added Global CIDR creation for CHKP
This commit is contained in:
parent
935ce89397
commit
81ceb8dccd
35
push.py
35
push.py
|
@ -70,6 +70,10 @@ ALKIRA_PASSWORD = alkira.get('alkira', 'ALKIRA_PASSWORD')
|
||||||
ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api'
|
ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api'
|
||||||
SERVICE_USERNAME = alkira.get('services', 'SERVICE_USERNAME')
|
SERVICE_USERNAME = alkira.get('services', 'SERVICE_USERNAME')
|
||||||
SERVICE_PASSWORD = alkira.get('services', 'SERVICE_PASSWORD')
|
SERVICE_PASSWORD = alkira.get('services', 'SERVICE_PASSWORD')
|
||||||
|
CIDR_NAME = alkira.get('globalcidr', 'CIDR_NAME')
|
||||||
|
CIDR_DESCR = alkira.get('globalcidr', 'CIDR_DESCR')
|
||||||
|
CIDR_PREFIX = alkira.get('globalcidr', 'CIDR_PREFIX')
|
||||||
|
CIDR_CXP = alkira.get('globalcidr', 'CIDR_CXP')
|
||||||
|
|
||||||
# Connector config
|
# Connector config
|
||||||
if not os.path.isfile(CONNECTOR_CONFIG):
|
if not os.path.isfile(CONNECTOR_CONFIG):
|
||||||
|
@ -107,6 +111,11 @@ service_instance_credentials = {
|
||||||
"chkpfwservices": "chkp-fw-"
|
"chkpfwservices": "chkp-fw-"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Global CIDR
|
||||||
|
service_global_cidr = [
|
||||||
|
"chkpfwservices"
|
||||||
|
]
|
||||||
|
|
||||||
# Credential Types
|
# Credential Types
|
||||||
credential_types = {
|
credential_types = {
|
||||||
"awsvpc": "",
|
"awsvpc": "",
|
||||||
|
@ -183,9 +192,26 @@ def alkira_service(session, connector_name):
|
||||||
if response.status_code == 200:
|
if response.status_code == 200:
|
||||||
service_instance_credentialid = json_body['id']
|
service_instance_credentialid = json_body['id']
|
||||||
logging.debug(f'instance credentialId: {service_instance_credentialid}')
|
logging.debug(f'instance credentialId: {service_instance_credentialid}')
|
||||||
|
|
||||||
return service_credentialid, service_instance_credentialid
|
return service_credentialid, service_instance_credentialid
|
||||||
|
|
||||||
|
def alkira_global_cidr(session, connector_name):
|
||||||
|
body = {
|
||||||
|
"name": CIDR_NAME,
|
||||||
|
"description": CIDR_DESCR,
|
||||||
|
"values": [
|
||||||
|
CIDR_PREFIX
|
||||||
|
],
|
||||||
|
"cxp": CIDR_CXP
|
||||||
|
}
|
||||||
|
logging.debug(f'Received Connector: {connector_name}')
|
||||||
|
logging.info('=== Create Global CIDR')
|
||||||
|
response = alkira_post(session, f'/tenantnetworks/{tenantNetworkId}/global-cidr-lists', body)
|
||||||
|
json_body = response.json()
|
||||||
|
if response.status_code == 201:
|
||||||
|
global_cidr_id = json_body['id']
|
||||||
|
logging.debug(f'global cidr id: {global_cidr_id}')
|
||||||
|
return global_cidr_id
|
||||||
|
|
||||||
# Authenticate
|
# Authenticate
|
||||||
logging.info('=== Authenticating')
|
logging.info('=== Authenticating')
|
||||||
s = alkira_login()
|
s = alkira_login()
|
||||||
|
@ -224,6 +250,9 @@ for connector in config.sections():
|
||||||
if 'service' in connector_name:
|
if 'service' in connector_name:
|
||||||
service_credentialid, service_instance_credentialid = alkira_service(s, connector_name)
|
service_credentialid, service_instance_credentialid = alkira_service(s, connector_name)
|
||||||
logging.debug(f'Got credentialId: {service_credentialid} AND {service_instance_credentialid}')
|
logging.debug(f'Got credentialId: {service_credentialid} AND {service_instance_credentialid}')
|
||||||
|
if connector_name in service_global_cidr:
|
||||||
|
service_global_cidr_id = alkira_global_cidr(s, connector_name)
|
||||||
|
logging.debug(f'Got global cidr id: {service_global_cidr_id}')
|
||||||
|
|
||||||
with open (config_path, 'r') as f:
|
with open (config_path, 'r') as f:
|
||||||
body = json.load(f)
|
body = json.load(f)
|
||||||
|
@ -272,6 +301,10 @@ for connector in config.sections():
|
||||||
logging.debug(f'API instance credentialid: {service_instance_credentialid}')
|
logging.debug(f'API instance credentialid: {service_instance_credentialid}')
|
||||||
body['instances'][0]['credentialId'] = service_instance_credentialid
|
body['instances'][0]['credentialId'] = service_instance_credentialid
|
||||||
|
|
||||||
|
if 'managementServer' in body and 'globalCidrListId' in body['managementServer'] and 'service_global_cidr_id' in locals():
|
||||||
|
logging.debug(f'API globalCidrListId: {service_global_cidr_id}')
|
||||||
|
body['managementServer']['globalCidrListId'] = service_global_cidr_id
|
||||||
|
|
||||||
logging.debug(json.dumps(body))
|
logging.debug(json.dumps(body))
|
||||||
logging.info(f"=== Pushing {body['name'][:30]} ({connector_name}) to {body['cxp']} (size: {body['size']}; segment: {body['segments'][0]})")
|
logging.info(f"=== Pushing {body['name'][:30]} ({connector_name}) to {body['cxp']} (size: {body['size']}; segment: {body['segments'][0]})")
|
||||||
logging.debug(f'CONNECTOR BEFORE AGAIN: {connector_name}')
|
logging.debug(f'CONNECTOR BEFORE AGAIN: {connector_name}')
|
||||||
|
|
Loading…
Reference in New Issue