Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closes #67: Add option default_desired_privilege_level #68

Merged
merged 1 commit into from
Jun 22, 2024
Merged

Closes #67: Add option default_desired_privilege_level #68

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion netbox_config_diff/compliance/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ def get_devices_with_rendered_configs(self, devices: Iterable[Device]) -> Iterat
self.check_netbox_secrets()
self.substitutes = {}
for device in devices:
username, password, auth_secondary = self.get_credentials(device)
username, password, auth_secondary, default_desired_privilege_level = self.get_credentials(device)
rendered_config = None
error = None
context_data = device.get_config_context()
Expand Down Expand Up @@ -159,6 +159,7 @@ def get_devices_with_rendered_configs(self, devices: Iterable[Device]) -> Iterat
username=username,
password=password,
auth_secondary=auth_secondary,
default_desired_privilege_level=default_desired_privilege_level,
rendered_config=rendered_config,
error=error,
device=device,
Expand Down
13 changes: 10 additions & 3 deletions netbox_config_diff/compliance/secrets.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,9 @@ def get_secret(self, secret: "Secret") -> str | None:
return None
return secret.plaintext

def get_credentials(self, device: Device) -> tuple[str, str, str]:
def get_credentials(self, device: Device) -> tuple[str, str, str, str]:
if not self.netbox_secrets_installed:
return self.username, self.password, self.auth_secondary
return self.username, self.password, self.auth_secondary, self.default_desired_privilege_level

if secret := device.secrets.filter(role__name=self.user_role).first():
username = value if (value := self.get_secret(secret)) else self.username
Expand All @@ -61,17 +61,24 @@ def get_credentials(self, device: Device) -> tuple[str, str, str]:
auth_secondary = value if (value := self.get_secret(secret)) else self.auth_secondary
else:
auth_secondary = self.auth_secondary
if secret := device.secrets.filter(role__name=self.default_desired_privilege_level_role).first():
default_desired_privilege_level = value if (value := self.get_secret(secret)) else self.default_desired_privilege_level
else:
default_desired_privilege_level = self.default_desired_privilege_level


return username, password, auth_secondary
return username, password, auth_secondary, default_desired_privilege_level

def check_netbox_secrets(self) -> None:
if "netbox_secrets" in get_installed_plugins():
self.get_master_key()
self.user_role = get_plugin_config("netbox_config_diff", "USER_SECRET_ROLE")
self.password_role = get_plugin_config("netbox_config_diff", "PASSWORD_SECRET_ROLE")
self.auth_secondary_role = get_plugin_config("netbox_config_diff", "SECOND_AUTH_SECRET_ROLE")
self.default_desired_privilege_level_role = get_plugin_config("netbox_config_diff", "DEFAULT_DESIRED_PRIVILEGE_LEVEL_ROLE")
self.netbox_secrets_installed = True

self.username = get_plugin_config("netbox_config_diff", "USERNAME")
self.password = get_plugin_config("netbox_config_diff", "PASSWORD")
self.auth_secondary = get_plugin_config("netbox_config_diff", "AUTH_SECONDARY")
self.default_desired_privilege_level = get_plugin_config("netbox_config_diff", "DEFAULT_DESIRED_PRIVILEGE_LEVEL")
3 changes: 2 additions & 1 deletion netbox_config_diff/configurator/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ def __init__(self, devices: Iterable[Device], request: NetBoxFakeRequest) -> Non
def validate_devices(self) -> None:
self.check_netbox_secrets()
for device in self.devices:
username, password, auth_secondary = self.get_credentials(device)
username, password, auth_secondary, default_desired_privilege_level = self.get_credentials(device)
if device.platform.platform_setting is None:
self.logger.log_warning(f"Skipping {device}, add PlatformSetting for {device.platform} platform")
elif device.platform.platform_setting.driver not in ACCEPTABLE_DRIVERS:
Expand Down Expand Up @@ -67,6 +67,7 @@ def validate_devices(self) -> None:
username=username,
password=password,
auth_secondary=auth_secondary,
default_desired_privilege_level=default_desired_privilege_level,
rendered_config=rendered_config,
error=error,
)
Expand Down
2 changes: 2 additions & 0 deletions netbox_config_diff/models/data_models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ class BaseDeviceDataClass:
config_error: str | None = None
auth_strict_key: bool = False
auth_secondary: str | None = None
default_desired_privilege_level: str | None = None
transport: str = "asyncssh"

def __str__(self) -> str:
Expand All @@ -41,6 +42,7 @@ def to_scrapli(self) -> dict:
"platform": self.platform,
"auth_strict_key": self.auth_strict_key,
"auth_secondary": self.auth_secondary,
"default_desired_privilege_level": self.default_desired_privilege_level,
"transport": self.transport,
"transport_options": {
"asyncssh": {
Expand Down