Onemind-Services-LLC/netbox-secrets v3.0.0-beta1

on GitHub

Summary

This release delivers NetBox v4.5 compatibility, consolidates session-key APIs, introduces hierarchical SecretRoles
(MPTT), modernizes the UI workflow, and strengthens UserKey validation and security behavior.

Compatibility

• NetBox: 4.5.x only
• Python: >= 3.10

New Features

• UserKey API CRUD: create/update/delete user keys via REST
• SecretRole hierarchy using NetBox NestedGroupModel (MPTT)
• Session-key API in UI: UI now uses API endpoints for session-key operations

Enhancements

• UserKey validation: block public key changes when secrets exist and this is the only active key
• UI safety: hide “Activate User Key” button when no key exists or is inactive
• Swagger/OpenAPI: updated API docs for new endpoints and behaviors
• Project structure: models and API serializers refactored into clearer modules
• Owner support: Secret and SecretRole support NetBox owner fields

Bug Fixes

• Safer activation and master-key handling for UserKeys
• Improved error messages and validation paths
• More consistent secret encryption/decryption flows

Breaking Changes

• NetBox < 4.5 is no longer supported
• POST /get-session-key/ removed (use /session-key/)
• /session-keys/ deprecated (removal planned in v4.6)
• SecretRole hierarchy migration required (MPTT fields + data rebuild)
• Static JS bundle removed (inline JS now used)

Deprecations (until NetBox v4.6)

• GET|POST /session-keys/ → use GET|POST /session-key/
• GET|DELETE /session-keys/{id}/ → use GET|DELETE /session-key/
• POST /activate-user-key/ → use POST /user-keys/activate/

Removed

• POST /get-session-key/ (legacy) — use POST /session-key/

Migration / Upgrade Notes

1. Back up your database.
2. Install the release (see docs/installation.md).
3. Run migrations:

   ./manage.py migrate

4. Update API clients to /session-key/.
5. Verify SecretRole hierarchy and decrypt existing secrets.

Documentation

• API reference: docs/api.md