v0.1.5: Add support for client TLS authentication, move to blocking r…

…eqwest client (#4) * v0.1.5: Use blocking reqwest, add support for client TLS auth * v0.1.5: Update documentation
scaleway · Sep 9, 2021 · 112e01c · 112e01c
1 parent eb370b3
commit 112e01c
Show file tree

Hide file tree

Showing 9 changed files with 258 additions and 180 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 .idea/
 /target
-tarpaulin-report.*
+tarpaulin-report.*
+*.log
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "netbox2netshot"
-version = "0.1.4"
+version = "0.1.5"
 authors = ["Mathieu Poussin <mpoussin@scaleway.com>"]
 edition = "2018"
 description = "Synchronization tool between netbox and netshot"
@@ -15,9 +15,8 @@ serde = { version = "1.0.125", features = ["derive"]}
 structopt = "0.3"
 log = "0.4"
 flexi_logger = "0.17"
-reqwest = { version = "0.11", features = ["json"]}
-tokio = { version = "1", features = ["full"] }
-anyhow = "1.0"
+reqwest = { version = "0.11", features = ["json", "native-tls", "blocking"]}
+anyhow = { version = "1.0", features = ["backtrace"]}
 
 [dev-dependencies]
 mockito = "0.30"

diff --git a/README.md b/README.md
@@ -36,8 +36,18 @@ OPTIONS:
         --netbox-proxy <netbox-proxy>
             HTTP(s) proxy to use to connect to Netbox [env: NETBOX_PROXY=]
 
-        --netbox-token <netbox-token>                      The Netbox token [env: NETBOX_TOKEN]  [default: ]
-        --netbox-url <netbox-url>                          The Netbox API URL [env: NETBOX_URL=]
+        --netbox-tls-client-certificate <netbox-tls-client-certificate>
+            The TLS certificate to use to authenticate to Netbox (PKCS12 format) [env: NETBOX_TLS_CLIENT_CERTIFICATE=]
+
+        --netbox-tls-client-certificate-password <netbox-tls-client-certificate-password>
+            The optional password for the netbox PKCS12 file [env: NETBOX_TLS_CLIENT_CERTIFICATE_PASSWORD=]
+
+        --netbox-token <netbox-token>
+            The Netbox token [env: NETBOX_TOKEN]
+
+        --netbox-url <netbox-url>
+            The Netbox API URL [env: NETBOX_URL=]
+
         --netbox-vms-filter <netbox-vms-filter>
             The querystring to use to select the VM from netbox [env: NETBOX_VMS_FILTER=]
 
@@ -47,13 +57,25 @@ OPTIONS:
         --netshot-proxy <netshot-proxy>
             HTTP(s) proxy to use to connect to Netshot [env: NETSHOT_PROXY=]
 
-        --netshot-token <netshot-token>                    The Netshot token [env: NETSHOT_TOKEN]
-        --netshot-url <netshot-url>                        The Netshot API URL [env: NETSHOT_URL=]
-```
+        --netshot-tls-client-certificate <netshot-tls-client-certificate>
+            The TLS certificate to use to authenticate to Netshot (PKCS12 format) [env: NETSHOT_TLS_CLIENT_CERTIFICATE=]
+
+        --netshot-tls-client-certificate-password <netshot-tls-client-certificate-password>
+            The optional password for the netshot PKCS12 file [env: NETSHOT_TLS_CLIENT_CERTIFICATE_PASSWORD=]
+
+        --netshot-token <netshot-token>
+            The Netshot token [env: NETSHOT_TOKEN]
+
+        --netshot-url <netshot-url>
+            The Netshot API URL [env: NETSHOT_URL=]```
 
 The query-string format need to be like this (url query string without the `?`):
 
 ```bash
 status=active&platform=cisco-ios&platform=cisco-ios-xe&platform=cisco-ios-xr&platform=cisco-nx-os&platform=juniper-junos&has_primary_ip=true&tenant_group=network
 ```
 
+If you plan to use TLS authentication, please provide a PKCS12 formatted identity file (.pfx or .p12), they can be created from .pem/.key/.crt using the following command:
+```bash
+openssl pkcs12 -export -out my.pfx -inkey my.key -in my.crt
+```