271581a283cf0d399bc Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 2 Jul 2025 16:06:37 +0200 Subject: [PATCH 49/52] removed ToDo temporary data model --- .../SOL023CertificateManagement_def.yaml | 38 ++++++++++++------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 4a05d37..5b0cfdd 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -291,9 +291,9 @@ definitions: description: > The state of the Certificate. # ToDo - # $ref: "#/definitions/PKIStatusInfoType" + $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -361,9 +361,9 @@ definitions: type: array items: # ToDo - # $ref: "#/definitions/PKIStatusInfoType" + $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -417,9 +417,9 @@ definitions: description: > Information for Initialization response. # ToDo - # $ref: "#/definitions/CertRepMessages" + $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" AffectedCertificate: description: > @@ -454,15 +454,15 @@ definitions: The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - - ip + - cp properties: cp: description: > Information for CSR response. # ToDo - # $ref: "#/definitions/CertRepMessages" + $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" CertificateNotificationVerbosityType: description: > @@ -473,8 +473,20 @@ definitions: - FULL - SHORT - # Adding this temporary datatype to pass the pipeline validation # ToDo - ToDo: + # # Adding this temporary datatype to pass the pipeline validation # ToDo + # ToDo: + # description: > + # ToDo + # type: string + + # ToDo - populate PKIStatusInfoType when defined + PKIStatusInfoType: + description: > + Not provided. + type: object + + # ToDo - populate CertRepMessages when defined + CertRepMessages: description: > - ToDo - type: string \ No newline at end of file + Indicates CMPv2 CertRepMessage structure. + type: object \ No newline at end of file -- GitLab From c1cd40a03f1b3f2f8f4806b6dc2c8600c3448214 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 2 Jul 2025 16:10:44 +0200 Subject: [PATCH 50/52] removed ToDo comments except for PKIStatusInfoType and CertRepMessage --- .../SOL023CertificateManagement_def.yaml | 26 +++---------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 5b0cfdd..d08137e 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -290,10 +290,7 @@ definitions: cetificateState: description: > The state of the Certificate. - # ToDo $ref: "#/definitions/PKIStatusInfoType" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -360,10 +357,7 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - # ToDo $ref: "#/definitions/PKIStatusInfoType" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -416,10 +410,7 @@ definitions: ip: description: > Information for Initialization response. - # ToDo - $ref: "#/definitions/CertRepMessages" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" + $ref: "#/definitions/CertRepMessage" AffectedCertificate: description: > @@ -459,10 +450,7 @@ definitions: cp: description: > Information for CSR response. - # ToDo - $ref: "#/definitions/CertRepMessages" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" + $ref: "#/definitions/CertRepMessage" CertificateNotificationVerbosityType: description: > @@ -473,20 +461,14 @@ definitions: - FULL - SHORT - # # Adding this temporary datatype to pass the pipeline validation # ToDo - # ToDo: - # description: > - # ToDo - # type: string - # ToDo - populate PKIStatusInfoType when defined PKIStatusInfoType: description: > Not provided. type: object - # ToDo - populate CertRepMessages when defined - CertRepMessages: + # ToDo - populate CertRepMessage when defined + CertRepMessage: description: > Indicates CMPv2 CertRepMessage structure. type: object \ No newline at end of file -- GitLab From 5fed00e007d818810f7efa3360a63a2651c5183e Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Thu, 4 Sep 2025 14:46:34 +0200 Subject: [PATCH 51/52] add changes as per the draft SOL023ed531v000013 --- .../CertificateManagement.yaml | 4 ++-- .../SOL023CertificateManagement_def.yaml | 20 +++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index f33f09c..7e6fbec 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -377,7 +377,7 @@ components: Shall be returned when a new "Individual Subject instance" resource and the associated Subject instance identifier has been created successfully. - The response body shall contain a representation of the created Subject instance, as defined in clause 5.6.2.2. + The response body shall contain a representation of the created Subject instance, as defined in clause 5.6.4.2.2. The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. @@ -463,7 +463,7 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.b.2.2. + defined in clause 5.6.4.2.2. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index d08137e..8a3ab21 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -22,9 +22,9 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate type: string enum: - MANO_certificate @@ -64,8 +64,8 @@ definitions: description: > This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the mode of certificate management for the target entity. The possible values are: - - direct mode - - delegation mode + - direct_mode + - delegation_mode See note 2. type: string enum: @@ -99,9 +99,9 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate type: string enum: - MANO_certificate @@ -141,8 +141,8 @@ definitions: description: > This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the mode of certificate management for the target entity. The possible values are: - - direct mode - - delegation mode + - direct_mode + - delegation_mode See note 2. type: string enum: -- GitLab From 5cc7f6378a4e43bb9c6b461e0bedc3651aa4a861 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Fri, 5 Sep 2025 14:30:02 +0200 Subject: [PATCH 52/52] update clause reference as per SOL023 v5.3.1 published draft --- src/SOL023/CertificateManagement/CertificateManagement.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 7e6fbec..06c0a89 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -754,7 +754,7 @@ components: The response body shall contain in an array the representations of all active subscriptions of the functional block that invokes the method, i.e. zero or more representations of certificate - change notification subscriptions as defined in clause 7.7.2.3. + change notification subscriptions as defined in clause 7.7.2.2. If the "filter" URI parameter was supplied in the request, the data in the response body shall have been transformed according to the rules specified in clause 5.2.2 of ETSI GS NFV-SOL 013. -- GitLab