.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2019-2021 Huawei Technologies Co., Ltd.

Release Notes

EdgeGallery Introduction

EdgeGallery 是一个5G MEC开源边缘计算平台,它是一个面向应用和应用开发者的端到端解决方案,对于APP应用来说除支持应用运行的基础MEP平台外,还提供APP应用管理系统(MEC Manager,极简管理面,包括MEPM以及MEAO的部分功能),能够对应用进行端到端生命周期管理,提供X86应用向ARM迁移的工具链,支持应用平滑的跨平台迁移和调优。对应用开发者来说,提供完整的应用开发IDE环境和集成验证环境,为应用开发者提供一站式开发体验,同时通过APP Store功能,对应用开发者开发的APP提供标准的准入验证流程。

Version: v1.1.0

  • Release Date: 2020-04-09

  • Image Version: v1.1.0

新开源仓库列表

模块

名称

类型

URL

说明

Examaple Applications

example-apps

PoC仓

https://gitee.com/edgegallery/example-apps

提供基于EdgeGallery的样例app

EdgeGallery Frontend Component

eg-view

产品仓

https://gitee.com/edgegallery/eg-view

提供归一化的EdgeGallery前端组件

EdgeGallery Testing Platform

edgeT

PoC仓

https://gitee.com/edgegallery/edgeT

为用户提供本地测试的工具链

New Features

需求/发布计划详细说明

  • 【AI软硬件能力】支撑昇腾/Atlas硬件以及开放API

    • AI图像修复、边缘检测、卡通图像生成、图像上色、对象分类、目标检测等;

  • 【跨平台支持】支持基于Openstack的虚机应用和基于K8S容器应用的孵化集成

  • 【体验优化】

    • APP分类、APP推荐、爆款动态刷新

  • 【EdgeNative支持】

    • IaaS/PaaS/应用都支持按需部署、应用框架自动生成

    • MEP微服务管理架构可视化

    • 提供EdgeGallery小程序、设计态等

  • 【API管理】ETSI MEC API、3GPP CAPIF以及昇腾能力支持情况匹配

  • 【安全、用户管理】

    • 分权分域,对关键操作和数据进行权限控制

    • 应用远程登录(如VNC)支持安全协议登录

  • 【社区实验室增强】

    • 提供真实E2E 5G验证环境

    • 资源一键申请,一键释放,可视化管理

  • 【应用创新】

    • AppStore联邦,可注册外部AppStore,应用在不同AppStore间可相互推送和拉取

    • 完成80+应用集成、落地17+创新基地、西安电子科技大学研究生课程

Bug Fixes

参见 EdgeGallery v1.1.0 Test Report

Known Issues

参见 EdgeGallery v1.1.0 Test Report

Security Notes

Fixed Security Issues

参见 EdgeGallery v1.1.0 Test Report

Known Security Issues

参见 EdgeGallery v1.1.0 Security Test Report

Known Vulnerabilities in Used Modules

EdgeGalelry v1.1.0 版本第三方开源组件存在以下漏洞需要用户自行修复:

Appstore

Component

Version

CVE

log4j

1.2.17

CVE-2019-17571

netty-transport

4.1.36.Final

CVE-2019-20444 CVE-2019-20445 CVE-2019-16869 CVE-2020-11612

vertx-core

3.9.4

CVE-2019-17640

docker-java-core

3.2.7

CVE-2019-13139 CVE-2019-13509 CVE-2019-16884 CVE-2019-5736

foundation-ssl

1.3.0

CVE-2004-0009

mybatis-spring

2.0.6

CVE-2020-26945

mybatis-spring-boot-starter

2.1.4

CVE-2020-26945

spring-jdbc

5.1.8.RELEASE

CVE-2020-5398

spring-security-core

5.1.5.RELEASE

CVE-2018-1258

Developer

Component

Version

CVE

netty-transport

4.1.36.Final

CVE-2019-20444 CVE-2019-20445 CVE-2019-16869 CVE-2020-11612

vertx-core

3.9.4

CVE-2019-17640

swagger-codegen-cli

3.0.21

CVE-2018-8088 CVE-2016-6199 CVE-2019-15052 CVE-2020-25649 CVE-2019-10086 CVE-2017-1000207 CVE-2017-1000208 CVE-2017-18640 CVE-2020-11979

docker-java-core

3.2.7

CVE-2019-13139 CVE-2019-13509 CVE-2019-16884 CVE-2019-5736

foundation-ssl

1.3.0

CVE-2004-0009

mybatis-spring

2.0.6

CVE-2020-26945

mybatis-spring-boot-starter

2.1.4

CVE-2020-26945

spring-security-core

5.1.5.RELEASE

CVE-2018-1258

ATP

Component

Version

CVE

netty-transport

4.1.36.Final

CVE-2019-20444 CVE-2019-20445 CVE-2019-16869 CVE-2020-11612

vertx-core

3.9.4

CVE-2019-17640

foundation-ssl

1.3.0

CVE-2004-0009

mybatis-spring

2.0.6

CVE-2020-26945

mybatis-spring-boot-starter

2.1.4

CVE-2020-26945

spring-security-core

5.1.5.RELEASE

CVE-2018-1258

spring-core

5.1.8.RELEASE

CVE-2020-5398

User-mgmt

Component

Version

CVE

vertx-core

3.9.4

CVE-2019-17640

foundation-ssl

1.3.0

CVE-2004-0009

mybatis-spring

2.0.6

CVE-2020-26945

mybatis-spring-boot-starter

2.1.4

CVE-2020-26945

spring-security-core

5.3.8.RELEASE

CVE-2018-1258

Upgrade Notes

N/A

Deprecation Notes

N/A

Other

N/A


Version: v1.0.0

  • Release Date: 2020-12-31

  • Image Version: v1.0.0

新开源仓库列表

模块

名称

类型

URL

说明

ATP(Application Test Platform)

atp

产品仓

https://gitee.com/edgegallery/atp

应用测试平台,为应用认证提供测试支撑

ATP(Application Test Platform)

atp-fe

产品仓

https://gitee.com/edgegallery/atp-fe

提供应用测试认证平台前台支撑

Developer

crane-framework

产品仓

https://gitee.com/edgegallery/crane-framework

为应用开发提供轻量化,插件是的开发框架

MECM

mecm-apprulemgr

产品仓

https://gitee.com/edgegallery/mecm-apprulemgr

管理面提供应用规则配置下发和管理的能力

New Features

需求/发布计划详细说明

  • 版本规划特性

    • 【Developer】优化APP开发测试发布流程,优化API界面,集成多语言SDK

      • 优化首页设计,增加应用开发生命周期流程图;

      • 优化项目开发流程,全新界面设计;

      • 优化部署调测环节,增加可视化展示部署过程展示,增加部署结果POD展示;

      • 优化能力中心界面,增加能力分类选择;

      • 应用发布环节对接认证测试平台;

    • 【AppStore】界面易用性优化,EdgeGallery生态能力优化

    • 【MECM】优化拓扑、应用管理及边缘节点管理,新增获取MEP能力功能,AK/SK配置接口

    • 【MEP】支持APP心跳检测,新增获取MEP能力接口,AK/SK配置接口,MEP-agent新增获取token接口

    • 【ATP】APP应用的测试能力增强

    • 【Test】提供健康检查功能,优化安装包,开发测试平台支持测试例管理

  • PoC 特性

    • MEP服务治理页面展示

    • 引入插件式应用框架Crane-framework

    • AppStore联邦,可注册外部AppStore,应用在不同AppStore间可相互推送和拉取

PoC Test Report

参见EdgeGallery v1.0.0 PoC Test Report

Bug Fixes

参见 EdgeGallery v1.0.0 Test Report

Known Issues

参见 EdgeGallery v1.0.0 Test Report

Security Notes

Fixed Security Issues

参见 EdgeGallery v1.0.0 Test Report

Known Security Issues

参见 EdgeGallery v1.0.0 Test Report

Known Vulnerabilities in Used Modules

EdgeGalelry v1.0.0 版本第三方开源组件存在以下漏洞需要用户自行修复:

Appstore

Component

Version

CVE

log4j (indirect dependency)

1.2.17

CVE-2019-17571

bcprov-jdk15on-1.66.jar

1.66

CVE-2020-28052

jackson-databind

2.10.5

CVE-2020-25649

spring-security-oauth2

2.3.3.RELEASE

CVE-2018-15758

tomcat-embed-core

9.0.37

CVE-2020-17525

Developer

Component

Version

CVE

spring-beans (indirect dependency)

5.1.8.RELEASE

CVE-2020-5398

spring-security-core

5.3.4.RELEASE

CVE-2018-1258

jackson-databind

2.10.5

CVE-2020-25649

mybatis-spring-boot-starter

2.1.1

CVE-2020-26945

tomcat-embed-core

9.0.37

CVE-2020-17527

ATP

Component

Version

CVE

mybatis-spring-boot-starter

2.1.1

CVE-2020-26945

User-mgmt

Component

Version

CVE

spring-security-core

5.3.4.RELEASE

CVE-2018-1258

bcprov-jdk15on

1.66

CVE-2020-28052

jackson-databind

2.10.5

CVE-2020-25649

mybatis-spring-boot-starter

2.1.1

CVE-2020-26945

spring-security-oauth2

2.3.3.RELEAS

CVE-2018-15758

Website-gateway

Component

Version

CVE

spring-security-core

5.2.6.RELEASE

CVE-2018-1258

jackson-databind

2.10.5

CVE-2020-26945

spring-security-oauth2

2.3.3

CVE-2018-15758

tomcat-embed-core

9.0.37

CVE-2020-17527

MECM

Component

Version

CVE

lodash

4.17.13

CVE-2020-8203

minimatch

3.0.4

NPM-118

Upgrade Notes

N/A

Deprecation Notes

N/A

Other

N/A


Version: v0.9.1

  • Release Date: 2020-11-11

  • Image Version: v0.9.1

新开源仓库列表

模块

名称

类型

URL

说明

Developer

api-emulator

产品仓

https://gitee.com/edgegallery/api-emulator

提供基本能力的模拟api

Mep

Plugins

产品仓

https://gitee.com/edgegallery/plugins

plugins仓

Developer

toolchain

产品仓

https://gitee.com/edgegallery/toolchain

提供x86平台应用上车ARM时源码分析功能

New Features

需求/发布计划详细说明

  • 安全设计排查问题汇总

  • api模拟器和工具链、plugin仓库开源

  • 【MEP/MEP Agent】ak/sk配置接口

Bug Fixes

参见 EdgeGallery v0.9.1 Test Report

Known Issues

参见 EdgeGallery v0.9.1 Test Report

Security Notes

Fixed Security Issues

参见 EdgeGallery v0.9.1 Test Report

Known Security Issues

参见 EdgeGallery v0.9.1 Test Report

Known Vulnerabilities in Used Modules

EdgeGalelry v0.9.1版本第三方开源组件存在以下漏洞需要用户自行修复:

Appstore

Component

Version

CVE

netty-transport (indirect dependency)

4.1.36.Final

CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2019-16869

log4j (indirect dependency)

1.2.17

CVE-2019-17571

spring-jdbc (indirect dependency)

5.1.8.RELEASE

CVE-2020-5398

spring-security-core (indirect dependency)

5.1.5.RELEASE

CVE-2018-1258

bcprov-jdk15on-1.66.jar

1.66

CVE-2020-28052

foundation-ssl

1.3.0

CVE-2004-0009

jackson-databind

2.10.5

CVE-2020-25649

mybatis

3.5.3

CVE-2020-25645

spring-security-oauth2

2.3.3.RELEASE

CVE-2018-15758

tomcat-embed-core

9.0.37

CVE-2020-17525

vertx-core

3.6.3

CVE-2019-17640

Developer

Component

Version

CVE

netty-transport (indirect dependency)

4.1.36.Final

CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2019-16869

spring-beans (indirect dependency)

5.1.8.RELEASE

CVE-2020-5398

spring-security-config (indirect dependency)

5.1.5.RELEASE

CVE-2018-1258, CVE-2020-5398

spring-security-core

5.3.4.RELEASE

CVE-2018-1258

lodash

4.17.13

CVE-2020-8203

minimatch

3.0.4

NPM-118

spring-security-oauth2

2.3.3

CVE-2018-15758,CVE-2019-11269,CVE-2018-3778

swagger-codegen-cli (shaded: com.fasterxml.jackson.core.jackson-databind:2.10.3)

3.0.21

CVE-2020-25649

foundation-ssl

1.3.0

CVE-2004-0009

jackson-databind

2.10.5

CVE-2020-25649

mybatis-spring

2.0.3

CVE-2020-26945

mybatis-spring-boot-starter

2.1.1

CVE-2020-26945

swagger-codegen-cli

3.0.21

CVE-2017-1000207,CVE-2017-1000208,CVE-2019-10086,CVE-2018-8088,CVE-2017-18640,CVE-2016-6199,CVE-2019-11065,CVE-2019-15052,

tomcat-embed-core

9.0.37

CVE-2020-17527

vertx-core

3.6.3

CVE-2019-17640

User-mgmt

Component

Version

CVE

rxnetty (indirect dependency)

0.4.9

CVE-2015-2156

netty-tcnative-boringssl-static (indirect dependency)

2.0.31.Final

CVE-2015-2156

spring-security-core

5.2.6.RELEASE

CVE-2018-1258

lodash

4.17.20

NPM-1065, NPM-557, NPM-7823

minimatch

3.0.4

NPM-118

Website-gateway

Component

Version

CVE

log4j

1.2.17

CVE-2019-17571

spring-security-core

5.2.6.RELEASE

CVE-2018-1258

MECM

Component

Version

CVE

lodash

4.17.13

CVE-2020-8203

minimatch

3.0.4

NPM-118

Upgrade Notes

N/A

Deprecation Notes

N/A

Other

经过安全工作组评审,Plugins仓库遗留问题单I1XA0N将在v0.9版本发布后通过补丁形式修复,详细情况请参见安全工作组会议纪要


Version: v0.9

  • Release Date: 2020-09-30

  • Image Version: v0.9

新开源仓库列表

模块

名称

类型

URL

说明

helm-charts

helm-charts

部署

https://gitee.com/edgegallery/helm-charts

EdgeGallery部署脚本

website-gateway

website-gateway

产品仓

https://gitee.com/edgegallery/website-gateway

前台封装

user-mgmt

user-mgmt

产品仓

https://gitee.com/edgegallery/user-mgmt

usermgmt后台

user-mgmt

user-mgmt-fe

产品仓

https://gitee.com/edgegallery/user-mgmt-fe

usermgmt前台

mecm

mecm-fe

产品仓

https://gitee.com/edgegallery/mecm-fe

MECM前台

mecm

mecm-applcm

产品仓

https://gitee.com/edgegallery/mecm-applcm

MECM应用生命周期管理

mecm

mecm-apm

产品仓

https://gitee.com/edgegallery/mecm-apm

MECM应用包管理

mecm

mecm-inventory

产品仓

https://gitee.com/edgegallery/mecm-inventory

MECM存量管理

mecm

mecm-appo

产品仓

https://gitee.com/edgegallery/mecm-appo

MECM应用编排

developer

developer-be

产品仓

https://gitee.com/edgegallery/developer-be

developer后台

developer

developer-fe

产品仓

https://gitee.com/edgegallery/developer-fe

developer前台

appstore

appstore-fe

产品仓

https://gitee.com/edgegallery/appstore-fe

appstore前台

appstore

appstore-be

产品仓

https://gitee.com/edgegallery/appstore-be

appstore后台

platform-mgmt

platform-mgmt

产品仓

https://gitee.com/edgegallery/platform-mgmt

安装k8/docker

docs

docs

产品仓

https://gitee.com/edgegallery/docs

文档

New Features

需求/发布计划详细说明

  • All-in-One MEP/MECM网络隔离

  • MEP支持DNS配置

  • 支持All-in-One部署

  • 多节点离线部署

  • 九大维度安全优化

  • MECM界面/拓扑管理/资源管理优化

  • (PoC)kubeedge集成验证

Bug Fixes

参见 EdgeGallery v0.9 Test Report

Known Issues

参见 EdgeGallery v0.9 Test Report

Security Notes

Fixed Security Issues

参见 EdgeGallery v0.9 Test Report

Known Security Issues

参见 EdgeGallery v0.9 Test Report

Known Vulnerabilities in Used Modules

EdgeGalelry v0.9版本第三方开源组件存在以下漏洞需要用户自行修复:

Appstore

Component

Version

CVE

netty-transport (indirect dependency)

4.1.36.Final

CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2019-16869

log4j (indirect dependency)

1.2.17

CVE-2019-17571

spring-jdbc (indirect dependency)

5.1.8.RELEASE

CVE-2020-5398

spring-security-core (indirect dependency)

5.1.5.RELEASE

CVE-2018-1258

Developer

Component

Version

CVE

netty-transport (indirect dependency)

4.1.36.Final

CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2019-16869

spring-beans (indirect dependency)

5.1.8.RELEASE

CVE-2020-5398

spring-security-config (indirect dependency)

5.1.5.RELEASE

CVE-2018-1258, CVE-2020-5398

spring-security-core

5.3.4.RELEASE

CVE-2018-1258

lodash

4.17.13

CVE-2020-8203

minimatch

3.0.4

NPM-118

User-mgmt

Component

Version

CVE

rxnetty (indirect dependency)

0.4.9

CVE-2015-2156

netty-tcnative-boringssl-static (indirect dependency)

2.0.31.Final

CVE-2015-2156

spring-security-core

5.2.6.RELEASE

CVE-2018-1258

lodash

4.17.20

NPM-1065, NPM-557, NPM-7823

minimatch

3.0.4

NPM-118

Website-gateway

Component

Version

CVE

log4j

1.2.17

CVE-2019-17571

spring-security-core

5.2.6.RELEASE

CVE-2018-1258

MECM

Component

Version

CVE

lodash

4.17.13

CVE-2020-8203

minimatch

3.0.4

NPM-118

Upgrade Notes

N/A

Deprecation Notes

N/A

Other

经过安全工作组评审,Plugins仓库遗留问题单I1XA0N将在v0.9版本发布后通过补丁形式修复,详细情况请参见安全工作组会议纪要