Merge pull request #1001 from netbox-community/develop

Version 2.6.0
This commit is contained in:
Tobias Genannt 2023-04-28 09:00:49 +02:00 committed by GitHub
commit b4a6be37ec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 42 additions and 103 deletions

View File

@ -1,10 +1,10 @@
.git .git*
.github
.travis.yml
*.md *.md
env
build* build*
docker-compose.override.yml docker-compose*
env
test-configuration
.netbox/.git* .netbox/.git*
.netbox/.travis.yml .netbox/contrib
.netbox/scripts .netbox/scripts
.netbox/upgrade.sh

View File

@ -30,7 +30,11 @@ RUN export DEBIAN_FRONTEND=noninteractive \
ARG NETBOX_PATH ARG NETBOX_PATH
COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt /
RUN sed -i -e '/psycopg2-binary/d' /requirements.txt && \ RUN \
# We compile 'psycopg2' in the build process
sed -i -e '/psycopg2-binary/d' /requirements.txt && \
# Gunicorn is not needed because we use Nginx Unit
sed -i -e '/gunicorn/d' /requirements.txt && \
# We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt
# we have potential version conflicts and the build will fail. # we have potential version conflicts and the build will fail.
# That's why we just replace it in the original requirements.txt. # That's why we just replace it in the original requirements.txt.
@ -93,11 +97,11 @@ WORKDIR /opt/netbox/netbox
# Must set permissions for '/opt/netbox/netbox/media' directory # Must set permissions for '/opt/netbox/netbox/media' directory
# to g+w so that pictures can be uploaded to netbox. # to g+w so that pictures can be uploaded to netbox.
RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \
&& chown -R unit:root media /opt/unit/ \ && chown -R unit:root /opt/unit/ media reports scripts \
&& chmod -R g+w media /opt/unit/ \ && chmod -R g+w /opt/unit/ media reports scripts \
&& cd /opt/netbox/ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python -m mkdocs build \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \
--config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \
&& SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input
ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH
ENTRYPOINT [ "/usr/bin/tini", "--" ] ENTRYPOINT [ "/usr/bin/tini", "--" ]

View File

@ -99,7 +99,7 @@ For each of the above tag, there is an extra tag:
## Documentation ## Documentation
Please refer [to our wiki on GitHub][netbox-docker-wiki] for further information on how to use the NetBox Docker image properly. Please refer [to our wiki on GitHub][netbox-docker-wiki] for further information on how to use the NetBox Docker image properly.
The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring NAPALM and LDAP. The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring LDAP.
Our wiki is a community effort. Our wiki is a community effort.
Feel free to correct errors, update outdated information or provide additional guides and insights. Feel free to correct errors, update outdated information or provide additional guides and insights.

View File

@ -1 +1 @@
2.5.3 2.6.0

View File

@ -1,5 +1,11 @@
#!/bin/bash #!/bin/bash
check_if_tags_exists() {
local image=$1
local tag=$2
skopeo list-tags "docker://$image" | jq -r ".Tags | contains([\"$tag\"])"
}
get_image_label() { get_image_label() {
local label=$1 local label=$1
local image=$2 local image=$2

View File

@ -139,7 +139,8 @@ fi
# Check if we have everything needed for the build # Check if we have everything needed for the build
source ./build-functions/check-commands.sh source ./build-functions/check-commands.sh
# Load all build functions
source ./build-functions/get-public-image-config.sh
source ./build-functions/gh-functions.sh source ./build-functions/gh-functions.sh
IMAGE_NAMES="${IMAGE_NAMES-docker.io/netboxcommunity/netbox}" IMAGE_NAMES="${IMAGE_NAMES-docker.io/netboxcommunity/netbox}"
@ -309,19 +310,22 @@ gh_env "FINAL_DOCKER_TAG=${IMAGE_NAME_TAGS[0]}"
### ###
# Checking if the build is necessary, # Checking if the build is necessary,
# meaning build only if one of those values changed: # meaning build only if one of those values changed:
# - a new tag is beeing created
# - base image digest # - base image digest
# - netbox git ref (Label: netbox.git-ref) # - netbox git ref (Label: netbox.git-ref)
# - netbox-docker git ref (Label: org.opencontainers.image.revision) # - netbox-docker git ref (Label: org.opencontainers.image.revision)
### ###
# Load information from registry (only for docker.io) # Load information from registry (only for first registry in "IMAGE_NAMES")
SHOULD_BUILD="false" SHOULD_BUILD="false"
BUILD_REASON="" BUILD_REASON=""
if [ -z "${GH_ACTION}" ]; then if [ -z "${GH_ACTION}" ]; then
# Asuming non Github builds should always proceed # Asuming non Github builds should always proceed
SHOULD_BUILD="true" SHOULD_BUILD="true"
BUILD_REASON="${BUILD_REASON} interactive" BUILD_REASON="${BUILD_REASON} interactive"
elif [ "false" == "$(check_if_tags_exists "${IMAGE_NAMES[0]}" "$TARGET_DOCKER_TAG")" ]; then
SHOULD_BUILD="true"
BUILD_REASON="${BUILD_REASON} newtag"
else else
source ./build-functions/get-public-image-config.sh
echo "Checking labels for '${FINAL_DOCKER_TAG}'" echo "Checking labels for '${FINAL_DOCKER_TAG}'"
BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM}") BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM}")
OLD_BASE_LAST_LAYER=$(get_image_label netbox.last-base-image-layer "${FINAL_DOCKER_TAG}") OLD_BASE_LAST_LAYER=$(get_image_label netbox.last-base-image-layer "${FINAL_DOCKER_TAG}")

View File

@ -136,10 +136,6 @@ if 'BANNER_BOTTOM' in environ:
if 'BANNER_LOGIN' in environ: if 'BANNER_LOGIN' in environ:
BANNER_LOGIN = environ.get('BANNER_LOGIN', None) BANNER_LOGIN = environ.get('BANNER_LOGIN', None)
# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
# BASE_PATH = 'netbox/'
BASE_PATH = environ.get('BASE_PATH', '')
# Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90)
if 'CHANGELOG_RETENTION' in environ: if 'CHANGELOG_RETENTION' in environ:
CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT)
@ -239,20 +235,6 @@ MEDIA_ROOT = environ.get('MEDIA_ROOT', join(_BASE_DIR, 'media'))
# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics' # Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _AS_BOOL) METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _AS_BOOL)
# Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM.
if 'NAPALM_USERNAME' in environ:
NAPALM_USERNAME = environ.get('NAPALM_USERNAME', None)
if 'NAPALM_PASSWORD' in environ:
NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None))
# NAPALM timeout (in seconds). (Default: 30)
if 'NAPALM_TIMEOUT' in environ:
NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT)
# # NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must
# # be provided as a dictionary.
# NAPALM_ARGS = None
# Determine how many objects to display per page within a list. (Default: 50) # Determine how many objects to display per page within a list. (Default: 50)
if 'PAGINATE_COUNT' in environ: if 'PAGINATE_COUNT' in environ:
PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT)
@ -301,17 +283,9 @@ REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS',
RELEASE_CHECK_URL = environ.get('RELEASE_CHECK_URL', None) RELEASE_CHECK_URL = environ.get('RELEASE_CHECK_URL', None)
# RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases' # RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases'
# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of
# this setting is derived from the installed location.
REPORTS_ROOT = environ.get('REPORTS_ROOT', '/etc/netbox/reports')
# Maximum execution time for background tasks, in seconds. # Maximum execution time for background tasks, in seconds.
RQ_DEFAULT_TIMEOUT = _environ_get_and_map('RQ_DEFAULT_TIMEOUT', 300, _AS_INT) RQ_DEFAULT_TIMEOUT = _environ_get_and_map('RQ_DEFAULT_TIMEOUT', 300, _AS_INT)
# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
# this setting is derived from the installed location.
SCRIPTS_ROOT = environ.get('SCRIPTS_ROOT', '/etc/netbox/scripts')
# The name to use for the csrf token cookie. # The name to use for the csrf token cookie.
CSRF_COOKIE_NAME = environ.get('CSRF_COOKIE_NAME', 'csrftoken') CSRF_COOKIE_NAME = environ.get('CSRF_COOKIE_NAME', 'csrftoken')

View File

@ -15,12 +15,6 @@
# 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp', # 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp',
# ) # )
## NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must
## be provided as a dictionary.
# NAPALM_ARGS = {}
## Enable installed plugins. Add the name of each plugin to the list. ## Enable installed plugins. Add the name of each plugin to the list.
# from netbox.configuration.configuration import PLUGINS # from netbox.configuration.configuration import PLUGINS
# PLUGINS.append('my_plugin') # PLUGINS.append('my_plugin')

View File

@ -1,7 +1,7 @@
version: '3.4' version: '3.4'
services: services:
netbox: &netbox netbox: &netbox
image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.3} image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.6.0}
depends_on: depends_on:
- postgres - postgres
- redis - redis
@ -15,9 +15,9 @@ services:
test: "curl -f http://localhost:8080/api/ || exit 1" test: "curl -f http://localhost:8080/api/ || exit 1"
volumes: volumes:
- ./configuration:/etc/netbox/config:z,ro - ./configuration:/etc/netbox/config:z,ro
- ./reports:/etc/netbox/reports:z,ro - netbox-media-files:/opt/netbox/netbox/media:z,rw
- ./scripts:/etc/netbox/scripts:z,ro - netbox-reports-files:/opt/netbox/netbox/reports:z,rw
- netbox-media-files:/opt/netbox/netbox/media:z - netbox-scripts-files:/opt/netbox/netbox/scripts:z,rw
netbox-worker: netbox-worker:
<<: *netbox <<: *netbox
depends_on: depends_on:
@ -77,7 +77,11 @@ volumes:
driver: local driver: local
netbox-postgres-data: netbox-postgres-data:
driver: local driver: local
netbox-redis-data:
driver: local
netbox-redis-cache-data: netbox-redis-cache-data:
driver: local driver: local
netbox-redis-data:
driver: local
netbox-reports-files:
driver: local
netbox-scripts-files:
driver: local

2
env/netbox.env vendored
View File

@ -29,6 +29,6 @@ REDIS_INSECURE_SKIP_TLS_VERIFY=false
REDIS_PASSWORD=H733Kdjndks81 REDIS_PASSWORD=H733Kdjndks81
REDIS_SSL=false REDIS_SSL=false
RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases
SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj SECRET_KEY=r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X
SKIP_SUPERUSER=true SKIP_SUPERUSER=true
WEBHOOKS_ENABLED=true WEBHOOKS_ENABLED=true

View File

@ -1,46 +0,0 @@
from dcim.choices import DeviceStatusChoices
from dcim.models import ConsolePort, Device, PowerPort
from extras.reports import Report
class DeviceConnectionsReport(Report):
description = "Validate the minimum physical connections for each device"
def test_console_connection(self):
# Check that every console port for every active device has a connection defined.
active = DeviceStatusChoices.STATUS_ACTIVE
for console_port in ConsolePort.objects.prefetch_related('device').filter(device__status=active):
if console_port.connected_endpoint is None:
self.log_failure(
console_port.device,
"No console connection defined for {}".format(console_port.name)
)
elif not console_port.connection_status:
self.log_warning(
console_port.device,
"Console connection for {} marked as planned".format(console_port.name)
)
else:
self.log_success(console_port.device)
def test_power_connections(self):
# Check that every active device has at least two connected power supplies.
for device in Device.objects.filter(status=DeviceStatusChoices.STATUS_ACTIVE):
connected_ports = 0
for power_port in PowerPort.objects.filter(device=device):
if power_port.connected_endpoint is not None:
connected_ports += 1
if not power_port.connection_status:
self.log_warning(
device,
"Power connection for {} marked as planned".format(power_port.name)
)
if connected_ports < 2:
self.log_failure(
device,
"{} connected power supplies found (2 needed)".format(connected_ports)
)
else:
self.log_success(device)

View File

@ -1,5 +1,4 @@
django-auth-ldap==4.2.0 django-auth-ldap==4.3.0
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2
napalm==4.0.0
psycopg2==2.9.6 psycopg2==2.9.6
python3-saml==1.15.0 python3-saml==1.15.0

View File