starred/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-11 21:10:29 +01:00
Code Issues 273 Packages Projects Releases 10 Wiki Activity

Add possiblity for multiple Napalm device credentials to be added #7706

New Issue
Closed
opened 2025-12-29 20:27:17 +01:00 by adam · 4 comments
adam commented 2025-12-29 20:27:17 +01:00
Owner
Copy Link

Originally created by @tobicodesstuff on GitHub (Mar 2, 2023).

NetBox version

v3.4.5

Feature type

Change to existing functionality

Proposed functionality

  • Make it possible to add NAPALM_USERNAME and NAPALM_PASSWORD per device.
  • Relevant code is at /netbox/dcim/api/views.py (lines 488-491) and /netbox/netbox/config/parameters.py (lines 153-183)
  • The device in question is available within /netbox/dcim/api.views.py at line 438, my idea was to possibly add a custom field following a certain pattern probably (NAPALM_DEVICE_{PK}_USERNAME?) and to check if such a field is present. If yes, override the credentials present, if not proceed as usual.

Nice to have:

  • A further implementation could be to have a device tab to edit such variables
  • A table somewhere containing the login credentials for all devices in a central place

Use case

  • Would like to use Napalm to inspect multiple devices, but having a single credential set for possibly tens of devices seems like a security risk

Database changes

None (custom field solution) or new configuration table (further more central implementation)

External dependencies

None

Originally created by @tobicodesstuff on GitHub (Mar 2, 2023). ### NetBox version v3.4.5 ### Feature type Change to existing functionality ### Proposed functionality - Make it possible to add NAPALM_USERNAME and NAPALM_PASSWORD per device. - Relevant code is at /netbox/dcim/api/views.py (lines 488-491) and /netbox/netbox/config/parameters.py (lines 153-183) - The device in question is available within /netbox/dcim/api.views.py at line 438, my idea was to possibly add a custom field following a certain pattern probably (NAPALM_DEVICE_{PK}_USERNAME?) and to check if such a field is present. If yes, override the credentials present, if not proceed as usual. Nice to have: - A further implementation could be to have a device tab to edit such variables - A table somewhere containing the login credentials for all devices in a central place ### Use case - Would like to use Napalm to inspect multiple devices, but having a single credential set for possibly tens of devices seems like a security risk ### Database changes None (custom field solution) or new configuration table (further more central implementation) ### External dependencies None
adam added the type: feature label 2025-12-29 20:27:17 +01:00
adam closed this issue 2025-12-29 20:27:17 +01:00
adam commented 2025-12-29 20:27:18 +01:00
Author
Owner
Copy Link

@candlerb commented on GitHub (Mar 2, 2023):

Another option would be to defined name sets of credentials, which could just be arguments to the napalm driver:

NAPALM_ARGUMENTS = {
    "default": {
        "username": "foo",
        "password": "bar",
    },
    "firewall": {
        "username": "baz",
        "password": "qux",
        "optional_args": {"port": 12443},
    },
}

Then the per-device setting would just be the credential type (e.g. "default" or "firewall") and the actual values are not exposed to the UI or the database at all.

Another option would be to get the settings through the config contexts mechanism.

@candlerb commented on GitHub (Mar 2, 2023): Another option would be to defined name sets of credentials, which could just be arguments to the napalm driver: ``` NAPALM_ARGUMENTS = { "default": { "username": "foo", "password": "bar", }, "firewall": { "username": "baz", "password": "qux", "optional_args": {"port": 12443}, }, } ``` Then the per-device setting would just be the credential type (e.g. "default" or "firewall") and the actual values are not exposed to the UI or the database at all. Another option would be to get the settings through the config contexts mechanism.
adam commented 2025-12-29 20:27:18 +01:00
Author
Owner
Copy Link

@jeremystretch commented on GitHub (Mar 2, 2023):

We're not accepting new feature requests for the NAPALM integration as it's being removed in NetBox v3.5 (see #10520). However, you're welcome to submit feature requests against the new netbox-napalm plugin once it's released.

@jeremystretch commented on GitHub (Mar 2, 2023): We're not accepting new feature requests for the NAPALM integration as it's being removed in NetBox v3.5 (see #10520). However, you're welcome to submit feature requests against the new [`netbox-napalm`](https://github.com/netbox-community/netbox-napalm) plugin once it's released.
adam commented 2025-12-29 20:27:18 +01:00
Author
Owner
Copy Link

@tobicodesstuff commented on GitHub (Mar 2, 2023):

Thank you for the reply, I have seen the plugin and have played around with it, but didn't see #10520.

@tobicodesstuff commented on GitHub (Mar 2, 2023): Thank you for the reply, I have seen the plugin and have played around with it, but didn't see #10520.
adam commented 2025-12-29 20:27:19 +01:00
Author
Owner
Copy Link

@tobicodesstuff commented on GitHub (Mar 2, 2023):

Another option would be to defined name sets of credentials, which could just be arguments to the napalm driver:

NAPALM_ARGUMENTS = {
    "default": {
        "username": "foo",
        "password": "bar",
    },
    "firewall": {
        "username": "baz",
        "password": "qux",
        "optional_args": {"port": 12443},
    },
}

Then the per-device setting would just be the credential type (e.g. "default" or "firewall") and the actual values are not exposed to the UI or the database at all.

Another option would be to get the settings through the config contexts mechanism.

@candlerb I've mentioned your suggestion in the new issue as it seemed helpful.

@tobicodesstuff commented on GitHub (Mar 2, 2023): > Another option would be to defined name sets of credentials, which could just be arguments to the napalm driver: > > ``` > NAPALM_ARGUMENTS = { > "default": { > "username": "foo", > "password": "bar", > }, > "firewall": { > "username": "baz", > "password": "qux", > "optional_args": {"port": 12443}, > }, > } > ``` > > Then the per-device setting would just be the credential type (e.g. "default" or "firewall") and the actual values are not exposed to the UI or the database at all. > > Another option would be to get the settings through the config contexts mechanism. @candlerb I've mentioned your suggestion in the new issue as it seemed helpful.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
beta
breaking change
complexity: high
complexity: low
complexity: medium
needs milestone
netbox
pending closure
plugin candidate
pull-request
Mirrored from GitHub Pull Request
 severity: high
severity: low
severity: medium
status: accepted
status: backlog
status: blocked
status: duplicate
status: needs owner
status: needs triage
status: revisions needed
status: under review
topic: GraphQL
topic: Internationalization
topic: OpenAPI
topic: UI/UX
topic: cabling
topic: event rules
topic: htmx navigation
topic: industrialization
topic: migrations
topic: plugins
topic: scripts
topic: templating
topic: testing
type: bug
type: deprecation
type: documentation
type: feature
type: housekeeping
type: translation
No Label type: feature
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/netbox#7706
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?