diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eb47cfe..fcce752 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,9 +1,9 @@ name: release on: - push: - branches: - - release + release: + types: + - published schedule: - cron: '45 5 * * *' @@ -20,64 +20,82 @@ jobs: runs-on: ubuntu-latest name: Builds new NetBox Docker Images steps: - - id: git-checkout + - name: Checkout uses: actions/checkout@v2 - - id: docker-build + - + name: Get Version of NetBox Docker + run: | + echo "::set-output name=version::$(cat VERSION)" + shell: bash + - + name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - + id: buildx-setup + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + with: + install: true + - + name: Available platforms + run: echo ${{ steps.buildx-setup.outputs.platforms }} + - + id: docker-build name: Build the image with '${{ matrix.build_cmd }}' run: ${{ matrix.build_cmd }} env: GH_ACTION: enable - - id: docker-test + - name: Test the image run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh if: steps.docker-build.outputs.skipped != 'true' - - id: registry-login - name: Login to the Docker Registry - run: | - echo "::add-mask::$DOCKERHUB_USERNAME" - echo "::add-mask::$DOCKERHUB_PASSWORD" - docker login -u "$DOCKERHUB_USERNAME" --password "${DOCKERHUB_PASSWORD}" "${DOCKER_REGISTRY}" - env: - DOCKERHUB_USERNAME: ${{ secrets.dockerhub_username }} - DOCKERHUB_PASSWORD: ${{ secrets.dockerhub_password }} + + # docker.io + - + name: Login to docker.io + uses: docker/login-action@v1 + with: + registry: docker.io + username: ${{ secrets.dockerhub_username }} + password: ${{ secrets.dockerhub_password }} if: steps.docker-build.outputs.skipped != 'true' - - id: registry-push - name: Push the image + - + name: Push the image to docker.io run: ${{ matrix.build_cmd }} --push-only if: steps.docker-build.outputs.skipped != 'true' - - id: registry-logout - name: Logout of the Docker Registry - run: docker logout "${DOCKER_REGISTRY}" - if: steps.docker-build.outputs.skipped != 'true' - # Quay.io - - id: quayio-docker-build - name: Build the image with '${{ matrix.build_cmd }}' - run: ${{ matrix.build_cmd }} + # quay.io + - + name: Login to Quay.io + uses: docker/login-action@v1 + with: + registry: quay.io + username: ${{ secrets.quayio_username }} + password: ${{ secrets.quayio_password }} + if: steps.docker-build.outputs.skipped != 'true' + - + name: Build and push the image with '${{ matrix.build_cmd }}' + run: ${{ matrix.build_cmd }} --push env: DOCKER_REGISTRY: quay.io GH_ACTION: enable - - id: quayio-registry-login - name: Login to the Quay.io Registry - run: | - echo "::add-mask::$QUAYIO_USERNAME" - echo "::add-mask::$QUAYIO_PASSWORD" - docker login -u "$QUAYIO_USERNAME" --password "${QUAYIO_PASSWORD}" "${DOCKER_REGISTRY}" - env: - DOCKER_REGISTRY: quay.io - QUAYIO_USERNAME: ${{ secrets.quayio_username }} - QUAYIO_PASSWORD: ${{ secrets.quayio_password }} if: steps.docker-build.outputs.skipped != 'true' - - id: quayio-registry-push - name: Push the image - run: ${{ matrix.build_cmd }} --push-only - env: - DOCKER_REGISTRY: quay.io + + # ghcr.io + - + name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} if: steps.docker-build.outputs.skipped != 'true' - - id: quayio-registry-logout - name: Logout of the Docker Registry - run: docker logout "${DOCKER_REGISTRY}" + - + name: Build and push the image with '${{ matrix.build_cmd }}' + run: ${{ matrix.build_cmd }} --push env: - DOCKER_REGISTRY: quay.io + DOCKER_REGISTRY: ghcr.io + DOCKER_ORG: netbox-community + GH_ACTION: enable if: steps.docker-build.outputs.skipped != 'true' diff --git a/Dockerfile b/Dockerfile index a8fb4f0..505b888 100644 --- a/Dockerfile +++ b/Dockerfile @@ -63,6 +63,7 @@ RUN apk add --no-cache \ libjpeg-turbo \ libxslt \ openssl \ + postgresql-client \ postgresql-libs \ py3-pip \ python3 \ diff --git a/README.md b/README.md index 6cfdd95..d8aedf4 100644 --- a/README.md +++ b/README.md @@ -7,47 +7,28 @@ ![Docker Pulls](https://img.shields.io/docker/pulls/netboxcommunity/netbox) [![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license] -[The Github repository](netbox-docker-github) houses the components needed to build NetBox as a Docker container. -Images are built using this code and are released to [Docker Hub][netbox-dockerhub] and [Quay.io][netbox-quayio] once a day. +[The Github repository](netbox-docker-github) houses the components needed to build NetBox as a container. +Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. Do you have any questions? Before opening an issue on Github, -please join the [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. +please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers [github-release]: https://github.com/netbox-community/netbox-docker/releases [netbox-docker-microbadger]: https://microbadger.com/images/netboxcommunity/netbox [netbox-dockerhub]: https://hub.docker.com/r/netboxcommunity/netbox/ +[netbox-quayio]: https://quay.io/repository/netboxcommunity/netbox +[netbox-ghcr]: https://ghcr.io/netbox-community/netbox/ [netbox-docker-github]: https://github.com/netbox-community/netbox-docker/ [netbox-docker-slack]: https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ [netbox-docker-slack-channel]: https://netdev-community.slack.com/archives/C01P0GEVBU7 [netbox-slack-channel]: https://netdev-community.slack.com/archives/C01P0FRSXRV [netbox-docker-license]: https://github.com/netbox-community/netbox-docker/blob/release/LICENSE -[netbox-quayio]: https://quay.io/repository/netboxcommunity/netbox - -## Docker Tags - -* `vX.Y.Z`: These are release builds, automatically built from [the corresponding releases of NetBox][netbox-releases]. -* `latest`: These are release builds, automatically built from [the `master` branch of NetBox][netbox-master]. -* `snapshot`: These are pre-release builds, automatically built from the [`develop` branch of NetBox][netbox-develop]. -* `develop-X.Y`: These are pre-release builds, automatically built from the corresponding [branch of NetBox][netbox-branches]. - -Then there is currently one extra tags for each of the above tags: - -* `-ldap`: Contains additional dependencies and configurations for connecting NetBox to an LDAP directory. - [Learn more about that in our wiki][netbox-docker-ldap]. - -New images are built and published automatically every ~24h. - -[netbox-releases]: https://github.com/netbox-community/netbox/releases -[netbox-master]: https://github.com/netbox-community/netbox/tree/master -[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop -[netbox-branches]: https://github.com/netbox-community/netbox/branches -[netbox-docker-ldap]: https://github.com/netbox-community/netbox-docker/wiki/LDAP ## Quickstart -To get NetBox Docker up and running run the following commands. +To get _NetBox Docker_ up and running run the following commands. There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-started] which explains every step. ```bash @@ -77,10 +58,59 @@ The default credentials are: [wiki-getting-started]: https://github.com/netbox-community/netbox-docker/wiki/Getting-Started [docker-reception]: https://github.com/nxt-engineering/reception +## Container Image Tags + +New container images are built and published automatically every ~24h. + +> We recommend to use either the `vX.Y.Z-a.b.c` tags or the `vX.Y-a.b.c` tags in production! + +* `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`: + These are release builds containing _NetBox version_ `vX.Y.Z`. + They contain the support files of _NetBox Docker version_ `a.b.c`. + You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. + These images are automatically built from [the corresponding releases of NetBox][netbox-releases]. +* `latest-a.b.c`: + These are release builds, containing the latest stable version of NetBox. + They contain the support files of _NetBox Docker version_ `a.b.c`. + You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. + These images are automatically built from [the `master` branch of NetBox][netbox-master]. +* `snapshot-a.b.c`: + These are pre-release builds. + They contain the support files of _NetBox Docker version_ `a.b.c`. + You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. + These images are automatically built from the [`develop` branch of NetBox][netbox-develop]. + +For each of the above tag, there is an extra tag: + +* `vX.Y.Z`, `vX.Y`: + This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively). + It always points to the latest version of _NetBox Docker_. +* `latest` + This is the same version as `latest-a.b.c`. + It always points to the latest version of _NetBox Docker_. +* `snapshot` + This is the same version as `snapshot-a.b.c`. + It always points to the latest version of _NetBox Docker_. + +Then there is currently one extra tags for each of the above tags: + +* `-ldap`: + These container images contain additional dependencies and configuration files for connecting NetBox to an LDAP directory. + [Learn more about that in our wiki][netbox-docker-ldap]. + +[netbox-releases]: https://github.com/netbox-community/netbox/releases +[netbox-master]: https://github.com/netbox-community/netbox/tree/master +[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop +[netbox-branches]: https://github.com/netbox-community/netbox/branches +[netbox-docker-ldap]: https://github.com/netbox-community/netbox-docker/wiki/LDAP + ## Documentation -Please refer [to our wiki on Github][netbox-docker-wiki] for further information on how to use this NetBox Docker image properly. -It covers advanced topics such as using files for secrets, deployment to Kubernetes, monitoring and configuring NAPALM or LDAP. +Please refer [to our wiki on Github][netbox-docker-wiki] for further information on how to use the NetBox Docker image properly. +The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring NAPALM and LDAP. + +Our wiki is a community effort. +Feel free to correct errors, update outdated information or provide additional guides and insights. [netbox-docker-wiki]: https://github.com/netbox-community/netbox-docker/wiki/ @@ -104,22 +134,19 @@ This project relies only on *Docker* and *docker-compose* meeting these requirem To check the version installed on your system run `docker --version` and `docker-compose --version`. -## Breaking Changes - -From time to time it might become necessary to re-engineer the structure of this setup. -Things like the `docker-compose.yml` file or your Kubernetes or OpenShift configurations have to be adjusted as a consequence. - -Since November 2019 each image built from this repo contains a `org.opencontainers.image.version` label. -(The images contained labels since April 2018, although in November 2019 the labels' names changed.) -You can check the label of your local image by running `docker inspect netboxcommunity/netbox:v2.7.1 --format "{{json .Config.Labels}}"`. +## Updating Please read [the release notes][releases] carefully when updating to a new image version. +Note that the version of the NetBox Docker container image must stay in sync with the code. + +If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating]. [releases]: https://github.com/netbox-community/netbox-docker/releases +[netbox-docker-wiki-updating]: https://github.com/netbox-community/netbox-docker/wiki/Updating ## Rebuilding the Image -`./build.sh` can be used to rebuild the Docker image. See `./build.sh --help` for more information. +`./build.sh` can be used to rebuild the container image. See `./build.sh --help` for more information. For more details on custom builds [consult our wiki][netbox-docker-wiki-build]. diff --git a/VERSION b/VERSION index 347f583..bc80560 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.4.1 +1.5.0 diff --git a/build-latest.sh b/build-latest.sh index 54ebe36..bcafda4 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -3,6 +3,14 @@ echo "▶️ $0 $*" +### +# Check for the jq library needed for parsing JSON +### +if ! command -v jq; then + echo "⚠️ jq command missing from \$PATH!" + exit 1 +fi + ### # Checking for the presence of GITHUB_OAUTH_CLIENT_ID # and GITHUB_OAUTH_CLIENT_SECRET diff --git a/configuration/configuration.py b/configuration/configuration.py index 87435cf..311d1f0 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -62,6 +62,7 @@ REDIS = { 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), 'DATABASE': int(environ.get('REDIS_DATABASE', 0)), 'SSL': environ.get('REDIS_SSL', 'False').lower() == 'true', + 'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False').lower() == 'true', }, 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), @@ -69,6 +70,7 @@ REDIS = { 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': int(environ.get('REDIS_CACHE_DATABASE', 1)), 'SSL': environ.get('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False')).lower() == 'true', + 'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False')).lower() == 'true', }, } diff --git a/docker-compose.test.yml b/docker-compose.test.yml index c6c014c..33c0606 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -18,7 +18,7 @@ services: - ./scripts:/etc/netbox/scripts:z,ro - netbox-media-files:/opt/netbox/netbox/media:z postgres: - image: postgres:13-alpine + image: postgres:14-alpine env_file: env/postgres.env redis: image: redis:6-alpine diff --git a/docker-compose.yml b/docker-compose.yml index 959a9fb..10365ae 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: netboxcommunity/netbox:${VERSION-v3.0-1.4.1} + image: netboxcommunity/netbox:${VERSION-v3.1-1.5.0} depends_on: - postgres - redis @@ -35,7 +35,7 @@ services: # postgres postgres: - image: postgres:13-alpine + image: postgres:14-alpine env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data diff --git a/docker/configuration.docker.py b/docker/configuration.docker.py index f5b15e0..413f802 100644 --- a/docker/configuration.docker.py +++ b/docker/configuration.docker.py @@ -82,3 +82,10 @@ def __getattr__(name): except: pass raise AttributeError + + +def __dir__(): + names = [] + for config in _loaded_configurations: + names.extend(config.__dir__()) + return names diff --git a/env/netbox.env b/env/netbox.env index 1300873..6593cbc 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -23,10 +23,12 @@ NAPALM_TIMEOUT=10 NAPALM_USERNAME= REDIS_CACHE_DATABASE=1 REDIS_CACHE_HOST=redis-cache +REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY=false REDIS_CACHE_PASSWORD=t4Ph722qJ5QHeQ1qfu36 REDIS_CACHE_SSL=false REDIS_DATABASE=0 REDIS_HOST=redis +REDIS_INSECURE_SKIP_TLS_VERIFY=false REDIS_PASSWORD=H733Kdjndks81 REDIS_SSL=false RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases diff --git a/requirements-container.txt b/requirements-container.txt index a243e12..f47f232 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ napalm==3.3.1 -ruamel.yaml==0.17.16 +ruamel.yaml==0.17.17 django-auth-ldap==3.0.0 google-crc32c==1.3.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.12.1 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.12.3 diff --git a/startup_scripts/010_groups.py b/startup_scripts/010_groups.py index 39aca53..a7a2429 100644 --- a/startup_scripts/010_groups.py +++ b/startup_scripts/010_groups.py @@ -18,6 +18,6 @@ for groupname, group_details in groups.items(): if user: group.user_set.add(user) - print(" 👤 Assigned user %s to group %s" % (username, AdminGroup.name)) + print(" 👤 Assigned user %s to group %s" % (username, group.name)) group.save() diff --git a/startup_scripts/015_object_permissions.py b/startup_scripts/015_object_permissions.py index f19b6ae..8a5ecd4 100644 --- a/startup_scripts/015_object_permissions.py +++ b/startup_scripts/015_object_permissions.py @@ -47,7 +47,10 @@ for permission_name, permission_details in object_permissions.items(): if group: object_permission.groups.add(group) - print(" 👥 Assigned group %s object permission of %s" % (groupname, groupname)) + print( + " 👥 Assigned group %s object permission of %s" + % (groupname, object_permission.name) + ) if permission_details.get("users", 0): for username in permission_details["users"]: @@ -55,6 +58,9 @@ for permission_name, permission_details in object_permissions.items(): if user: object_permission.users.add(user) - print(" 👤 Assigned user %s object permission of %s" % (username, groupname)) + print( + " 👤 Assigned user %s object permission of %s" + % (username, object_permission.name) + ) object_permission.save() diff --git a/startup_scripts/020_custom_fields.py b/startup_scripts/020_custom_fields.py index 64566bd..a40883c 100644 --- a/startup_scripts/020_custom_fields.py +++ b/startup_scripts/020_custom_fields.py @@ -42,6 +42,9 @@ for cf_name, cf_details in customfields.items(): if cf_details.get("type", False): custom_field.type = cf_details["type"] + if cf_details.get("filter_logic", False): + custom_field.filter_logic = cf_details["filter_logic"] + if cf_details.get("weight", -1) >= 0: custom_field.weight = cf_details["weight"]