-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bake cookie from nautobot-plugin-v1.0 #100
Changes from 13 commits
5b80cea
0f5b7b9
e29d379
8867d6e
322fb29
4c2c7ab
e488c45
d733b50
0405a37
16dd78b
b5bd297
bcdf584
2ee490b
359f4a8
f3872d8
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,3 +3,4 @@ skips: [] | |
# No need to check for security issues in the test scripts! | ||
exclude_dirs: | ||
- "./tests/" | ||
- "./.venv/" |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
{ | ||
"cookiecutter": { | ||
"codeowner_github_usernames": "@smith-ntc", | ||
"full_name": "Network to Code, LLC", | ||
"email": "info@networktocode.com", | ||
"github_org": "nautobot", | ||
"base_name": "secrets_providers", | ||
"plugin_name": "nautobot_secrets_providers", | ||
"verbose_name": "Nautobot's Secrets Providers Plugin", | ||
"plugin_slug": "nautobot-secrets-providers", | ||
"project_slug": "nautobot-plugin-secrets-providers", | ||
"repo_url": "https://github.com/nautobot/nautobot-plugin-secrets-providers", | ||
"base_url": "secrets-providers", | ||
"min_nautobot_version": "1.4.0", | ||
"max_nautobot_version": "1.9999", | ||
"nautobot_version": "latest", | ||
"camel_name": "NautobotSecretsProviders", | ||
"project_short_description": "Nautobot's Secrets Providers Plugin", | ||
"version": "0.1.0", | ||
"model_class_name": "None", | ||
"open_source_license": "Apache-2.0", | ||
"docs_base_url": "https://docs.nautobot.com", | ||
"docs_app_url": "https://docs.nautobot.com/projects/secrets-providers/en/latest", | ||
"_template_directory": "nautobot-plugin", | ||
"_drift_manager": { | ||
"template": "https://github.com/networktocode-llc/cookiecutter-ntc.git", | ||
"template_dir": "nautobot-plugin", | ||
"template_ref": "nautobot-plugin-v1.0", | ||
"cookie_dir": "", | ||
"branch_prefix": "drift-manager" | ||
} | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
--- | ||
name: "Rebake Cookie" | ||
on: # yamllint disable | ||
schedule: | ||
# every Saturday at 4:00 | ||
- cron: "0 4 * * 6" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Since this is open source and we want to make a lot of changes/test this out, let's add a manual trigger as well as run it every other night. |
||
jobs: | ||
rebake: | ||
runs-on: "ubuntu-22.04" | ||
permissions: | ||
actions: "write" | ||
contents: "write" | ||
packages: "read" | ||
pull-requests: "write" | ||
container: "ghcr.io/nautobot/cookiecutter-nautobot-app-drift-manager/prod:latest" | ||
env: | ||
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
steps: | ||
- name: "Rebake" | ||
run: | | ||
python -m ntc_cookie_drift_manager rebake \ | ||
--template-ref "main" \ | ||
--push \ | ||
'${{ github.repositoryUrl }}' |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,4 +10,4 @@ jobs: | |
uses: "nautobot/nautobot/.github/workflows/plugin_upstream_testing_base.yml@develop" | ||
with: # Below could potentially be collapsed into a single argument if a concrete relationship between both is enforced | ||
invoke_context_name: "NAUTOBOT_SECRETS_PROVIDERS" | ||
plugin_name: "nautobot-secrets-provider" | ||
plugin_name: "nautobot-plugin-secrets-providers" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Want to make sure we're using the right name. I see in some places we have There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe we should fix the argument name to |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,30 @@ | ||
NAUTOBOT_DB_PASSWORD=notverysecurepwd | ||
NAUTOBOT_REDIS_PASSWORD=notverysecurepwd | ||
NAUTOBOT_SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj | ||
################################################################################ | ||
# CREDS File: Store private information. Copied to creds.env and always ignored | ||
################################################################################ | ||
# Nautobot Configuration Secret Items | ||
NAUTOBOT_CREATE_SUPERUSER=true | ||
NAUTOBOT_SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567 | ||
NAUTOBOT_DB_PASSWORD=changeme | ||
NAUTOBOT_NAPALM_USERNAME='' | ||
NAUTOBOT_NAPALM_PASSWORD='' | ||
NAUTOBOT_REDIS_PASSWORD=changeme | ||
NAUTOBOT_SECRET_KEY='changeme' | ||
NAUTOBOT_SUPERUSER_NAME=admin | ||
NAUTOBOT_SUPERUSER_EMAIL=admin@example.com | ||
NAUTOBOT_SUPERUSER_PASSWORD=admin | ||
NAUTOBOT_SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567 | ||
|
||
# Needed for Postgres, must match the values for Nautobot above | ||
PGPASSWORD=notverysecurepwd | ||
POSTGRES_PASSWORD=notverysecurepwd | ||
# Postgres | ||
POSTGRES_PASSWORD=${NAUTOBOT_DB_PASSWORD} | ||
PGPASSWORD=${NAUTOBOT_DB_PASSWORD} | ||
|
||
# Needed for Redis, must match the values for Nautobot above | ||
REDIS_PASSWORD=notverysecurepwd | ||
# MySQL Credentials | ||
MYSQL_ROOT_PASSWORD=${NAUTOBOT_DB_PASSWORD} | ||
MYSQL_PASSWORD=${NAUTOBOT_DB_PASSWORD} | ||
|
||
Comment on lines
+16
to
+22
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we make a distinction between Postgres and MySQL credentials? It is rare that they use the same environmental variable as passwords right? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Personally I would prefer to remove binding from Docker Compose configs to these I use proposed solution here: Environment is loaded and altered when using https://github.com/nautobot/cookiecutter-nautobot-app-drift-manager/blob/develop/tasks.py#L38 |
||
# POSTGRES_HOST=localhost | ||
# REDIS_HOST=localhost | ||
# NAUTOBOT_ROOT=./development | ||
# Use these to override values in development.env | ||
# NAUTOBOT_DB_HOST=localhost | ||
# NAUTOBOT_REDIS_HOST=localhost | ||
# NAUTOBOT_CONFIG=development/nautobot_config.py | ||
|
||
############################################################################# | ||
# Settings for Delinea/Thycotic Secret-Server-Reader | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reason to go to an older Python version? Template?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, it's in the template. Should I bump it to 3.10 / 3.11 in the template? Newer Python versions has better performance.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to bump. I think this is yet another good case for cookie version 1.2