adding services logic and more snowflakes for FWs
This commit is contained in:
parent
d0405d05c8
commit
bc169d8359
10
clean.py
10
clean.py
|
@ -72,7 +72,7 @@ ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api'
|
|||
headers = {'Content-Type': "application/json"}
|
||||
|
||||
# Naming exceptions
|
||||
service_exceptions = {
|
||||
url_exceptions = {
|
||||
"ocivcn": "oci-vcn-",
|
||||
"saas": "internet",
|
||||
"pan": "panfw",
|
||||
|
@ -142,8 +142,8 @@ for item in data:
|
|||
name = item.get('name')
|
||||
connectorId = item.get('id')
|
||||
type = item.get('type').lower().replace('_', '')
|
||||
if type in service_exceptions.keys():
|
||||
type = service_exceptions[type]
|
||||
if type in url_exceptions.keys():
|
||||
type = url_exceptions[type]
|
||||
logging.debug(f'/tenantnetworks/{tenantNetworkId}/{type}connectors/{connectorId}')
|
||||
logging.info(f'Removing {name} ({type})')
|
||||
r = alkira_delete(s, f'/tenantnetworks/{tenantNetworkId}/{type}connectors/{connectorId}')
|
||||
|
@ -162,8 +162,8 @@ for item in data:
|
|||
name = item.get('name')
|
||||
serviceId = item.get('id')
|
||||
type = item.get('type').lower()
|
||||
if type in service_exceptions.keys():
|
||||
type = service_exceptions[type]
|
||||
if type in url_exceptions.keys():
|
||||
type = url_exceptions[type]
|
||||
logging.debug(f'/tenantnetworks/{tenantNetworkId}/{type}services/{serviceId}')
|
||||
logging.info(f'Removing {name} ({type})')
|
||||
r = alkira_delete(s, f'/tenantnetworks/{tenantNetworkId}/{type}services/{serviceId}')
|
||||
|
|
|
@ -137,3 +137,6 @@ segments = Prod
|
|||
group = Development
|
||||
billingtags = 343
|
||||
size = LARGE
|
||||
|
||||
[ftntfwservices1.txt]
|
||||
cxp = US-EAST-2
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
[ftntfwservices1.txt]
|
||||
cxp = US-EAST-2
|
|
@ -0,0 +1,30 @@
|
|||
{
|
||||
"name": "FTNT-US",
|
||||
"size": "LARGE",
|
||||
"cxp": "US-EAST-2",
|
||||
"version": "7.0.3",
|
||||
"credentialId": "set_new",
|
||||
"managementServer": {
|
||||
"ipAddress": "10.0.1.1",
|
||||
"segment": "Corporate"
|
||||
},
|
||||
"licenseType": "PAY_AS_YOU_GO",
|
||||
"instances": [
|
||||
{
|
||||
"name": "FTNT-US-instance-1",
|
||||
"hostName": "FTNT-US-instance-1",
|
||||
"credentialId": "set_new"
|
||||
}
|
||||
],
|
||||
"maxInstanceCount": "1",
|
||||
"minInstanceCount": "1",
|
||||
"segments": [
|
||||
"Corporate",
|
||||
"Prod",
|
||||
"Pre Prod"
|
||||
],
|
||||
"tunnelProtocol": "IPSEC",
|
||||
"billingTags": [
|
||||
"333"
|
||||
]
|
||||
}
|
|
@ -14,13 +14,13 @@
|
|||
"version": "9.1.3",
|
||||
"tunnelProtocol": "IPSEC",
|
||||
"type": "VM-300",
|
||||
"bundle": "PAN_VM_300_BUNDLE_2",
|
||||
"globalProtectEnabled": false,
|
||||
"credentialId": "871e234c-050d-4815-8432-76b70884a1ea",
|
||||
"credentialId": "set_new",
|
||||
"bundle": "PAN_VM_300_BUNDLE_1",
|
||||
"instances": [
|
||||
{
|
||||
"name": "PAN-US-instance-1",
|
||||
"credentialId": "3ab9f3ac-6e22-4d3c-8a37-9c8dad469ee5"
|
||||
"hostName": "PAN-US-instance-1",
|
||||
"credentialId": "set_new"
|
||||
}
|
||||
],
|
||||
"size": "LARGE",
|
||||
|
|
7
get.py
7
get.py
|
@ -126,6 +126,13 @@ tenantName = data[0]['name']
|
|||
logging.info(f'Tenant Name: {tenantName}')
|
||||
logging.info(f'Tenant ID: {tenantNetworkId}')
|
||||
|
||||
# Get credentials
|
||||
logging.info('Checking Credentials')
|
||||
r = alkira_get(s, f'/credentials')
|
||||
data = r.json()
|
||||
print('# Credentials')
|
||||
print(json.dumps(data, indent=4))
|
||||
|
||||
# Get connectors
|
||||
logging.info('Checking Connectors')
|
||||
r = alkira_get(s, f'/tenantnetworks/{tenantNetworkId}/connectors')
|
||||
|
|
|
@ -78,12 +78,23 @@ ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api'
|
|||
headers = {'Content-Type': "application/json"}
|
||||
|
||||
# Naming exceptions
|
||||
service_exceptions = {
|
||||
url_exceptions = {
|
||||
"saas": "internet",
|
||||
"pan": "panfw",
|
||||
"ftntfw": "ftnt-fw-",
|
||||
"ftntfwservices": "ftnt-fw-services",
|
||||
"chkpfw": "chkp-fw-",
|
||||
"ocivcnconnectors": "oci-vcn-connectors"
|
||||
"ocivcnconnectors": "oci-vcn-connectors",
|
||||
"ftntfwservices": "ftnt-fw-services"
|
||||
}
|
||||
|
||||
service_credentials = {
|
||||
"panfwservices": "pan",
|
||||
"ftntfwservices": "ftntfw"
|
||||
}
|
||||
|
||||
service_instance_credentials = {
|
||||
"ftntfwservices": "ftntfw-"
|
||||
}
|
||||
|
||||
# Authenticate
|
||||
|
@ -102,23 +113,88 @@ tenantName = data[0]['name']
|
|||
logging.info(f'Tenant Name: {tenantName}')
|
||||
logging.info(f'Tenant ID: {tenantNetworkId}')
|
||||
|
||||
print(json_file)
|
||||
|
||||
# Do Things
|
||||
connector_result = re.match(r'(\w+)(\d+)', json_file)
|
||||
connector_name = connector_result.group(1)
|
||||
connector_number = connector_result.group(2)
|
||||
logging.debug(f'Connector Name: {connector_name} - Number: {connector_number}')
|
||||
with open (json_file, 'r') as f:
|
||||
body = json.load(f)
|
||||
|
||||
if connector_name in service_credentials.keys():
|
||||
credentials_url = service_credentials[connector_name]
|
||||
body = {
|
||||
"credentials": {
|
||||
"userName": "admin",
|
||||
"password": "Blabla123"
|
||||
},
|
||||
"name": "fwcredentials14"
|
||||
}
|
||||
|
||||
if args.pretty:
|
||||
print(json.dumps(body, indent=4))
|
||||
else:
|
||||
print(json.dumps(body))
|
||||
|
||||
if connector_name in service_exceptions.keys():
|
||||
connector_name = service_exceptions[connector_name]
|
||||
print('=== Create Credentials')
|
||||
url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}'
|
||||
response = session.post(url, data=json.dumps(body), headers=headers)
|
||||
print(response.status_code)
|
||||
print(response.content)
|
||||
json_body = response.json()
|
||||
if response.status_code == 200:
|
||||
fw_id = json_body['id']
|
||||
print(f'credentialId: {fw_id}')
|
||||
|
||||
if connector_name in service_instance_credentials.keys():
|
||||
credentials_url = service_instance_credentials[connector_name]
|
||||
|
||||
print('=== Create Instance Credentials')
|
||||
url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}instance'
|
||||
response = session.post(url, data=json.dumps(body), headers=headers)
|
||||
print(response.status_code)
|
||||
print(response.content)
|
||||
json_body = response.json()
|
||||
if response.status_code == 200:
|
||||
instance_id = json_body['id']
|
||||
print(f'instance credentialId: {instance_id}')
|
||||
|
||||
with open (json_file, 'r') as f:
|
||||
body = json.load(f)
|
||||
|
||||
if connector_name in url_exceptions.keys():
|
||||
connector_name = url_exceptions[connector_name]
|
||||
|
||||
if 'credentialId' in body:
|
||||
body['credentialId'] = fw_id
|
||||
print(f'JSON credentialId: {fw_id}')
|
||||
|
||||
if 'instances' in body:
|
||||
body['instances'][0]['credentialId'] = instance_id
|
||||
print(f'JSON credentialId: {instance_id}')
|
||||
|
||||
if args.pretty:
|
||||
print(json.dumps(body, indent=4))
|
||||
else:
|
||||
print(json.dumps(body))
|
||||
|
||||
print('=== Create FW Instance')
|
||||
url = f'{ALKIRA_BASE_URI}/tenantnetworks/{tenantNetworkId}/{connector_name}'
|
||||
response = session.post(url, data=json.dumps(body), headers=headers)
|
||||
print(response.status_code)
|
||||
print(response.content)
|
||||
|
||||
if response.status_code == 400:
|
||||
print(f'=== Remove credential {fw_id}')
|
||||
url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}/{fw_id}'
|
||||
response = session.delete(url, headers=headers)
|
||||
print(response.status_code)
|
||||
print(response.content)
|
||||
|
||||
if connector_name in service_instance_credentials.keys():
|
||||
credential_url = service_instance_credentials[connector_name]
|
||||
|
||||
print(f'=== Remove instance credential {instance_id}')
|
||||
url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}instance/{instance_id}'
|
||||
response = session.delete(url, headers=headers)
|
||||
print(response.status_code)
|
||||
print(response.content)
|
||||
|
||||
|
|
77
push.py
77
push.py
|
@ -80,13 +80,25 @@ config.read(CONNECTOR_CONFIG)
|
|||
# Set default headers
|
||||
headers = {'Content-Type': "application/json"}
|
||||
|
||||
# Naming exceptions
|
||||
service_exceptions = {
|
||||
# URL Exceptions
|
||||
url_exceptions = {
|
||||
"saas": "internet",
|
||||
"pan": "panfw",
|
||||
"ftntfw": "ftnt-fw-",
|
||||
"chkpfw": "chkp-fw-",
|
||||
"ocivcnconnectors": "oci-vcn-connectors"
|
||||
"ocivcnconnectors": "oci-vcn-connectors",
|
||||
"ftntfwservices": "ftnt-fw-services"
|
||||
}
|
||||
|
||||
# URL Exceptions creating credentials
|
||||
service_credentials = {
|
||||
"panfwservices": "pan",
|
||||
"ftntfwservices": "ftntfw"
|
||||
}
|
||||
|
||||
# URL Exceptions creating instance credentials
|
||||
service_instance_credentials = {
|
||||
"ftntfwservices": "ftntfw-"
|
||||
}
|
||||
|
||||
def alkira_login():
|
||||
|
@ -126,6 +138,37 @@ def alkira_delete(session, uri):
|
|||
sys.exit(1)
|
||||
return response
|
||||
|
||||
def alkira_service(session, connector_name):
|
||||
body = {
|
||||
"credentials": {
|
||||
"userName": "admin",
|
||||
"password": "Blabla123"
|
||||
},
|
||||
"name": "fwcredentials01"
|
||||
}
|
||||
logging.debug(f'Received Connector: {connector_name}')
|
||||
logging.info('=== Create Credentials')
|
||||
if connector_name in service_credentials.keys():
|
||||
credentials_url = service_credentials[connector_name]
|
||||
logging.debug(f'URL: {credentials_url}')
|
||||
response = alkira_post(session, f'/credentials/{credentials_url}', body)
|
||||
json_body = response.json()
|
||||
if response.status_code == 200:
|
||||
fw_id = json_body['id']
|
||||
logging.debug(f'credentialId: {fw_id}')
|
||||
|
||||
logging.info('=== Create Instance Credentials')
|
||||
if connector_name in service_instance_credentials.keys():
|
||||
credentials_url = service_instance_credentials[connector_name]
|
||||
logging.debug(f'URL: {credentials_url}')
|
||||
response = alkira_post(session, f'/credentials/{credentials_url}instance', body)
|
||||
json_body = response.json()
|
||||
if response.status_code == 200:
|
||||
instance_id = json_body['id']
|
||||
logging.debug(f'instance credentialId: {instance_id}')
|
||||
|
||||
return fw_id, instance_id
|
||||
|
||||
# Authenticate
|
||||
s = alkira_login()
|
||||
logging.debug(s)
|
||||
|
@ -139,7 +182,7 @@ logging.info(f'Tenant Name: {tenantName}')
|
|||
logging.info(f'Tenant ID: {tenantNetworkId}')
|
||||
|
||||
# Push connectors
|
||||
logging.info('Push Connectors')
|
||||
logging.info('=== Push Connectors')
|
||||
|
||||
for connector in config.sections():
|
||||
section = config[connector]
|
||||
|
@ -148,6 +191,11 @@ for connector in config.sections():
|
|||
connector_number = connector_result.group(2)
|
||||
logging.debug(f'{connector_folder}/{connector_name}{connector_number}.txt')
|
||||
config_path = (f'{connector_folder}/{connector_name}{connector_number}.txt')
|
||||
|
||||
if 'service' in connector_name:
|
||||
fw_id, instance_id = alkira_service(s, connector_name)
|
||||
logging.debug(f'Got credentialId: {fw_id} AND {instance_id}')
|
||||
|
||||
with open (config_path, 'r') as f:
|
||||
body = json.load(f)
|
||||
|
||||
|
@ -191,10 +239,25 @@ for connector in config.sections():
|
|||
logging.debug(f'CONFIG size: {size}')
|
||||
body['size'] = size
|
||||
|
||||
if 'credentialId' in body and 'fw_id' in locals():
|
||||
logging.debug(f'Set credentialId: {fw_id}')
|
||||
body['credentialId'] = fw_id
|
||||
|
||||
if 'instances' in body:
|
||||
if 'credentialId' in body['instances'][0] and 'instance_id' in locals():
|
||||
logging.debug(f'Set instance credentialId: {instance_id}')
|
||||
body['instances'][0]['credentialId'] = instance_id
|
||||
|
||||
print(json.dumps(body))
|
||||
logging.debug(json.dumps(body))
|
||||
logging.info(f'Pushing {connector_name} to {cxp} (size: {size}; segment: {segments}; group: {group})')
|
||||
if connector_name in service_exceptions.keys():
|
||||
connector_name = service_exceptions[connector_name]
|
||||
logging.info(f'=== Pushing {connector_name} to {cxp} (size: {size}; segment: {segments})')
|
||||
logging.debug(f'CONNECTOR BEFORE AGAIN: {connector_name}')
|
||||
if connector_name in url_exceptions.keys():
|
||||
connector_name = url_exceptions[connector_name]
|
||||
logging.debug(f'CONNECTOR AFTER AGAIN: {connector_name}')
|
||||
r = alkira_post(s, f'/tenantnetworks/{tenantNetworkId}/{connector_name}', body)
|
||||
logging.info(r.status_code)
|
||||
logging.debug(r.content)
|
||||
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue