Merge pull request #41 from napalm-automation-community/release_v1.0.0

Release v1.0.0
napalm-automation-community · May 18, 2023 · 74da168 · 74da168
2 parents 8f14d14 + b77981e
commit 74da168
Show file tree

Hide file tree

Showing 13 changed files with 89 additions and 21 deletions.
diff --git a/.clab/ci-topology.yml b/.clab/ci-topology.yml
@@ -9,6 +9,6 @@ topology:
     # TODO multiple node flavors like ixrd2, ixrd3, ixrd2l, etc.
     srl:
       kind: srl
-      mgmt_ipv4: 172.20.20.16
-      mgmt_ipv6: 2001:172:20:20::16
+      mgmt-ipv4: 172.20.20.16
+      mgmt-ipv6: 2001:172:20:20::16
       # startup-config: startup-config.cmd # Start with basic Containerlab config
diff --git a/AUTHORS b/AUTHORS
@@ -4,3 +4,4 @@ Jose Valente <jose.valente@nokia.com>
 Syed Shekupillai <syed.shekupillai@nokia.com>
 Ashna Shah <ashna.shah@nokia.com>
 Wim Henderickx <wim.henderickx@nokia.com>
+Jeroen van Bemmel <jeroen.van_bemmel@nokia.com>
diff --git a/MANIFEST.in b/MANIFEST.in
@@ -1,3 +1,2 @@
 include requirements.txt
-include napalm_srl/templates/*.j2
-include napalm_srl/utils/textfsm_templates/*.tpl
+include requirements-dev.txt
diff --git a/Makefile b/Makefile
@@ -17,3 +17,12 @@ destroy-clab-ci: ## Destroy "ci" test topology
 
 run-tests: $(TESTS) ## Run all CI tests under test/ci
 	PYTHONPATH="." python3 $<
+
+dist: ## This creates a ./dist directory with wheel package
+	python3 -m pip install --upgrade build
+	python3 -m build
+
+release: dist ## release to PyPi
+	python3 -m pip install --upgrade twine
+	# --repository testpypi
+	python3 -m twine upload dist/*
diff --git a/README.md b/README.md
@@ -29,7 +29,7 @@ Releases beyond this have not been validated and should be by users before using
 
 1. **Ports**: The napalm-srlinux driver uses gNMI and JSON-RPC for various functions, Make sure to enable the ports at SR Linux Node (57400 and 443 respectively by default)
 2. **Certificates**: The napalm-srlinux driver establishes secure connection only with the node, Hence make sure the appropriate CA/Certificates and Keys are in place.
-  For testing purposes, 'insecure=True' can be used to accept any certificate presented by the device
+   For testing purposes, 'insecure=True' can be used to accept any certificate presented by the device
 3. **Compare_Config**: The `compare_commit` based on the previously called function performs the operation as below, Default is on-box difference
 
 	| Function | compare_config |

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.2.0
+1.0.0
diff --git a/napalm_srl/srl.py b/napalm_srl/srl.py
@@ -38,8 +38,33 @@
     CommandErrorException,
     CommitError,
 )
+
 import requests
 
+from requests.packages.urllib3.poolmanager import PoolManager
+from requests.packages.urllib3.util import ssl_
+from requests.adapters import HTTPAdapter
+
+class TLSHttpAdapter(HTTPAdapter):
+    """
+    "Transport adapter" to re-enable the ECDHE-RSA-AES256-SHA cipher as fallback
+
+    urllib3 version 2.0.2 reduced the list of ciphers offered by default,
+    removing the ECDHE-RSA-AES256-SHA cipher. When the cipher list is left empty
+    in SR Linux CLI, by default it only accepts this cipher
+    """
+    def __init__(self, ciphers=None, **kwargs):
+        self.ciphers = ciphers
+        super(TLSHttpAdapter, self).__init__(**kwargs)
+
+    def init_poolmanager(self, connections, maxsize, block=False):
+        logging.warning( f"Enabled TLS ciphers: {self.ciphers}" )
+        ctx = ssl_.create_urllib3_context(ciphers=self.ciphers,cert_reqs=ssl_.CERT_REQUIRED)
+        ctx.check_hostname = False # for some reason, CERT_REQUIRED becomes None
+        self.poolmanager = PoolManager(
+           num_pools=connections, maxsize=maxsize,
+           ssl_context=ctx, block=block)
+
 class NokiaSRLDriver(NetworkDriver):
     """Napalm driver for SRL."""
 
@@ -2444,6 +2469,12 @@ def __init__(self, hostname, username, password, timeout=60, optional_args=None)
         self.tls_cert = optional_args.get("tls_cert", "")
         self.tls_key = optional_args.get("tls_key", "")
 
+        ciphers = optional_args.get("jsonrpc_ciphers",
+          "TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES256-SHA")
+
+        self.jsonrpc_session = requests.session()
+        self.jsonrpc_session.mount("https://", TLSHttpAdapter(ciphers=ciphers))
+
     def open(self):
         """Implement the NAPALM method open (mandatory)"""
         try:
@@ -2578,9 +2609,11 @@ def _jsonrpcPost(self, json_data, timeout=None):
             "Content-Type": "application/json",
             "Accept": "application/json",
         }
-        geturl = "https://{}:{}@{}:{}/jsonrpc".format(self.username, self.password, self.hostname, self.jsonrpc_port)
-        resp = requests.post(geturl, headers=headers, json=json_data, timeout=timeout if timeout else self.timeout,
-                             verify=self.tls_ca or False)
+        geturl = "https://{}:{}@{}:{}/jsonrpc".format(self.username,
+                  self.password, self.hostname, self.jsonrpc_port)
+        resp = self.jsonrpc_session.post(geturl, headers=headers, json=json_data,
+                                   timeout=timeout if timeout else self.timeout,
+                                   verify=self.tls_ca or False)
         resp.raise_for_status()
         return resp.json() if resp.text else ""
 

diff --git a/napalm_srl/templates/.placeholder b/napalm_srl/templates/.placeholder
diff --git a/napalm_srl/utils/__init__.py b/napalm_srl/utils/__init__.py
diff --git a/napalm_srl/utils/textfsm_templates/.placeholder b/napalm_srl/utils/textfsm_templates/.placeholder
diff --git a/pyproject.toml b/pyproject.toml
@@ -0,0 +1,34 @@
+[build-system]
+requires = ["setuptools>=56.0.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "napalm-srl"
+version="1.0.0"
+description="Network Automation and Programmability Abstraction Layer driver for Nokia SR Linux"
+readme = "README.md"
+requires-python = ">=3.7"
+classifiers = [
+    "Topic :: System :: Networking",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.7",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Natural Language :: English",
+]
+authors = [
+  { name="Jose Valente", email="jose.valente@nokia.com" },
+  { name="Jeroen van Bemmel", email="jeroen.van_bemmel@nokia.com" },
+]
+
+[project.urls]
+"Homepage" = "https://github.com/napalm-automation-community/napalm-srlinux"
+"Bug Tracker" = "https://github.com/napalm-automation-community/napalm-srlinux/issues"
+
+[project.optional-dependencies]
+tests = [
+  'pytest',
+  'ruff',
+]
diff --git a/requirements.txt b/requirements.txt
@@ -3,13 +3,10 @@ pip>=20.1.1
 pytest>=5.4.3
 setuptools>=47.3.1
 setuptools-rust
-textfsm>=1.1.0
 paramiko>=2.7.1
-lxml>=4.6.2
-ncclient>=0.6.7
-
-xmltodict>=0.12.0
-dictdiffer>=0.8.1
 grpcio
 protobuf==3.20.3
 cryptography
+
+# The new 2.0.2 version contains security enhancements
+urllib3>=2.0.2
diff --git a/setup.py b/setup.py
@@ -9,7 +9,7 @@
 
 setup(
     name="napalm-srl",
-    version="0.2.0",
+    version="1.0.0",
     packages=find_packages(),
     author="Jose Valente",
     author_email="jose.valente@nokia.com",