Optional API token-based authentication #8
Conversation
|
Seems there are some tests to update for this PR to pass. Looking into it. |
2 similar comments
|
Got the CI tests to pass by updating I'm not yet clear how on how update the tests so that coveralls passes for I'm new to tests to please bear with me. |
2 similar comments
|
I'm admitting defeat on the final coveralls test. I'm not sure I understand how coveralls works nor how to write tests that will cover the case that coveralls is still complaining about. |
|
💯 Finally! |
|
@rthomson Thanks a lot, that looks pretty nice! |
|
@aabouzaid done! |
|
Cool, I'm doing a quick review now 👍 |
netbox/netbox.py
Outdated
| @@ -79,6 +79,7 @@ def __init__(self, script_args, script_config_data): | |||
| # Script configuration. | |||
| self.script_config = script_config_data | |||
| self.api_url = self._config(["main", "api_url"]) | |||
| self.api_token = self._config(["main", "api_token"], ignore_key_error=True) | |||
There was a problem hiding this comment.
Why ignore_key_error? This should be default=None instead ignoring key error.
There was a problem hiding this comment.
Letting the default value be assigned when api_token was missing from netbox.yml was resulting a sys.exit() in _config() due to the if value: conditional evaluation on line 144-148 (that I removed/changed).
Looking into it.
netbox/netbox.py
Outdated
| """Get value from config var. | ||
|
|
||
| Args: | ||
| key_path: A list has the path of the key. | ||
| default: Default value if the key is not found. | ||
|
|
||
| Returns: | ||
| The value of the key from config file or the default value. | ||
| The value of the key from config file or the default value |
There was a problem hiding this comment.
I don't even remember that! Typo.
netbox/netbox.py
Outdated
| key_value = value | ||
| else: | ||
| sys.exit("The key '%s' is not found in config file." % ".".join(key_path)) | ||
| key_value = self._get_value_by_path(config, key_path, ignore_key_error=ignore_key_error, default=default) |
There was a problem hiding this comment.
I kept that part like that because I like to have a different message than the default one in _get_value_by_path (I found it a bit misleading, that's why I use a different error message here).
So I'd suggest to edit _get_value_by_path to have the ability to change the error message.
There was a problem hiding this comment.
This is the part that would result in sys.exit() if a default value of "" was assigned to api_token when missing from netbox.yml.
I'm reviewing the logic to see if there's a simpler/better way to have an optional key for api_token in netbox.yml.
| @@ -34,6 +34,7 @@ | |||
| netbox: | |||
| main: | |||
| api_url: 'http://localhost/api/dcim/devices/' | |||
| api_token: '1234567890987654321234567890987654321' | |||
There was a problem hiding this comment.
Let's have a commented key inside netbox.yaml to make it part of conf file.
e.g.
netbox:
main:
api_url: 'http://localhost/api/dcim/devices/'
#api_token: ''
|
I made some changes to remove the stuff around Not sure if this is any better or not. Also, I'm fumbling my way though pull requests, CI tests and code review as there are all new for me! I appreciate your pointing out when/how components of this PR require improvement. |
|
You actually are doing good :-) And in all cases, since there a new behavior has been introduced, it's fine to change the tests to fit that case. |
|
Actually now I'm thinking about another way to deal with config in general. |
|
@rthomson I did the fix to make any conf key optional, later I will find a better way to handle the config. Could you please pull the branch Thanks. |
I will take a look this week! Thank you. |
|
Pulling a new branch from upstream and rebasing against my changes, including manual merge conflict resolution, was an interesting learning experience! I'm not sure but I think it might have worked... |
|
Well, now we have duplication of commits (the rebase should be on my last comment only). On your branch. I think it's a nice experience in all cases 😁 |
Oops.
Absolutely! And thanks again for your patience. I'll keep working at it. |
|
It has been merged 🎉 Thanks a lot for your effort @rthomson, keep going you are doing well 🤘 |
This pull request implements optional API token-based authentication when netbox is configured with
LOGIN_REQUIRED = Trueinconfiguration.py.netbox.yml example:
where the value of api_token is equivalent to any valid netbox user profile API token.
The
api_tokenkey can be omitted fromnetbox.ymland netbox-as-ansible-inventory behaves as expected (no change to previous behavior).