From 249e5890965f164fc0cad6e6876c5328b9095e0a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 7 Jan 2024 16:16:19 +0000 Subject: [PATCH 01/78] Update dependency psycopg to v3.1.17 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 870eee9..2085b03 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 -psycopg[c,pool]==3.1.16 +psycopg[c,pool]==3.1.17 python3-saml==1.16.0 From 2fbb5dd0b00abf95d46d98011e44a36b35cb5c33 Mon Sep 17 00:00:00 2001 From: kindlich Date: Tue, 16 Jan 2024 10:13:57 +0100 Subject: [PATCH 02/78] Add env var for CENSUS_REPORTING_ENABLED See #999 --- configuration/configuration.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4..ed2baf2 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -183,6 +183,13 @@ EMAIL = { if 'ENFORCE_GLOBAL_UNIQUE' in environ: ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _AS_BOOL) +# By default, netbox sends census reporting data using a single HTTP request each time a worker starts. +# This data enables the project maintainers to estimate how many NetBox deployments exist and track the adoption of new versions over time. +# The only data reported by this function are the NetBox version, Python version, and a pseudorandom unique identifier. +# To opt out of census reporting, set CENSUS_REPORTING_ENABLED to False. +if 'CENSUS_REPORTING_ENABLED' in environ: + CENSUS_REPORTING_ENABLED = _environ_get_and_map('CENSUS_REPORTING_ENABLED', None, _AS_BOOL) + # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST) From 291ba760f11d184f23d35c862ed9dcfde6058b85 Mon Sep 17 00:00:00 2001 From: NdFeB <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:28:59 +0100 Subject: [PATCH 03/78] Add Redis Sentinel config as environment vars --- configuration/configuration.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4..4adc3da 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -86,6 +86,9 @@ REDIS = { 'tasks': { 'HOST': environ.get('REDIS_HOST', 'localhost'), 'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT), + 'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_SENTINELS', '', _AS_LIST) if uri != ''], + 'SENTINEL_SERVICE': environ.get('REDIS_SENTINEL_SERVICE', 'default'), + 'SENTINEL_TIMEOUT': _environ_get_and_map('REDIS_SENTINEL_TIMEOUT', 10, _AS_INT), 'USERNAME': environ.get('REDIS_USERNAME', ''), 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), 'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT), @@ -95,6 +98,8 @@ REDIS = { 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), + 'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_CACHE_SENTINELS', '', _AS_LIST) if uri != ''], + 'SENTINEL_SERVICE': environ.get('REDIS_CACHE_SENTINEL_SERVICE', environ.get('REDIS_SENTINEL_SERVICE', 'default')), 'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', '')), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), From 9169fc768435502aebc4bb4d3380d5337b26fb2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hendrik=20Bl=C3=B6=C3=9F?= Date: Tue, 30 Jan 2024 12:14:16 +0100 Subject: [PATCH 04/78] added missing REMOTE_AUTH config options --- configuration/configuration.py | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4..470f271 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -274,12 +274,23 @@ if 'RACK_ELEVATION_DEFAULT_UNIT_WIDTH' in environ: RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) # Remote authentication support -REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) -REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST) -REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') +REMOTE_AUTH_AUTO_CREATE_GROUPS = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_GROUPS', 'False', _AS_BOOL) REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL) +REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST) REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST) -# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} +# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # dicts can't be configured via environment variables. See extra.py instead. +REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) +REMOTE_AUTH_GROUP_HEADER = _environ_get_and_map('REMOTE_AUTH_GROUP_HEADER', 'HTTP_REMOTE_USER_GROUP') +REMOTE_AUTH_GROUP_SEPARATOR = _environ_get_and_map('REMOTE_AUTH_GROUP_SEPARATOR', '|') +REMOTE_AUTH_GROUP_SYNC_ENABLED = _environ_get_and_map('REMOTE_AUTH_GROUP_SYNC_ENABLED', 'False', _AS_BOOL) +REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') +REMOTE_AUTH_USER_EMAIL = environ.get('REMOTE_AUTH_USER_EMAIL', 'HTTP_REMOTE_USER_EMAIL') +REMOTE_AUTH_USER_FIRST_NAME = environ.get('REMOTE_AUTH_USER_FIRST_NAME', 'HTTP_REMOTE_USER_FIRST_NAME') +REMOTE_AUTH_USER_LAST_NAME = environ.get('REMOTE_AUTH_USER_LAST_NAME', 'HTTP_REMOTE_USER_LAST_NAME') +REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUPS', '', _AS_LIST) +REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST) +REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST) +REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST) # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the # version check or use the URL below to check for release in the official NetBox repository. From 064b71348972bbd25697a66f60bbc278b9ae9617 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 4 Feb 2024 21:43:13 +0000 Subject: [PATCH 05/78] Update dependency psycopg to v3.1.18 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2085b03..97dbd7b 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 -psycopg[c,pool]==3.1.17 +psycopg[c,pool]==3.1.18 python3-saml==1.16.0 From f27148634a230ecd5f781e79d9a2bfa44de38460 Mon Sep 17 00:00:00 2001 From: tbotnz Date: Wed, 17 Jan 2024 08:23:34 +1300 Subject: [PATCH 06/78] fix segfault --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 97dbd7b..4013e73 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 -python3-saml==1.16.0 +python3-saml==1.16.0 --no-binary lxml From 607ccd10bfe91bf42e7152e56249fc06e20cef4e Mon Sep 17 00:00:00 2001 From: Florian Knodt Date: Fri, 19 Jan 2024 09:12:56 +0100 Subject: [PATCH 07/78] docker-entrypoint.sh: clarify default token message When a default admin API token is found, a warning is displayed. As it is only called "token", some users might not know what token is referred to. Also the message should give a hint or link to a documentation on how to remove it. --- docker/docker-entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 9b39689..14406d3 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -87,7 +87,7 @@ from users.models import Token try: old_default_token = Token.objects.get(key="0123456789abcdef0123456789abcdef01234567") if old_default_token: - print("⚠️ Warning: You have the old default admin token in your database. This token is widely known; please remove it.") + print("⚠️ Warning: You have the old default admin API token in your database. This token is widely known; please remove it. Log in as your superuser and check API Tokens in your user menu.") except Token.DoesNotExist: pass END From 99b906c4f1bc39b805064db3940462ad55a31065 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 28 Feb 2024 08:05:22 +0100 Subject: [PATCH 08/78] Update Ubuntu and Nginx Unit --- Dockerfile | 6 +++--- build.sh | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index c55c4c9..0c694a7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -69,13 +69,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \ tini \ && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ lunar unit" \ + && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.31.1-1~lunar \ - unit-python3.11=1.31.1-1~lunar \ + unit=1.32.0-1~mantic \ + unit-python3.11=1.32.0-1~mantic \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/build.sh b/build.sh index fd34029..352c1ce 100755 --- a/build.sh +++ b/build.sh @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use. ${_GREEN}Default:${_CLEAR} Dockerfile DOCKER_FROM The base image to use. - ${_GREEN}Default:${_CLEAR} 'ubuntu:23.04' + ${_GREEN}Default:${_CLEAR} 'ubuntu:23.10' BUILDX_PLATFORMS Specifies the platform(s) to build the image for. @@ -219,7 +219,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="docker.io/ubuntu:23.04" + DOCKER_FROM="docker.io/ubuntu:23.10" fi ### From 24eaba7f9bb675f268179d1fafc492a4e2a63b7f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 2 Mar 2024 11:12:23 +0100 Subject: [PATCH 09/78] Use ARM64 self-hosted runner --- .github/workflows/push.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 5a9528a..3ce7018 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -49,35 +49,36 @@ jobs: - PRERELEASE=true ./build-latest.sh - ./build.sh feature - ./build.sh develop - platform: - - linux/amd64 - - linux/arm64 + os: + - ubuntu-latest + - self-hosted fail-fast: false env: GH_ACTION: enable GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAMES: docker.io/netboxcommunity/netbox - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} name: Builds new NetBox Docker Images steps: - id: git-checkout name: Checkout uses: actions/checkout@v4 - - id: qemu-setup - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - id: arm-buildx-platform + name: Set BUILDX_PLATFORM to ARM64 + if: matrix.os == 'self-hosted' + run: | + echo "BUILDX_PLATFORM=linux/arm64" >>"${GITHUB_ENV}" - id: docker-build - name: Build the image for '${{ matrix.platform }}' with '${{ matrix.build_cmd }}' + name: Build the image for '${{ matrix.os }}' with '${{ matrix.build_cmd }}' run: ${{ matrix.build_cmd }} env: - BUILDX_PLATFORM: ${{ matrix.platform }} BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} - id: arm-time-limit name: Set Netbox container start_period higher on ARM64 - if: matrix.platform == 'linux/arm64' + if: matrix.os == 'self-hosted' run: | echo "NETBOX_START_PERIOD=240s" >>"${GITHUB_ENV}" - id: docker-test From 31a4da297ac0c32aacadc745aca28f43a9a62d14 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 16:12:04 +0000 Subject: [PATCH 10/78] Update dependency django-auth-ldap to v4.7.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4013e73..0afc316 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.6.0 +django-auth-ldap==4.7.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 From d2d79480210fe8144ac3a31073efc814ff998956 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 26 Mar 2024 17:32:05 +0100 Subject: [PATCH 11/78] Avoid duplicate checks for Renovate PRs --- .github/workflows/push.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3ce7018..713eb70 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -5,6 +5,7 @@ on: push: branches-ignore: - release + - renovate/** pull_request: branches-ignore: - release From 73ce1f9b7a1ccdd5cb8541b40bb1fdf07215a268 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 23 Feb 2024 08:10:21 +0100 Subject: [PATCH 12/78] Fix #1127: Added sentry-sdk to requirements --- requirements-container.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements-container.txt b/requirements-container.txt index 0afc316..d7a4a59 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,3 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml +sentry-sdk==1.43.0 From 46f628e91b543bfa958adc1b073f04e58b5a68fa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 17:06:50 +0000 Subject: [PATCH 13/78] Update dependency sentry-sdk to v1.44.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d7a4a59..1b78d9e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.43.0 +sentry-sdk==1.44.0 From 6c01ada88251ed370521e81890da678b35259837 Mon Sep 17 00:00:00 2001 From: Chandan Kumar Date: Mon, 1 Apr 2024 16:57:53 -0400 Subject: [PATCH 14/78] Removed version line from the yaml file as it is obsolete --- README.md | 1 - docker-compose.override.yml.example | 1 - docker-compose.test.override.yml | 1 - docker-compose.test.yml | 1 - docker-compose.yml | 1 - 5 files changed, 5 deletions(-) diff --git a/README.md b/README.md index e472945..7b70f81 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,6 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star git clone -b release https://github.com/netbox-community/netbox-docker.git cd netbox-docker tee docker-compose.override.yml < Date: Wed, 3 Apr 2024 10:47:45 +0000 Subject: [PATCH 15/78] Update dependency sentry-sdk to v1.44.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1b78d9e..036d9c8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.44.0 +sentry-sdk==1.44.1 From 3df807faa019ff323ea461900eae95e94cec73f2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 4 Apr 2024 13:21:43 +0000 Subject: [PATCH 16/78] Update dependency django-auth-ldap to v4.8.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1b78d9e..8c4b86f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.7.0 +django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 From 2ee4acba21f633318cb6fe474a557218b66f7ac2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 14:59:14 +0000 Subject: [PATCH 17/78] Update dependency sentry-sdk to v1.45.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 27671bf..3932065 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.44.1 +sentry-sdk==1.45.0 From e141d9f16de99f2771c360fbb1bb80bbaf13fae4 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 28 Mar 2024 10:39:51 +0100 Subject: [PATCH 18/78] Prepare for Netbox 4.0 --- Dockerfile | 2 -- configuration/configuration.py | 8 -------- docker/docker-entrypoint.sh | 5 ++--- requirements-container.txt | 1 - 4 files changed, 2 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0c694a7..a2ceb95 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,8 +31,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / RUN \ - # We compile 'psycopg' in the build process - sed -i -e '/psycopg/d' /requirements.txt && \ # Gunicorn is not needed because we use Nginx Unit sed -i -e '/gunicorn/d' /requirements.txt && \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt diff --git a/configuration/configuration.py b/configuration/configuration.py index 8568071..d74a7a9 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -320,11 +320,3 @@ SESSION_FILE_PATH = environ.get('SESSION_FILE_PATH', environ.get('SESSIONS_ROOT' # Time zone (default: UTC) TIME_ZONE = environ.get('TIME_ZONE', 'UTC') -# Date/time formatting. See the following link for supported formats: -# https://docs.djangoproject.com/en/stable/ref/templates/builtins/#date -DATE_FORMAT = environ.get('DATE_FORMAT', 'N j, Y') -SHORT_DATE_FORMAT = environ.get('SHORT_DATE_FORMAT', 'Y-m-d') -TIME_FORMAT = environ.get('TIME_FORMAT', 'g:i a') -SHORT_TIME_FORMAT = environ.get('SHORT_TIME_FORMAT', 'H:i:s') -DATETIME_FORMAT = environ.get('DATETIME_FORMAT', 'N j, Y g:i a') -SHORT_DATETIME_FORMAT = environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i') diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 14406d3..fa5930d 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -72,10 +72,9 @@ else fi ./manage.py shell --interface python < Date: Fri, 19 Apr 2024 21:53:06 +0200 Subject: [PATCH 19/78] Cancel workflow runs for in progress PRs --- .github/workflows/push.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 713eb70..26828fa 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -10,6 +10,10 @@ on: branches-ignore: - release +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + jobs: lint: runs-on: ubuntu-latest From e024427428be7c128085ba34f05bcc11ffa1116f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 19:13:28 +0000 Subject: [PATCH 20/78] Update dependency dulwich to v0.22.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3932065..b8c940f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 -dulwich==0.21.7 +dulwich==0.22.0 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml sentry-sdk==1.45.0 From 347b943b759982834b4fa331f95b12e4419613f0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 13:58:41 +0000 Subject: [PATCH 21/78] Update dependency dulwich to v0.22.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index b8c940f..7e623ce 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 -dulwich==0.22.0 +dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml sentry-sdk==1.45.0 From e1335a1194ff92ce9e628c2e8a35852739d59df3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Tue, 23 Apr 2024 16:40:40 +0200 Subject: [PATCH 22/78] Adds SECURE_* parameters introduced in 3.7.6 See https://github.com/netbox-community/netbox/issues/15644 --- configuration/configuration.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 8568071..5efbdc0 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -312,6 +312,23 @@ CSRF_TRUSTED_ORIGINS = _environ_get_and_map('CSRF_TRUSTED_ORIGINS', '', _AS_LIST # The name to use for the session cookie. SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid') +# If true, the `includeSubDomains` directive will be included in the HTTP Strict Transport Security (HSTS) header. +# This directive instructs the browser to apply the HSTS policy to all subdomains of the current domain. +SECURE_HSTS_INCLUDE_SUBDOMAINS = _environ_get_and_map('SECURE_HSTS_INCLUDE_SUBDOMAINS', 'False', _AS_BOOL) + +# If true, the `preload` directive will be included in the HTTP Strict Transport Security (HSTS) header. +# This directive instructs the browser to preload the site in HTTPS. Browsers that use the HSTS preload list will force the +# site to be accessed via HTTPS even if the user types HTTP in the address bar. +SECURE_HSTS_PRELOAD = _environ_get_and_map('SECURE_HSTS_PRELOAD', 'False', _AS_BOOL) + +# If set to a non-zero integer value, the SecurityMiddleware sets the HTTP Strict Transport Security (HSTS) header on all +# responses that do not already have it. This will instruct the browser that the website must be accessed via HTTPS, +# blocking any HTTP request. +SECURE_HSTS_SECONDS = _environ_get_and_map('SECURE_HSTS_SECONDS', 0, _AS_INT) + +# If true, all non-HTTPS requests will be automatically redirected to use HTTPS. +SECURE_SSL_REDIRECT = _environ_get_and_map('SECURE_SSL_REDIRECT', 'False', _AS_BOOL) + # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only # database access.) Note that the user as which NetBox runs must have read and write permissions to this path. From b7d99c9c69a90aa595c885b846c566fd1780e9d5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 19:44:05 +0000 Subject: [PATCH 23/78] Update github/super-linter action to v6 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 26828fa..893a650 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -28,7 +28,7 @@ jobs: with: python-version: '3.9' - name: Lint Code Base - uses: github/super-linter@v5 + uses: github/super-linter@v6 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 8fb42b321324a5e379bff6ebdfb2caff58fbf149 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Apr 2024 10:16:25 +0000 Subject: [PATCH 24/78] Update dependency sentry-sdk to v2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 7e623ce..1029f51 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.45.0 +sentry-sdk==2.0.1 From f1787b47753d7d4f5d083dd0f1a26c310d62413d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sun, 28 Apr 2024 09:29:43 +0200 Subject: [PATCH 25/78] Disabled new tests --- .github/workflows/push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 893a650..d7bf3b9 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -35,8 +35,10 @@ jobs: SUPPRESS_POSSUM: true LINTER_RULES_PATH: / VALIDATE_ALL_CODEBASE: false + VALIDATE_CHECKOV: false VALIDATE_DOCKERFILE: false VALIDATE_GITLEAKS: false + VALIDATE_JSCPD: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .ecrc DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml From 40f24105e61eb2b02942613dac49c1d5805f610d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 4 May 2024 23:02:30 +0000 Subject: [PATCH 26/78] Update dependency django-storages to v1.14.3 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1029f51..595be87 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml From 1e78c386a5a3259173aa90b5243a9d5150d4e682 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 6 May 2024 09:56:49 +0200 Subject: [PATCH 27/78] Fixed regex for social-auth-core replacement --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a2ceb95..2a6de8c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ RUN \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. - sed -i -e 's/social-auth-core\[openidconnect\]/social-auth-core\[all\]/g' /requirements.txt && \ + sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \ /opt/netbox/venv/bin/pip install \ -r /requirements.txt \ -r /requirements-container.txt From 6307a58c4ac5db22cbd9360f562082010faa5e8b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 12:35:54 +0000 Subject: [PATCH 28/78] Update dependency sentry-sdk to v2.1.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1029f51..7c1c229 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==2.0.1 +sentry-sdk==2.1.1 From 36f409a16b6a10a862d6219c7a136c07174a2114 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 6 May 2024 19:04:09 +0200 Subject: [PATCH 29/78] Preparation for 2.9.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 834f262..c8e38b6 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.8.0 +2.9.0 diff --git a/docker-compose.yml b/docker-compose.yml index 105b9a1..9af4480 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.7-2.8.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.0} depends_on: - postgres - redis From b6492b2e6b036cdc05e968d4ca671b5ba5a32808 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 07:15:37 +0200 Subject: [PATCH 30/78] Fix #1222: Use /login/ as health check URL --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9af4480..fd1474d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,7 +11,7 @@ services: start_period: 60s timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/api/ || exit 1" + test: "curl -f http://localhost:8080/login/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - netbox-media-files:/opt/netbox/netbox/media:rw From 25610552659d1f8508ab86a31d6781a9b250cfe4 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 09:57:59 +0200 Subject: [PATCH 31/78] Install Sentry Django integration correctly --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3699222..f65442d 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==2.1.1 +sentry-sdk[django]==2.1.1 From 1265d2277a760823e3c82a2c4618eeb051bc8f62 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 13:45:53 +0200 Subject: [PATCH 32/78] Preparation for 2.9.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index c8e38b6..dedcc7d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.9.0 +2.9.1 diff --git a/docker-compose.yml b/docker-compose.yml index fd1474d..958561f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.1} depends_on: - postgres - redis From c22996d7d72dc78356d536c1f62ea1fe8773e45e Mon Sep 17 00:00:00 2001 From: Laurent <44160341+lchastel@users.noreply.github.com> Date: Thu, 9 May 2024 19:38:49 +0200 Subject: [PATCH 33/78] Add xmlsec with no-binary option SAML backend is still not working. I have the issue "lxml & xmlsec libxml2 library version mismatch". --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f65442d..df95b38 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 -python3-saml==1.16.0 --no-binary lxml +python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.1.1 From 918952a2a50373b4718ea831bd93a35da123e038 Mon Sep 17 00:00:00 2001 From: Niklas Date: Fri, 10 May 2024 10:19:55 +0200 Subject: [PATCH 34/78] Update docker-compose.yml --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 958561f..0dcb7c4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: - start_period: 60s + start_period: 90s timeout: 3s interval: 15s test: "curl -f http://localhost:8080/login/ || exit 1" From 60e9cfd45880648ee0ec9a6e9ea01b46100216d5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 May 2024 19:29:50 +0000 Subject: [PATCH 35/78] Update dependency sentry-sdk to v2.2.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f65442d..c006b93 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.1.1 +sentry-sdk[django]==2.2.0 From 8c691f13089aef8da74a8e6fbfe4c49c247f7942 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 21 May 2024 13:04:35 +0200 Subject: [PATCH 36/78] Change LOGIN_REQUIRED default to 'True' --- configuration/configuration.py | 6 +++--- test-configuration/test_config.py | 1 + test.sh | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 2145a25..78fe58e 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -221,9 +221,9 @@ if 'GRAPHQL_ENABLED' in environ: # authenticated to NetBox indefinitely. LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL) -# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users -# are permitted to access most data in NetBox (excluding secrets) but not make any changes. -LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL) +# When enabled, only authenticated users are permitted to access any part of NetBox. +# Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes). +LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'True', _AS_BOOL) # The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to # re-authenticate. (Default: 1209600 [14 days]) diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 884defd..09bd5dc 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -4,3 +4,4 @@ LOGGING = { } DEFAULT_PERMISSIONS = {} +LOGIN_REQUIRED = False diff --git a/test.sh b/test.sh index 62ed3cb..f415cd7 100755 --- a/test.sh +++ b/test.sh @@ -84,7 +84,7 @@ test_netbox_web() { --retry 5 \ --retry-delay 0 \ --retry-max-time 40 \ - http://127.0.0.1:8000/ + http://127.0.0.1:8000/login/ ) if [ "$RESP_CODE" == "200" ]; then echo "Webservice running" From 730743139ecb71d94fe7f528e4a4bf9dd7c2a220 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 21 May 2024 12:56:09 +0000 Subject: [PATCH 37/78] Update dependency sentry-sdk to v2.2.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c006b93..bd1f9b9 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.2.0 +sentry-sdk[django]==2.2.1 From daa8b40c3490beb9f3a056a619678b17410fbb43 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 May 2024 11:23:15 +0000 Subject: [PATCH 38/78] Update dependency sentry-sdk to v2.3.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index bd1f9b9..26412a0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.2.1 +sentry-sdk[django]==2.3.0 From 75fa7e7e99be13a9fed6592786fd4ac83dee6ff2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 May 2024 14:08:00 +0000 Subject: [PATCH 39/78] Update dependency sentry-sdk to v2.3.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 26412a0..36904fc 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.3.0 +sentry-sdk[django]==2.3.1 From 3c8449fbecd7685aa7d91477fb680a2daf420307 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:11:06 +0200 Subject: [PATCH 40/78] Switch to valkey and add healthcheck --- docker-compose.yml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 0dcb7c4..4986fc0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -53,20 +53,30 @@ services: # redis redis: - image: docker.io/redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + healthcheck: + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + interval: 1s + timeout: 3s + retries: 5 env_file: env/redis.env volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + healthcheck: + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + interval: 1s + timeout: 3s + retries: 5 env_file: env/redis-cache.env volumes: - netbox-redis-cache-data:/data From 26b15f9ff115566a967ccd65e7a97ec43a40f91f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:11:14 +0200 Subject: [PATCH 41/78] Add healthcheck to postgres too --- docker-compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 4986fc0..67d72af 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -47,6 +47,12 @@ services: # postgres postgres: image: docker.io/postgres:16-alpine + healthcheck: + test: pg_isready -d db_prod + interval: 10s + timeout: 30s + retries: 5 + start_period: 20s env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data From 5e492c63c6fc8a4ea616be7a3e5cacddf87e265d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:40:06 +0200 Subject: [PATCH 42/78] Suggestion from Tobias --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 67d72af..0ba1ba5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -48,7 +48,7 @@ services: postgres: image: docker.io/postgres:16-alpine healthcheck: - test: pg_isready -d db_prod + test: pg_isready -q -U netbox -d netbox interval: 10s timeout: 30s retries: 5 From 6a3ba4409e4aee413cfbbeb1c2bab13478ef71f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 21:14:21 +0200 Subject: [PATCH 43/78] Update test to valkey as well --- docker-compose.test.yml | 29 +++++++++++++++++------------ docker-compose.yml | 25 +++++++++++-------------- 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index f7a3cf1..9d916e2 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: ${IMAGE-netboxcommunity/netbox:latest} + image: ${IMAGE-docker.io/netboxcommunity/netbox:latest} depends_on: postgres: condition: service_healthy @@ -13,10 +13,10 @@ services: volumes: - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: + test: curl -f http://localhost:8080/api/ || exit 1 start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/api/ || exit 1" netbox-worker: <<: *netbox command: @@ -24,42 +24,47 @@ services: - /opt/netbox/netbox/manage.py - rqworker healthcheck: + test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 40s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" netbox-housekeeping: <<: *netbox command: - /opt/netbox/housekeeping.sh healthcheck: + test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 40s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" + postgres: - image: postgres:16-alpine + image: docker.io/postgres:16-alpine env_file: env/postgres.env healthcheck: - test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose - interval: 10s + test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose + start_period: 20s + interval: 1s timeout: 5s retries: 5 + redis: &redis - image: redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env healthcheck: - start_period: 20s + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + start_period: 5s timeout: 3s - interval: 15s - test: "timeout 2 redis-cli ping" + interval: 1s + retries: 5 redis-cache: <<: *redis env_file: env/redis-cache.env + volumes: netbox-media-files: driver: local diff --git a/docker-compose.yml b/docker-compose.yml index 0ba1ba5..a4678da 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,10 +8,10 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: + test: curl -f http://localhost:8081/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/login/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - netbox-media-files:/opt/netbox/netbox/media:rw @@ -27,10 +27,10 @@ services: - /opt/netbox/netbox/manage.py - rqworker healthcheck: + test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 20s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" netbox-housekeeping: <<: *netbox depends_on: @@ -39,20 +39,20 @@ services: command: - /opt/netbox/housekeeping.sh healthcheck: + test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 20s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" # postgres postgres: image: docker.io/postgres:16-alpine healthcheck: - test: pg_isready -q -U netbox -d netbox - interval: 10s - timeout: 30s - retries: 5 + test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s + timeout: 30s + interval: 10s + retries: 5 env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data @@ -64,10 +64,11 @@ services: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose - healthcheck: + healthcheck: &redis-healthcheck test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" - interval: 1s + start_period: 5s timeout: 3s + interval: 1s retries: 5 env_file: env/redis.env volumes: @@ -78,11 +79,7 @@ services: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose - healthcheck: - test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" - interval: 1s - timeout: 3s - retries: 5 + healthcheck: *redis-healthcheck env_file: env/redis-cache.env volumes: - netbox-redis-cache-data:/data From b29f7fd446719cbd11455d47563c456a410b862b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 21:23:06 +0200 Subject: [PATCH 44/78] Disable valkey persistence in tests --- docker-compose.test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 9d916e2..c209cbc 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -53,7 +53,7 @@ services: command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env healthcheck: test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" From 9d04f2a7a58bbc15bf9ba6c7f599dcc66930c41f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 15:26:07 +0200 Subject: [PATCH 45/78] Fix endpoint --- docker-compose.test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index c209cbc..5011e26 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -13,7 +13,7 @@ services: volumes: - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: - test: curl -f http://localhost:8080/api/ || exit 1 + test: curl -f http://localhost:8080/login/ || exit 1 start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s interval: 15s From 21cf7b498d4546ea13b3114fc3c9667adafc7183 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 15:45:25 +0200 Subject: [PATCH 46/78] Fix port --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index a4678da..adbce78 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: - test: curl -f http://localhost:8081/login/ || exit 1 + test: curl -f http://localhost:8080/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s From ac496a16ee371c51231a438d83df8094cb98fdc2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 4 Jun 2024 11:52:02 +0000 Subject: [PATCH 47/78] Update dependency sentry-sdk to v2.4.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0034890..164344f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.3.1 +sentry-sdk[django]==2.4.0 From f0b3a0701cf78eb2e050f286a24821e960e8c1fd Mon Sep 17 00:00:00 2001 From: threes33 Date: Tue, 4 Jun 2024 12:29:35 -0700 Subject: [PATCH 48/78] Adds HTTP_PROXIES related parameters --- configuration/configuration.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 2145a25..063a9e2 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -200,10 +200,10 @@ if 'CENSUS_REPORTING_ENABLED' in environ: EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST) # HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks). -# HTTP_PROXIES = { -# 'http': 'http://10.10.1.10:3128', -# 'https': 'http://10.10.1.10:1080', -# } +HTTP_PROXIES = { + 'http': environ.get('HTTP_PROXY', None), + 'https': environ.get('HTTPS_PROXY', None), +} # IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing # NetBox from an internal IP. From 33d52308599d6d5ceb4c3efde94b873cea0601c5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 6 Jun 2024 14:13:00 +0000 Subject: [PATCH 49/78] Update dependency sentry-sdk to v2.5.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 164344f..88a4ca7 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.4.0 +sentry-sdk[django]==2.5.0 From ee2d1dea17d586af6eee739c847bf1e09b3e3842 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 7 Jun 2024 21:53:49 +0000 Subject: [PATCH 50/78] Update dependency sentry-sdk to v2.5.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 88a4ca7..35bd909 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.5.0 +sentry-sdk[django]==2.5.1 From bb9a7fe5422d657efc76b3f5ec799a5128f4e257 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 15:05:23 +0000 Subject: [PATCH 51/78] Update dependency sentry-sdk to v2.6.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 35bd909..96388c1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.5.1 +sentry-sdk[django]==2.6.0 From 53418e7d1903cdf90bf9811e5a5eccd8cc409cfc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 14:19:54 +0000 Subject: [PATCH 52/78] Update dependency sentry-sdk to v2.7.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 96388c1..3faeab0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.6.0 +sentry-sdk[django]==2.7.0 From 84132e4b59eec741212b898e545ebdb98c615e1c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Jun 2024 17:02:32 +0000 Subject: [PATCH 53/78] Update dependency sentry-sdk to v2.7.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3faeab0..ba9947e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.7.0 +sentry-sdk[django]==2.7.1 From 29e66a0a0102dd86cee3877e287e1eed65686ca1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 09:58:02 +0000 Subject: [PATCH 54/78] Update dependency sentry-sdk to v2.8.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index ba9947e..dd4f142 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.7.1 +sentry-sdk[django]==2.8.0 From 279873d20e31c1c597c0ddd377646e18dadf2f71 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jul 2024 04:30:55 +0000 Subject: [PATCH 55/78] Update dependency django-storages to v1.14.4 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index dd4f142..0954fb7 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.8.0 From 51372eed3257b74779f2edd9c96ff0cdce971efc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Jul 2024 09:41:27 +0000 Subject: [PATCH 56/78] Update dependency sentry-sdk to v2.9.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0954fb7..0fa9c27 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.8.0 +sentry-sdk[django]==2.9.0 From 3134057f8792f9f47f808d05087b6190391ffd48 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 15 Jul 2024 11:07:41 +0000 Subject: [PATCH 57/78] Update dependency sentry-sdk to v2.10.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0fa9c27..0e12be0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.9.0 +sentry-sdk[django]==2.10.0 From 2a15689e5f2a81925d56e5e0ff2004ca9dd8d170 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Jul 2024 10:38:05 +0000 Subject: [PATCH 58/78] Update dependency sentry-sdk to v2.11.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0e12be0..38a86bf 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.10.0 +sentry-sdk[django]==2.11.0 From 542300056c177fe2e50ad21a4e0829d5af1b6c20 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 31 Jul 2024 10:32:58 +0000 Subject: [PATCH 59/78] Update dependency sentry-sdk to v2.12.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 38a86bf..d233010 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.11.0 +sentry-sdk[django]==2.12.0 From 838a56c96fbe8721a6cbe5af81c56fe8fe161846 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 2 Aug 2024 02:08:50 +0000 Subject: [PATCH 60/78] Update docker.io/valkey/valkey Docker tag to v8 --- docker-compose.test.yml | 2 +- docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 5011e26..98a6c19 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -49,7 +49,7 @@ services: retries: 5 redis: &redis - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env diff --git a/docker-compose.yml b/docker-compose.yml index adbce78..53f2da7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: # redis redis: - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env @@ -74,7 +74,7 @@ services: volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From 59922f34233689090f61345c71d46518b0d7b44c Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 21 Aug 2024 10:38:20 +0200 Subject: [PATCH 61/78] Prepare for Ubuntu 24.04 --- Dockerfile | 9 ++++----- build.sh | 4 ++-- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2a6de8c..743bb4e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -63,17 +63,16 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssh-client \ openssl \ python3 \ - python3-distutils \ tini \ - && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ + && curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ + && echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.32.0-1~mantic \ - unit-python3.11=1.32.0-1~mantic \ + unit=1.32.1-1~mantic \ + unit-python3.12=1.32.1-1~mantic \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/build.sh b/build.sh index 352c1ce..0715969 100755 --- a/build.sh +++ b/build.sh @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use. ${_GREEN}Default:${_CLEAR} Dockerfile DOCKER_FROM The base image to use. - ${_GREEN}Default:${_CLEAR} 'ubuntu:23.10' + ${_GREEN}Default:${_CLEAR} 'ubuntu:24.04' BUILDX_PLATFORMS Specifies the platform(s) to build the image for. @@ -219,7 +219,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="docker.io/ubuntu:23.10" + DOCKER_FROM="docker.io/ubuntu:24.04" fi ### From 279a54bef0375d78547f8e3ad0c9d12ca1a84ebf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Aug 2024 19:48:38 +0000 Subject: [PATCH 62/78] Update github/super-linter action to v7 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index d7bf3b9..b173062 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -28,7 +28,7 @@ jobs: with: python-version: '3.9' - name: Lint Code Base - uses: github/super-linter@v6 + uses: github/super-linter@v7 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From a75db6add94ede9a0ecfc9699b9c14d6f1d1c244 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sun, 1 Sep 2024 13:23:58 +0200 Subject: [PATCH 63/78] Fix linter error --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index b173062..41d4d40 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -26,7 +26,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-python@v5 with: - python-version: '3.9' + python-version: "3.9" - name: Lint Code Base uses: github/super-linter@v7 env: From d9ff19fd30a12245fe595b3c67c0e31583146e17 Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:27:37 +0000 Subject: [PATCH 64/78] Support for multiple AUTH_LDAP_REQUIRE_GROUP from environment variable --- configuration/ldap/ldap_config.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 82fad72..d25b3e8 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -2,7 +2,7 @@ from importlib import import_module from os import environ import ldap -from django_auth_ldap.config import LDAPSearch +from django_auth_ldap.config import LDAPGroupQuery, LDAPSearch # Read secret from file @@ -86,12 +86,22 @@ AUTH_LDAP_GROUP_TYPE = _import_group_type(environ.get('AUTH_LDAP_GROUP_TYPE', 'G # Define a group required to login. AUTH_LDAP_REQUIRE_GROUP = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN') +# If non-empty string, AUTH_LDAP_REQUIRE_GROUP will be treated as a list delimited by this separator +AUTH_LDAP_REQUIRE_GROUP_SEPARATOR = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN_SEPARATOR', '') + # Define special user types using groups. Exercise great caution when assigning superuser status. AUTH_LDAP_USER_FLAGS_BY_GROUP = {} if AUTH_LDAP_REQUIRE_GROUP is not None: + # Build an LDAPGroupQuery when AUTH_LDAP_REQUIRE_GROUP should be treated as a list + if AUTH_LDAP_REQUIRE_GROUP_SEPARATOR: + _groups = list(filter(None, AUTH_LDAP_REQUIRE_GROUP.split(AUTH_LDAP_REQUIRE_GROUP_SEPARATOR))) + AUTH_LDAP_REQUIRE_GROUP = LDAPGroupQuery(_groups[0]) + for i in range(1, len(_groups)): + AUTH_LDAP_REQUIRE_GROUP |= LDAPGroupQuery(_groups[i]) + AUTH_LDAP_USER_FLAGS_BY_GROUP = { - "is_active": environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), + "is_active": AUTH_LDAP_REQUIRE_GROUP, "is_staff": environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), "is_superuser": environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') } From 671f5e94111fc73954d8d8e5f8f0d3a07d16042b Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:29:17 +0000 Subject: [PATCH 65/78] Adapt ldap/extra: LDAPGroupQuery is now imported in ldap_config --- configuration/ldap/extra.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/configuration/ldap/extra.py b/configuration/ldap/extra.py index 4505197..b76047a 100644 --- a/configuration/ldap/extra.py +++ b/configuration/ldap/extra.py @@ -1,11 +1,10 @@ #### ## This file contains extra configuration options that can't be configured ## directly through environment variables. -## All vairables set here overwrite any existing found in ldap_config.py +## All variables set here overwrite any existing found in ldap_config.py #### # # This Python script inherits all the imports from ldap_config.py -# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py # # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin. # AUTH_LDAP_REQUIRE_GROUP = ( From 2c26000304cd07d01648e6378db060a9e02309af Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:08:36 +0200 Subject: [PATCH 66/78] Preparation for 3.0.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index dedcc7d..4a36342 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.9.1 +3.0.0 diff --git a/docker-compose.yml b/docker-compose.yml index 53f2da7..a087c12 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} depends_on: - postgres - redis From b81d4fba647b7e899ec777cebd48092d3a4ceed5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:22:55 +0200 Subject: [PATCH 67/78] Updated YAML formatting to fix linter --- .github/FUNDING.yml | 4 +- .github/ISSUE_TEMPLATE/bug_report.yml | 280 ++++++++++----------- .github/ISSUE_TEMPLATE/config.yml | 2 +- .github/ISSUE_TEMPLATE/feature_request.yml | 120 ++++----- .github/pull_request_template.md | 6 +- .github/workflows/release.yml | 2 +- docker-compose.yml | 44 ++-- 7 files changed, 229 insertions(+), 229 deletions(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index acdb4e0..f76f0f4 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,8 +1,8 @@ # These are supported funding model platforms github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -- cimnine -- tobiasge + - cimnine + - tobiasge patreon: # Replace with a single Patreon username open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index b6f0479..4aa0540 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -1,148 +1,148 @@ name: Bug report description: Create a report about a malfunction of the Docker setup body: -- type: markdown - attributes: - value: | - Please only raise an issue if you're certain that you've found a bug. - Else, see these other means to get help: + - type: markdown + attributes: + value: | + Please only raise an issue if you're certain that you've found a bug. + Else, see these other means to get help: - - See our troubleshooting section: - https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting - - Have a look at the rest of the wiki: - https://github.com/netbox-community/netbox-docker/wiki - - Check the release notes: - https://github.com/netbox-community/netbox-docker/releases - - Look through the issues already resolved: - https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed + - See our troubleshooting section: + https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting + - Have a look at the rest of the wiki: + https://github.com/netbox-community/netbox-docker/wiki + - Check the release notes: + https://github.com/netbox-community/netbox-docker/releases + - Look through the issues already resolved: + https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed - If you did not find what you're looking for, - try the help of our community: + If you did not find what you're looking for, + try the help of our community: - - Post to Github Discussions: - https://github.com/netbox-community/netbox-docker/discussions - - Join the `#netbox-docker` channel on our Slack: - https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - - Ask on the NetBox mailing list: - https://groups.google.com/d/forum/netbox-discuss + - Post to Github Discussions: + https://github.com/netbox-community/netbox-docker/discussions + - Join the `#netbox-docker` channel on our Slack: + https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ + - Ask on the NetBox mailing list: + https://groups.google.com/d/forum/netbox-discuss - Please don't open an issue to open a PR. - Just submit the PR, that's good enough. -- type: textarea - id: current-behavior - attributes: - label: Current Behavior - description: Please describe what you did and how you think it misbehaved - placeholder: I tried to … by doing …, but it … - validations: - required: true -- type: textarea - id: expected-behavior - attributes: - label: Expected Behavior - description: Please describe what you expected instead - placeholder: I expected that … when I do … - validations: - required: true -- type: input - id: docker-compose-version - attributes: - label: Docker Compose Version - description: Please paste the output of `docker-compose version` - placeholder: Docker Compose version vX.Y.Z - validations: - required: true -- type: textarea - id: docker-version - attributes: - label: Docker Version - description: Please paste the output of `docker version` - render: text - placeholder: | - Client: - Cloud integration: 1.0.17 - Version: 20.10.8 - API version: 1.41 - Go version: go1.16.6 - Git commit: 3967b7d - Built: Fri Jul 30 19:55:20 2021 - OS/Arch: darwin/amd64 - Context: default - Experimental: true + Please don't open an issue to open a PR. + Just submit the PR, that's good enough. + - type: textarea + id: current-behavior + attributes: + label: Current Behavior + description: Please describe what you did and how you think it misbehaved + placeholder: I tried to … by doing …, but it … + validations: + required: true + - type: textarea + id: expected-behavior + attributes: + label: Expected Behavior + description: Please describe what you expected instead + placeholder: I expected that … when I do … + validations: + required: true + - type: input + id: docker-compose-version + attributes: + label: Docker Compose Version + description: Please paste the output of `docker-compose version` + placeholder: Docker Compose version vX.Y.Z + validations: + required: true + - type: textarea + id: docker-version + attributes: + label: Docker Version + description: Please paste the output of `docker version` + render: text + placeholder: | + Client: + Cloud integration: 1.0.17 + Version: 20.10.8 + API version: 1.41 + Go version: go1.16.6 + Git commit: 3967b7d + Built: Fri Jul 30 19:55:20 2021 + OS/Arch: darwin/amd64 + Context: default + Experimental: true - Server: Docker Engine - Community - Engine: - Version: 20.10.8 - API version: 1.41 (minimum version 1.12) - Go version: go1.16.6 - Git commit: 75249d8 - Built: Fri Jul 30 19:52:10 2021 - OS/Arch: linux/amd64 - Experimental: false - containerd: - Version: 1.4.9 - GitCommit: e25210fe30a0a703442421b0f60afac609f950a3 - runc: - Version: 1.0.1 - GitCommit: v1.0.1-0-g4144b63 - docker-init: - Version: 0.19.0 - GitCommit: de40ad0 - validations: - required: true -- type: input - id: git-rev - attributes: - label: The git Revision - description: Please paste the output of `git rev-parse HEAD` - validations: - required: true -- type: textarea - id: git-status - attributes: - label: The git Status - description: Please paste the output of `git status` - render: text - placeholder: | - On branch main - nothing to commit, working tree clean - validations: - required: true -- type: input - id: run-command - attributes: - label: Startup Command - description: Please specify the command you used to start the project - placeholder: docker compose up - validations: - required: true -- type: textarea - id: netbox-logs - attributes: - label: NetBox Logs - description: Please paste the output of `docker-compose logs netbox` (or `docker compose logs netbox`) - render: text - placeholder: | - netbox_1 | ⚙️ Applying database migrations - netbox_1 | 🧬 loaded config '/etc/netbox/config/configuration.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/a.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/extra.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/logging.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/plugins.py' - ... - validations: - required: true -- type: textarea - id: docker-compose-override-yml - attributes: - label: Content of docker-compose.override.yml - description: Please paste the output of `cat docker-compose.override.yml` - render: yaml - placeholder: | - version: '3.4' - services: - netbox: - ports: - - '8080:8080' - validations: - required: true + Server: Docker Engine - Community + Engine: + Version: 20.10.8 + API version: 1.41 (minimum version 1.12) + Go version: go1.16.6 + Git commit: 75249d8 + Built: Fri Jul 30 19:52:10 2021 + OS/Arch: linux/amd64 + Experimental: false + containerd: + Version: 1.4.9 + GitCommit: e25210fe30a0a703442421b0f60afac609f950a3 + runc: + Version: 1.0.1 + GitCommit: v1.0.1-0-g4144b63 + docker-init: + Version: 0.19.0 + GitCommit: de40ad0 + validations: + required: true + - type: input + id: git-rev + attributes: + label: The git Revision + description: Please paste the output of `git rev-parse HEAD` + validations: + required: true + - type: textarea + id: git-status + attributes: + label: The git Status + description: Please paste the output of `git status` + render: text + placeholder: | + On branch main + nothing to commit, working tree clean + validations: + required: true + - type: input + id: run-command + attributes: + label: Startup Command + description: Please specify the command you used to start the project + placeholder: docker compose up + validations: + required: true + - type: textarea + id: netbox-logs + attributes: + label: NetBox Logs + description: Please paste the output of `docker-compose logs netbox` (or `docker compose logs netbox`) + render: text + placeholder: | + netbox_1 | ⚙️ Applying database migrations + netbox_1 | 🧬 loaded config '/etc/netbox/config/configuration.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/a.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/extra.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/logging.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/plugins.py' + ... + validations: + required: true + - type: textarea + id: docker-compose-override-yml + attributes: + label: Content of docker-compose.override.yml + description: Please paste the output of `cat docker-compose.override.yml` + render: yaml + placeholder: | + version: '3.4' + services: + netbox: + ports: + - '8080:8080' + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index a584cc2..3e3d62a 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -6,7 +6,7 @@ contact_links: - name: Chat url: https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - about: 'Usually the quickest way to seek help with small issues is to join our #netbox-docker Slack channel.' + about: "Usually the quickest way to seek help with small issues is to join our #netbox-docker Slack channel." - name: Community Wiki url: https://github.com/netbox-community/netbox-docker/wiki diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index e8f2a55..88d46fd 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -1,68 +1,68 @@ name: Feature or Change Request description: Request a new feature or a change of the current behavior body: -- type: markdown - attributes: - value: | - This issue type is to propose new features for the Docker setup. - To just spin an idea, see the Github Discussions section, please. + - type: markdown + attributes: + value: | + This issue type is to propose new features for the Docker setup. + To just spin an idea, see the Github Discussions section, please. - Before asking for help, see these links first: + Before asking for help, see these links first: - - See our troubleshooting section: - https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting - - Have a look at the rest of the wiki: - https://github.com/netbox-community/netbox-docker/wiki - - Check the release notes: - https://github.com/netbox-community/netbox-docker/releases - - Look through the issues already resolved: - https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed + - See our troubleshooting section: + https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting + - Have a look at the rest of the wiki: + https://github.com/netbox-community/netbox-docker/wiki + - Check the release notes: + https://github.com/netbox-community/netbox-docker/releases + - Look through the issues already resolved: + https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed - If you did not find what you're looking for, - try the help of our community: + If you did not find what you're looking for, + try the help of our community: - - Post to Github Discussions: - https://github.com/netbox-community/netbox-docker/discussions - - Join the `#netbox-docker` channel on our Slack: - https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - - Ask on the NetBox mailing list: - https://groups.google.com/d/forum/netbox-discuss + - Post to Github Discussions: + https://github.com/netbox-community/netbox-docker/discussions + - Join the `#netbox-docker` channel on our Slack: + https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ + - Ask on the NetBox mailing list: + https://groups.google.com/d/forum/netbox-discuss - Please don't open an issue to open a PR. - Just submit the PR, that's good enough. -- type: textarea - id: desired-behavior - attributes: - label: Desired Behavior - description: Please describe the desired behavior - placeholder: To me, it would be useful, if … because … - validations: - required: true -- type: textarea - id: contrast-to-current - attributes: - label: Contrast to Current Behavior - description: Please describe how the desired behavior is different from the current behavior - placeholder: The current behavior is …, but this lacks … - validations: - required: true -- type: textarea - id: required-changes - attributes: - label: Required Changes - description: If you can, please elaborate what changes will be required to implement the desired behavior - placeholder: I suggest to change the file … - validations: - required: false -- type: textarea - id: discussion - attributes: - label: 'Discussion: Benefits and Drawbacks' - description: | - Please make your case here: - - Why do you think this project and the community will benefit from your suggestion? - - What are the drawbacks of this change? Is it backwards-compatible? - - Anything else that you think is relevant to the discussion of this feature/change request. - placeholder: I suggest to change the file … - validations: - required: false + Please don't open an issue to open a PR. + Just submit the PR, that's good enough. + - type: textarea + id: desired-behavior + attributes: + label: Desired Behavior + description: Please describe the desired behavior + placeholder: To me, it would be useful, if … because … + validations: + required: true + - type: textarea + id: contrast-to-current + attributes: + label: Contrast to Current Behavior + description: Please describe how the desired behavior is different from the current behavior + placeholder: The current behavior is …, but this lacks … + validations: + required: true + - type: textarea + id: required-changes + attributes: + label: Required Changes + description: If you can, please elaborate what changes will be required to implement the desired behavior + placeholder: I suggest to change the file … + validations: + required: false + - type: textarea + id: discussion + attributes: + label: "Discussion: Benefits and Drawbacks" + description: | + Please make your case here: + - Why do you think this project and the community will benefit from your suggestion? + - What are the drawbacks of this change? Is it backwards-compatible? + - Anything else that you think is relevant to the discussion of this feature/change request. + placeholder: I suggest to change the file … + validations: + required: false diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 139ff96..8c51bfd 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -80,6 +80,6 @@ into the release notes. Please put an x into the brackets (like `[x]`) if you've completed that task. --> -* [ ] I have read the comments and followed the PR template. -* [ ] I have explained my PR according to the information in the comments. -* [ ] My PR targets the `develop` branch. +- [ ] I have read the comments and followed the PR template. +- [ ] I have explained my PR according to the information in the comments. +- [ ] My PR targets the `develop` branch. diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3021dab..910c3a1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: types: - published schedule: - - cron: '45 5 * * *' + - cron: "45 5 * * *" workflow_dispatch: jobs: diff --git a/docker-compose.yml b/docker-compose.yml index a087c12..9d68b0e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,30 +2,30 @@ services: netbox: &netbox image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} depends_on: - - postgres - - redis - - redis-cache + - postgres + - redis + - redis-cache env_file: env/netbox.env - user: 'unit:root' + user: "unit:root" healthcheck: test: curl -f http://localhost:8080/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s volumes: - - ./configuration:/etc/netbox/config:z,ro - - netbox-media-files:/opt/netbox/netbox/media:rw - - netbox-reports-files:/opt/netbox/netbox/reports:rw - - netbox-scripts-files:/opt/netbox/netbox/scripts:rw + - ./configuration:/etc/netbox/config:z,ro + - netbox-media-files:/opt/netbox/netbox/media:rw + - netbox-reports-files:/opt/netbox/netbox/reports:rw + - netbox-scripts-files:/opt/netbox/netbox/scripts:rw netbox-worker: <<: *netbox depends_on: netbox: condition: service_healthy command: - - /opt/netbox/venv/bin/python - - /opt/netbox/netbox/manage.py - - rqworker + - /opt/netbox/venv/bin/python + - /opt/netbox/netbox/manage.py + - rqworker healthcheck: test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 20s @@ -37,7 +37,7 @@ services: netbox: condition: service_healthy command: - - /opt/netbox/housekeeping.sh + - /opt/netbox/housekeeping.sh healthcheck: test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 20s @@ -55,34 +55,34 @@ services: retries: 5 env_file: env/postgres.env volumes: - - netbox-postgres-data:/var/lib/postgresql/data + - netbox-postgres-data:/var/lib/postgresql/data # redis redis: image: docker.io/valkey/valkey:8.0-alpine command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - sh + - -c # this is to evaluate the $REDIS_PASSWORD from the env + - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose healthcheck: &redis-healthcheck - test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + test: '[ $$(valkey-cli --pass "$${REDIS_PASSWORD}" ping) = ''PONG'' ]' start_period: 5s timeout: 3s interval: 1s retries: 5 env_file: env/redis.env volumes: - - netbox-redis-data:/data + - netbox-redis-data:/data redis-cache: image: docker.io/valkey/valkey:8.0-alpine command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - sh + - -c # this is to evaluate the $REDIS_PASSWORD from the env + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose healthcheck: *redis-healthcheck env_file: env/redis-cache.env volumes: - - netbox-redis-cache-data:/data + - netbox-redis-cache-data:/data volumes: netbox-media-files: From f3a78bfd10f394c6a04e3e9da08d6bc050a12bf5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:26:16 +0200 Subject: [PATCH 68/78] More linter fixes --- .yamllint.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.yamllint.yaml b/.yamllint.yaml index 50d6af7..217eb28 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -2,4 +2,4 @@ rules: line-length: - max: 120 + max: 160 From 09ba1d3f4ecb1fae9d6c07c7ff07ff7cc4da95a3 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:31:00 +0200 Subject: [PATCH 69/78] More linter fixes --- .yamllint.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.yamllint.yaml b/.yamllint.yaml index 217eb28..81a9e05 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -1,5 +1,4 @@ --- - rules: line-length: max: 160 From 6e735fd431383f429012707cc1d5ae0ebc04b125 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Sep 2024 20:03:58 +0000 Subject: [PATCH 70/78] Update dependency sentry-sdk to v2.13.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d233010..fd97e0f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.12.0 +sentry-sdk[django]==2.13.0 From 52f80cc7ca2fa24b8672fca52c628414c1e06e0c Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 07:25:04 +0200 Subject: [PATCH 71/78] Fix #1300: Disable ARM64 release --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 910c3a1..c94c1f9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - ./build.sh feature - ./build.sh develop platform: - - linux/amd64,linux/arm64 + - linux/amd64 fail-fast: false runs-on: ubuntu-latest name: Builds new NetBox Docker Images From f13a6bf5e47c0fccb76187d13c6030e606f828f6 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 07:25:44 +0200 Subject: [PATCH 72/78] Preparation for 3.0.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 4a36342..cb2b00e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0.0 +3.0.1 diff --git a/docker-compose.yml b/docker-compose.yml index 9d68b0e..34ce41d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.1} depends_on: - postgres - redis From a24c19c503fb236b1900883ea18f326856bc415a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 10:17:05 +0200 Subject: [PATCH 73/78] Use Docker Build Cloud for releases With QEMU the ARM64 builds are slow and not reliable. If we use the Docker Cloud builders we reduce the build times considerably. As a Docker OSS organisation we get 400 build minutes per month, which should be fine, because we already use checks if builds are really needed. The Docker Cloud also uses a cache that should reduce build times a little bit more. --- .github/workflows/release.yml | 33 ++++++++++++++++----------------- build.sh | 7 +++++++ 2 files changed, 23 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c94c1f9..7c27594 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - ./build.sh feature - ./build.sh develop platform: - - linux/amd64 + - linux/amd64,linux/arm64 fail-fast: false runs-on: ubuntu-latest name: Builds new NetBox Docker Images @@ -35,19 +35,11 @@ jobs: name: Get Version of NetBox Docker run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT" shell: bash - - id: qemu-setup - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - id: buildx-setup - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - id: docker-build - name: Build the image with '${{ matrix.build_cmd }}' + - id: check-build-needed + name: Check if the build is needed for '${{ matrix.build_cmd }}' + env: + CHECK_ONLY: "true" run: ${{ matrix.build_cmd }} - - id: test-image - name: Test the image - run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh - if: steps.docker-build.outputs.skipped != 'true' # docker.io - id: docker-io-login name: Login to docker.io @@ -56,7 +48,14 @@ jobs: registry: docker.io username: ${{ secrets.dockerhub_username }} password: ${{ secrets.dockerhub_password }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' + - id: buildx-setup + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + version: "lab:latest" + driver: cloud + endpoint: "netboxcommunity/netbox-default" # quay.io - id: quay-io-login name: Login to Quay.io @@ -65,7 +64,7 @@ jobs: registry: quay.io username: ${{ secrets.quayio_username }} password: ${{ secrets.quayio_password }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' # ghcr.io - id: ghcr-io-login name: Login to GitHub Container Registry @@ -74,11 +73,11 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' - id: build-and-push name: Push the image run: ${{ matrix.build_cmd }} --push - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' env: BUILDX_PLATFORM: ${{ matrix.platform }} BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} diff --git a/build.sh b/build.sh index 0715969..df85df7 100755 --- a/build.sh +++ b/build.sh @@ -103,6 +103,8 @@ GH_ACTION If defined, special 'echo' statements are enabled that set the - FINAL_DOCKER_TAG: The final value of the DOCKER_TAG env variable ${_GREEN}Default:${_CLEAR} undefined +CHECK_ONLY Only checks if the build is needed and sets the GH Action output. + ${_BOLD}Examples:${_CLEAR} ${0} master @@ -355,6 +357,11 @@ else fi gh_echo "::endgroup::" +if [ "${CHECK_ONLY}" = "true" ]; then + echo "Only check if build needed was requested. Exiting" + exit 0 +fi + ### # Build the image ### From 942f978ed26217b4795a5a22fb4e42661b311b4a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 17:53:24 +0200 Subject: [PATCH 74/78] Revert "Feature: Support for multiple AUTH_LDAP_REQUIRE_GROUP from environment variables" --- configuration/ldap/extra.py | 3 ++- configuration/ldap/ldap_config.py | 14 ++------------ 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/configuration/ldap/extra.py b/configuration/ldap/extra.py index b76047a..4505197 100644 --- a/configuration/ldap/extra.py +++ b/configuration/ldap/extra.py @@ -1,10 +1,11 @@ #### ## This file contains extra configuration options that can't be configured ## directly through environment variables. -## All variables set here overwrite any existing found in ldap_config.py +## All vairables set here overwrite any existing found in ldap_config.py #### # # This Python script inherits all the imports from ldap_config.py +# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py # # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin. # AUTH_LDAP_REQUIRE_GROUP = ( diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index d25b3e8..82fad72 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -2,7 +2,7 @@ from importlib import import_module from os import environ import ldap -from django_auth_ldap.config import LDAPGroupQuery, LDAPSearch +from django_auth_ldap.config import LDAPSearch # Read secret from file @@ -86,22 +86,12 @@ AUTH_LDAP_GROUP_TYPE = _import_group_type(environ.get('AUTH_LDAP_GROUP_TYPE', 'G # Define a group required to login. AUTH_LDAP_REQUIRE_GROUP = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN') -# If non-empty string, AUTH_LDAP_REQUIRE_GROUP will be treated as a list delimited by this separator -AUTH_LDAP_REQUIRE_GROUP_SEPARATOR = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN_SEPARATOR', '') - # Define special user types using groups. Exercise great caution when assigning superuser status. AUTH_LDAP_USER_FLAGS_BY_GROUP = {} if AUTH_LDAP_REQUIRE_GROUP is not None: - # Build an LDAPGroupQuery when AUTH_LDAP_REQUIRE_GROUP should be treated as a list - if AUTH_LDAP_REQUIRE_GROUP_SEPARATOR: - _groups = list(filter(None, AUTH_LDAP_REQUIRE_GROUP.split(AUTH_LDAP_REQUIRE_GROUP_SEPARATOR))) - AUTH_LDAP_REQUIRE_GROUP = LDAPGroupQuery(_groups[0]) - for i in range(1, len(_groups)): - AUTH_LDAP_REQUIRE_GROUP |= LDAPGroupQuery(_groups[i]) - AUTH_LDAP_USER_FLAGS_BY_GROUP = { - "is_active": AUTH_LDAP_REQUIRE_GROUP, + "is_active": environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), "is_staff": environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), "is_superuser": environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') } From f134a44bc7383a1c4a910c1e05cd706282e1b7fb Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 6 Sep 2024 09:50:12 +0200 Subject: [PATCH 75/78] When no build is needed don't create the buildx config --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7c27594..b90bf15 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,6 +56,7 @@ jobs: version: "lab:latest" driver: cloud endpoint: "netboxcommunity/netbox-default" + if: steps.check-build-needed.outputs.skipped != 'true' # quay.io - id: quay-io-login name: Login to Quay.io From 09c897aa22238fb480953c77f9dd99677df1c1d2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Sep 2024 14:16:13 +0000 Subject: [PATCH 76/78] Update dependency sentry-sdk to v2.14.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index fd97e0f..6dfd152 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.13.0 +sentry-sdk[django]==2.14.0 From 35c19d0fc8e91be74ed14fc6bd966e5e22815e5f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 18 Sep 2024 17:56:41 +0200 Subject: [PATCH 77/78] Upgrade Nginx Unit to version 1.33 --- Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 743bb4e..1c17caa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ ARG FROM -FROM ${FROM} as builder +FROM ${FROM} AS builder RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ @@ -46,7 +46,7 @@ RUN \ ### ARG FROM -FROM ${FROM} as main +FROM ${FROM} AS main RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ @@ -64,15 +64,15 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssl \ python3 \ tini \ - && curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \ + && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ + && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ noble unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.32.1-1~mantic \ - unit-python3.12=1.32.1-1~mantic \ + unit=1.33.0-1~noble \ + unit-python3.12=1.33.0-1~noble \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv From 5dea11c4d470523629bf61c0cfbe61cc56c93949 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 19 Sep 2024 13:43:31 +0200 Subject: [PATCH 78/78] Preparation for 3.0.2 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index cb2b00e..b502146 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0.1 +3.0.2 diff --git a/docker-compose.yml b/docker-compose.yml index 34ce41d..a00825c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.2} depends_on: - postgres - redis