Release v4.1.0

Release Notes

Date	Revision	Description
2023-06-27	0	Initial release

• For BREAKING CHANGES, please review the section #4 "Breaking Changes" below.
• For KNOWN ISSUES, please review the section #7 "Known Issues" below.

Summary

ML v15.1.0 support - This IaC release now supports Mojaloop v15.1.0 Release.

1. New Features

• mojaloop/#3381 [IaC] IaC release to include Mojaloop v15.1.0 Helm Release with SDK enhancements for R2P

2. Bug Fixes

• mojaloop/#3387 [BOF Tests] Fixed bof report test pipeline (iac-aws-platform/pull/90 & iac-aws-platform/pull/88)
• mojaloop/#3391 [IaC] Removed refreshperiod on random secrets (iac-aws-platform/pull/89)
• mojaloop/#3339 [IaC] Support for special characters in finance portal (iac-aws-platform/pull/87)

3. Application versions

• Mojaloop: 15.0.0 -> v15.1.0 (Compare)
• Finance Portal (BOF): v2.4.5 -> v3.0.1 (Compare)

4. Breaking changes

N/A

5. Deprecations

N/A

6. Testing notes

• This release has been validated against the following Dependency Test Matrix:

  Dependency	Version	Notes
  Mojaloop	v15.1.0 & v15.0.0	This IaC release is tested with moth Mojaloop versions v15.1.0 & v15.0.0.
  Finance Portal (BOF)	v3.0.1
  Oathkeeper	0.19.6
  Keto	0.19.6
  Kratos	0.14.1
  Wso2 Mysql Repo	V1.0.0
  MCM	0.6.1
  Nginx	4.3.0
  Prometheus	11.11.1
  Grafana	5.0.9
  Kafka	0.21.2
  Longhorn	1.2.4
  Consul	0.35.0
  Vault	0.23.0
  Certmanager	1.6.1
  External Dns	6.7.2
  Loki Stack	2.8.3
  Alias Oracle	1.4.2
  Mfi Account Oracle	2.0.7
  Mfi P2p Oracle	2.0.7
  Haproxy	1.7.2
  Keycloak	6.0.0
  Oauth2 Proxy	5.0.6
  Vault Config Operator	0.8.13

7. Known Issues

• Test pipeline PM4ML - UI Tests is expected to be failed. This needs to be fixed.

8. Contributors

• Organizations: BMGF, InFiTX
• Individuals: @dfry, @mdebarros , @vijayg10

Note: companies are in alphabetical order, individuals are in no particular order.

Full Changelog: v4.0.5...v4.1.0

Release v4.0.5

• fix: bof report failures

Release v4.0.4

• Fixed hardcoded currency in bof report tests
• Fixed branch name for PM4ML UI tests

Release v4.0.3

• fix for secrets being refreshed by turning off random secret refresh period

Release v4.0.2

• Fixed issues with special characters in DB passwords for BOF services

v4.0.1 - Mojaloop v15 support

This IaC release now supports Mojaloop v15 Release, taking full advantage of the maintenance and security improvements introduced by this release. Most notably, the Externalised Secrets supported by the Mojaloop Helm chart are now fully managed by IaC's internal Vault. These Externalised Secrets auto-generated will only be stored in the Vault, as opposed to the previous version where the random passwords were generated in terraform prior to deployment of the Helm chart, which resulted in the username-passwords being stored in the terraform state file.

The Mojaloop external dependencies (e.g. stateful services like MySQL, MongoDB, etc) now make use of the Vault operator (see #6 below), via the creation of the appropriate custom resources (RandomSecret and VaultSecret). The Mojaloop Helm install config now references the secrets generated by this process (see #8 below).

Please note that other external resources that are created for WSO2, Ory stack components, etc, which don't support the use of externalized secrets are still configured using the previous approach of generating passwords within Terraform, storing them in Vault and referencing the credentials in their respective values files directly.

What's Changed

1. Support for Mojaloop v15 Release
2. Added a new stateful service for TTK mongoDB
3. Refactored the test pipelines to use helm tests instead of TTK CLI directly (mojaloop/3239)
4. Added capability to get the report history in TTK interface
5. Enabled “Settlement Initiation Report” by default in terraform/k8s-apps-setup/mojaloop-core/mojaloop-custom-reports/config.json
6. Add support for vault operator (https://github.com/redhat-cop/vault-config-operator) to allow for creation and storing of random secrets in vault as well as CR-generated K8S secrets from these same vault secrets.
7. Custom Resource (CR) based method to auto generate credentials for the creation of stateful resources (mysql/etc)
8. CR-based creation of K8S secrets in multiple namespaces that can then be referenced in different helm charts.
9. Refactored mojaloop values file to support setting secrets as opposed to passwords.

Known Issues

• Secrets being generated do not currently support special characters, with password_policy_use_special_chars being set in the workbench-config-15.json to false by default, until the limitation can be resolved by the following issues:
  • mojaloop/project#3267
  • mojaloop/project#3268

Full Changelog: v4.0.0...v4.0.1

Mojaloop v15 support

Merge pull request #85 from mojaloop/feat/mojaloop-15.0.0

feat: added values files for mojalop, mojaloop-simulator and ttk

minor updates, functional tested release

add support for turning on/off special chars in generated passwords for vault-config generated secrets

first draft beta release

v4.0.0-beta.1

testable version

minor updates - test stateful resources update

v4.0.0-snapshot.5

update reports and bump version