diff --git a/push.py b/push.py index 5475263..75c3245 100755 --- a/push.py +++ b/push.py @@ -70,6 +70,10 @@ ALKIRA_PASSWORD = alkira.get('alkira', 'ALKIRA_PASSWORD') ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api' SERVICE_USERNAME = alkira.get('services', 'SERVICE_USERNAME') SERVICE_PASSWORD = alkira.get('services', 'SERVICE_PASSWORD') +CIDR_NAME = alkira.get('globalcidr', 'CIDR_NAME') +CIDR_DESCR = alkira.get('globalcidr', 'CIDR_DESCR') +CIDR_PREFIX = alkira.get('globalcidr', 'CIDR_PREFIX') +CIDR_CXP = alkira.get('globalcidr', 'CIDR_CXP') # Connector config if not os.path.isfile(CONNECTOR_CONFIG): @@ -107,6 +111,11 @@ service_instance_credentials = { "chkpfwservices": "chkp-fw-" } +# Global CIDR +service_global_cidr = [ + "chkpfwservices" + ] + # Credential Types credential_types = { "awsvpc": "", @@ -183,9 +192,26 @@ def alkira_service(session, connector_name): if response.status_code == 200: service_instance_credentialid = json_body['id'] logging.debug(f'instance credentialId: {service_instance_credentialid}') - return service_credentialid, service_instance_credentialid +def alkira_global_cidr(session, connector_name): + body = { + "name": CIDR_NAME, + "description": CIDR_DESCR, + "values": [ + CIDR_PREFIX + ], + "cxp": CIDR_CXP + } + logging.debug(f'Received Connector: {connector_name}') + logging.info('=== Create Global CIDR') + response = alkira_post(session, f'/tenantnetworks/{tenantNetworkId}/global-cidr-lists', body) + json_body = response.json() + if response.status_code == 201: + global_cidr_id = json_body['id'] + logging.debug(f'global cidr id: {global_cidr_id}') + return global_cidr_id + # Authenticate logging.info('=== Authenticating') s = alkira_login() @@ -224,6 +250,9 @@ for connector in config.sections(): if 'service' in connector_name: service_credentialid, service_instance_credentialid = alkira_service(s, connector_name) logging.debug(f'Got credentialId: {service_credentialid} AND {service_instance_credentialid}') + if connector_name in service_global_cidr: + service_global_cidr_id = alkira_global_cidr(s, connector_name) + logging.debug(f'Got global cidr id: {service_global_cidr_id}') with open (config_path, 'r') as f: body = json.load(f) @@ -268,10 +297,14 @@ for connector in config.sections(): logging.debug(f'API credentialid: {service_credentialid}') body['credentialId'] = service_credentialid - if 'instances' in body and'credentialId' in body['instances'][0] and 'service_instance_credentialid' in locals(): + if 'instances' in body and 'credentialId' in body['instances'][0] and 'service_instance_credentialid' in locals(): logging.debug(f'API instance credentialid: {service_instance_credentialid}') body['instances'][0]['credentialId'] = service_instance_credentialid + if 'managementServer' in body and 'globalCidrListId' in body['managementServer'] and 'service_global_cidr_id' in locals(): + logging.debug(f'API globalCidrListId: {service_global_cidr_id}') + body['managementServer']['globalCidrListId'] = service_global_cidr_id + logging.debug(json.dumps(body)) logging.info(f"=== Pushing {body['name'][:30]} ({connector_name}) to {body['cxp']} (size: {body['size']}; segment: {body['segments'][0]})") logging.debug(f'CONNECTOR BEFORE AGAIN: {connector_name}')