Merge pull request #177 from nautobot/drift-manager/pr

Cookie initialy baked by NetworkToCode Cookie Drift Manager Tool

.bandit.yml

@@ -3,3 +3,4 @@ skips: []
 # No need to check for security issues in the test scripts!
 exclude_dirs:
   - "./tests/"
+  - "./.venv/"

.cookiecutter.json

@@ -0,0 +1,35 @@
+{
+    "cookiecutter": {
+        "codeowner_github_usernames": "@whitej6 @itdependsnetworks @jdrew82",
+        "full_name": "Network to Code, LLC",
+        "email": "[email protected]",
+        "github_org": "nautobot",
+        "plugin_name": "nautobot_firewall_models",
+        "verbose_name": "Nautobot Firewall Models",
+        "plugin_slug": "nautobot-firewall-models",
+        "project_slug": "nautobot-plugin-firewall-models",
+        "repo_url": "https://github.com/nautobot/nautobot-plugin-firewall-models",
+        "base_url": "firewall-models",
+        "min_nautobot_version": "2.0.0",
+        "max_nautobot_version": "2.9999",
+        "camel_name": "NautobotFirewallModels",
+        "project_short_description": "Nautobot App to model firewall and security objects. Allows users to model policies in a vendor-neutral manner and use that data to drive network security automation",
+        "model_class_name": "None",
+        "open_source_license": "Apache-2.0",
+        "docs_base_url": "https://docs.nautobot.com",
+        "docs_app_url": "https://docs.nautobot.com/projects/firewall-models/en/latest",
+        "_drift_manager": {
+            "template": "https://github.com/nautobot/cookiecutter-nautobot-app.git",
+            "template_dir": "nautobot-app",
+            "template_ref": "develop",
+            "cookie_dir": "",
+            "branch_prefix": "drift-manager",
+            "pull_request_strategy": "create",
+            "post_actions": [
+                "black"
+            ],
+            "draft": true,
+            "baked_commit_ref": "945dd478c02d70bbd35cef776d1fae1c102c5e26"
+        }
+    }
+}

.flake8

@@ -1,4 +1,10 @@
 [flake8]
-# E501: Line length is enforced by Black, so flake8 doesn't need to check it
-# W503: Black disagrees with this rule, as does PEP 8; Black wins
-ignore = E501, W503
+ignore =
+  E501,  # Line length is enforced by Black, so flake8 doesn't need to check it
+  W503   # Black disagrees with this rule, as does PEP 8; Black wins
+exclude = 
+  migrations,
+  __pycache__,
+  manage.py,
+  settings.py,
+  .venv

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,12 +1,12 @@
 ---
 name: 🐛 Bug Report
-about: Report a reproducible bug in the current release of nautobot-plugin-firewall-model
+about: Report a reproducible bug in the current release of nautobot-firewall-models
 ---
 
 ### Environment
-* Python version:  <!-- Example: 3.7.7 -->
-* Nautobot version:  <!-- Example: 1.1.0 -->
-* nautobot-plugin-firewall-model version:  <!-- Example: 0.1.0 -->
+* Python version:  <!-- Example: 3.11.4 -->
+* Nautobot version:  <!-- Example: 2.0.0 -->
+* nautobot-firewall-models version:  <!-- Example: 2.0.1 -->
 
 <!-- What did you expect to happen? -->
 ### Expected Behavior

.github/ISSUE_TEMPLATE/feature_request.md

@@ -5,8 +5,8 @@ about: Propose a new feature or enhancement
 ---
 
 ### Environment
-* Nautobot version:  <!-- Example: 1.1.0 -->
-* nautobot-plugin-firewall-model version:  <!-- Example: 0.1.0 -->
+* Nautobot version:  <!-- Example: 2.0.0 -->
+* nautobot-firewall-models version:  <!-- Example: 2.0.1 -->
 
 <!--
     Describe in detail the new functionality you are proposing.

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

@@ -1,10 +1,35 @@
-## New Pull Request
+<!--
+    Thank you for your interest in contributing to Nautobot! Please note
+    that our contribution policy recommends that a feature request or bug
+    report be opened for approval prior to filing a pull request. This
+    helps avoid wasting time and effort on something that we might not
+    be able to accept.
 
-Have you:
-- [ ] Updated the README if necessary?
-- [ ] Updated any configuration settings?
-- [ ] Written a unit test?
+    Please indicate the relevant feature request or bug report below.
+-->
 
-## Change Notes
+# Closes: #<ISSUE NUMBER GOES HERE>
 
-## Justification
+## What's Changed
+
+<!--
+    Please include:
+    - A summary of the proposed changes
+    - A sectioned breakdown for larger features under ## subheadings
+    - Screenshots, example payloads where relevant:
+      - Before/After for bugfixes
+      - Using a new feature
+-->
+
+## To Do
+
+<!--
+    Please feel free to update todos to keep track of your own notes for WIP PRs.
+-->
+- [ ] Explanation of Change(s)
+- [ ] Added change log fragment(s) (for more information see [the documentation](https://docs.nautobot.com/projects/core/en/stable/development/#creating-changelog-fragments))
+- [ ] Attached Screenshots, Payload Example
+- [ ] Unit, Integration Tests
+- [ ] Documentation Updates (when adding/changing features)
+- [ ] Example Plugin Updates (when adding/changing features)
+- [ ] Outline Remaining Work, Constraints from Design

.github/workflows/ci.yml

@@ -1,68 +1,74 @@
 ---
 name: "CI"
-on: # yamllint disable-line rule:truthy rule:comments
-  - "push"
-  - "pull_request"
 concurrency:  # Cancel any existing runs of this workflow for this same PR
   group: "${{ github.workflow }}-${{ github.ref }}"
   cancel-in-progress: true
+on: # yamllint disable-line rule:truthy rule:comments
+  push:
+    branches:
+      - "main"
+      - "develop"
+    tags:
+      - "v*"
+  pull_request: ~
+
 env:
-  PLUGIN_NAME: "nautobot-firewall-models"
+  PLUGIN_NAME: "nautobot-plugin-firewall-models"
 
 jobs:
   black:
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_LOCAL: "True"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: black"
         run: "poetry run invoke black"
   bandit:
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_LOCAL: "True"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: bandit"
         run: "poetry run invoke bandit"
   pydocstyle:
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_LOCAL: "True"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: pydocstyle"
         run: "poetry run invoke pydocstyle"
   flake8:
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_LOCAL: "True"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: flake8"
         run: "poetry run invoke flake8"
   yamllint:
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_LOCAL: "True"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Linting: yamllint"
         run: "poetry run invoke yamllint"
   pylint:
@@ -72,7 +78,7 @@ jobs:
       - "flake8"
       - "yamllint"
       - "black"
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     strategy:
       fail-fast: true
       matrix:
@@ -83,14 +89,14 @@ jobs:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_NAUTOBOT_VER: "${{ matrix.nautobot-version }}"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Set up Docker Buildx"
         id: "buildx"
-        uses: "docker/setup-buildx-action@v1"
+        uses: "docker/setup-buildx-action@v3"
       - name: "Build"
-        uses: "docker/build-push-action@v2"
+        uses: "docker/build-push-action@v5"
         with:
           builder: "${{ steps.buildx.outputs.name }}"
           context: "./"
@@ -113,36 +119,30 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.8"]
+        python-version: ["3.8", "3.11"]
         db-backend: ["postgresql"]
-        nautobot-version: ["2.0.0"]
-        # The include is a method to limit the amount of jobs ran. This essentially
-        # means that in addition to standard postgres and stable, also the lowest
-        # supported version and with mysql
+        nautobot-version: ["stable"]
         include:
           - python-version: "3.11"
             db-backend: "postgresql"
             nautobot-version: "2.0.0"
-          - python-version: "3.11"
-            db-backend: "postgresql"
-            nautobot-version: "stable"
           # - python-version: "3.11"
           #   db-backend: "mysql"
-          #   nautobot-version: "2.0.0"
-    runs-on: "ubuntu-20.04"
+          #   nautobot-version: "stable"
+    runs-on: "ubuntu-22.04"
     env:
       INVOKE_NAUTOBOT_FIREWALL_MODELS_PYTHON_VER: "${{ matrix.python-version }}"
       INVOKE_NAUTOBOT_FIREWALL_MODELS_NAUTOBOT_VER: "${{ matrix.nautobot-version }}"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Setup environment"
-        uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        uses: "networktocode/gh-action-setup-poetry-environment@v4"
       - name: "Set up Docker Buildx"
         id: "buildx"
-        uses: "docker/setup-buildx-action@v1"
+        uses: "docker/setup-buildx-action@v3"
       - name: "Build"
-        uses: "docker/build-push-action@v2"
+        uses: "docker/build-push-action@v5"
         with:
           builder: "${{ steps.buildx.outputs.name }}"
           context: "./"
@@ -159,22 +159,22 @@ jobs:
         run: "cp development/creds.example.env development/creds.env"
       - name: "Use Mysql invoke settings when needed"
         run: "cp invoke.mysql.yml invoke.yml"
-        if: "${{ matrix.db-backend == 'mysql' }}"
+        if: "matrix.db-backend == 'mysql'"
       - name: "Run Tests"
         run: "poetry run invoke unittest"
   publish_gh:
     needs:
       - "unittest"
     name: "Publish to GitHub"
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     if: "startsWith(github.ref, 'refs/tags/v')"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Set up Python"
-        uses: "actions/setup-python@v2"
+        uses: "actions/setup-python@v4"
         with:
-          python-version: "3.9"
+          python-version: "3.11"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"
@@ -199,15 +199,15 @@ jobs:
     needs:
       - "unittest"
     name: "Push Package to PyPI"
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     if: "startsWith(github.ref, 'refs/tags/v')"
     steps:
       - name: "Check out repository code"
-        uses: "actions/checkout@v2"
+        uses: "actions/checkout@v4"
       - name: "Set up Python"
-        uses: "actions/setup-python@v2"
+        uses: "actions/setup-python@v4"
         with:
-          python-version: "3.9"
+          python-version: "3.11"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"
@@ -229,9 +229,9 @@ jobs:
     needs:
       - "publish_gh"
       - "publish_pypi"
-    runs-on: "ubuntu-20.04"
+    runs-on: "ubuntu-22.04"
     env:
-      SLACK_WEBHOOK_URL: "${{ '{{ secrets.SLACK_WEBHOOK_URL }}' }}"
+      SLACK_WEBHOOK_URL: "${{ secrets.SLACK_WEBHOOK_URL }}"
       SLACK_MESSAGE: >-
         *NOTIFICATION: NEW-RELEASE-PUBLISHED*\n
         Repository: <${{ github.server_url }}/${{ github.repository }}|${{ github.repository }}>\n
@@ -241,11 +241,12 @@ jobs:
       - name: "Send a notification to Slack"
         # ENVs cannot be used directly in job.if. This is a workaround to check
         # if SLACK_WEBHOOK_URL is present.
-        if: "${{ env.SLACK_WEBHOOK_URL != '' }}"
-        uses: "slackapi/slack-github-action@v1.17.0"
+        if: "env.SLACK_WEBHOOK_URL != ''"
+        uses: "slackapi/slack-github-action@v1"
         with:
           payload: |
             {
+              "text": "${{ env.SLACK_MESSAGE }}",
               "blocks": [
                 {
                   "type": "section",