From a194302a4147e3b25635819a4fdc71d0377d0a4a Mon Sep 17 00:00:00 2001 From: Mathijs van Willigen Date: Mon, 13 Jan 2025 10:34:37 +0100 Subject: [PATCH 01/19] Update Nginx unit to 1.34.1 This fixes the OTel bug in nginx unit 1.34.0. Signed-off-by: Mathijs van Willigen --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0611f720..50b721b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,8 +71,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.34.0-1~noble \ - unit-python3.12=1.34.0-1~noble \ + unit=1.34.1-1~noble \ + unit-python3.12=1.34.1-1~noble \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv From 6fd2681449d3c2d256adeb44de0d6734d1017fad Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Jan 2025 17:12:54 +0000 Subject: [PATCH 02/19] Update dependency sentry-sdk to v2.20.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 9641dd46..e3095a9f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.19.2 +sentry-sdk[django]==2.20.0 From b56c45b4ee0f2760683ff53c0031baf67fba19e0 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 16 Jan 2025 17:58:06 +0100 Subject: [PATCH 03/19] Use hosted Ubuntu 24.04 runners --- .github/workflows/push.yml | 24 +++++++++++++++--------- .github/workflows/release.yml | 2 +- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 43a56c3e..f0db36e0 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -16,19 +16,20 @@ concurrency: jobs: lint: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Checks syntax of our code + permissions: + contents: read + packages: read + statuses: write steps: - uses: actions/checkout@v4 with: # Full git history is needed to get a proper # list of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-python@v5 - with: - python-version: "3.9" - name: Lint Code Base - uses: github/super-linter@v7 + uses: super-linter/super-linter@v7 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -57,8 +58,8 @@ jobs: - ./build.sh feature - ./build.sh main os: - - ubuntu-latest - - self-hosted + - ubuntu-24.04 + - ubuntu-24.04-arm fail-fast: false env: GH_ACTION: enable @@ -73,9 +74,14 @@ jobs: - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - id: arm-install-skopeo + name: Install 'skopeo' on ARM64 + if: matrix.os == 'ubuntu-24.04-arm' + run: | + sudo apt-get install -y skopeo - id: arm-buildx-platform name: Set BUILDX_PLATFORM to ARM64 - if: matrix.os == 'self-hosted' + if: matrix.os == 'ubuntu-24.04-arm' run: | echo "BUILDX_PLATFORM=linux/arm64" >>"${GITHUB_ENV}" - id: docker-build @@ -85,7 +91,7 @@ jobs: BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} - id: arm-time-limit name: Set Netbox container start_period higher on ARM64 - if: matrix.os == 'self-hosted' + if: matrix.os == 'ubuntu-24.04-arm' run: | echo "NETBOX_START_PERIOD=240s" >>"${GITHUB_ENV}" - id: docker-test diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8f1656d5..347874e4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: platform: - linux/amd64,linux/arm64 fail-fast: false - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Builds new NetBox Docker Images env: GH_ACTION: enable From f394400b2bfd9c13dee3210ce6ae557c0c0f5daa Mon Sep 17 00:00:00 2001 From: Marco Kamner Date: Fri, 17 Jan 2025 15:28:32 +0100 Subject: [PATCH 04/19] Feature: Support ISOLATED_DEPLOYMENT setting --- configuration/configuration.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 9691592f..577c3f4f 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -348,3 +348,5 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Time zone (default: UTC) TIME_ZONE = environ.get('TIME_ZONE', 'UTC') +# If true disables miscellaneous functionality which depends on access to the Internet. +ISOLATED_DEPLOYMENT = _environ_get_and_map('ISOLATED_DEPLOYMENT', 'False', _AS_BOOL) From e48a1b685b0600d5b2612aade66870aa0cecb960 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 20 Jan 2025 08:53:40 +0100 Subject: [PATCH 05/19] Preparation for 3.1.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index fd2a0186..94ff29cc 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.1.0 +3.1.1 diff --git a/docker-compose.yml b/docker-compose.yml index c91c7b71..f222d682 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.1} depends_on: - postgres - redis From 0ec4c5d7952f97b45fc027a7f1780855e6c7d8ea Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 20 Jan 2025 10:38:42 +0100 Subject: [PATCH 06/19] Display Docker image version --- .dockerignore | 3 +++ Dockerfile | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.dockerignore b/.dockerignore index 0a0ae310..ea4976e2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -5,6 +5,9 @@ docker-compose* env test-configuration .netbox/.git* +.netbox/.pre-commit-config.yaml +.netbox/.readthedocs.yaml +.netbox/.tx .netbox/contrib .netbox/scripts .netbox/upgrade.sh diff --git a/Dockerfile b/Dockerfile index 50b721b2..743929e3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,6 +89,7 @@ COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh COPY configuration/ /etc/netbox/config/ COPY docker/nginx-unit.json /etc/unit/ +COPY VERSION /opt/netbox/VERSION WORKDIR /opt/netbox/netbox @@ -99,7 +100,9 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input + && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ + && mkdir /opt/netbox/netbox/local \ + && echo "edition: Community (Docker image $(cat /opt/netbox/VERSION))" > /opt/netbox/netbox/local/release.yaml ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH ENTRYPOINT [ "/usr/bin/tini", "--" ] From 607ae32450acdf25c793cbd4c21e5e1bd137bce7 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 24 Jan 2025 14:31:41 +0100 Subject: [PATCH 07/19] Updates for new branch names --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7b70f819..0992a670 100644 --- a/README.md +++ b/README.md @@ -72,18 +72,16 @@ New container images are built and published automatically every ~24h. These are release builds, containing the latest stable version of NetBox. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. - These images are automatically built from [the `master` branch of NetBox][netbox-master]. * `snapshot-a.b.c`: These are prerelease builds. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. - These images are automatically built from the [`develop` branch of NetBox][netbox-develop]. + These images are automatically built from the [`main` branch of NetBox][netbox-main]. For each of the above tag, there is an extra tag: * `vX.Y.Z`, `vX.Y`: This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively). - It always points to the latest version of _NetBox Docker_. * `latest` This is the same version as `latest-a.b.c`. It always points to the latest version of _NetBox Docker_. @@ -92,8 +90,7 @@ For each of the above tag, there is an extra tag: It always points to the latest version of _NetBox Docker_. [netbox-releases]: https://github.com/netbox-community/netbox/releases -[netbox-master]: https://github.com/netbox-community/netbox/tree/master -[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop +[netbox-main]: https://github.com/netbox-community/netbox/tree/main ## Documentation From 60db7e6c90b8ae76bc60df9ae3cabfc37bfa35e5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 24 Jan 2025 14:45:00 +0100 Subject: [PATCH 08/19] Make Superlinter happy --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 0992a670..588c6ec4 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. Do you have any questions? -Before opening an issue on Github, +Before opening an issue on GitHub, please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers @@ -63,16 +63,16 @@ New container images are built and published automatically every ~24h. > We recommend to use either the `vX.Y.Z-a.b.c` tags or the `vX.Y-a.b.c` tags in production! -* `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`: +- `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`: These are release builds containing _NetBox version_ `vX.Y.Z`. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. These images are automatically built from [the corresponding releases of NetBox][netbox-releases]. -* `latest-a.b.c`: +- `latest-a.b.c`: These are release builds, containing the latest stable version of NetBox. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. -* `snapshot-a.b.c`: +- `snapshot-a.b.c`: These are prerelease builds. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. @@ -80,12 +80,12 @@ New container images are built and published automatically every ~24h. For each of the above tag, there is an extra tag: -* `vX.Y.Z`, `vX.Y`: +- `vX.Y.Z`, `vX.Y`: This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively). -* `latest` +- `latest` This is the same version as `latest-a.b.c`. It always points to the latest version of _NetBox Docker_. -* `snapshot` +- `snapshot` This is the same version as `snapshot-a.b.c`. It always points to the latest version of _NetBox Docker_. @@ -117,9 +117,9 @@ you may find [the `#netbox` channel][netbox-slack-channel] on the same Slack ins This project relies only on _Docker_ and _docker-compose_ meeting these requirements: -* The _Docker version_ must be at least `20.10.10`. -* The _containerd version_ must be at least `1.5.6`. -* The _docker-compose version_ must be at least `1.28.0`. +- The _Docker version_ must be at least `20.10.10`. +- The _containerd version_ must be at least `1.5.6`. +- The _docker-compose version_ must be at least `1.28.0`. To check the version installed on your system run `docker --version` and `docker compose version`. From 1bd16cec68f889edd0eac07c3c82de260bc7169e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 16:53:57 +0200 Subject: [PATCH 09/19] First draft for PRINCIPALS.md, MAINTAINERS.md --- MAINTAINERS.md | 20 ++++++++++++++++ PRINCIPALS.md | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 26 ++++++++++++++------- 3 files changed, 100 insertions(+), 8 deletions(-) create mode 100644 MAINTAINERS.md create mode 100644 PRINCIPALS.md diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 00000000..8018a138 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,20 @@ +# Maintainers of _NetBox Docker_ + +This file lists all currently recognized maintainers of the _NetBox Docker_ project in alphabetical order: + +- @cimnine +- @tobiasge + +## Stepping Down + +Every maintainer is a volunteer and may step down as maintainer at any time without providing any reason. +To make this explicit, the maintainer is asked to update this file. + +The last maintainer stepping down is asked to archive the project on GitHub to indicate that the project is no longer maintained. + +## Signing up + +Everyone is welcome to sign up as maintainer by creating a PR and add their own username to the list. +The current maintainers shall discuss the application. +They may turn down an application. +They shall provide a reason when doing so. diff --git a/PRINCIPALS.md b/PRINCIPALS.md new file mode 100644 index 00000000..5a9106a3 --- /dev/null +++ b/PRINCIPALS.md @@ -0,0 +1,62 @@ +# Development, Maintenance and Community Principals for _NetBox Docker_ + +This principals shall guide the development and the maintenance of _NetBox Docker_. + +## Basic principals + +This project is maintained on voluntary basis. +Everyone is asked to respect that. + +This means, that … + +- … sometimes features are not implemented as fast as one might like -- or not at all. +- … sometimes nobody is looking at bugs or they are not fixed as fast as one might like -- or not at all. +- … sometimes PRs are not reviewed for an extended period. + +Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. + +## Development Principals + +The goal of the _NetBox Docker_ project is to provide a container to run the basic NetBox project. +The container should feel like a native container -- as if it were provided by NetBox itself: + +- Configuration via environment variables where feasible. +- Configuration of secrets via secret files. +- Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). +- Volumes for data and cache directories. +- Runs a non-root user by default. +- One process / role for each instance. + +There is one exception for the configuration: +Whenever a `dict` is required as value of a configuration setting, then it must not be provided through an environment variable. + +The container generally does not provide more features than the basic NetBox project itself provides. +It may provide additional Python dependencies than the upstream project, so that all features of NetBox can be used in the container. +It may provide helpers, so that the container feels and behaves like a native container. + +The container does not come with pre-bundled plugins. + +## Maintenance Principals + +The main goals of maintainig _NetBox Docker_ are: + +- Keeping the project on a high quality level. +- Keeping the maintenance effort minimal. +- Coordinating development efforts. + +The following guidelines help us to achieve these goals: + +- As many maintenance tasks as possible shall be automated or scripted. +- All manual tasks must be documented. +- All changes are reviewed by at least one maintainer. + - Changes of maintainers are reviewed by at least one other maintainer. +- The infrastructure beyond what GitHub provides shall be kept to a minimum. + - On request, every maintainer shall get access to infrastructure that is beyond GitHub (at the time of writing that's _Docker Hub_ and _Quay_ in particular). + +## Community Principals + +This project is developed by the NetBox community for the NetBox community. +We welcome contributions, as long as they are in line with the principals above. + +The maintainers of NetBox Docker are not the support team. +The community is expected to help each other out. diff --git a/README.md b/README.md index 588c6ec4..3651fac8 100644 --- a/README.md +++ b/README.md @@ -8,11 +8,16 @@ [![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license] [The GitHub repository][netbox-docker-github] houses the components needed to build NetBox as a container. -Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. +Images are built regularly using the code in that repository +and are pushed to [Docker Hub][netbox-dockerhub], +[Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. +_NetBox Docker_ is a project developed and maintained by the _NetBox_ community. Do you have any questions? Before opening an issue on GitHub, -please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. +please join [our Slack][netbox-docker-slack] +and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel, +or start a new [GitHub Discussion][github-discussions]. [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers [github-release]: https://github.com/netbox-community/netbox-docker/releases @@ -24,6 +29,7 @@ please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-d [netbox-docker-slack-channel]: https://netdev-community.slack.com/archives/C01P0GEVBU7 [netbox-slack-channel]: https://netdev-community.slack.com/archives/C01P0FRSXRV [netbox-docker-license]: https://github.com/netbox-community/netbox-docker/blob/release/LICENSE +[github-discussions]: https://github.com/netbox-community/netbox-docker/discussions ## Quickstart @@ -53,7 +59,8 @@ To create the first admin user run this command: docker compose exec netbox /opt/netbox/netbox/manage.py createsuperuser ``` -If you need to restart Netbox from an empty database often, you can also set the `SUPERUSER_*` variables in your `docker-compose.override.yml` as shown in the example. +If you need to restart Netbox from an empty database often, +you can also set the `SUPERUSER_*` variables in your `docker-compose.override.yml`. [wiki-getting-started]: https://github.com/netbox-community/netbox-docker/wiki/Getting-Started @@ -106,7 +113,7 @@ Feel free to correct errors, update outdated information or provide additional g Feel free to ask questions in our [GitHub Community][netbox-community] or [join our Slack][netbox-docker-slack] and ask [in our channel `#netbox-docker`][netbox-docker-slack-channel], -which is free to use and where there are almost always people online that can help you in the Slack channel. +which is free to use and where there are almost always people online that can help you. If you need help with using NetBox or developing for it or against it's API you may find [the `#netbox` channel][netbox-slack-channel] on the same Slack instance very helpful. @@ -126,7 +133,7 @@ To check the version installed on your system run `docker --version` and `docker ## Updating Please read [the release notes][releases] carefully when updating to a new image version. -Note that the version of the NetBox Docker container image must stay in sync with the code. +Note that the version of the NetBox Docker container image must stay in sync with the version of the git repository. If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating]. @@ -135,7 +142,8 @@ If you update for the first time, be sure [to follow our _How To Update NetBox D ## Rebuilding the Image -`./build.sh` can be used to rebuild the container image. See `./build.sh --help` for more information. +`./build.sh` can be used to rebuild the container image. +See `./build.sh --help` for more information or `./build-latest.sh` for an example. For more details on custom builds [consult our wiki][netbox-docker-wiki-build]. @@ -144,13 +152,15 @@ For more details on custom builds [consult our wiki][netbox-docker-wiki-build]. ## Tests We have a test script. -It runs NetBox's own unit tests and ensures that all initializers work: +It runs NetBox's own unit tests and ensures that NetBox starts: ```bash -IMAGE=netboxcommunity/netbox:latest ./test.sh +IMAGE=docker.io/netboxcommunity/netbox:latest ./test.sh ``` ## Support This repository is currently maintained by the community. +The community is expected to help each other. + Please consider sponsoring the maintainers of this project. From 7516e5d00d571f3d585f7434c0fea94cfefb94c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 3 Jun 2024 20:55:35 +0200 Subject: [PATCH 10/19] Remove having to provide a reason for turning down applications --- MAINTAINERS.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 8018a138..a3071eb0 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -16,5 +16,4 @@ The last maintainer stepping down is asked to archive the project on GitHub to i Everyone is welcome to sign up as maintainer by creating a PR and add their own username to the list. The current maintainers shall discuss the application. -They may turn down an application. -They shall provide a reason when doing so. +They may turn down an application if they don't feel confident that the new maintainer is a positive addition. From 052b17d5c13c0e12a71902076384c41b52bb962f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 3 Jun 2024 21:06:01 +0200 Subject: [PATCH 11/19] Slight improvements --- PRINCIPALS.md | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 5a9106a3..6d77cae9 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -21,26 +21,27 @@ The goal of the _NetBox Docker_ project is to provide a container to run the bas The container should feel like a native container -- as if it were provided by NetBox itself: - Configuration via environment variables where feasible. + - Except: Whenever a `dict` is required as value of a configuration setting, + then it must not be provided through an environment variable. - Configuration of secrets via secret files. - Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). - Volumes for data and cache directories. + - Otherwise no mounts shall be necessary. - Runs a non-root user by default. - One process / role for each instance. -There is one exception for the configuration: -Whenever a `dict` is required as value of a configuration setting, then it must not be provided through an environment variable. - The container generally does not provide more features than the basic NetBox project itself provides. -It may provide additional Python dependencies than the upstream project, so that all features of NetBox can be used in the container. -It may provide helpers, so that the container feels and behaves like a native container. +It may provide additional Python dependencies than the upstream project, +so that all configurable features of NetBox can be used in the container without further modification. +The container may provide helpers, so that it feels and behaves like a native container. -The container does not come with pre-bundled plugins. +The container does not bundle any community plugins. ## Maintenance Principals The main goals of maintainig _NetBox Docker_ are: -- Keeping the project on a high quality level. +- Keeping the project at a high quality level. - Keeping the maintenance effort minimal. - Coordinating development efforts. @@ -60,3 +61,9 @@ We welcome contributions, as long as they are in line with the principals above. The maintainers of NetBox Docker are not the support team. The community is expected to help each other out. + +Always remember: +Behind every screen (or screen-reader) on the other end is a fellow human. +Be nice and respectful, thankful for help, +and value ideas and contributions, +even when they don't fit the goals. From 0082261007656450c0b7560c6eb5f717449261c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 1 Feb 2025 16:24:26 +0100 Subject: [PATCH 12/19] Fix typos --- PRINCIPALS.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 6d77cae9..9ef6cf57 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -1,6 +1,6 @@ # Development, Maintenance and Community Principals for _NetBox Docker_ -This principals shall guide the development and the maintenance of _NetBox Docker_. +These principals shall guide the development and the maintenance of _NetBox Docker_. ## Basic principals @@ -10,7 +10,7 @@ Everyone is asked to respect that. This means, that … - … sometimes features are not implemented as fast as one might like -- or not at all. -- … sometimes nobody is looking at bugs or they are not fixed as fast as one might like -- or not at all. +- … sometimes nobody is looking at bugs, or they are not fixed as fast as one might like -- or not at all. - … sometimes PRs are not reviewed for an extended period. Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. @@ -21,12 +21,12 @@ The goal of the _NetBox Docker_ project is to provide a container to run the bas The container should feel like a native container -- as if it were provided by NetBox itself: - Configuration via environment variables where feasible. - - Except: Whenever a `dict` is required as value of a configuration setting, - then it must not be provided through an environment variable. + - Except: Whenever a complex type such as a `dict` is required as value of a configuration setting, + then it shall not be provided through an environment variable. - Configuration of secrets via secret files. -- Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). +- Log output to standard out (STDOUT/`&1`) / standard error (STDERR/`&2`). - Volumes for data and cache directories. - - Otherwise no mounts shall be necessary. + - Otherwise, no mounts shall be necessary. - Runs a non-root user by default. - One process / role for each instance. @@ -39,7 +39,7 @@ The container does not bundle any community plugins. ## Maintenance Principals -The main goals of maintainig _NetBox Docker_ are: +The main goals of maintaining _NetBox Docker_ are: - Keeping the project at a high quality level. - Keeping the maintenance effort minimal. @@ -51,8 +51,10 @@ The following guidelines help us to achieve these goals: - All manual tasks must be documented. - All changes are reviewed by at least one maintainer. - Changes of maintainers are reviewed by at least one other maintainer. + (Except if there's only one maintainer left.) - The infrastructure beyond what GitHub provides shall be kept to a minimum. - - On request, every maintainer shall get access to infrastructure that is beyond GitHub (at the time of writing that's _Docker Hub_ and _Quay_ in particular). + - On request, every maintainer shall get access to infrastructure that is beyond GitHub + (at the time of writing that's _Docker Hub_ and _Quay_ in particular). ## Community Principals From 5332504c5a0c5dcadb457a8d182861140c0a7577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=A4der?= Date: Mon, 3 Feb 2025 08:54:56 +0100 Subject: [PATCH 13/19] Implement linter feedback --- PRINCIPALS.md | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 9ef6cf57..f2d03554 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -13,7 +13,7 @@ This means, that … - … sometimes nobody is looking at bugs, or they are not fixed as fast as one might like -- or not at all. - … sometimes PRs are not reviewed for an extended period. -Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. +Everyone is welcome to provide improvements and bugfixes to the benefit of everyone else. ## Development Principals diff --git a/README.md b/README.md index 3651fac8..d5af4778 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,7 @@ To check the version installed on your system run `docker --version` and `docker ## Updating Please read [the release notes][releases] carefully when updating to a new image version. -Note that the version of the NetBox Docker container image must stay in sync with the version of the git repository. +Note that the version of the NetBox Docker container image must stay in sync with the version of the Git repository. If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating]. From ab948e467cd49640a0bc14a83548b09491124122 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 4 Feb 2025 20:02:57 +0100 Subject: [PATCH 14/19] Ignore actionlint error for now --- actionlint.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 actionlint.yml diff --git a/actionlint.yml b/actionlint.yml new file mode 100644 index 00000000..28fadea1 --- /dev/null +++ b/actionlint.yml @@ -0,0 +1,5 @@ +--- +paths: + .github/workflows/**/*.{yml,yaml}: + ignore: + - ".*ubuntu-24.04-arm.*" From 542538bf5c2140f5397a110e5381b03e4eca3cb1 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 29 Jan 2025 07:51:22 +0100 Subject: [PATCH 15/19] Improved image build - Fix #1383: Setting DEBUG = true when collection the static files enables the use of the Django debug toolbar. - Fix #1385: Use uv as package manager instead of pip speeds up the build. - Nice display of Docker image version --- Dockerfile | 23 ++++++++++------------- requirements-container.txt | 4 +++- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 743929e3..e6270449 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ ARG FROM FROM ${FROM} AS builder +COPY --from=ghcr.io/astral-sh/uv:0.5 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ @@ -20,16 +21,11 @@ RUN export DEBIAN_FRONTEND=noninteractive \ libxslt-dev \ pkg-config \ python3-dev \ - python3-pip \ - python3-venv \ - && python3 -m venv /opt/netbox/venv \ - && /opt/netbox/venv/bin/python3 -m pip install --upgrade \ - pip \ - setuptools \ - wheel + && /usr/local/bin/uv venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / +ENV VIRTUAL_ENV=/opt/netbox/venv RUN \ # Gunicorn is not needed because we use Nginx Unit sed -i -e '/gunicorn/d' /requirements.txt && \ @@ -37,7 +33,7 @@ RUN \ # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \ - /opt/netbox/venv/bin/pip install \ + /usr/local/bin/uv pip install \ -r /requirements.txt \ -r /requirements-container.txt @@ -75,12 +71,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \ unit-python3.12=1.34.1-1~noble \ && rm -rf /var/lib/apt/lists/* +# Copy the modified 'requirements*.txt' files, to have the files actually used during installation +COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ +COPY --from=builder /usr/local/bin/uv /usr/local/bin/ COPY --from=builder /opt/netbox/venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH} /opt/netbox -# Copy the modified 'requirements*.txt' files, to have the files actually used during installation -COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py @@ -100,11 +97,11 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ + && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ && mkdir /opt/netbox/netbox/local \ - && echo "edition: Community (Docker image $(cat /opt/netbox/VERSION))" > /opt/netbox/netbox/local/release.yaml + && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml -ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH +ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH VIRTUAL_ENV=/opt/netbox/venv UV_NO_CACHE=1 ENTRYPOINT [ "/usr/bin/tini", "--" ] CMD [ "/opt/netbox/docker-entrypoint.sh", "/opt/netbox/launch-netbox.sh" ] diff --git a/requirements-container.txt b/requirements-container.txt index e3095a9f..c00be208 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,7 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.7 -python3-saml==1.16.0 --no-binary lxml,xmlsec +python3-saml==1.16.0 +--no-binary lxml +--no-binary xmlsec sentry-sdk[django]==2.20.0 From b1d6e3caaac443dd8bd104d27c5b6c2603e0c689 Mon Sep 17 00:00:00 2001 From: Paul Donald Date: Tue, 4 Feb 2025 21:47:24 +0100 Subject: [PATCH 16/19] udpate issue reporting (#1329) * Update issue report string * Remove docker version string from placeholder (now obsolete) --- .github/ISSUE_TEMPLATE/bug_report.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 4aa05407..bc64d3de 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -48,7 +48,7 @@ body: id: docker-compose-version attributes: label: Docker Compose Version - description: Please paste the output of `docker-compose version` + description: Please paste the output of `docker-compose version` (or `docker compose version`) placeholder: Docker Compose version vX.Y.Z validations: required: true @@ -139,7 +139,6 @@ body: description: Please paste the output of `cat docker-compose.override.yml` render: yaml placeholder: | - version: '3.4' services: netbox: ports: From 230cd09cb52e80d62fd53be307a1199124611e98 Mon Sep 17 00:00:00 2001 From: Mikulas Willaschek Date: Tue, 28 Jan 2025 12:17:24 +0100 Subject: [PATCH 17/19] Update nginx-unit.json with new listeners and forwarded sources --- docker/nginx-unit.json | 38 ++++++++++++++++++++++++++++++++++---- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index 76415f5c..9d8092f8 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -1,19 +1,49 @@ { "listeners": { - "*:8080": { + "0.0.0.0:8080": { "pass": "routes/main", "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + "source": [ + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] } }, - "*:8081": { + "0.0.0.0:8081": { "pass": "routes/status", "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + "source": [ + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] + } + }, + "[::]:8080": { + "pass": "routes/main", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": [ + "fc00::/7", + "fe80::/10" + ] + } + }, + "[::]:8081": { + "pass": "routes/status", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": [ + "fc00::/7", + "fe80::/10" + ] } } }, From 1aa742342cec00c138c1822d4cad1d339f61f63d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 5 Feb 2025 07:20:46 +0100 Subject: [PATCH 18/19] Make superlinter happy --- docker/nginx-unit.json | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index 9d8092f8..c095611f 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -5,11 +5,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "10.0.0.0/8", - "172.16.0.0/12", - "192.168.0.0/16" - ] + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] } }, "0.0.0.0:8081": { @@ -17,11 +13,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "10.0.0.0/8", - "172.16.0.0/12", - "192.168.0.0/16" - ] + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] } }, "[::]:8080": { @@ -29,10 +21,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "fc00::/7", - "fe80::/10" - ] + "source": ["fc00::/7", "fe80::/10"] } }, "[::]:8081": { @@ -40,10 +29,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "fc00::/7", - "fe80::/10" - ] + "source": ["fc00::/7", "fe80::/10"] } } }, From cecfd627e4640fa72be3b124052ad08bf2abc42a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 5 Feb 2025 20:27:26 +0000 Subject: [PATCH 19/19] Preparation for 3.2.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 94ff29cc..944880fa 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.1.1 +3.2.0 diff --git a/docker-compose.yml b/docker-compose.yml index f222d682..65176c50 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.0} depends_on: - postgres - redis