Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge in upstream changes #11

Merged
merged 64 commits into from
May 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
64 commits
Select commit Hold shift + click to select a range
249e589
Update dependency psycopg to v3.1.17
renovate[bot] Jan 7, 2024
ea81db4
Merge pull request #1129 from netbox-community/renovate/psycopg-3.x
tobiasge Jan 8, 2024
2fbb5dd
Add env var for CENSUS_REPORTING_ENABLED
kindlich Jan 16, 2024
291ba76
Add Redis Sentinel config as environment vars
NeodymiumFerBore Jan 16, 2024
8450ba2
Merge pull request #1133 from kindlich/patch-1
tobiasge Jan 20, 2024
b8a7ffd
Merge pull request #1134 from NeodymiumFerBore/feat/redis-sentinel-co…
tobiasge Jan 20, 2024
064b713
Update dependency psycopg to v3.1.18
renovate[bot] Feb 4, 2024
46edaa1
Merge pull request #1151 from netbox-community/renovate/psycopg-3.x
tobiasge Feb 5, 2024
f271486
fix segfault
tbotnz Jan 16, 2024
607ccd1
docker-entrypoint.sh: clarify default token message
adlerweb Jan 19, 2024
4da3f75
Merge pull request #1138 from adlerweb/patch-1
tobiasge Feb 22, 2024
3773304
Merge pull request #1135 from tbotnz/release
tobiasge Feb 22, 2024
99b906c
Update Ubuntu and Nginx Unit
tobiasge Feb 28, 2024
24eaba7
Use ARM64 self-hosted runner
tobiasge Mar 2, 2024
8e278c3
Merge pull request #1167 from tobiasge/unit-ubuntu-update
tobiasge Mar 26, 2024
31a4da2
Update dependency django-auth-ldap to v4.7.0
renovate[bot] Mar 26, 2024
d2d7948
Avoid duplicate checks for Renovate PRs
tobiasge Mar 26, 2024
1b9bb2a
Merge pull request #1181 from netbox-community/renovate/django-auth-l…
tobiasge Mar 27, 2024
f443d4a
Merge pull request #1183 from tobiasge/avoid-duplicate-checks
tobiasge Mar 27, 2024
73ce1f9
Fix #1127: Added sentry-sdk to requirements
tobiasge Feb 23, 2024
9f009c5
Merge pull request #1166 from tobiasge/sentry-sdk
tobiasge Mar 27, 2024
46f628e
Update dependency sentry-sdk to v1.44.0
renovate[bot] Mar 28, 2024
b6e5486
Merge pull request #1189 from netbox-community/renovate/sentry-sdk-1.x
tobiasge Mar 28, 2024
6c01ada
Removed version line from the yaml file as it is obsolete
kchandan Apr 1, 2024
4c0ee77
Update dependency sentry-sdk to v1.44.1
renovate[bot] Apr 3, 2024
3df807f
Update dependency django-auth-ldap to v4.8.0
renovate[bot] Apr 4, 2024
3c07538
Merge pull request #1195 from netbox-community/renovate/sentry-sdk-1.x
tobiasge Apr 4, 2024
5309673
Merge pull request #1193 from kchandan/docker-version
tobiasge Apr 4, 2024
2a58230
Merge pull request #1196 from netbox-community/renovate/django-auth-l…
tobiasge Apr 4, 2024
2ee4acb
Update dependency sentry-sdk to v1.45.0
renovate[bot] Apr 10, 2024
eb59ace
Merge pull request #1199 from netbox-community/renovate/sentry-sdk-1.x
tobiasge Apr 10, 2024
e141d9f
Prepare for Netbox 4.0
tobiasge Mar 28, 2024
5873885
Cancel workflow runs for in progress PRs
tobiasge Apr 19, 2024
5f57cb2
Merge pull request #1206 from tobiasge/cancel-old-runs
tobiasge Apr 20, 2024
e024427
Update dependency dulwich to v0.22.0
renovate[bot] Apr 22, 2024
f15dec5
Merge pull request #1207 from netbox-community/renovate/dulwich-0.x
tobiasge Apr 23, 2024
347b943
Update dependency dulwich to v0.22.1
renovate[bot] Apr 23, 2024
c9d8f55
Merge pull request #1208 from netbox-community/renovate/dulwich-0.x
tobiasge Apr 23, 2024
e1335a1
Adds SECURE_* parameters introduced in 3.7.6
cimnine Apr 23, 2024
d52ef44
Merge pull request #1209 from cimnine/HSTS
cimnine Apr 23, 2024
b7d99c9
Update github/super-linter action to v6
renovate[bot] Apr 23, 2024
8fb42b3
Update dependency sentry-sdk to v2
renovate[bot] Apr 26, 2024
a7cb1a4
Merge pull request #1211 from netbox-community/renovate/sentry-sdk-2.x
tobiasge Apr 28, 2024
f1787b4
Disabled new tests
tobiasge Apr 28, 2024
3d6b6c2
Merge pull request #1210 from netbox-community/renovate/github-super-…
tobiasge Apr 28, 2024
1a4ef09
Merge branch 'develop' into prepare-nb40
tobiasge May 4, 2024
40f2410
Update dependency django-storages to v1.14.3
renovate[bot] May 4, 2024
1e78c38
Fixed regex for social-auth-core replacement
tobiasge May 6, 2024
6307a58
Update dependency sentry-sdk to v2.1.1
renovate[bot] May 6, 2024
f5a3e3f
Merge pull request #1215 from tobiasge/prepare-nb40
tobiasge May 6, 2024
7a42faa
Merge pull request #1218 from netbox-community/renovate/sentry-sdk-2.x
tobiasge May 6, 2024
9d247f5
Merge pull request #1216 from netbox-community/renovate/django-storag…
tobiasge May 6, 2024
36f409a
Preparation for 2.9.0
tobiasge May 6, 2024
6d25a54
Merge pull request #1219 from netbox-community/develop
tobiasge May 6, 2024
b6492b2
Fix #1222: Use /login/ as health check URL
tobiasge May 7, 2024
53ac2ff
Merge pull request #1223 from tobiasge/1222-fix-health-check
tobiasge May 7, 2024
2561055
Install Sentry Django integration correctly
tobiasge May 7, 2024
620ca96
Merge pull request #1224 from tobiasge/fix-sentry-sdk
tobiasge May 7, 2024
1265d22
Preparation for 2.9.1
tobiasge May 7, 2024
0c99ff8
Merge pull request #1225 from netbox-community/develop
tobiasge May 7, 2024
b009cbf
Merge branch 'release' into develop
infracaninophile May 10, 2024
f805a03
Github -> GitHub
infracaninophile May 10, 2024
2181cff
Temporarily comment out the netbox_dns plugin addition
infracaninophile May 10, 2024
dd1c2c8
Partially revert upstream CI changes
infracaninophile May 10, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions .github/workflows/push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ on:
- release
- oxcert

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true

jobs:
lint:
runs-on: ubuntu-latest
Expand All @@ -25,15 +29,17 @@ jobs:
with:
python-version: '3.9'
- name: Lint Code Base
uses: github/super-linter@v5
uses: github/super-linter@v6
env:
DEFAULT_BRANCH: develop
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SUPPRESS_POSSUM: true
LINTER_RULES_PATH: /
VALIDATE_ALL_CODEBASE: false
VALIDATE_CHECKOV: false
VALIDATE_DOCKERFILE: false
VALIDATE_GITLEAKS: false
VALIDATE_JSCPD: false
FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*)
EDITORCONFIG_FILE_NAME: .ecrc
DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml
Expand All @@ -53,6 +59,8 @@ jobs:
platform:
- linux/amd64
- linux/arm64
os:
- ubuntu-latest
fail-fast: false
env:
GH_ACTION: enable
Expand All @@ -70,11 +78,15 @@ jobs:
- id: buildx-setup
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- id: arm-buildx-platform
name: Set BUILDX_PLATFORM to ARM64
if: matrix.platform == 'linux/arm64'
run: |
echo "BUILDX_PLATFORM=linux/arm64" >>"${GITHUB_ENV}"
- id: docker-build
name: Build the image for '${{ matrix.platform }}' with '${{ matrix.build_cmd }}'
run: ${{ matrix.build_cmd }}
env:
BUILDX_PLATFORM: ${{ matrix.platform }}
BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }}
- id: arm-time-limit
name: Set Netbox container start_period higher on ARM64
Expand Down
10 changes: 4 additions & 6 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,12 @@ RUN export DEBIAN_FRONTEND=noninteractive \
ARG NETBOX_PATH
COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt requirements-plugins.txt /
RUN \
# We compile 'psycopg' in the build process
sed -i -e '/psycopg/d' /requirements.txt && \
# Gunicorn is not needed because we use Nginx Unit
sed -i -e '/gunicorn/d' /requirements.txt && \
# We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt
# we have potential version conflicts and the build will fail.
# That's why we just replace it in the original requirements.txt.
sed -i -e 's/social-auth-core\[openidconnect\]/social-auth-core\[all\]/g' /requirements.txt && \
sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \
/opt/netbox/venv/bin/pip install \
-r /requirements.txt \
-r /requirements-container.txt \
Expand Down Expand Up @@ -70,13 +68,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \
tini \
&& curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \
https://unit.nginx.org/keys/nginx-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ lunar unit" \
&& echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \
> /etc/apt/sources.list.d/unit.list \
&& apt-get update -qq \
&& apt-get install \
--yes -qq --no-install-recommends \
unit=1.31.1-1~lunar \
unit-python3.11=1.31.1-1~lunar \
unit=1.32.0-1~mantic \
unit-python3.11=1.32.0-1~mantic \
&& rm -rf /var/lib/apt/lists/*

COPY --from=builder /opt/netbox/venv /opt/netbox/venv
Expand Down
5 changes: 2 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,15 +11,15 @@ the oxcert branch, from where we build our netbox containers, etc. When there ar
[![GitHub release (latest by date)](https://img.shields.io/github/v/release/netbox-community/netbox-docker)][github-release]
[![GitHub stars](https://img.shields.io/github/stars/netbox-community/netbox-docker)][github-stargazers]
![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed-raw/netbox-community/netbox-docker)
![Github release workflow](https://img.shields.io/github/actions/workflow/status/netbox-community/netbox-docker/release.yml?branch=release)
![GitHub release workflow](https://img.shields.io/github/actions/workflow/status/netbox-community/netbox-docker/release.yml?branch=release)
![Docker Pulls](https://img.shields.io/docker/pulls/netboxcommunity/netbox)
[![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license]

[The GitHub repository][netbox-docker-github] houses the components needed to build NetBox as a container.
Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr].

Do you have any questions?
Before opening an issue on Github,
Before opening an issue on GitHub,
please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel.

[github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers
Expand All @@ -42,7 +42,6 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star
git clone -b release https://github.com/netbox-community/netbox-docker.git
cd netbox-docker
tee docker-compose.override.yml <<EOF
version: '3.4'
services:
netbox:
ports:
Expand Down
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.2.2
1.2.3
4 changes: 2 additions & 2 deletions build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use.
${_GREEN}Default:${_CLEAR} Dockerfile

DOCKER_FROM The base image to use.
${_GREEN}Default:${_CLEAR} 'ubuntu:23.04'
${_GREEN}Default:${_CLEAR} 'ubuntu:23.10'

BUILDX_PLATFORMS
Specifies the platform(s) to build the image for.
Expand Down Expand Up @@ -219,7 +219,7 @@ fi
# Determining the value for DOCKER_FROM
###
if [ -z "$DOCKER_FROM" ]; then
DOCKER_FROM="docker.io/ubuntu:23.04"
DOCKER_FROM="docker.io/ubuntu:23.10"
fi

###
Expand Down
37 changes: 29 additions & 8 deletions configuration/configuration.py
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn:
'tasks': {
'HOST': environ.get('REDIS_HOST', 'localhost'),
'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT),
'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_SENTINELS', '', _AS_LIST) if uri != ''],
'SENTINEL_SERVICE': environ.get('REDIS_SENTINEL_SERVICE', 'default'),
'SENTINEL_TIMEOUT': _environ_get_and_map('REDIS_SENTINEL_TIMEOUT', 10, _AS_INT),
'USERNAME': environ.get('REDIS_USERNAME', ''),
'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')),
'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT),
Expand All @@ -95,6 +98,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn:
'caching': {
'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')),
'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT),
'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_CACHE_SENTINELS', '', _AS_LIST) if uri != ''],
'SENTINEL_SERVICE': environ.get('REDIS_CACHE_SENTINEL_SERVICE', environ.get('REDIS_SENTINEL_SERVICE', 'default')),
'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', '')),
'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))),
'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT),
Expand Down Expand Up @@ -183,6 +188,13 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn:
if 'ENFORCE_GLOBAL_UNIQUE' in environ:
ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _AS_BOOL)

# By default, netbox sends census reporting data using a single HTTP request each time a worker starts.
# This data enables the project maintainers to estimate how many NetBox deployments exist and track the adoption of new versions over time.
# The only data reported by this function are the NetBox version, Python version, and a pseudorandom unique identifier.
# To opt out of census reporting, set CENSUS_REPORTING_ENABLED to False.
if 'CENSUS_REPORTING_ENABLED' in environ:
CENSUS_REPORTING_ENABLED = _environ_get_and_map('CENSUS_REPORTING_ENABLED', None, _AS_BOOL)

# Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and
# by anonymous users. List models in the form `<app>.<model>`. Add '*' to this list to exempt all models.
EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST)
Expand Down Expand Up @@ -300,6 +312,23 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn:
# The name to use for the session cookie.
SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid')

# If true, the `includeSubDomains` directive will be included in the HTTP Strict Transport Security (HSTS) header.
# This directive instructs the browser to apply the HSTS policy to all subdomains of the current domain.
SECURE_HSTS_INCLUDE_SUBDOMAINS = _environ_get_and_map('SECURE_HSTS_INCLUDE_SUBDOMAINS', 'False', _AS_BOOL)

# If true, the `preload` directive will be included in the HTTP Strict Transport Security (HSTS) header.
# This directive instructs the browser to preload the site in HTTPS. Browsers that use the HSTS preload list will force the
# site to be accessed via HTTPS even if the user types HTTP in the address bar.
SECURE_HSTS_PRELOAD = _environ_get_and_map('SECURE_HSTS_PRELOAD', 'False', _AS_BOOL)

# If set to a non-zero integer value, the SecurityMiddleware sets the HTTP Strict Transport Security (HSTS) header on all
# responses that do not already have it. This will instruct the browser that the website must be accessed via HTTPS,
# blocking any HTTP request.
SECURE_HSTS_SECONDS = _environ_get_and_map('SECURE_HSTS_SECONDS', 0, _AS_INT)

# If true, all non-HTTPS requests will be automatically redirected to use HTTPS.
SECURE_SSL_REDIRECT = _environ_get_and_map('SECURE_SSL_REDIRECT', 'False', _AS_BOOL)

# By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use
# local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only
# database access.) Note that the user as which NetBox runs must have read and write permissions to this path.
Expand All @@ -308,11 +337,3 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn:
# Time zone (default: UTC)
TIME_ZONE = environ.get('TIME_ZONE', 'UTC')

# Date/time formatting. See the following link for supported formats:
# https://docs.djangoproject.com/en/stable/ref/templates/builtins/#date
DATE_FORMAT = environ.get('DATE_FORMAT', 'N j, Y')
SHORT_DATE_FORMAT = environ.get('SHORT_DATE_FORMAT', 'Y-m-d')
TIME_FORMAT = environ.get('TIME_FORMAT', 'g:i a')
SHORT_TIME_FORMAT = environ.get('SHORT_TIME_FORMAT', 'H:i:s')
DATETIME_FORMAT = environ.get('DATETIME_FORMAT', 'N j, Y g:i a')
SHORT_DATETIME_FORMAT = environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i')
2 changes: 1 addition & 1 deletion configuration/plugins.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
# To learn how to build images with your required plugins
# See https://github.com/netbox-community/netbox-docker/wiki/Using-Netbox-Plugins

PLUGINS = ["netbox_dns"]
#PLUGINS = ["netbox_dns"]

# PLUGINS_CONFIG = {
# "netbox_bgp": {
Expand Down
1 change: 0 additions & 1 deletion docker-compose.override.yml.example
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
version: '3.4'
services:
netbox:
ports:
Expand Down
1 change: 0 additions & 1 deletion docker-compose.test.override.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
version: '3.4'
services:
netbox:
ports:
Expand Down
1 change: 0 additions & 1 deletion docker-compose.test.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
version: '3.4'
services:
netbox: &netbox
image: ${IMAGE-netboxcommunity/netbox:latest}
Expand Down
3 changes: 1 addition & 2 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
version: '3.4'
services:
netbox: &netbox
image: ghcr.io/oxcert/netbox:${VERSION-latest}
Expand All @@ -12,7 +11,7 @@ services:
start_period: 60s
timeout: 3s
interval: 15s
test: "curl -f http://localhost:8080/api/ || exit 1"
test: "curl -f http://localhost:8080/login/ || exit 1"
volumes:
- ./configuration:/etc/netbox/config:z,ro
- netbox-media-files:/opt/netbox/netbox/media:rw
Expand Down
7 changes: 3 additions & 4 deletions docker/docker-entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -72,10 +72,9 @@ else
fi

./manage.py shell --interface python <<END
from django.contrib.auth.models import User
from users.models import Token
from users.models import Token, User
if not User.objects.filter(username='${SUPERUSER_NAME}'):
u=User.objects.create_superuser('${SUPERUSER_NAME}', '${SUPERUSER_EMAIL}', '${SUPERUSER_PASSWORD}')
u = User.objects.create_superuser('${SUPERUSER_NAME}', '${SUPERUSER_EMAIL}', '${SUPERUSER_PASSWORD}')
Token.objects.create(user=u, key='${SUPERUSER_API_TOKEN}')
END

Expand All @@ -87,7 +86,7 @@ from users.models import Token
try:
old_default_token = Token.objects.get(key="0123456789abcdef0123456789abcdef01234567")
if old_default_token:
print("⚠️ Warning: You have the old default admin token in your database. This token is widely known; please remove it.")
print("⚠️ Warning: You have the old default admin API token in your database. This token is widely known; please remove it. Log in as your superuser and check API Tokens in your user menu.")
except Token.DoesNotExist:
pass
END
Expand Down
10 changes: 5 additions & 5 deletions requirements-container.txt
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
django-auth-ldap==4.6.0
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2
dulwich==0.21.7
psycopg[c,pool]==3.1.16
python3-saml==1.16.0
django-auth-ldap==4.8.0
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3
dulwich==0.22.1
python3-saml==1.16.0 --no-binary lxml
sentry-sdk[django]==2.1.1
2 changes: 1 addition & 1 deletion requirements-plugins.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
netbox-plugin-dns
#netbox-plugin-dns
Loading