Release 🚀

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @jajeffries @leoparente @mfiedorowicz @MicahParks

.github/workflows/develop.yaml

@@ -10,6 +10,7 @@ on:
 
 permissions:
   contents: write
+  id-token: write
 
 env:
   GO_VERSION: '1.24'
@@ -35,6 +36,22 @@ jobs:
             username: ${{ secrets.DOCKERHUB_USERNAME }}
             password: ${{ secrets.DOCKERHUB_TOKEN }}
 
+        - name: Setup JFrog CLI
+          id: setup-jfrog-cli
+          uses: jfrog/setup-jfrog-cli@ff5cb544114ffc152db9cea1cd3d5978d5074946 # v4.5.11
+          env:
+            JF_URL: https://netboxlabs.jfrog.io
+            JF_PROJECT: obs
+          with:
+            oidc-provider-name: github-ci
+
+        - name: Login to JFrog Artifactory
+          uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 #v3
+          with:
+            registry: netboxlabs.jfrog.io
+            username: ${{ steps.setup-jfrog-cli.outputs.oidc-user }}
+            password: ${{ steps.setup-jfrog-cli.outputs.oidc-token }}
+
         - name: Verify QEMU installation
           run: |
               docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
@@ -55,6 +72,8 @@ jobs:
             push: true
             cache-from: type=gha
             cache-to: type=gha,mode=max
-            tags: netboxlabs/orb-agent:develop
+            tags: |
+              netboxlabs/orb-agent:develop
+              netboxlabs.jfrog.io/obs-builds/orb-agent:develop
             build-args: |
               GO_VERSION=${{ env.GO_VERSION }}  

.github/workflows/pr-semantic-release.yaml

@@ -43,6 +43,7 @@ jobs:
               "version": "1.0.0",
               "devDependencies": {
                 "semantic-release-export-data": "^1.0.1",
+                "semantic-release": "25.0.0-beta.6",
                 "@semantic-release/changelog": "^6.0.3"
               }
             }
@@ -90,7 +91,7 @@ jobs:
             }
 
       - name: Install dependencies
-        run: npm i
+        run: npm install --legacy-peer-deps
 
       - name: Run semantic-release dry-run
         id: semantic-release

.github/workflows/release.yaml

@@ -22,6 +22,7 @@ permissions:
   contents: write
   issues: write
   pull-requests: write
+  id-token: write
 
 jobs:
   get-next-version:
@@ -44,6 +45,7 @@ jobs:
               "version": "1.0.0",
               "devDependencies": {
                 "semantic-release-export-data": "^1.0.1",
+                "semantic-release": "25.0.0-beta.6",
                 "@semantic-release/changelog": "^6.0.3"
               }
             }
@@ -89,7 +91,7 @@ jobs:
               ]
             }
       - name: setup semantic-release
-        run: npm i
+        run: npm install --legacy-peer-deps
       - name: release dry-run
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_SEMANTIC_RELEASE_WEBHOOK }}
@@ -143,6 +145,22 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
+      - name: Setup JFrog CLI
+        id: setup-jfrog-cli
+        uses: jfrog/setup-jfrog-cli@ff5cb544114ffc152db9cea1cd3d5978d5074946 # v4.5.11
+        env:
+          JF_URL: https://netboxlabs.jfrog.io
+          JF_PROJECT: obs
+        with:
+          oidc-provider-name: github-ci
+
+      - name: Login to JFrog Artifactory
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 #v3
+        with:
+          registry: netboxlabs.jfrog.io
+          username: ${{ steps.setup-jfrog-cli.outputs.oidc-user }}
+          password: ${{ steps.setup-jfrog-cli.outputs.oidc-token }}
+
       - name: Verify QEMU installation
         run: |
               docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
@@ -165,6 +183,8 @@ jobs:
           tags: |
             netboxlabs/${{ env.APP_NAME }}:latest
             netboxlabs/${{ env.APP_NAME }}:${{ env.BUILD_VERSION }}
+            netboxlabs.jfrog.io/obs-builds/${{ env.APP_NAME }}:latest
+            netboxlabs.jfrog.io/obs-builds/${{ env.APP_NAME }}:${{ env.BUILD_VERSION }}
           build-args: |
             GO_VERSION=${{ env.GO_VERSION }}
 
@@ -189,6 +209,7 @@ jobs:
               "version": "1.0.0",
               "devDependencies": {
                 "semantic-release-export-data": "^1.0.1",
+                "semantic-release": "25.0.0-beta.6",
                 "@semantic-release/changelog": "^6.0.3"
               }
             }
@@ -234,7 +255,7 @@ jobs:
               ]
             }
       - name: setup semantic-release
-        run: npm i
+        run: npm install --legacy-peer-deps
       - name: Release
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_OBSERVABILITY_RELEASE_WEBHOOK }}

Makefile

@@ -45,6 +45,10 @@ agent_bin:
 	echo "ORB_VERSION: $(ORB_VERSION)-$(COMMIT_HASH)"
 	CGO_ENABLED=$(CGO_ENABLED) GOOS=linux GOARCH=$(GOARCH) GOARM=$(GOARM) go build -mod=mod -o ${BUILD_DIR}/orb-agent cmd/main.go
 
+.PHONY: test
+test:
+	@go test -race ./...
+
 .PHONY: test-coverage
 test-coverage:
 	@mkdir -p .coverage

README.md

@@ -67,7 +67,7 @@ Only the `network_discovery`, `device_discovery`, `worker` and `snmp_discovery`
 - [SNMP Discovery](./docs/backends/snmp_discovery.md)
 
 #### Common
-A special `common` subsection under `backends` defines configuration settings that are shared with all backends. Currently, it supports passing [diode](https://github.com/netboxlabs/diode) server settings to all backends.
+A special `common` subsection under `backends` defines configuration settings that are shared with all backends. Currently, it supports passing [diode](https://github.com/netboxlabs/diode) server settings and OpenTelemetry configuration to all backends.
 
 ```yaml
   backends:
@@ -80,6 +80,12 @@ A special `common` subsection under `backends` defines configuration settings th
           agent_name: agent01
           dry_run: false
           dry_run_output_dir: /opt/orb
+        otel:
+          grpc: "grpc://otel-collector:4317"
+          agent_labels:
+            environment: "production"
+            datacenter: "us-east-1"
+            service: "network-monitoring"
 ```
 
 ### Policies
@@ -108,12 +114,12 @@ orb:
 To run `orb-agent`, use the following command from the directory where your created your `agent.yaml` file:
 
 ```sh
- docker run --net=host -v $(PWD):/opt/orb/ netboxlabs/orb-agent:latest run -c /opt/orb/agent.yaml
+ docker run --net=host -v ${PWD}:/opt/orb/ netboxlabs/orb-agent:latest run -c /opt/orb/agent.yaml
 ```
 The container needs sufficient permissions, to send `icmp` and `tcp` packets. This can either be achieved by setting the network-mode to `host` or by changing the container user to `root`: 
 
 ```sh
- docker run -u root -v $(PWD):/opt/orb/ netboxlabs/orb-agent:latest run -c /opt/orb/agent.yaml
+ docker run -u root -v ${PWD}:/opt/orb/ netboxlabs/orb-agent:latest run -c /opt/orb/agent.yaml
 ```
 
 ### Configuration samples

agent/backend/networkdiscovery/network_discovery.go

@@ -46,6 +46,7 @@ type networkDiscoveryBackend struct {
 	diodeOtelEndpoint    string
 	diodeDryRun          bool
 	diodeDryRunOutputDir string
+	diodeLogLevel        string
 
 	startTime  time.Time
 	proc       backend.Commander
@@ -107,6 +108,11 @@ func (d *networkDiscoveryBackend) Configure(logger *slog.Logger, repo policies.P
 	if dryRunOutputDir, prs := config["dry_run_output_dir"].(string); prs {
 		d.diodeDryRunOutputDir = dryRunOutputDir
 	}
+	if logLevel, prs := config["log_level"].(string); prs {
+		d.diodeLogLevel = logLevel
+	} else if debug, prs := config["debug"].(bool); prs && debug {
+		d.diodeLogLevel = "debug"
+	}
 
 	if common.Otel.Grpc != "" {
 		d.diodeOtelEndpoint = common.Otel.Grpc
@@ -151,14 +157,28 @@ func (d *networkDiscoveryBackend) Start(ctx context.Context, cancelFunc context.
 		}
 	}
 
+	if d.diodeLogLevel != "" {
+		pvOptions = append(pvOptions, "--log-level", d.diodeLogLevel)
+		d.logger.Info("network-discovery using log level",
+			slog.String("log_level", d.diodeLogLevel))
+	}
+
 	if d.diodeOtelEndpoint != "" {
 		pvOptions = append(pvOptions, "--otel-endpoint", d.diodeOtelEndpoint)
+		d.logger.Info("network-discovery using OTLP metrics endpoint",
+			slog.String("endpoint", d.diodeOtelEndpoint))
 	}
 
 	d.logger.Info("network-discovery startup", slog.Any("arguments", pvOptions))
 
-	if !d.diodeDryRun && len(pvOptions) > 9 {
-		pvOptions[9] = d.diodeClientSecret
+	if !d.diodeDryRun {
+		// Find and replace the masked client secret with the actual value
+		for i, arg := range pvOptions {
+			if arg == "********" {
+				pvOptions[i] = d.diodeClientSecret
+				break
+			}
+		}
 	}
 
 	d.proc = backend.NewCmdOptions(backend.CmdOptions{