netbox-client-ruby 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4db0c7461a73226465cf363e1d36a4a0ae09e312
-  data.tar.gz: 57a277a47aae7aa4b061fda4c9a30621ef3957f5
+  metadata.gz: b850829d19608cfc66a7952bee146baede04e39a
+  data.tar.gz: 4ace9252566509c6a674d136e3210f927a2d9e44
 SHA512:
-  metadata.gz: fb67919777abcd7de549a6477dde74f309c3942e31929896c739bd58a6c6e484f929ab73a888e15664af7fced94dbd7aa5fe6288718b55b9145ee2ea3eafeec4
-  data.tar.gz: 81ac1560d1839a15c74a6a4398fa782b8bf8edf83267e18235ef115cadc8fb3559b809a19449d786b6483fe99d974259aa39fb39a9b401edf18e4dba05c04b7b
+  metadata.gz: 83da2f33336ec64d82a7dbd9fef0e6486a0f3f4912cfa9d6c5fbf07debf7b2b6bebc7fe9bc8aad0dcddd42c3666197b4e8f6651cbfcb412c228be8070ac53219
+  data.tar.gz: d46c1ed8e28580ffe57973f31dc789197359dd3a0140719455508a6699b69ca1d8147f316a2e85a5e6746526edba69b707bfe15f4e7d2be521db623c167007b3

data/.dockerignore

@@ -0,0 +1,17 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status
+
+quickstart.rb
+*.gz
+
+/vendor/
+/.git/

data/Dockerfile

@@ -1,11 +1,15 @@
-FROM ruby:2.3.4-alpine
+ARG RUBY_VERSION=2.3.4
+FROM ruby:${RUBY_VERSION}-alpine
 
-RUN apk add --no-cache git
+RUN apk add --no-cache git openssl-dev build-base
 
 RUN mkdir /app
 WORKDIR /app
 
+COPY Gemfile Gemfile.lock netbox-client-ruby.gemspec VERSION ./
+RUN bundle install --jobs 4 --deployment --quiet
+
 COPY . ./
-RUN bundle install --jobs 4 --quiet --deployment
+
 
 CMD docker/start.sh

data/Gemfile.lock

@@ -1,12 +1,13 @@
 PATH
   remote: .
   specs:
-    netbox-client-ruby (0.0.4)
+    netbox-client-ruby (0.1.1)
       dry-configurable (~> 0.1)
-      faraday (>= 0.11)
+      faraday (>= 0.11, <= 0.12.1)
       faraday-detailed_logger (~> 2.1)
       faraday_middleware (~> 0.11.0)
       ipaddress (>= 0.8.3)
+      openssl (>= 2.0.5)
 
 GEM
   remote: https://rubygems.org/
@@ -26,6 +27,7 @@ GEM
     ipaddress (0.8.3)
     method_source (0.8.2)
     multipart-post (2.0.0)
+    openssl (2.0.5)
     parser (2.4.0.0)
       ast (~> 2.2)
     powerpack (0.1.1)
@@ -74,4 +76,4 @@ DEPENDENCIES
   rubocop-rspec (~> 1.15)
 
 BUNDLED WITH
-   1.14.6
+   1.15.3

data/README.md

@@ -2,6 +2,7 @@
 
 [![Build Status](https://travis-ci.org/ninech/netbox-client-ruby.svg?branch=master)](https://travis-ci.org/ninech/netbox-client-ruby)
 [![Gem Version](https://badge.fury.io/rb/netbox-client-ruby.svg)](https://badge.fury.io/rb/netbox-client-ruby)
+[![Code Climate](https://codeclimate.com/github/ninech/netbox-client-ruby/badges/gpa.svg)](https://codeclimate.com/github/ninech/netbox-client-ruby)
 
 This is a gem to pragmatically access your [Netbox instance](https://github.com/digitalocean/netbox)
 via it's API from Ruby. This gem is currently only compatible with Netbox v2.
@@ -36,6 +37,8 @@ NetboxClientRuby.configure do |config|
   config.netbox.api_base_url = 'http://netbox.local/api/'
 
   # these are optional:
+  config.netbox.auth.rsa_private_key.path = '~/.ssh/netbox_rsa'
+  config.netbox.auth.rsa_private_key.password = ''
   config.netbox.pagination.default_limit = 50
   config.faraday.adapter = Faraday.default_adapter
   config.faraday.request_options = { open_timeout: 1, timeout: 5 }
@@ -57,6 +60,7 @@ So if the URL is `/api/dcim/sites.json`, then the corresponding Ruby code would
 NetboxClientRuby.configure do |c|
   c.netbox.auth.token = '2e35594ec8710e9922d14365a1ea66f27ea69450'
   c.netbox.api_base_url = 'http://netbox.local/api/'
+  c.netbox.auth.rsa_private_key.path = '~/.ssh/netbox_rsa'
 end
 
 # get all sites
@@ -71,6 +75,23 @@ puts "The first site is called #{first_site.name}."
 # Note that Netbox filters by *slug*
 devices_of_site = NetboxClientRuby.dcim.devices.filter(site: first_site.slug)
 puts "#{devices_of_site.total} devices belong to the site. #{devices_of_site}.length devices have been fetched."
+
+# working with secrets
+secrets = NetboxClientRuby.secrets.secrets
+puts "#{secrets.total} secrets are in your Netbox."
+secrets[0].plaintext # => nil, because you have not yet defined a session_key
+NetboxClientRuby.secrets.get_session_key # now get a session_key
+secrets = NetboxClientRuby.secrets.secrets # you must reload the data from the server
+secrets[0].plaintext # => 'super secret password'
+
+# optionally, you can persist the session_key:
+session_key = NetboxClientRuby.secrets.get_session_key.session_key
+FILE_NAME = File.expand_path('~/.netbox_session_key').freeze
+File.write(FILE_NAME, session_key)
+
+# later on, you can restore the persisted session_key:
+persisted_session_key = File.read(FILE_NAME)
+NetboxClientRuby.secrets.session_key = persisted_session_key
 ```
 
 ## Available Objects
@@ -97,6 +118,11 @@ Not all objects which the Netbox API exposes are currently implemented. Implemen
   * VLANs
   * VLAN Groups
   * VRFs
+* Secrets:
+  * Secrets
+  * Secret Roles
+  * get-session-key
+  * generate-rsa-key-pair
 * Tenancy:
   * Tenant
   * Tenant Groups

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.1.1

data/docker-compose.test.yml

@@ -1,5 +1,16 @@
 version: '2'
 services:
   app:
-    build: .
+    build:
+      context: .
+      args:
+        RUBY_VERSION: 2.3.4
+    image: netbox-client-ruby:2.3.4
+    command: 'docker/start.test.sh'
+  app24:
+    build:
+      context: .
+      args:
+        RUBY_VERSION: 2.4.1
+    image: netbox-client-ruby:2.4.1
     command: 'docker/start.test.sh'

data/docker-compose.yml

@@ -1,7 +1,21 @@
 version: '2'
 services:
   app:
-    build: .
+    build:
+      context: .
+      args:
+        RUBY_VERSION: 2.3.4
+    image: netbox-client-ruby:2.3.4
+    depends_on:
+      - nginx
+    volumes:
+      - .:/app
+  app24:
+    build:
+      context: .
+      args:
+        RUBY_VERSION: 2.4.1
+    image: netbox-client-ruby:2.4.1
     depends_on:
       - nginx
     volumes:

data/lib/netbox_client_ruby.rb

@@ -10,6 +10,12 @@ module NetboxClientRuby
     setting :api_base_url
     setting :auth do
       setting :token
+      setting :rsa_private_key do
+        # the default is intentionally not `~/.ssh/id_rsa`,
+        # to not accidentally leak someone's main rsa private key
+        setting :path, '~/.ssh/netbox_rsa'
+        setting :password
+      end
     end
     setting :pagination do
       setting :default_limit, 50

data/lib/netbox_client_ruby/api.rb

@@ -1,18 +1,23 @@
 require 'netbox_client_ruby/api/dcim'
 require 'netbox_client_ruby/api/ipam'
+require 'netbox_client_ruby/api/secrets'
 require 'netbox_client_ruby/api/tenancy'
 require 'netbox_client_ruby/communication'
 
 module NetboxClientRuby
   def self.dcim
-    @dcim ||= NetboxClientRuby::DCIM
+    NetboxClientRuby::DCIM
   end
 
-  def self.tenancy
-    @tenancy ||= NetboxClientRuby::Tenancy
+  def self.ipam
+    NetboxClientRuby::IPAM
   end
 
-  def self.ipam
-    @ipam ||= NetboxClientRuby::IPAM
+  def self.secrets
+    NetboxClientRuby::Secrets
+  end
+
+  def self.tenancy
+    NetboxClientRuby::Tenancy
   end
 end

data/lib/netbox_client_ruby/api/secrets.rb

@@ -0,0 +1,39 @@
+require 'netbox_client_ruby/api/secrets/rsa_key_pair'
+require 'netbox_client_ruby/api/secrets/secret_roles'
+require 'netbox_client_ruby/api/secrets/secrets'
+require 'netbox_client_ruby/api/secrets/session_key'
+require 'netbox_client_ruby/communication'
+
+module NetboxClientRuby
+  module Secrets
+    {
+      secret_roles: SecretRoles,
+      secrets: Secrets,
+      generate_rsa_key_pair: RSAKeyPair,
+      get_session_key: SessionKey
+    }.each_pair do |method_name, class_name|
+      define_method(method_name) { class_name.new }
+      module_function(method_name)
+    end
+
+    {
+      secret_role: SecretRole,
+      secret: Secret
+    }.each_pair do |method_name, class_name|
+      define_method(method_name) { |id| class_name.new id }
+      module_function(method_name)
+    end
+
+    def session_key=(session_key)
+      @session_key = session_key
+    end
+
+    module_function(:session_key=)
+
+    def session_key
+      @session_key
+    end
+
+    module_function(:session_key)
+  end
+end

data/lib/netbox_client_ruby/api/secrets/rsa_key_pair.rb

@@ -0,0 +1,48 @@
+require 'netbox_client_ruby/entity'
+require 'netbox_client_ruby/api/dcim/device'
+require 'netbox_client_ruby/api/secrets/secret_role'
+
+module NetboxClientRuby
+  module Secrets
+    class RSAKeyPair
+      include Communication
+
+      PATH = '/api/secrets/generate-rsa-key-pair/'.freeze
+
+      def public_key
+        get['public_key']
+      end
+
+      def private_key
+        get['private_key']
+      end
+
+      def reload
+        @response = nil
+      end
+
+      private
+
+      def get
+        if authorization_token
+          @response ||= response connection.get(PATH)
+        else
+          raise LocalError,
+                "The authorization_token has not been configured, but it's required for get-session-key."
+        end
+      end
+
+      def authorization_token
+        auth_config.token
+      end
+
+      def auth_config
+        netbox_config.auth
+      end
+
+      def netbox_config
+        NetboxClientRuby.config.netbox
+      end
+    end
+  end
+end

data/lib/netbox_client_ruby/api/secrets/secret.rb

@@ -0,0 +1,18 @@
+require 'netbox_client_ruby/entity'
+require 'netbox_client_ruby/api/dcim/device'
+require 'netbox_client_ruby/api/secrets/secret_role'
+
+module NetboxClientRuby
+  module Secrets
+    class Secret
+      include Entity
+
+      id id: :id
+      deletable true
+      path 'secrets/secrets/:id.json'
+      creation_path 'secrets/secrets/'
+      object_fields device: proc { |raw_data| Device.new raw_data['id'] },
+                    role: proc { |raw_data| SecretRole.new raw_data['id'] }
+    end
+  end
+end

data/lib/netbox_client_ruby/api/secrets/secret_role.rb

@@ -0,0 +1,16 @@
+require 'netbox_client_ruby/entity'
+require 'netbox_client_ruby/api/dcim/device'
+require 'netbox_client_ruby/api/secrets/secret_role'
+
+module NetboxClientRuby
+  module Secrets
+    class SecretRole
+      include Entity
+
+      id id: :id
+      deletable true
+      path 'secrets/secret-roles/:id.json'
+      creation_path 'secrets/secret-roles/'
+    end
+  end
+end

data/lib/netbox_client_ruby/api/secrets/secret_roles.rb

@@ -0,0 +1,21 @@
+require 'netbox_client_ruby/entities'
+require 'netbox_client_ruby/api/secrets/secret_role'
+
+module NetboxClientRuby
+  module Secrets
+    class SecretRoles
+      include Entities
+
+      path 'secrets/secret-roles.json'
+      data_key 'results'
+      count_key 'count'
+      entity_creator :entity_creator
+
+      private
+
+      def entity_creator(raw_entity)
+        SecretRole.new raw_entity['id']
+      end
+    end
+  end
+end

data/lib/netbox_client_ruby/api/secrets/secrets.rb

@@ -0,0 +1,21 @@
+require 'netbox_client_ruby/entities'
+require 'netbox_client_ruby/api/secrets/secret'
+
+module NetboxClientRuby
+  module Secrets
+    class Secrets
+      include Entities
+
+      path 'secrets/secrets.json'
+      data_key 'results'
+      count_key 'count'
+      entity_creator :entity_creator
+
+      private
+
+      def entity_creator(raw_entity)
+        Secret.new raw_entity['id']
+      end
+    end
+  end
+end

data/lib/netbox_client_ruby/api/secrets/session_key.rb

@@ -0,0 +1,114 @@
+require 'openssl/pkey'
+require 'netbox_client_ruby/entity'
+require 'netbox_client_ruby/api/dcim/device'
+require 'netbox_client_ruby/api/secrets/secret_role'
+
+module NetboxClientRuby
+  module Secrets
+    class SessionKey
+      include Communication
+
+      PATH = '/api/secrets/get-session-key/'.freeze
+
+      def initialize
+        session_key
+      end
+
+      def session_key
+        NetboxClientRuby::Secrets.session_key ||= request['session_key']
+      end
+
+      def reload
+        NetboxClientRuby::Secrets.session_key = request['session_key']
+      end
+
+      private
+
+      def request
+        if authorization_token
+          response(post)
+        else
+          raise LocalError,
+                "The authorization_token has not been configured, but it's required for get-session-key."
+        end
+      end
+
+      def post
+        connection.post PATH, private_key: private_key
+      end
+
+      def connection
+        NetboxClientRuby::Connection.new(request_encoding: :url_encoded)
+      end
+
+      def authorization_token
+        auth_config.token
+      end
+
+      def private_key
+        key_file = open_private_key_file
+        encoded_private_key = read_private_key_file(key_file)
+        private_key = decode_private_key(encoded_private_key)
+        private_key.to_pem
+      end
+
+      def decode_private_key(encoded_private_key)
+        begin
+          private_key = OpenSSL::PKey::RSA.new encoded_private_key, rsa_private_key_password
+
+          return private_key if private_key.private?
+        rescue OpenSSL::PKey::RSAError
+          if rsa_private_key_password.empty?
+            raise LocalError,
+                  "The private key at '#{rsa_private_key_path}' requires a password, but none was given, or the key data is corrupted. (The corresponding configuration is 'netbox.auth.rsa_private_key.password'.)"
+          else
+            raise LocalError,
+                  "The password given for the private key at '#{rsa_private_key_path}' is not valid or the key data is corrupted. (The corresponding configuration is 'netbox.auth.rsa_private_key.password'.)"
+          end
+        end
+
+        raise LocalError,
+              "The file at '#{rsa_private_key_path}' is not a private key, but a private key is required for get-session-key. (The corresponding configuration is 'netbox.auth.rsa_private_key.path'.)"
+      end
+
+      def rsa_private_key_password
+        pwd = rsa_private_key_config.password
+        # If nil is not converted to '', then OpenSSL will block and ask on console for the password.
+        # We really don't want that.
+        return '' if pwd.nil?
+        pwd
+      end
+
+      def read_private_key_file(key_file)
+        encoded_private_key = key_file.read
+        return encoded_private_key unless encoded_private_key.nil? || encoded_private_key.empty?
+
+        raise LocalError,
+              "The file at '#{rsa_private_key_path}' is empty, but a private key is required for get-session-key. (The corresponding configuration is 'netbox.auth.rsa_private_key.path'.)"
+      end
+
+      def open_private_key_file
+        return File.new rsa_private_key_path if File.exist? rsa_private_key_path
+
+        raise LocalError,
+              "No file exists at the given path '#{rsa_private_key_path}', but it's required for get-session-key. (The corresponding configuration is 'netbox.auth.rsa_private_key.path'.)"
+      end
+
+      def rsa_private_key_path
+        @rsa_private_key_path ||= File.expand_path(rsa_private_key_config.path)
+      end
+
+      def rsa_private_key_config
+        auth_config.rsa_private_key
+      end
+
+      def auth_config
+        netbox_config.auth
+      end
+
+      def netbox_config
+        NetboxClientRuby.config.netbox
+      end
+    end
+  end
+end

data/lib/netbox_client_ruby/connection.rb

@@ -5,24 +5,34 @@ require 'netbox_client_ruby/error/local_error'
 
 module NetboxClientRuby
   class Connection
-    def self.new
-      build_faraday
+    DEFAULT_OPTIONS = {
+      request_encoding: :json
+    }.freeze
+
+    def self.new(options = {})
+      build_faraday(DEFAULT_OPTIONS.merge(options))
     end
 
     def self.headers
       headers = {}
-      netbox_auth_config = NetboxClientRuby.config.netbox.auth
+      auth_token = auth_config.token
+      headers['Authorization'] = "Token #{auth_token}".freeze if auth_token
+      headers['X-Session-Key'] = NetboxClientRuby::Secrets.session_key if NetboxClientRuby::Secrets.session_key
+      headers
+    end
 
-      raise LocalError, 'The authorization_token has not been configured.' unless netbox_auth_config.token
+    def self.auth_config
+      netbox_config.auth
+    end
 
-      headers['Authorization'] = "Token #{netbox_auth_config.token}"
-      headers
+    def self.netbox_config
+      NetboxClientRuby.config.netbox
     end
 
-    private_class_method def self.build_faraday
+    private_class_method def self.build_faraday(request_encoding: :json)
       config = NetboxClientRuby.config
       Faraday.new(url: config.netbox.api_base_url, headers: headers) do |faraday|
-        faraday.request :json
+        faraday.request request_encoding
         faraday.response config.faraday.logger if config.faraday.logger
         faraday.response :json, content_type: /\bjson$/
         faraday.adapter config.faraday.adapter || Faraday.default_adapter

data/netbox-client-ruby.gemspec

@@ -30,10 +30,12 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_runtime_dependency 'dry-configurable', '~> 0.1'
-  spec.add_runtime_dependency 'faraday', '>= 0.11'
+  # see https://github.com/lostisland/faraday/issues/717
+  spec.add_runtime_dependency 'faraday', '>= 0.11', '<= 0.12.1'
   spec.add_runtime_dependency 'faraday_middleware', '~> 0.11.0'
   spec.add_runtime_dependency 'faraday-detailed_logger', '~> 2.1'
   spec.add_runtime_dependency 'ipaddress', '>= 0.8.3'
+  spec.add_runtime_dependency 'openssl', '>= 2.0.5'
 
   spec.add_development_dependency 'bundler', '~> 1.14'
   spec.add_development_dependency 'rake', '~> 10.0'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: netbox-client-ruby
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Christian Mäder
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-08-02 00:00:00.000000000 Z
+date: 2017-08-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-configurable
@@ -31,6 +31,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0.11'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 0.12.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -38,6 +41,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0.11'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 0.12.1
 - !ruby/object:Gem::Dependency
   name: faraday_middleware
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +86,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.8.3
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -171,6 +191,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".dockerignore"
 - ".gitignore"
 - ".rspec"
 - ".ruby-version"
@@ -230,6 +251,13 @@ files:
 - lib/netbox_client_ruby/api/ipam/vlans.rb
 - lib/netbox_client_ruby/api/ipam/vrf.rb
 - lib/netbox_client_ruby/api/ipam/vrfs.rb
+- lib/netbox_client_ruby/api/secrets.rb
+- lib/netbox_client_ruby/api/secrets/rsa_key_pair.rb
+- lib/netbox_client_ruby/api/secrets/secret.rb
+- lib/netbox_client_ruby/api/secrets/secret_role.rb
+- lib/netbox_client_ruby/api/secrets/secret_roles.rb
+- lib/netbox_client_ruby/api/secrets/secrets.rb
+- lib/netbox_client_ruby/api/secrets/session_key.rb
 - lib/netbox_client_ruby/api/tenancy.rb
 - lib/netbox_client_ruby/api/tenancy/tenant.rb
 - lib/netbox_client_ruby/api/tenancy/tenant_group.rb