From 8bf9e85bf1625bd9e3567f86310a12f441abd50a Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 14:13:23 -0700
Subject: [PATCH 01/14] Add workflow for daily build

---
 .github/workflows/release.yml | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..f756a88
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,33 @@
+name: release
+
+on:
+  push:
+    branches:
+      - release
+  schedule:
+    - cron: '45 5 * * *'
+
+jobs:
+  build:
+    env:
+     - DOCKER_ORG: miltonngan
+     - DOCKER_REPO: docker-dummy
+    strategy:
+      matrix:
+        build_cmd:
+        - ./build-latest.sh
+        - PRERELEASE=true ./build-latest.sh
+        - ./build-next.sh
+        - ./build.sh develop
+      fail-fast: false
+    runs-on: ubuntu-latest
+    name: Builds new Netbox Docker Images
+    steps:
+    - id: git-checkout
+      name: Checkout
+      uses: actions/checkout@v2
+    - id: docker-build
+      name: Build the image with '${{ matrix.build_cmd }}'
+      run: ${{ matrix.build_cmd }}
+      env:
+        GH_ACTION: enable

From e27a5aff26c8ecff86385083d4d5d45e56dc26de Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 14:20:00 -0700
Subject: [PATCH 02/14] Change branch name in workflow

---
 .github/workflows/{release.yml => master.yml} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename .github/workflows/{release.yml => master.yml} (95%)

diff --git a/.github/workflows/release.yml b/.github/workflows/master.yml
similarity index 95%
rename from .github/workflows/release.yml
rename to .github/workflows/master.yml
index f756a88..d9f1e5e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/master.yml
@@ -1,9 +1,9 @@
-name: release
+name: master
 
 on:
   push:
     branches:
-      - release
+      - master
   schedule:
     - cron: '45 5 * * *'
 

From 2c0eaa5123cc3343158b2f14d010c3a410e9fd57 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 14:21:32 -0700
Subject: [PATCH 03/14] Fix YAML

---
 .github/workflows/master.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index d9f1e5e..36f45a5 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -10,8 +10,8 @@ on:
 jobs:
   build:
     env:
-     - DOCKER_ORG: miltonngan
-     - DOCKER_REPO: docker-dummy
+      DOCKER_ORG: miltonngan
+      DOCKER_REPO: docker-dummy
     strategy:
       matrix:
         build_cmd:

From 662ea57827ecb0a7b5b800598e17170e33fbca11 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 14:23:40 -0700
Subject: [PATCH 04/14] Fix build steps

---
 .github/workflows/master.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index 36f45a5..052f534 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -16,9 +16,7 @@ jobs:
       matrix:
         build_cmd:
         - ./build-latest.sh
-        - PRERELEASE=true ./build-latest.sh
-        - ./build-next.sh
-        - ./build.sh develop
+        - ./build.sh master
       fail-fast: false
     runs-on: ubuntu-latest
     name: Builds new Netbox Docker Images

From 1a19da13c84c1d47c200c9a870972ce43117bd18 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 14:34:32 -0700
Subject: [PATCH 05/14] change master tag to master from latest Add docker push
 steps

---
 .github/workflows/master.yml | 18 ++++++++++++++++++
 build.sh                     |  2 +-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index 052f534..0de43f8 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -29,3 +29,21 @@ jobs:
       run: ${{ matrix.build_cmd }}
       env:
         GH_ACTION: enable
+    - id: registry-login
+      name: Login to the Docker Registry
+      run: |
+        echo "::add-mask::$DOCKERHUB_USERNAME"
+        echo "::add-mask::$DOCKERHUB_PASSWORD"
+        docker login -u "$DOCKERHUB_USERNAME" --password "${DOCKERHUB_PASSWORD}" "${DOCKER_REGISTRY}"
+      env:
+        DOCKERHUB_USERNAME: ${{ secrets.dockerhub_username }}
+        DOCKERHUB_PASSWORD: ${{ secrets.dockerhub_password }}
+      if: steps.docker-build.outputs.skipped != 'true'
+    - id: registry-push
+      name: Push the image
+      run: ${{ matrix.build_cmd }} --push-only
+      if: steps.docker-build.outputs.skipped != 'true'
+    - id: registry-logout
+      name: Logout of the Docker Registry
+      run: docker logout "${DOCKER_REGISTRY}"
+      if: steps.docker-build.outputs.skipped != 'true'
diff --git a/build.sh b/build.sh
index d411597..b8b0d3f 100755
--- a/build.sh
+++ b/build.sh
@@ -71,7 +71,7 @@ DOCKER_ORG="${DOCKER_ORG-peeringmanager}"
 DOCKER_REPO="${DOCKER_REPO-peering-manager}"
 case "${PEERING_MANAGER_BRANCH}" in
   master)
-    TAG="${TAG-latest}";;
+    TAG="${TAG-master}";;
   *)
     TAG="${TAG-$PEERING_MANAGER_BRANCH}";;
 esac

From ac546487b4185d9b262cea684412b7e8698c28c8 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 15:06:08 -0700
Subject: [PATCH 06/14] Use netbox's build.sh

---
 build.sh | 353 +++++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 277 insertions(+), 76 deletions(-)

diff --git a/build.sh b/build.sh
index b8b0d3f..cddbae7 100755
--- a/build.sh
+++ b/build.sh
@@ -1,35 +1,92 @@
 #!/bin/bash
+# Clones the Netbox repository with git from Github and builds the Dockerfile
 
-echo "▶️  $0 $*"
+echo "▶️ $0 $*"
 
 set -e
 
 if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
-  echo ""
-  echo "Usage: ${0} <branch>"
-  echo "  branch    The branch or tag to build. Required."
+  echo "Usage: ${0} <branch> [--push|--push-only]"
+  echo "  branch       The branch or tag to build. Required."
+  echo "  --push       Pushes the built Docker image to the registry."
+  echo "  --push-only  Only pushes the Docker image to the registry, but does not build it."
   echo ""
   echo "You can use the following ENV variables to customize the build:"
-  echo "  SRC_ORG     Which fork of netbox to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})."
+  echo "  SRC_ORG     Which fork of peering-manager to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})."
   echo "              Default: peering-manager"
   echo "  SRC_REPO    The name of the repository to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})."
   echo "              Default: peering-manager"
   echo "  URL         Where to fetch the code from."
   echo "              Must be a git repository. Can be private."
   echo "              Default: https://github.com/\${SRC_ORG}/\${SRC_REPO}.git"
+  echo "  PEERING_MANAGER_PATH The path where peering-manager will be checkout out."
+  echo "              Must not be outside of the peering-manager docker repository (because of Docker)!"
+  echo "              Default: .peering-manager"
+  echo "  SKIP_GIT    If defined, git is not invoked and \${PEERING_MANAGER_PATH} will not be altered."
+  echo "              This may be useful, if you are manually managing the PEERING_MANAGER_PATH."
+  echo "              Default: undefined"
+  echo "  TAG         The version part of the docker tag."
+  echo "              Default:"
+  echo "                When <branch>=master:  latest"
+  echo "                When <branch>=develop: snapshot"
+  echo "                Else:                  same as <branch>"
+  echo "  DOCKER_REGISTRY The Docker repository's registry (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
+  echo "              Used for tagging the image."
+  echo "              Default: docker.io"
+  echo "  DOCKER_ORG  The Docker repository's organisation (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
+  echo "              Used for tagging the image."
+  echo "              Default: respawner"
+  echo "  DOCKER_REPO The Docker repository's name (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
+  echo "              Used for tagging the image."
+  echo "              Default: peering-manager"
+  echo "  DOCKER_TAG  The name of the tag which is applied to the image."
+  echo "              Useful for pushing into another registry than hub.docker.com."
+  echo "              Default: \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:\${TAG}"
+  echo "  DOCKER_SHORT_TAG The name of the short tag which is applied to the"
+  echo "              image. This is used to tag all patch releases to their"
+  echo "              containing version e.g. v2.5.1 -> v2.5"
+  echo "              Default: \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:<MAJOR>.<MINOR>"
+  echo "  DOCKERFILE  The name of Dockerfile to use."
+  echo "              Default: Dockerfile"
+  echo "  DOCKER_FROM The base image to use."
+  echo "              Default: 'python:3.7-alpine'"
+  echo "  DOCKER_TARGET A specific target to build."
+  echo "              It's currently not possible to pass multiple targets."
+  echo "              Default: main ldap"
+  echo "  HTTP_PROXY  The proxy to use for http requests."
+  echo "              Example: http://proxy.domain.tld:3128"
+  echo "              Default: undefined"
+  echo "  NO_PROXY    Comma-separated list of domain extensions proxy should not be used for."
+  echo "              Example: .domain1.tld,.domain2.tld"
+  echo "              Default: undefined"
   echo "  DEBUG       If defined, the script does not stop when certain checks are unsatisfied."
   echo "              Default: undefined"
   echo "  DRY_RUN     Prints all build statements instead of running them."
   echo "              Default: undefined"
+  echo "  GH_ACTION   If defined, special 'echo' statements are enabled that set the"
+  echo "              following environment variables in Github Actions:"
+  echo "              - FINAL_DOCKER_TAG: The final value of the DOCKER_TAG env variable"
+  echo "              Default: undefined"
   echo ""
   echo "Examples:"
   echo "  ${0} master"
   echo "              This will fetch the latest 'master' branch, build a Docker Image and tag it"
-  echo "              'peering-manager/peering-manager:latest'."
-  echo "  ${0} v1.2.0"
-  echo "              This will fetch the 'v1.2.0' tag, build a Docker Image and tag it"
-  echo "              'peeringmanager/peering-manager:v1.2.0' and 'peeringmanager/peering-manager:v1.2'."
-  echo ""
+  echo "              'respawner/peering-mananger:latest'."
+  echo "  ${0} develop"
+  echo "              This will fetch the latest 'develop' branch, build a Docker Image and tag it"
+  echo "              'respawner/peering-mananger:snapshot'."
+  echo "  ${0} v2.6.6"
+  echo "              This will fetch the 'v2.6.6' tag, build a Docker Image and tag it"
+  echo "              'respawner/peering-mananger:v2.6.6' and 'respawner/peering-manager:v2.6'."
+  echo "  ${0} develop-2.7"
+  echo "              This will fetch the 'develop-2.7' branch, build a Docker Image and tag it"
+  echo "              'respawner/peering-manager:develop-2.7'."
+  echo "  SRC_ORG=cimnine ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/cimnine/peering-manager.git,"
+  echo "              build a Docker Image and tag it 'respawner/peering-manager:feature-x'."
+  echo "  SRC_ORG=cimnine DOCKER_ORG=cimnine ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/cimnine/peering-manager.git,"
+  echo "              build a Docker Image and tag it 'cimnine/peering-manager:feature-x'."
 
   if [ "${1}x" == "x" ]; then
     exit 1
@@ -38,79 +95,137 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   fi
 fi
 
+###
 # Enabling dry-run mode
+###
 if [ -z "${DRY_RUN}" ]; then
   DRY=""
 else
-  echo "⚠️  DRY_RUN MODE ON ⚠️"
+  echo "⚠️ DRY_RUN MODE ON ⚠️"
   DRY="echo"
 fi
 
-echo "👓 Going in the right location"
-cd $(dirname $(realpath $0))
-echo "✅ We are there"
-
+###
 # Variables for fetching the source
+###
 SRC_ORG="${SRC_ORG-peering-manager}"
 SRC_REPO="${SRC_REPO-peering-manager}"
 PEERING_MANAGER_BRANCH="${1}"
 URL="${URL-https://github.com/${SRC_ORG}/${SRC_REPO}.git}"
 PEERING_MANAGER_PATH="${PEERING_MANAGER_PATH-.peering-manager}"
 
-echo "🌀 Cleaning up remains of last build"
-$DRY rm -rf ${PEERING_MANAGER_PATH}
-echo "✅ All cleaned"
+###
+# Fetching the source
+###
+if [ "${2}" != "--push-only" ] && [ -z "${SKIP_GIT}" ] ; then
+  echo "🌐 Checking out '${PEERING_MANAGER_BRANCH}' of peering-manager from the url '${URL}' into '${PEERING_MANAGER_PATH}'"
+  if [ ! -d "${PEERING_MANAGER_PATH}" ]; then
+    $DRY git clone -q --depth 10 -b "${PEERING_MANAGER_BRANCH}" "${URL}" "${PEERING_MANAGER_PATH}"
+  fi
 
-echo "🌐 Checking out 'master' of Peering Manager from '${URL}' into '${PEERING_MANAGER_PATH}'"
-$DRY git clone -q --depth 10 -b ${PEERING_MANAGER_BRANCH} ${URL} ${PEERING_MANAGER_PATH}
-echo "✅ Checked out Peering Manager"
+  (
+    $DRY cd "${PEERING_MANAGER_PATH}"
 
-# Variables for tagging the Docker image
-DOCKER_REGISTRY="${DOCKER_REGISTRY-docker.io}"
-DOCKER_ORG="${DOCKER_ORG-peeringmanager}"
-DOCKER_REPO="${DOCKER_REPO-peering-manager}"
-case "${PEERING_MANAGER_BRANCH}" in
-  master)
-    TAG="${TAG-master}";;
-  *)
-    TAG="${TAG-$PEERING_MANAGER_BRANCH}";;
-esac
+    if [ -n "${HTTP_PROXY}" ]; then
+      git config http.proxy "${HTTP_PROXY}"
+    fi
+
+    $DRY git remote set-url origin "${URL}"
+    $DRY git fetch -qp --depth 10 origin "${PEERING_MANAGER_BRANCH}"
+    $DRY git checkout -qf FETCH_HEAD
+    $DRY git prune
+  )
+  echo "✅ Checked out peering-manager"
+fi
 
+###
+# Determining the value for DOCKERFILE
+# and checking whether it exists
+###
+DOCKERFILE="${DOCKERFILE-Dockerfile}"
+if [ ! -f "${DOCKERFILE}" ]; then
+  echo "🚨 The Dockerfile ${DOCKERFILE} doesn't exist."
+
+  if [ -z "${DEBUG}" ]; then
+    exit 1
+  else
+    echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
+  fi
+fi
+
+###
+# Determining the value for DOCKER_FROM
+###
+if [ -z "$DOCKER_FROM" ]; then
+  DOCKER_FROM="python:3.7-alpine"
+fi
+
+###
+# Variables for labelling the docker image
+###
 BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M+00:00')"
 
 if [ -d ".git" ]; then
   GIT_REF="$(git rev-parse HEAD)"
 fi
 
-# Read the project version from the `VERSION` file and trim it
-# See https://stackoverflow.com/a/3232433/172132
-PROJECT_VERSION="$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' VERSION)"
+# Read the project version from the `VERSION` file and trim it, see https://stackoverflow.com/a/3232433/172132
+PROJECT_VERSION="${PROJECT_VERSION-$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' VERSION)}"
 
-# Get the Git information from the netbox directory
+# Get the Git information from the peering-manager directory
 if [ -d "${PEERING_MANAGER_PATH}/.git" ]; then
   PEERING_MANAGER_GIT_REF=$(cd "${PEERING_MANAGER_PATH}"; git rev-parse HEAD)
   PEERING_MANAGER_GIT_BRANCH=$(cd "${PEERING_MANAGER_PATH}"; git rev-parse --abbrev-ref HEAD)
   PEERING_MANAGER_GIT_URL=$(cd "${PEERING_MANAGER_PATH}"; git remote get-url origin)
 fi
 
+###
+# Variables for tagging the docker image
+###
+DOCKER_REGISTRY="${DOCKER_REGISTRY-docker.io}"
+DOCKER_ORG="${DOCKER_ORG-respawner}"
+DOCKER_REPO="${DOCKER_REPO-peering-manager}"
+case "${PEERING_MANAGER_BRANCH}" in
+  master)
+    TAG="${TAG-latest}";;
+  develop)
+    TAG="${TAG-snapshot}";;
+  *)
+    TAG="${TAG-$PEERING_MANAGER_BRANCH}";;
+esac
+
+###
 # Determine targets to build
-DEFAULT_DOCKER_TARGETS=("main")
-DOCKER_TARGETS=("${DOCKER_TARGET:-"${DEFAULT_DOCKER_TARGETS[@]}"}")
+###
+DEFAULT_DOCKER_TARGETS=("main" "ldap")
+DOCKER_TARGETS=( "${DOCKER_TARGET:-"${DEFAULT_DOCKER_TARGETS[@]}"}")
 echo "🏭 Building the following targets:" "${DOCKER_TARGETS[@]}"
 
+###
+# Build each target
+###
+export DOCKER_BUILDKIT=${DOCKER_BUILDKIT-1}
 for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do
-  echo "🏗  Building the target '${DOCKER_TARGET}'"
+  echo "🏗 Building the target '${DOCKER_TARGET}'"
 
+  ###
   # composing the final TARGET_DOCKER_TAG
+  ###
   TARGET_DOCKER_TAG="${DOCKER_TAG-${DOCKER_REGISTRY}/${DOCKER_ORG}/${DOCKER_REPO}:${TAG}}"
   if [ "${DOCKER_TARGET}" != "main" ]; then
     TARGET_DOCKER_TAG="${TARGET_DOCKER_TAG}-${DOCKER_TARGET}"
   fi
+  if [ -n "${GH_ACTION}" ]; then
+    echo "::set-env name=FINAL_DOCKER_TAG::${TARGET_DOCKER_TAG}"
+    echo "::set-output name=skipped::false"
+  fi
 
+  ###
   # composing the additional DOCKER_SHORT_TAG,
-  # i.e. "v1.2.0" becomes "v1.2",
+  # i.e. "v2.6.1" becomes "v2.6",
   # which is only relevant for version tags
   # Also let "latest" follow the highest version
+  ###
   if [[ "${TAG}" =~ ^v([0-9]+)\.([0-9]+)\.[0-9]+$ ]]; then
     MAJOR=${BASH_REMATCH[1]}
     MINOR=${BASH_REMATCH[2]}
@@ -124,48 +239,134 @@ for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do
     fi
   fi
 
-  # Composing all arguments for `docker build`
-  DOCKER_BUILD_ARGS=(
-    --pull
-    --target "${DOCKER_TARGET}"
-    -t "${TARGET_DOCKER_TAG}"
-  )
-  if [ -n "${TARGET_DOCKER_SHORT_TAG}" ]; then
-    DOCKER_BUILD_ARGS+=( -t "${TARGET_DOCKER_SHORT_TAG}" )
-    DOCKER_BUILD_ARGS+=( -t "${TARGET_DOCKER_LATEST_TAG}" )
-  fi
+  ###
+  # Proceeding to buils stage, except if `--push-only` is passed
+  ###
+  if [ "${2}" != "--push-only" ] ; then
+    ###
+    # Checking if the build is necessary,
+    # meaning build only if one of those values changed:
+    # - Python base image digest (Label: PYTHON_BASE_DIGEST)
+    # - peering-manager git ref (Label: PEERING_MANAGER_GIT_REF)
+    # - peering-manager-docker git ref (Label: org.label-schema.vcs-ref)
+    ###
+    # Load information from registry (only for docker.io)
+    SHOULD_BUILD="false"
+    BUILD_REASON=""
+    if [ -z "${GH_ACTION}" ]; then
+      # Asuming non Github builds should always proceed
+      SHOULD_BUILD="true"
+      BUILD_REASON="${BUILD_REASON} interactive"
+    elif [ "$DOCKER_REGISTRY" = "docker.io" ]; then
+      source ./build-functions/get-public-image-config.sh
+      IFS=':' read -ra DOCKER_FROM_SPLIT <<< "${DOCKER_FROM}"
+      if ! [[ ${DOCKER_FROM_SPLIT[0]} =~ .*/.* ]]; then
+        # Need to use "library/..." for images the have no two part name
+        DOCKER_FROM_SPLIT[0]="library/${DOCKER_FROM_SPLIT[0]}"
+      fi
+      PYTHON_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM_SPLIT[0]}" "${DOCKER_FROM_SPLIT[1]}")
+      mapfile -t IMAGES_LAYERS_OLD < <(get_image_layers "${DOCKER_ORG}"/"${DOCKER_REPO}" "${TAG}")
+      PEERING_MANAGER_GIT_REF_OLD=$(get_image_label PEERING_MANAGER_GIT_REF "${DOCKER_ORG}"/"${DOCKER_REPO}" "${TAG}")
+      GIT_REF_OLD=$(get_image_label org.label-schema.vcs-ref "${DOCKER_ORG}"/"${DOCKER_REPO}" "${TAG}")
 
-  # --label
-  DOCKER_BUILD_ARGS+=(
-    --label "ORIGINAL_TAG=${TARGET_DOCKER_TAG}"
-
-    --label "org.label-schema.build-date=${BUILD_DATE}"
-    --label "org.opencontainers.image.created=${BUILD_DATE}"
-
-    --label "org.label-schema.version=${PROJECT_VERSION}"
-    --label "org.opencontainers.image.version=${PROJECT_VERSION}"
-  )
-  if [ -d ".git" ]; then
-    DOCKER_BUILD_ARGS+=(
-      --label "org.label-schema.vcs-ref=${GIT_REF}"
-      --label "org.opencontainers.image.revision=${GIT_REF}"
+      if ! printf '%s\n' "${IMAGES_LAYERS_OLD[@]}" | grep -q -P "^${PYTHON_LAST_LAYER}\$"; then
+        SHOULD_BUILD="true"
+        BUILD_REASON="${BUILD_REASON} python"
+      fi
+      if [ "${PEERING_MANAGER_GIT_REF}" != "${PEERING_MANAGER_GIT_REF_OLD}" ]; then
+        SHOULD_BUILD="true"
+        BUILD_REASON="${BUILD_REASON} peering-manager"
+      fi
+      if [ "${GIT_REF}" != "${GIT_REF_OLD}" ]; then
+        SHOULD_BUILD="true"
+        BUILD_REASON="${BUILD_REASON} peering-manager-docker"
+      fi
+    else
+      SHOULD_BUILD="true"
+      BUILD_REASON="${BUILD_REASON} no-check"
+    fi
+    ###
+    # Composing all arguments for `docker build`
+    ###
+    DOCKER_BUILD_ARGS=(
+      --pull
+      --target "${DOCKER_TARGET}"
+      -f "${DOCKERFILE}"
+      -t "${TARGET_DOCKER_TAG}"
     )
-  fi
-  if [ -d "${PEERING_MANAGER_PATH}/.git" ]; then
+    if [ -n "${TARGET_DOCKER_SHORT_TAG}" ]; then
+      DOCKER_BUILD_ARGS+=( -t "${TARGET_DOCKER_SHORT_TAG}" )
+      DOCKER_BUILD_ARGS+=( -t "${TARGET_DOCKER_LATEST_TAG}" )
+    fi
+
+    # --label
     DOCKER_BUILD_ARGS+=(
-      --label "PEERING_MANAGER_GIT_BRANCH=${PEERING_MANAGER_GIT_BRANCH}"
-      --label "PEERING_MANAGER_GIT_REF=${PEERING_MANAGER_GIT_REF}"
-      --label "PEERING_MANAGER_GIT_URL=${PEERING_MANAGER_GIT_URL}"
+      --label "ORIGINAL_TAG=${TARGET_DOCKER_TAG}"
+
+      --label "org.label-schema.build-date=${BUILD_DATE}"
+      --label "org.opencontainers.image.created=${BUILD_DATE}"
+
+      --label "org.label-schema.version=${PROJECT_VERSION}"
+      --label "org.opencontainers.image.version=${PROJECT_VERSION}"
     )
+    if [ -d ".git" ]; then
+      DOCKER_BUILD_ARGS+=(
+        --label "org.label-schema.vcs-ref=${GIT_REF}"
+        --label "org.opencontainers.image.revision=${GIT_REF}"
+      )
+    fi
+    if [ -d "${PEERING_MANAGER_PATH}/.git" ]; then
+      DOCKER_BUILD_ARGS+=(
+        --label "PEERING_MANAGER_GIT_BRANCH=${PEERING_MANAGER_GIT_BRANCH}"
+        --label "PEERING_MANAGER_GIT_REF=${PEERING_MANAGER_GIT_REF}"
+        --label "PEERING_MANAGER_GIT_URL=${PEERING_MANAGER_GIT_URL}"
+      )
+    fi
+    if [ -n "${BUILD_REASON}" ]; then
+      BUILD_REASON=$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' <<< "$BUILD_REASON")
+      DOCKER_BUILD_ARGS+=( --label "BUILD_REASON=${BUILD_REASON}" )
+    fi
+
+    # --build-arg
+    DOCKER_BUILD_ARGS+=(   --build-arg "PEERING_MANAGER_PATH=${PEERING_MANAGER_PATH}" )
+
+    if [ -n "${DOCKER_FROM}" ]; then
+      DOCKER_BUILD_ARGS+=( --build-arg "FROM=${DOCKER_FROM}" )
+    fi
+    if [ -n "${HTTP_PROXY}" ]; then
+      DOCKER_BUILD_ARGS+=( --build-arg "http_proxy=${HTTP_PROXY}" )
+      DOCKER_BUILD_ARGS+=( --build-arg "https_proxy=${HTTPS_PROXY}" )
+    fi
+    if [ -n "${NO_PROXY}" ]; then
+      DOCKER_BUILD_ARGS+=( --build-arg "no_proxy=${NO_PROXY}" )
+    fi
+
+    ###
+    # Building the docker image
+    ###
+    if [ "${SHOULD_BUILD}" == "true" ]; then
+      echo "🐳 Building the Docker image '${TARGET_DOCKER_TAG}'."
+      echo "    Build reason set to: ${BUILD_REASON}"
+      $DRY docker build "${DOCKER_BUILD_ARGS[@]}" .
+      echo "✅ Finished building the Docker images '${TARGET_DOCKER_TAG}'"
+      echo "🔎 Inspecting labels on '${TARGET_DOCKER_TAG}'"
+      $DRY docker inspect "${TARGET_DOCKER_TAG}" --format "{{json .Config.Labels}}"
+    else
+      echo "Build skipped because sources didn't change"
+      echo "::set-output name=skipped::true"
+    fi
   fi
 
-  # --build-arg
-  DOCKER_BUILD_ARGS+=( --build-arg "PEERING_MANAGER_PATH=${PEERING_MANAGER_PATH}" )
+  ###
+  # Pushing the docker images if either `--push` or `--push-only` are passed
+  ###
+  if [ "${2}" == "--push" ] || [ "${2}" == "--push-only" ] ; then
+    source ./build-functions/docker-functions.sh
+    push_image_to_registry "${TARGET_DOCKER_TAG}"
 
-  # Building the Docker image
-  echo "🐳 Building the Docker image '${TARGET_DOCKER_TAG}'."
-  $DRY docker build "${DOCKER_BUILD_ARGS[@]}" .
-  echo "✅ Finished building the Docker images '${TARGET_DOCKER_TAG}'"
-  echo "🔎 Inspecting labels on '${TARGET_DOCKER_TAG}'"
-  $DRY docker inspect "${TARGET_DOCKER_TAG}" --format "{{json .Config.Labels}}"
+    if [ -n "${TARGET_DOCKER_SHORT_TAG}" ]; then
+      push_image_to_registry "${TARGET_DOCKER_SHORT_TAG}"
+      push_image_to_registry "${TARGET_DOCKER_LATEST_TAG}"
+    fi
+  fi
 done

From 63d1f5ae5a9149c9f62d333ba8a7b0e74613b9e8 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 15:09:13 -0700
Subject: [PATCH 07/14] Add build functions from netbox docker

---
 build-functions/docker-functions.sh        |  8 +++
 build-functions/get-public-image-config.sh | 82 ++++++++++++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100644 build-functions/docker-functions.sh
 create mode 100644 build-functions/get-public-image-config.sh

diff --git a/build-functions/docker-functions.sh b/build-functions/docker-functions.sh
new file mode 100644
index 0000000..137ec54
--- /dev/null
+++ b/build-functions/docker-functions.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+push_image_to_registry() {
+  local target_tag=$1
+  echo "⏫ Pushing '${target_tag}'"
+  $DRY docker push "${target_tag}"
+  echo "✅ Finished pushing the Docker image '${target_tag}'."
+}
\ No newline at end of file
diff --git a/build-functions/get-public-image-config.sh b/build-functions/get-public-image-config.sh
new file mode 100644
index 0000000..f718716
--- /dev/null
+++ b/build-functions/get-public-image-config.sh
@@ -0,0 +1,82 @@
+#!/bin/bash
+# Retrieves image configuration from public images in DockerHub
+# Functions from https://gist.github.com/cirocosta/17ea17be7ac11594cb0f290b0a3ac0d1
+# Optimised for our use case
+
+get_image_label() {
+  local label=$1
+  local image=$2
+  local tag=$3
+  local token
+  token=$(_get_token "$image")
+  local digest
+  digest=$(_get_digest "$image" "$tag" "$token")
+  local retval="null"
+  if [ "$digest" != "null" ]; then
+    retval=$(_get_image_configuration "$image" "$token" "$digest" "$label")
+  fi
+  echo "$retval"
+}
+
+get_image_layers() {
+  local image=$1
+  local tag=$2
+  local token
+  token=$(_get_token "$image")
+  _get_layers "$image" "$tag" "$token"
+}
+
+get_image_last_layer() {
+  local image=$1
+  local tag=$2
+  local token
+  token=$(_get_token "$image")
+  local layers
+  mapfile -t layers < <(_get_layers "$image" "$tag" "$token")
+  echo "${layers[-1]}"
+}
+
+_get_image_configuration() {
+  local image=$1
+  local token=$2
+  local digest=$3
+  local label=$4
+  curl \
+    --silent \
+    --location \
+    --header "Authorization: Bearer $token" \
+    "https://registry-1.docker.io/v2/$image/blobs/$digest" \
+    | jq -r ".config.Labels.\"$label\""
+}
+
+_get_token() {
+  local image=$1
+  curl \
+    --silent \
+    "https://auth.docker.io/token?scope=repository:$image:pull&service=registry.docker.io" \
+    | jq -r '.token'
+}
+
+_get_digest() {
+  local image=$1
+  local tag=$2
+  local token=$3
+  curl \
+    --silent \
+    --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+    --header "Authorization: Bearer $token" \
+    "https://registry-1.docker.io/v2/$image/manifests/$tag" \
+    | jq -r '.config.digest'
+}
+
+_get_layers() {
+  local image=$1
+  local tag=$2
+  local token=$3
+  curl \
+    --silent \
+    --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+    --header "Authorization: Bearer $token" \
+    "https://registry-1.docker.io/v2/$image/manifests/$tag" \
+    | jq -r '.layers[].digest'
+}

From 33bf18a34cfad6fdcd83d172ae7fac6f3676f22d Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 15:13:07 -0700
Subject: [PATCH 08/14] Remove ldap from build targets

---
 build.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.sh b/build.sh
index cddbae7..99c6bb2 100755
--- a/build.sh
+++ b/build.sh
@@ -52,7 +52,7 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   echo "              Default: 'python:3.7-alpine'"
   echo "  DOCKER_TARGET A specific target to build."
   echo "              It's currently not possible to pass multiple targets."
-  echo "              Default: main ldap"
+  echo "              Default: main"
   echo "  HTTP_PROXY  The proxy to use for http requests."
   echo "              Example: http://proxy.domain.tld:3128"
   echo "              Default: undefined"
@@ -197,7 +197,7 @@ esac
 ###
 # Determine targets to build
 ###
-DEFAULT_DOCKER_TARGETS=("main" "ldap")
+DEFAULT_DOCKER_TARGETS=("main")
 DOCKER_TARGETS=( "${DOCKER_TARGET:-"${DEFAULT_DOCKER_TARGETS[@]}"}")
 echo "🏭 Building the following targets:" "${DOCKER_TARGETS[@]}"
 

From 31fb46d4c60e30a7b7d5d86d32e7330e399203bd Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 15:18:30 -0700
Subject: [PATCH 09/14] Tickle build

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 2f398ce..35b482f 100644
--- a/README.md
+++ b/README.md
@@ -34,3 +34,5 @@ available version of Peering Manager and build its image.
 This work is based on the great
 [netbox-docker](https://github.com/netbox-community/netbox-docker) project and
 uses the same license.
+
+

From 9cc376a943184dbd3322b793417544aabda7fc18 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sat, 26 Sep 2020 15:30:36 -0700
Subject: [PATCH 10/14] Changed base docker image to check in build.sh

---
 build.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.sh b/build.sh
index 99c6bb2..d43c516 100755
--- a/build.sh
+++ b/build.sh
@@ -157,7 +157,7 @@ fi
 # Determining the value for DOCKER_FROM
 ###
 if [ -z "$DOCKER_FROM" ]; then
-  DOCKER_FROM="python:3.7-alpine"
+  DOCKER_FROM="python:3-slim"
 fi
 
 ###

From 36601fc6fb6db03fb4c463c0539c6d9e8a98e446 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Mon, 28 Sep 2020 09:10:00 -0700
Subject: [PATCH 11/14] - When building the `master` branch tag with `develop`
 instead of `latest` - Make build-latest.sh use the same env vars as build.sh
 to construct the GH repo path - Clean up documentation

---
 .github/workflows/master.yml |  5 +----
 build-latest.sh              |  4 +++-
 build.sh                     | 23 ++++++++++-------------
 3 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index 0de43f8..a82b539 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -9,9 +9,6 @@ on:
 
 jobs:
   build:
-    env:
-      DOCKER_ORG: miltonngan
-      DOCKER_REPO: docker-dummy
     strategy:
       matrix:
         build_cmd:
@@ -19,7 +16,7 @@ jobs:
         - ./build.sh master
       fail-fast: false
     runs-on: ubuntu-latest
-    name: Builds new Netbox Docker Images
+    name: Builds new Peering Manager Docker Images
     steps:
     - id: git-checkout
       name: Checkout
diff --git a/build-latest.sh b/build-latest.sh
index c36bd25..892e0e7 100755
--- a/build-latest.sh
+++ b/build-latest.sh
@@ -4,7 +4,9 @@
 echo "▶️  $0 $*"
 
 # Querying GitHub to get the latest version
-GITHUB_REPO="peering-manager/peering-manager"
+SRC_ORG="${SRC_ORG-peering-manager}"
+SRC_REPO="${SRC_REPO-peering-manager}"
+GITHUB_REPO="${SRC_ORG}/${SRC_REPO}"
 URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases"
 
 # Composing the JQ command to extract the most recent version number
diff --git a/build.sh b/build.sh
index d43c516..376eda0 100755
--- a/build.sh
+++ b/build.sh
@@ -27,8 +27,7 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   echo "              Default: undefined"
   echo "  TAG         The version part of the docker tag."
   echo "              Default:"
-  echo "                When <branch>=master:  latest"
-  echo "                When <branch>=develop: snapshot"
+  echo "                When <branch>=master:  snapshot"
   echo "                Else:                  same as <branch>"
   echo "  DOCKER_REGISTRY The Docker repository's registry (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
   echo "              Used for tagging the image."
@@ -71,22 +70,22 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   echo "Examples:"
   echo "  ${0} master"
   echo "              This will fetch the latest 'master' branch, build a Docker Image and tag it"
-  echo "              'respawner/peering-mananger:latest'."
+  echo "              'respawner/peering-manager:latest'."
   echo "  ${0} develop"
   echo "              This will fetch the latest 'develop' branch, build a Docker Image and tag it"
-  echo "              'respawner/peering-mananger:snapshot'."
+  echo "              'respawner/peering-manager:snapshot'."
   echo "  ${0} v2.6.6"
   echo "              This will fetch the 'v2.6.6' tag, build a Docker Image and tag it"
-  echo "              'respawner/peering-mananger:v2.6.6' and 'respawner/peering-manager:v2.6'."
+  echo "              'respawner/peering-manager:v2.6.6' and 'respawner/peering-manager:v2.6'."
   echo "  ${0} develop-2.7"
   echo "              This will fetch the 'develop-2.7' branch, build a Docker Image and tag it"
   echo "              'respawner/peering-manager:develop-2.7'."
-  echo "  SRC_ORG=cimnine ${0} feature-x"
-  echo "              This will fetch the 'feature-x' branch from https://github.com/cimnine/peering-manager.git,"
+  echo "  SRC_ORG=respawner ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/respawner/peering-manager.git,"
+  echo "              build a Docker Image and tag it 'respawner/peering-manager:feature-x'."
+  echo "  SRC_ORG=respawner DOCKER_ORG=respawner ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/respawner/peering-manager.git,"
   echo "              build a Docker Image and tag it 'respawner/peering-manager:feature-x'."
-  echo "  SRC_ORG=cimnine DOCKER_ORG=cimnine ${0} feature-x"
-  echo "              This will fetch the 'feature-x' branch from https://github.com/cimnine/peering-manager.git,"
-  echo "              build a Docker Image and tag it 'cimnine/peering-manager:feature-x'."
 
   if [ "${1}x" == "x" ]; then
     exit 1
@@ -183,12 +182,10 @@ fi
 # Variables for tagging the docker image
 ###
 DOCKER_REGISTRY="${DOCKER_REGISTRY-docker.io}"
-DOCKER_ORG="${DOCKER_ORG-respawner}"
+DOCKER_ORG="${DOCKER_ORG-peeringmanager}"
 DOCKER_REPO="${DOCKER_REPO-peering-manager}"
 case "${PEERING_MANAGER_BRANCH}" in
   master)
-    TAG="${TAG-latest}";;
-  develop)
     TAG="${TAG-snapshot}";;
   *)
     TAG="${TAG-$PEERING_MANAGER_BRANCH}";;

From b44afba498ac30055eac7d021c3cc93d0a325e3e Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Mon, 5 Oct 2020 08:38:28 -0700
Subject: [PATCH 12/14] Fix references to old github repo

---
 build.sh | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/build.sh b/build.sh
index 376eda0..1021c57 100755
--- a/build.sh
+++ b/build.sh
@@ -34,7 +34,7 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   echo "              Default: docker.io"
   echo "  DOCKER_ORG  The Docker repository's organisation (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
   echo "              Used for tagging the image."
-  echo "              Default: respawner"
+  echo "              Default: peering-manager"
   echo "  DOCKER_REPO The Docker repository's name (i.e. '\${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}'')"
   echo "              Used for tagging the image."
   echo "              Default: peering-manager"
@@ -70,22 +70,22 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
   echo "Examples:"
   echo "  ${0} master"
   echo "              This will fetch the latest 'master' branch, build a Docker Image and tag it"
-  echo "              'respawner/peering-manager:latest'."
+  echo "              'peering-manager/peering-manager:latest'."
   echo "  ${0} develop"
   echo "              This will fetch the latest 'develop' branch, build a Docker Image and tag it"
-  echo "              'respawner/peering-manager:snapshot'."
+  echo "              'peering-manager/peering-manager:snapshot'."
   echo "  ${0} v2.6.6"
   echo "              This will fetch the 'v2.6.6' tag, build a Docker Image and tag it"
-  echo "              'respawner/peering-manager:v2.6.6' and 'respawner/peering-manager:v2.6'."
+  echo "              'peering-manager/peering-manager:v2.6.6' and 'peering-manager/peering-manager:v2.6'."
   echo "  ${0} develop-2.7"
   echo "              This will fetch the 'develop-2.7' branch, build a Docker Image and tag it"
-  echo "              'respawner/peering-manager:develop-2.7'."
-  echo "  SRC_ORG=respawner ${0} feature-x"
-  echo "              This will fetch the 'feature-x' branch from https://github.com/respawner/peering-manager.git,"
-  echo "              build a Docker Image and tag it 'respawner/peering-manager:feature-x'."
-  echo "  SRC_ORG=respawner DOCKER_ORG=respawner ${0} feature-x"
-  echo "              This will fetch the 'feature-x' branch from https://github.com/respawner/peering-manager.git,"
-  echo "              build a Docker Image and tag it 'respawner/peering-manager:feature-x'."
+  echo "              'peering-manager/peering-manager:develop-2.7'."
+  echo "  SRC_ORG=peering-manager ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/peering-manager/peering-manager.git,"
+  echo "              build a Docker Image and tag it 'peering-manager/peering-manager:feature-x'."
+  echo "  SRC_ORG=peering-manager DOCKER_ORG=peering-manager ${0} feature-x"
+  echo "              This will fetch the 'feature-x' branch from https://github.com/peering-manager/peering-manager.git,"
+  echo "              build a Docker Image and tag it 'peering-manager/peering-manager:feature-x'."
 
   if [ "${1}x" == "x" ]; then
     exit 1

From d696117c2189b186a946d2115d3319a1f2638ed0 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Sun, 25 Oct 2020 15:30:00 -0700
Subject: [PATCH 13/14] - Add support for new env vars to match new config
 variables - Add debug_toolbar to docker image, supported by INTERNAL_IPS env
 var - Various fixes to variable names that didn't match - Fix release check
 URL

---
 Dockerfile                     |  4 ++-
 configuration/configuration.py | 48 +++++++++++++++++++++++++---------
 env/peering-manager.env        | 25 ++++++++++++++++--
 3 files changed, 61 insertions(+), 16 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index af20b72..cdab91d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,9 @@ RUN mkdir /install \
        --prefix="/install" --no-warn-script-location --no-cache-dir \
        gunicorn \
        django-auth-ldap \
-       django-radius
+       django-radius \
+       django-debug_toolbar
+
 
 ##############
 # Main stage #
diff --git a/configuration/configuration.py b/configuration/configuration.py
index 039fb8d..fba2be7 100644
--- a/configuration/configuration.py
+++ b/configuration/configuration.py
@@ -53,8 +53,9 @@ def read_secret(secret_name):
     "tasks": {
         "HOST": os.environ.get("REDIS_HOST", "localhost"),
         "PORT": int(os.environ.get("REDIS_PORT", 6379)),
+        "SENTINEL_SERVICE": os.environ.get("REDIS_SENTINEL_SERVICE", "default"),
         "PASSWORD": os.environ.get("REDIS_PASSWORD", read_secret("redis_password")),
-        "CACHE_DATABASE": int(os.environ.get("REDIS_DATABASE", 0)),
+        "DATABASE": int(os.environ.get("REDIS_DATABASE", 0)),
         "DEFAULT_TIMEOUT": int(os.environ.get("REDIS_TIMEOUT", 300)),
         "SSL": os.environ.get("REDIS_SSL", "False").lower() == "true",
     },
@@ -62,15 +63,16 @@ def read_secret(secret_name):
         "HOST": os.environ.get(
             "REDIS_CACHE_HOST", os.environ.get("REDIS_HOST", "localhost")
         ),
-        "PORT": os.environ.get(
-            "REDIS_CACHE_PORT",
-            os.environ.get("REDIS_PORT", 6379)
+        "PORT": os.environ.get("REDIS_CACHE_PORT", os.environ.get("REDIS_PORT", 6379)),
+        "SENTINEL_SERVICE": os.environ.get(
+            "REDIS_CACHE_SENTINEL_SERVICE",
+            os.environ.get("REDIS_SENTINEL_SERVICE", "default"),
         ),
         "PASSWORD": os.environ.get(
             "REDIS_CACHE_PASSWORD",
             os.environ.get("REDIS_PASSWORD", read_secret("redis_cache_password")),
         ),
-        "CACHE_DATABASE": int(os.environ.get("REDIS_CACHE_DATABASE", 1)),
+        "DATABASE": int(os.environ.get("REDIS_CACHE_DATABASE", 1)),
         "DEFAULT_TIMEOUT": int(
             os.environ.get("REDIS_CACHE_TIMEOUT", os.environ.get("REDIS_TIMEOUT", 300))
         ),
@@ -80,10 +82,19 @@ def read_secret(secret_name):
         == "true",
     },
 }
+if 'REDIS_SENTINELS' in os.environ:
+    REDIS['tasks']['SENTINELS'] = os.environ.get("REDIS_SENTINELS").split(" ")
+    REDIS['caching']['SENTINELS'] = os.environ.get("REDIS_SENTINELS").split(" ")
+if 'REDIS_CACHE_SENTINELS' in os.environ:
+    REDIS['caching']['SENTINELS'] = os.environ.get("REDIS_CACHE_SENTINELS").split(" ")
+
 # Cache timeout in seconds. Set to 0 to disable caching.
 CACHE_TIMEOUT = int(os.environ.get("CACHE_TIMEOUT", 900))
 
 DEBUG = os.environ.get("DEBUG", "False").lower() == "true"
+INTERNAL_IPS = ["127.0.0.1", "::1"]
+for ip in os.environ.get("INTERNAL_IPS", "").split(" "):
+    INTERNAL_IPS.append(ip)
 
 EMAIL = {
     "SERVER": os.environ.get("EMAIL_SERVER", "localhost"),
@@ -92,6 +103,7 @@ def read_secret(secret_name):
     "PASSWORD": os.environ.get("EMAIL_PASSWORD", read_secret("email_password")),
     "TIMEOUT": int(os.environ.get("EMAIL_TIMEOUT", 10)),  # seconds
     "FROM_ADDRESS": os.environ.get("EMAIL_FROM_ADDRESS", ""),
+    "SUBJECT_PREFIX": os.environ.get("EMAIL_SUBJECT_PREFIX", ""),
     "USE_SSL": os.environ.get("EMAIL_USE_SSL", "False").lower() == "true",
     "USE_TLS": os.environ.get("EMAIL_USE_TLS", "False").lower() == "true",
     "SSL_CERTFILE": os.environ.get("EMAIL_SSL_CERTFILE", ""),
@@ -100,17 +112,20 @@ def read_secret(secret_name):
 
 CHANGELOG_RETENTION = int(os.environ.get("CHANGELOG_RETENTION", 90))
 LOGIN_REQUIRED = os.environ.get("LOGIN_REQUIRED", "False").lower() == "true"
+NAPALM_USERNAME = os.environ.get("NAPALM_USERNAME", "")
+NAPALM_PASSWORD = os.environ.get("NAPALM_PASSWORD", read_secret("napalm_password"))
+NAPALM_TIMEOUT = int(os.environ.get("NAPALM_TIMEOUT", 30))
+NAPALM_ARGS = dict(
+    [
+        (var[len("NAPALM_ARG_") :].lower(), os.environ.get(var))
+        for var in os.environ.keys()
+        if var.startswith("NAPALM_ARG_")
+    ]
+)
 PEERINGDB_USERNAME = os.environ.get("PEERINGDB_USERNAME", "")
 PEERINGDB_PASSWORD = os.environ.get(
     "PEERINGDB_PASSWORD", read_secret("peeringdb_password")
 )
-NAPALM_USERNAME = os.environ.get("NAPALM_USERNAME", "")
-NAPALM_PASSWORD = os.environ.get("NAPALM_PASSWORD", read_secret("napalm_password"))
-NAPALM_TIMEOUT = int(os.environ.get("NAPALM_TIMEOUT", 30))
-NAPALM_ARGS = dict([
-  (var[len('NAPALM_ARG_'):].lower(), os.environ.get(var))
-  for var in os.environ.keys() if var.startswith('NAPALM_ARG_')
-])
 PAGINATE_COUNT = int(os.environ.get("PAGINATE_COUNT", 50))
 BGPQ3_PATH = os.environ.get("BGPQ3_PATH", "bgpq3")
 BGPQ3_HOST = os.environ.get("BGPQ3_HOST", "rr.ntt.net")
@@ -122,13 +137,20 @@ def read_secret(secret_name):
     "ipv6": os.environ.get("BGPQ3_ARGS_IPV6", "-r 16 -R 48").split(" "),
     "ipv4": os.environ.get("BGPQ3_ARGS_IPV4", "-r 8 -R 24").split(" "),
 }
+METRICS_ENABLED = os.environ.get("METRICS_ENABLED", "False").lower() == "true"
 NETBOX_API = os.environ.get("NETBOX_API", None)
 NETBOX_API_TOKEN = os.environ.get("NETBOX_API_TOKEN", read_secret("netbox_api_token"))
+NETBOX_API_THREADING = os.environ.get("NETBOX_API_THREADING", "False").lower() == "true"
+NETBOX_API_VERIFY_SSL = (
+    os.environ.get("NETBOX_API_VERIFY_SSL", "True").lower() == "true"
+)
 NETBOX_DEVICE_ROLES = os.environ.get(
     "NETBOX_DEVICE_ROLES", "router,firewall,switch"
 ).split(",")
 RELEASE_CHECK_URL = os.environ.get(
     "RELEASE_CHECK_URL",
-    "https://api.github.com/repos/respawner/peering-manager/releases",
+    "https://api.github.com/repos/peering-manager/peering-manager/releases",
 )
 RELEASE_CHECK_TIMEOUT = os.environ.get("RELEASE_CHECK_TIMEOUT", 86400)
+SOFTDELETE_ENABLED = os.environ.get("SOFTDELETE_ENABLED", "False").lower() == "true"
+SOFTDELETE_RETENTION = int(os.environ.get("SOFTDELETE_RETENTION", CHANGELOG_RETENTION))
diff --git a/env/peering-manager.env b/env/peering-manager.env
index 78e9fe0..ec29be2 100644
--- a/env/peering-manager.env
+++ b/env/peering-manager.env
@@ -15,21 +15,40 @@ EMAIL_USERNAME=peering-manager
 EMAIL_PASSWORD=
 EMAIL_TIMEOUT=5
 EMAIL_FROM=peering-manager@bar.com
+# EMAIL_SUBJECT_PREFIX=
 # EMAIL_USE_SSL and EMAIL_USE_TLS are mutually exclusive, i.e. they can't both be `true`!
 EMAIL_USE_SSL=false
 EMAIL_USE_TLS=false
 EMAIL_SSL_CERTFILE=
 EMAIL_SSL_KEYFILE=
 PEERINGDB_USERNAME=
+# PEERINGDB_PASSWORD=
 NAPALM_USERNAME=
 NAPALM_PASSWORD=
-NAPALM_TIMEOUT=10
+NAPALM_TIMEOUT=30
+# BGPQ3_PATH=
+# BGPQ3_HOST=
+# BGPQ3_SOURCES=
+# NETBOX_API=
+# NETBOX_API_TOKEN=
+# NETBOX_API_THREADING=
+# NETBOX_API_VERIFY_SSL=
+# NETBOX_DEVICE_ROLES=
+METRICS_ENABLED=False
+SOFTDELETE_ENABLED=False
+# SOFTDELETE_RETENTION=
 REDIS_HOST=redis
 REDIS_PASSWORD=VDMLLoJA8JnMLAxx
+# Space separate list of sentinel hosts
+# REDIS_SENTINELS=
+REDIS_SENTINEL_SERVICE=default
 REDIS_DATABASE=0
 REDIS_SSL=false
 REDIS_CACHE_HOST=redis
 REDIS_CACHE_PASSWORD=VDMLLoJA8JnMLAxx
+# Space separate list of sentinel hosts
+# REDIS_CACHE_SENTINELS=
+REDIS_CACHE_SENTINEL_SERVICE=default
 REDIS_CACHE_DATABASE=1
 REDIS_CACHE_SSL=false
 SKIP_STARTUP_SCRIPTS=false
@@ -38,4 +57,6 @@ SUPERUSER_NAME=admin
 SUPERUSER_EMAIL=admin@bar.com
 SUPERUSER_PASSWORD=admin
 SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567
-RELEASE_CHECK_URL=https://api.github.com/repos/respawner/peering-manager/releases
+PAGINATE_COUNT=50
+RELEASE_CHECK_URL=https://api.github.com/repos/peering-manager/peering-manager/releases
+INTERNAL_IPS="127.0.0.1 ::1"

From f2871b4053ad97b4dd4b0e44bf2c70b30db2d3d7 Mon Sep 17 00:00:00 2001
From: Milton Ngan <milton@valvesoftware.com>
Date: Fri, 13 Nov 2020 16:40:18 -0800
Subject: [PATCH 14/14] Fix docker image reference

---
 docker-compose.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 1907a19..44643f4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,7 @@
 version: '3.4'
 services:
   peering-manager:
-    image: peering-manager:latest
+    image: peeringmanager/peering-manager:latest
     env_file: env/peering-manager.env
     depends_on:
       - postgres
@@ -11,7 +11,7 @@ services:
       - peering-manager-static-files:/opt/peering-manager/static:z
       - peering-manager-nginx-config:/etc/peering-manager/nginx:z
   peering-manager-worker:
-    image: peering-manager:latest
+    image: peeringmanager/peering-manager:latest
     entrypoint:
       - python3
       - /opt/peering-manager/manage.py