Merge pull request #108 from nautobot/develop-to-main-post-v2

`Develop` to `Main` before v2 release
nautobot · Sep 29, 2023 · 2728f5e · 2728f5e
2 parents f4283a9 + 1c0a9e9
commit 2728f5e
Show file tree

Hide file tree

Showing 32 changed files with 932 additions and 750 deletions.
diff --git a/.bandit.yml b/.bandit.yml
@@ -3,3 +3,4 @@ skips: []
 # No need to check for security issues in the test scripts!
 exclude_dirs:
   - "./tests/"
+  - "./.venv/"
diff --git a/.cookiecutter.json b/.cookiecutter.json
@@ -0,0 +1,33 @@
+{
+  "cookiecutter": {
+    "codeowner_github_usernames": "@smith-ntc",
+    "full_name": "Network to Code, LLC",
+    "email": "[email protected]",
+    "github_org": "nautobot",
+    "base_name": "secrets_providers",
+    "plugin_name": "nautobot_secrets_providers",
+    "verbose_name": "Nautobot's Secrets Providers Plugin",
+    "plugin_slug": "nautobot-secrets-providers",
+    "project_slug": "nautobot-plugin-secrets-providers",
+    "repo_url": "https://github.com/nautobot/nautobot-plugin-secrets-providers",
+    "base_url": "secrets-providers",
+    "min_nautobot_version": "1.4.0",
+    "max_nautobot_version": "1.9999",
+    "nautobot_version": "latest",
+    "camel_name": "NautobotSecretsProviders",
+    "project_short_description": "Nautobot's Secrets Providers Plugin",
+    "version": "0.1.0",
+    "model_class_name": "None",
+    "open_source_license": "Apache-2.0",
+    "docs_base_url": "https://docs.nautobot.com",
+    "docs_app_url": "https://docs.nautobot.com/projects/secrets-providers/en/latest",
+    "_template_directory": "nautobot-plugin",
+    "_drift_manager": {
+      "template": "https://github.com/networktocode-llc/cookiecutter-ntc.git",
+      "template_dir": "nautobot-plugin",
+      "template_ref": "nautobot-plugin-v1.0",
+      "cookie_dir": "",
+      "branch_prefix": "drift-manager"
+    }
+  }
+}
diff --git a/.flake8 b/.flake8
@@ -2,3 +2,9 @@
 # E501: Line length is enforced by Black, so flake8 doesn't need to check it
 # W503: Black disagrees with this rule, as does PEP 8; Black wins
 ignore = E501, W503
+exclude = 
+  migrations,
+  __pycache__,
+  manage.py,
+  settings.py,
+  .venv
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,12 +1,12 @@
 ---
 name: 🐛 Bug Report
-about: Report a reproducible bug in the current release of secrets
+about: Report a reproducible bug in the current release of nautobot-secrets-providers
 ---
 
 ### Environment
 * Python version:  <!-- Example: 3.7.7 -->
-* Nautobot version:  <!-- Example: 1.2.0 -->
-* secrets version:  <!-- Example: 0.1.0 -->
+* Nautobot version:  <!-- Example: 1.4.0 -->
+* nautobot-secrets-providers version:  <!-- Example: 0.1.0 -->
 
 <!-- What did you expect to happen? -->
 ### Expected Behavior

diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -5,8 +5,8 @@ about: Propose a new feature or enhancement
 ---
 
 ### Environment
-* Nautobot version:  <!-- Example: 1.2.0 -->
-* secrets version:  <!-- Example: 0.1.0 -->
+* Nautobot version:  <!-- Example: 1.4.0 -->
+* nautobot-secrets-providers version:  <!-- Example: 0.1.0 -->
 
 <!--
     Describe in detail the new functionality you are proposing.

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,11 +1,19 @@
 ---
 name: "CI"
-on:  # yamllint disable-line rule:truthy
-  - "push"
-  - "pull_request"
+concurrency:  # Cancel any existing runs of this workflow for this same PR
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+on: # yamllint disable-line rule:truthy rule:comments
+  push:
+    branches:
+      - "main"
+      - "develop"
+    tags:
+      - "v*"
+  pull_request: ~
 
 env:
-  PLUGIN_NAME: "secrets"
+  PLUGIN_NAME: "nautobot-plugin-secrets-providers"
 
 jobs:
   black:
@@ -16,7 +24,7 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: black"
         run: "poetry run invoke black"
   bandit:
@@ -27,7 +35,7 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: bandit"
         run: "poetry run invoke bandit"
   pydocstyle:
@@ -38,7 +46,7 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: pydocstyle"
         run: "poetry run invoke pydocstyle"
   flake8:
@@ -49,7 +57,7 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: flake8"
         run: "poetry run invoke flake8"
   yamllint:
@@ -60,30 +68,30 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: yamllint"
         run: "poetry run invoke yamllint"
   pylint:
     needs:
-      - "black"
       - "bandit"
       - "pydocstyle"
       - "flake8"
       - "yamllint"
+      - "black"
     runs-on: "ubuntu-20.04"
     strategy:
       fail-fast: true
       matrix:
         python-version: ["3.8"]
-        nautobot-version: ["1.4.10"]
+        nautobot-version: ["1.4.0"]
     env:
       INVOKE_NAUTOBOT_SECRETS_PROVIDERS_PYTHON_VER: "${{ matrix.python-version }}"
       INVOKE_NAUTOBOT_SECRETS_PROVIDERS_NAUTOBOT_VER: "${{ matrix.nautobot-version }}"
     steps:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Set up Docker Buildx"
         id: "buildx"
         uses: "docker/setup-buildx-action@v1"
@@ -111,8 +119,19 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
-        nautobot-version: ["1.4.10", "1.5.10"]
+        python-version: ["3.8", "3.9", "3.10"]
+        db-backend: ["postgresql"]
+        nautobot-version: ["stable"]
+        include:
+          - python-version: "3.10"
+            db-backend: "postgresql"
+            nautobot-version: "1.4.0"
+          - python-version: "3.8"
+            db-backend: "mysql"
+            nautobot-version: "1.4.0"
+          - python-version: "3.10"
+            db-backend: "mysql"
+            nautobot-version: "stable"
     runs-on: "ubuntu-20.04"
     env:
       INVOKE_NAUTOBOT_SECRETS_PROVIDERS_PYTHON_VER: "${{ matrix.python-version }}"
@@ -121,7 +140,7 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@v2"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Set up Docker Buildx"
         id: "buildx"
         uses: "docker/setup-buildx-action@v1"
@@ -141,6 +160,9 @@ jobs:
             PYTHON_VER=${{ matrix.python-version }}
       - name: "Copy credentials"
         run: "cp development/creds.example.env development/creds.env"
+      - name: "Use Mysql invoke settings when needed"
+        run: "cp invoke.mysql.yml invoke.yml"
+        if: "matrix.db-backend == 'mysql'"
       - name: "Run Tests"
         run: "poetry run invoke unittest"
   publish_gh:
@@ -155,7 +177,7 @@ jobs:
       - name: "Set up Python"
         uses: "actions/setup-python@v2"
         with:
-          python-version: "3.10"
+          python-version: "3.9"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"
@@ -184,7 +206,7 @@ jobs:
       - name: "Set up Python"
         uses: "actions/setup-python@v2"
         with:
-          python-version: "3.10"
+          python-version: "3.9"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"
@@ -202,23 +224,34 @@ jobs:
     needs:
       - "publish_gh"
       - "publish_pypi"
-    name: "Send notification to the Slack"
     runs-on: "ubuntu-20.04"
     env:
       SLACK_WEBHOOK_URL: "${{ secrets.SLACK_WEBHOOK_URL }}"
       SLACK_MESSAGE: >-
         *NOTIFICATION: NEW-RELEASE-PUBLISHED*\n
-        Repository: <${{ github.server_url }}}/${{ github.repository }}|${{ github.repository }}>\n
+        Repository: <${{ github.server_url }}/${{ github.repository }}|${{ github.repository }}>\n
         Release: <${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>\n
         Published by: <${{ github.server_url }}/${{ github.actor }}|${{ github.actor }}>
     steps:
       - name: "Send a notification to Slack"
         # ENVs cannot be used directly in job.if. This is a workaround to check
         # if SLACK_WEBHOOK_URL is present.
-        if: "${{ env.SLACK_WEBHOOK_URL != '' }}"
-        uses: "slackapi/slack-github-action@v1.16.0"
+        if: "env.SLACK_WEBHOOK_URL != ''"
+        uses: "slackapi/slack-github-action@v1.17.0"
         with:
-          payload: '{ "type": "mrkdwn", "text": "${{ env.SLACK_MESSAGE }}" }'  # yamllint disable-line rule:quoted-strings
+          payload: |
+            {
+              "text": "${{ env.SLACK_MESSAGE }}",
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": "${{ env.SLACK_MESSAGE }}"
+                  }
+                }
+              ]
+            }
         env:
           SLACK_WEBHOOK_URL: "${{ secrets.SLACK_WEBHOOK_URL }}"
           SLACK_WEBHOOK_TYPE: "INCOMING_WEBHOOK"
diff --git a/.github/workflows/rebake.yml b/.github/workflows/rebake.yml
@@ -0,0 +1,25 @@
+---
+name: "Rebake Cookie"
+on:
+  schedule:
+    # every day at 4:00
+    - cron: "0 4 * * *"
+  workflow_dispatch: {}
+jobs:
+  rebake:
+    runs-on: "ubuntu-22.04"
+    permissions:
+      actions: "write"
+      contents: "write"
+      packages: "read"
+      pull-requests: "write"
+    container: "ghcr.io/nautobot/cookiecutter-nautobot-app-drift-manager/prod:latest"
+    env:
+      GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+    steps:
+      - name: "Rebake"
+        run: |
+          python -m ntc_cookie_drift_manager rebake \
+            --template-ref "main" \
+            --push \
+            '${{ github.repositoryUrl }}'
diff --git a/.github/workflows/upstream_testing.yml b/.github/workflows/upstream_testing.yml
@@ -10,4 +10,4 @@ jobs:
     uses: "nautobot/nautobot/.github/workflows/plugin_upstream_testing_base.yml@develop"
     with:  # Below could potentially be collapsed into a single argument if a concrete relationship between both is enforced
       invoke_context_name: "NAUTOBOT_SECRETS_PROVIDERS"
-      plugin_name: "nautobot-secrets-provider"
+      plugin_name: "nautobot-plugin-secrets-providers"
diff --git a/.gitignore b/.gitignore
@@ -297,6 +297,12 @@ fabric.properties
 
 # Rando
 creds.env
+development/*.txt
 
 # Invoke overrides
 invoke.yml
+
+# Docs
+docs/README.md
+docs/CHANGELOG.md
+public
diff --git a/.yamllint.yml b/.yamllint.yml
@@ -2,9 +2,11 @@
 extends: "default"
 rules:
   comments: "enable"
-  empty-values: "enable"
+  empty-values: "disable"
   indentation:
     indent-sequences: "consistent"
   line-length: "disable"
   quoted-strings:
     quote-type: "double"
+ignore: |
+  .venv/
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 Apache Software License 2.0
 
-Copyright (c) 2021, Network to Code, LLC
+Copyright (c) 2023, Network to Code, LLC
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

diff --git a/README.md b/README.md
@@ -251,7 +251,7 @@ The [PyInvoke](http://www.pyinvoke.org/) library is used to provide some helper
 
 * `nautobot_ver`: the version of Nautobot to use as a base for any built docker containers (default: 1.4.10)
 * `project_name`: the default docker compose project name (default: nautobot_secrets_providers)
-* `python_ver`: the version of Python to use as a base for any built docker containers (default: 3.7)
+* `python_ver`: the version of Python to use as a base for any built docker containers (default: 3.8)
 * `local`: a boolean flag indicating if invoke tasks should be run on the host or inside the docker containers (default: False, commands will be run in docker containers)
 * `compose_dir`: the full path to a directory containing the project compose files
 * `compose_files`: a list of compose files applied in order (see [Multiple Compose files](https://docs.docker.com/compose/extends/#multiple-compose-files) for more information)

diff --git a/development/Dockerfile b/development/Dockerfile
@@ -6,8 +6,8 @@
 # -------------------------------------------------------------------------------------
 # !!! USE CAUTION WHEN MODIFYING LINES BELOW
 
-# Accepts a desired Nautobot version as build argument, default to 1.4.10
-ARG NAUTOBOT_VER="1.4.10"
+# Accepts a desired Nautobot version as build argument, default to 1.4
+ARG NAUTOBOT_VER="1.4"
 
 # Accepts a desired Python version as build argument, default to 3.8
 ARG PYTHON_VER="3.8"

diff --git a/development/creds.example.env b/development/creds.example.env
@@ -1,20 +1,30 @@
-NAUTOBOT_DB_PASSWORD=notverysecurepwd
-NAUTOBOT_REDIS_PASSWORD=notverysecurepwd
-NAUTOBOT_SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj
+################################################################################
+# CREDS File: Store private information. Copied to creds.env and always ignored
+################################################################################
+# Nautobot Configuration Secret Items
 NAUTOBOT_CREATE_SUPERUSER=true
-NAUTOBOT_SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567
+NAUTOBOT_DB_PASSWORD=changeme
+NAUTOBOT_NAPALM_USERNAME=''
+NAUTOBOT_NAPALM_PASSWORD=''
+NAUTOBOT_REDIS_PASSWORD=changeme
+NAUTOBOT_SECRET_KEY='changeme'
+NAUTOBOT_SUPERUSER_NAME=admin
+NAUTOBOT_SUPERUSER_EMAIL=[email protected]
 NAUTOBOT_SUPERUSER_PASSWORD=admin
+NAUTOBOT_SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567
 
-# Needed for Postgres, must match the values for Nautobot above
-PGPASSWORD=notverysecurepwd
-POSTGRES_PASSWORD=notverysecurepwd
+# Postgres
+POSTGRES_PASSWORD=${NAUTOBOT_DB_PASSWORD}
+PGPASSWORD=${NAUTOBOT_DB_PASSWORD}
 
-# Needed for Redis, must match the values for Nautobot above
-REDIS_PASSWORD=notverysecurepwd
+# MySQL Credentials
+MYSQL_ROOT_PASSWORD=${NAUTOBOT_DB_PASSWORD}
+MYSQL_PASSWORD=${NAUTOBOT_DB_PASSWORD}
 
-# POSTGRES_HOST=localhost
-# REDIS_HOST=localhost
-# NAUTOBOT_ROOT=./development
+# Use these to override values in development.env
+# NAUTOBOT_DB_HOST=localhost
+# NAUTOBOT_REDIS_HOST=localhost
+# NAUTOBOT_CONFIG=development/nautobot_config.py
 
 #############################################################################
 # Settings for Delinea/Thycotic Secret-Server-Reader