Merge pull request #657 from netbox-community/develop

Version 1.5.0

.github/workflows/release.yml

@@ -1,9 +1,9 @@
 name: release
 
 on:
-  push:
-    branches:
-      - release
+  release:
+    types:
+      - published
   schedule:
     - cron: '45 5 * * *'
 
@@ -20,64 +20,82 @@ jobs:
     runs-on: ubuntu-latest
     name: Builds new NetBox Docker Images
     steps:
-    - id: git-checkout
+    -
       name: Checkout
       uses: actions/checkout@v2
-    - id: docker-build
+    -
+      name: Get Version of NetBox Docker
+      run: |
+        echo "::set-output name=version::$(cat VERSION)"
+      shell: bash
+    -
+      name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    -
+      id: buildx-setup
+      name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+      with:
+        install: true
+    -
+      name: Available platforms
+      run: echo ${{ steps.buildx-setup.outputs.platforms }}
+    -
+      id: docker-build
       name: Build the image with '${{ matrix.build_cmd }}'
       run: ${{ matrix.build_cmd }}
       env:
         GH_ACTION: enable
-    - id: docker-test
+    -
       name: Test the image
       run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-login
-      name: Login to the Docker Registry
-      run: |
-        echo "::add-mask::$DOCKERHUB_USERNAME"
-        echo "::add-mask::$DOCKERHUB_PASSWORD"
-        docker login -u "$DOCKERHUB_USERNAME" --password "${DOCKERHUB_PASSWORD}" "${DOCKER_REGISTRY}"
-      env:
-        DOCKERHUB_USERNAME: ${{ secrets.dockerhub_username }}
-        DOCKERHUB_PASSWORD: ${{ secrets.dockerhub_password }}
+
+    # docker.io
+    -
+      name: Login to docker.io
+      uses: docker/login-action@v1
+      with:
+        registry: docker.io
+        username: ${{ secrets.dockerhub_username }}
+        password: ${{ secrets.dockerhub_password }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-push
-      name: Push the image
+    -
+      name: Push the image to docker.io
       run: ${{ matrix.build_cmd }} --push-only
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-logout
-      name: Logout of the Docker Registry
-      run: docker logout "${DOCKER_REGISTRY}"
-      if: steps.docker-build.outputs.skipped != 'true'
 
-    # Quay.io
-    - id: quayio-docker-build
-      name: Build the image with '${{ matrix.build_cmd }}'
-      run: ${{ matrix.build_cmd }}
+    # quay.io
+    -
+      name: Login to Quay.io
+      uses: docker/login-action@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.quayio_username }}
+        password: ${{ secrets.quayio_password }}
+      if: steps.docker-build.outputs.skipped != 'true'
+    -
+      name: Build and push the image with '${{ matrix.build_cmd }}'
+      run: ${{ matrix.build_cmd }} --push
       env:
         DOCKER_REGISTRY: quay.io
         GH_ACTION: enable
-    - id: quayio-registry-login
-      name: Login to the Quay.io Registry
-      run: |
-        echo "::add-mask::$QUAYIO_USERNAME"
-        echo "::add-mask::$QUAYIO_PASSWORD"
-        docker login -u "$QUAYIO_USERNAME" --password "${QUAYIO_PASSWORD}" "${DOCKER_REGISTRY}"
-      env:
-        DOCKER_REGISTRY: quay.io
-        QUAYIO_USERNAME: ${{ secrets.quayio_username }}
-        QUAYIO_PASSWORD: ${{ secrets.quayio_password }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: quayio-registry-push
-      name: Push the image
-      run: ${{ matrix.build_cmd }} --push-only
-      env:
-        DOCKER_REGISTRY: quay.io
+
+    # ghcr.io
+    -
+      name: Login to GitHub Container Registry
+      uses: docker/login-action@v1
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: quayio-registry-logout
-      name: Logout of the Docker Registry
-      run: docker logout "${DOCKER_REGISTRY}"
+    -
+      name: Build and push the image with '${{ matrix.build_cmd }}'
+      run: ${{ matrix.build_cmd }} --push
       env:
-        DOCKER_REGISTRY: quay.io
+        DOCKER_REGISTRY: ghcr.io
+        DOCKER_ORG: netbox-community
+        GH_ACTION: enable
       if: steps.docker-build.outputs.skipped != 'true'

Dockerfile

@@ -63,6 +63,7 @@ RUN apk add --no-cache \
       libjpeg-turbo \
       libxslt \
       openssl \
+      postgresql-client \
       postgresql-libs \
       py3-pip \
       python3 \

README.md

@@ -7,47 +7,28 @@
 ![Docker Pulls](https://img.shields.io/docker/pulls/netboxcommunity/netbox)
 [![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license]
 
-[The Github repository](netbox-docker-github) houses the components needed to build NetBox as a Docker container.
-Images are built using this code and are released to [Docker Hub][netbox-dockerhub] and [Quay.io][netbox-quayio] once a day.
+[The Github repository](netbox-docker-github) houses the components needed to build NetBox as a container.
+Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr].
 
 Do you have any questions?
 Before opening an issue on Github,
-please join the [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel.
+please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel.
 
 [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers
 [github-release]: https://github.com/netbox-community/netbox-docker/releases
 [netbox-docker-microbadger]: https://microbadger.com/images/netboxcommunity/netbox
 [netbox-dockerhub]: https://hub.docker.com/r/netboxcommunity/netbox/
+[netbox-quayio]: https://quay.io/repository/netboxcommunity/netbox
+[netbox-ghcr]: https://ghcr.io/netbox-community/netbox/
 [netbox-docker-github]: https://github.com/netbox-community/netbox-docker/
 [netbox-docker-slack]: https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ
 [netbox-docker-slack-channel]: https://netdev-community.slack.com/archives/C01P0GEVBU7
 [netbox-slack-channel]: https://netdev-community.slack.com/archives/C01P0FRSXRV
 [netbox-docker-license]: https://github.com/netbox-community/netbox-docker/blob/release/LICENSE
-[netbox-quayio]: https://quay.io/repository/netboxcommunity/netbox
-
-## Docker Tags
-
-* `vX.Y.Z`: These are release builds, automatically built from [the corresponding releases of NetBox][netbox-releases].
-* `latest`: These are release builds, automatically built from [the `master` branch of NetBox][netbox-master].
-* `snapshot`: These are pre-release builds, automatically built from the [`develop` branch of NetBox][netbox-develop].
-* `develop-X.Y`: These are pre-release builds, automatically built from the corresponding [branch of NetBox][netbox-branches].
-
-Then there is currently one extra tags for each of the above tags:
-
-* `-ldap`: Contains additional dependencies and configurations for connecting NetBox to an LDAP directory.
-  [Learn more about that in our wiki][netbox-docker-ldap].
-
-New images are built and published automatically every ~24h.
-
-[netbox-releases]: https://github.com/netbox-community/netbox/releases
-[netbox-master]: https://github.com/netbox-community/netbox/tree/master
-[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop
-[netbox-branches]: https://github.com/netbox-community/netbox/branches
-[netbox-docker-ldap]: https://github.com/netbox-community/netbox-docker/wiki/LDAP
 
 ## Quickstart
 
-To get NetBox Docker up and running run the following commands.
+To get _NetBox Docker_ up and running run the following commands.
 There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-started] which explains every step.
 
 ```bash
@@ -77,10 +58,59 @@ The default credentials are:
 [wiki-getting-started]: https://github.com/netbox-community/netbox-docker/wiki/Getting-Started
 [docker-reception]: https://github.com/nxt-engineering/reception
 
+## Container Image Tags
+
+New container images are built and published automatically every ~24h.
+
+> We recommend to use either the `vX.Y.Z-a.b.c` tags or the `vX.Y-a.b.c` tags in production!
+
+* `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`:
+  These are release builds containing _NetBox version_ `vX.Y.Z`.
+  They contain the support files of _NetBox Docker version_ `a.b.c`.
+  You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility.
+  These images are automatically built from [the corresponding releases of NetBox][netbox-releases].
+* `latest-a.b.c`:
+  These are release builds, containing the latest stable version of NetBox.
+  They contain the support files of _NetBox Docker version_ `a.b.c`.
+  You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility.
+  These images are automatically built from [the `master` branch of NetBox][netbox-master].
+* `snapshot-a.b.c`:
+  These are pre-release builds.
+  They contain the support files of _NetBox Docker version_ `a.b.c`.
+  You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility.
+  These images are automatically built from the [`develop` branch of NetBox][netbox-develop].
+
+For each of the above tag, there is an extra tag:
+
+* `vX.Y.Z`, `vX.Y`:
+  This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively).
+  It always points to the latest version of _NetBox Docker_.
+* `latest`
+  This is the same version as `latest-a.b.c`.
+  It always points to the latest version of _NetBox Docker_.
+* `snapshot`
+  This is the same version as `snapshot-a.b.c`.
+  It always points to the latest version of _NetBox Docker_.
+
+Then there is currently one extra tags for each of the above tags:
+
+* `-ldap`:
+  These container images contain additional dependencies and configuration files for connecting NetBox to an LDAP directory.
+  [Learn more about that in our wiki][netbox-docker-ldap].
+
+[netbox-releases]: https://github.com/netbox-community/netbox/releases
+[netbox-master]: https://github.com/netbox-community/netbox/tree/master
+[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop
+[netbox-branches]: https://github.com/netbox-community/netbox/branches
+[netbox-docker-ldap]: https://github.com/netbox-community/netbox-docker/wiki/LDAP
+
 ## Documentation
 
-Please refer [to our wiki on Github][netbox-docker-wiki] for further information on how to use this NetBox Docker image properly.
-It covers advanced topics such as using files for secrets, deployment to Kubernetes, monitoring and configuring NAPALM or LDAP.
+Please refer [to our wiki on Github][netbox-docker-wiki] for further information on how to use the NetBox Docker image properly.
+The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring NAPALM and LDAP.
+
+Our wiki is a community effort.
+Feel free to correct errors, update outdated information or provide additional guides and insights.
 
 [netbox-docker-wiki]: https://github.com/netbox-community/netbox-docker/wiki/
 
@@ -104,22 +134,19 @@ This project relies only on *Docker* and *docker-compose* meeting these requirem
 
 To check the version installed on your system run `docker --version` and `docker-compose --version`.
 
-## Breaking Changes
-
-From time to time it might become necessary to re-engineer the structure of this setup.
-Things like the `docker-compose.yml` file or your Kubernetes or OpenShift configurations have to be adjusted as a consequence.
-
-Since November 2019 each image built from this repo contains a `org.opencontainers.image.version` label.
-(The images contained labels since April 2018, although in November 2019 the labels' names changed.)
-You can check the label of your local image by running `docker inspect netboxcommunity/netbox:v2.7.1 --format "{{json .Config.Labels}}"`.
+## Updating
 
 Please read [the release notes][releases] carefully when updating to a new image version.
+Note that the version of the NetBox Docker container image must stay in sync with the code.
+
+If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating].
 
 [releases]: https://github.com/netbox-community/netbox-docker/releases
+[netbox-docker-wiki-updating]: https://github.com/netbox-community/netbox-docker/wiki/Updating
 
 ## Rebuilding the Image
 
-`./build.sh` can be used to rebuild the Docker image. See `./build.sh --help` for more information.
+`./build.sh` can be used to rebuild the container image. See `./build.sh --help` for more information.
 
 For more details on custom builds [consult our wiki][netbox-docker-wiki-build].
 

VERSION

@@ -1 +1 @@
-1.4.1
+1.5.0

build-latest.sh

@@ -3,6 +3,14 @@
 
 echo "▶️ $0 $*"
 
+###
+# Check for the jq library needed for parsing JSON
+###
+if ! command -v jq; then
+  echo "⚠️  jq command missing from \$PATH!"
+  exit 1
+fi
+
 ###
 # Checking for the presence of GITHUB_OAUTH_CLIENT_ID
 # and GITHUB_OAUTH_CLIENT_SECRET

configuration/configuration.py

@@ -62,6 +62,7 @@ REDIS = {
         'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')),
         'DATABASE': int(environ.get('REDIS_DATABASE', 0)),
         'SSL': environ.get('REDIS_SSL', 'False').lower() == 'true',
+        'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False').lower() == 'true',
     },
     'caching': {
         'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')),
@@ -69,6 +70,7 @@ REDIS = {
         'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))),
         'DATABASE': int(environ.get('REDIS_CACHE_DATABASE', 1)),
         'SSL': environ.get('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False')).lower() == 'true',
+        'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False')).lower() == 'true',
     },
 }
 

docker-compose.test.yml

@@ -18,7 +18,7 @@ services:
     - ./scripts:/etc/netbox/scripts:z,ro
     - netbox-media-files:/opt/netbox/netbox/media:z
   postgres:
-    image: postgres:13-alpine
+    image: postgres:14-alpine
     env_file: env/postgres.env
   redis:
     image: redis:6-alpine

docker-compose.yml

@@ -1,7 +1,7 @@
 version: '3.4'
 services:
   netbox: &netbox
-    image: netboxcommunity/netbox:${VERSION-v3.0-1.4.1}
+    image: netboxcommunity/netbox:${VERSION-v3.1-1.5.0}
     depends_on:
     - postgres
     - redis
@@ -35,7 +35,7 @@ services:
 
   # postgres
   postgres:
-    image: postgres:13-alpine
+    image: postgres:14-alpine
     env_file: env/postgres.env
     volumes:
     - netbox-postgres-data:/var/lib/postgresql/data

docker/configuration.docker.py

@@ -82,3 +82,10 @@ def __getattr__(name):
         except:
             pass
     raise AttributeError
+
+
+def __dir__():
+    names = []
+    for config in _loaded_configurations:
+        names.extend(config.__dir__())
+    return names

env/netbox.env

@@ -23,10 +23,12 @@ NAPALM_TIMEOUT=10
 NAPALM_USERNAME=
 REDIS_CACHE_DATABASE=1
 REDIS_CACHE_HOST=redis-cache
+REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY=false
 REDIS_CACHE_PASSWORD=t4Ph722qJ5QHeQ1qfu36
 REDIS_CACHE_SSL=false
 REDIS_DATABASE=0
 REDIS_HOST=redis
+REDIS_INSECURE_SKIP_TLS_VERIFY=false
 REDIS_PASSWORD=H733Kdjndks81
 REDIS_SSL=false
 RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases

requirements-container.txt

@@ -1,5 +1,5 @@
 napalm==3.3.1
-ruamel.yaml==0.17.16
+ruamel.yaml==0.17.17
 django-auth-ldap==3.0.0
 google-crc32c==1.3.0
-django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.12.1
+django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.12.3

startup_scripts/010_groups.py

@@ -18,6 +18,6 @@ for groupname, group_details in groups.items():
 
         if user:
             group.user_set.add(user)
-            print(" 👤 Assigned user %s to group %s" % (username, AdminGroup.name))
+            print(" 👤 Assigned user %s to group %s" % (username, group.name))
 
     group.save()

startup_scripts/015_object_permissions.py

@@ -47,7 +47,10 @@ for permission_name, permission_details in object_permissions.items():
 
             if group:
                 object_permission.groups.add(group)
-                print(" 👥 Assigned group %s object permission of %s" % (groupname, groupname))
+                print(
+                    " 👥 Assigned group %s object permission of %s"
+                    % (groupname, object_permission.name)
+                )
 
     if permission_details.get("users", 0):
         for username in permission_details["users"]:
@@ -55,6 +58,9 @@ for permission_name, permission_details in object_permissions.items():
 
             if user:
                 object_permission.users.add(user)
-                print(" 👤 Assigned user %s object permission of %s" % (username, groupname))
+                print(
+                    " 👤 Assigned user %s object permission of %s"
+                    % (username, object_permission.name)
+                )
 
     object_permission.save()

startup_scripts/020_custom_fields.py

@@ -42,6 +42,9 @@ for cf_name, cf_details in customfields.items():
         if cf_details.get("type", False):
             custom_field.type = cf_details["type"]
 
+        if cf_details.get("filter_logic", False):
+            custom_field.filter_logic = cf_details["filter_logic"]
+
         if cf_details.get("weight", -1) >= 0:
             custom_field.weight = cf_details["weight"]