fetching credentials
This commit is contained in:
parent
2bcb69b951
commit
e6a37a113c
14
clean.py
14
clean.py
@ -118,10 +118,12 @@ def alkira_delete(session, uri):
|
||||
return response
|
||||
|
||||
# Authenticate
|
||||
logging.info('=== Authenticating')
|
||||
s = alkira_login()
|
||||
logging.debug(s)
|
||||
|
||||
# Get TenantID
|
||||
logging.info('=== Fetching Credentials')
|
||||
r = alkira_get(s, '/tenantnetworks')
|
||||
data = r.json()
|
||||
tenantNetworkId = data[0]['id']
|
||||
@ -130,7 +132,7 @@ logging.info(f'Tenant Name: {tenantName}')
|
||||
logging.info(f'Tenant ID: {tenantNetworkId}')
|
||||
|
||||
# Clean connectors
|
||||
logging.info('Checking Connectors')
|
||||
logging.info('=== Checking Connectors')
|
||||
r = alkira_get(s, f'/tenantnetworks/{tenantNetworkId}/connectors')
|
||||
data = r.json()
|
||||
if args.pretty:
|
||||
@ -145,12 +147,12 @@ for item in data:
|
||||
if type in url_exceptions.keys():
|
||||
type = url_exceptions[type]
|
||||
logging.debug(f'/tenantnetworks/{tenantNetworkId}/{type}connectors/{connectorId}')
|
||||
logging.info(f'Removing {name} ({type})')
|
||||
logging.info(f'=== Removing {name} ({type})')
|
||||
r = alkira_delete(s, f'/tenantnetworks/{tenantNetworkId}/{type}connectors/{connectorId}')
|
||||
logging.info(r.status_code)
|
||||
|
||||
# Clean services
|
||||
logging.info('Checking services')
|
||||
logging.info('=== Checking services')
|
||||
r = alkira_get(s, f'/tenantnetworks/{tenantNetworkId}/services')
|
||||
data = r.json()
|
||||
if args.pretty:
|
||||
@ -165,12 +167,12 @@ for item in data:
|
||||
if type in url_exceptions.keys():
|
||||
type = url_exceptions[type]
|
||||
logging.debug(f'/tenantnetworks/{tenantNetworkId}/{type}services/{serviceId}')
|
||||
logging.info(f'Removing {name} ({type})')
|
||||
logging.info(f'=== Removing {name} ({type})')
|
||||
r = alkira_delete(s, f'/tenantnetworks/{tenantNetworkId}/{type}services/{serviceId}')
|
||||
logging.info(r.status_code)
|
||||
|
||||
# Clean Global CIDR
|
||||
logging.info('Checking Global CIDR')
|
||||
logging.info('=== Checking Global CIDR')
|
||||
r = alkira_get(s, f'/tenantnetworks/{tenantNetworkId}/global-cidr-lists')
|
||||
data = r.json()
|
||||
if args.pretty:
|
||||
@ -182,7 +184,7 @@ for item in data:
|
||||
name = item.get('name')
|
||||
GlobalCidrListId = item.get('id')
|
||||
logging.debug(f'/tenantnetworks/{tenantNetworkId}/global-cidr-lists/{GlobalCidrListId}')
|
||||
logging.info(f'Removing {name} ({type})')
|
||||
logging.info(f'=== Removing {name} ({type})')
|
||||
r = alkira_delete(s, f'/tenantnetworks/{tenantNetworkId}/global-cidr-lists/{GlobalCidrListId}')
|
||||
logging.info(r.status_code)
|
||||
|
||||
|
@ -134,9 +134,12 @@ group = Users
|
||||
billingtags = 333
|
||||
size = MEDIUM
|
||||
|
||||
[ocivcnconnectoris2]
|
||||
[ocivcnconnectors2]
|
||||
cxp = GERMANYWESTCENTRAL-AZURE-1
|
||||
segments = Prod
|
||||
group = Development
|
||||
billingtags = 343
|
||||
size = MEDIUM
|
||||
|
||||
[ftntfwservices1.txt]
|
||||
cxp = US-EAST-2
|
||||
|
@ -95,3 +95,6 @@ segments = Corporate
|
||||
group = Users
|
||||
billingtags = 333
|
||||
size = MEDIUM
|
||||
|
||||
[ftntfwservices1.txt]
|
||||
cxp = US-EAST-2
|
||||
|
0
config/empty.cnf
Normal file
0
config/empty.cnf
Normal file
44
config/minimal.cnf
Normal file
44
config/minimal.cnf
Normal file
@ -0,0 +1,44 @@
|
||||
[ipsecconnectors1]
|
||||
cxp = US-EAST-2
|
||||
segments = Corporate
|
||||
group = Users
|
||||
billingtags = 333
|
||||
size = MEDIUM
|
||||
|
||||
[internetconnectors1]
|
||||
cxp = US-EAST-2
|
||||
segments = Corporate
|
||||
group = Users
|
||||
billingtags = 333
|
||||
size = MEDIUM
|
||||
|
||||
[awsvpcconnectors1]
|
||||
cxp = US-EAST-2
|
||||
segments = Prod
|
||||
group = Development
|
||||
billingtags = 343
|
||||
size = LARGE
|
||||
|
||||
[azurevnetconnectors1]
|
||||
cxp = US-EAST-2
|
||||
segments = Corporate
|
||||
group = Users
|
||||
billingtags = 343
|
||||
size = MEDIUM
|
||||
|
||||
[gcpvpcconnectors1]
|
||||
cxp = US-EAST-2
|
||||
segments = Prod
|
||||
group = Development
|
||||
billingtags = 343
|
||||
size = LARGE
|
||||
|
||||
[ocivcnconnectors1]
|
||||
cxp = GERMANYWESTCENTRAL-AZURE-1
|
||||
segments = Corporate
|
||||
group = Users
|
||||
billingtags = 333
|
||||
size = MEDIUM
|
||||
|
||||
[ftntfwservices1.txt]
|
||||
cxp = US-EAST-2
|
30
config/panfwservices1.txt-old
Normal file
30
config/panfwservices1.txt-old
Normal file
@ -0,0 +1,30 @@
|
||||
{
|
||||
"name": "PAN-US",
|
||||
"cxp": "US-EAST-2",
|
||||
"segments": [
|
||||
"1636",
|
||||
"1673",
|
||||
"1638"
|
||||
],
|
||||
"panoramaEnabled": false,
|
||||
"managementSegment": "Corporate",
|
||||
"maxInstanceCount": "1",
|
||||
"minInstanceCount": "1",
|
||||
"licenseType": "PAY_AS_YOU_GO",
|
||||
"bundle": "PAN_VM_300_BUNDLE_2",
|
||||
"version": "9.1.3",
|
||||
"tunnelProtocol": "IPSEC",
|
||||
"type": "VM-300",
|
||||
"credentialId": "871e234c-050d-4815-8432-76b70884a1ea",
|
||||
"globalProtectEnabled": false,
|
||||
"instances": [
|
||||
{
|
||||
"name": "PAN-US-instance-1",
|
||||
"credentialId": "3ab9f3ac-6e22-4d3c-8a37-9c8dad469ee5"
|
||||
}
|
||||
],
|
||||
"size": "LARGE",
|
||||
"billingTags": [
|
||||
"333"
|
||||
]
|
||||
}
|
92
push.py
92
push.py
@ -3,6 +3,7 @@
|
||||
# Copyright 2022, Mischa Peters <mischa AT alkira DOT net>, Alkira.
|
||||
# push.py
|
||||
# Version 0.1 - 20220617 - initial release
|
||||
# Version 0.2 - 20220620 - added collection of credentialId
|
||||
#
|
||||
# Permission to use, copy, modify, and distribute this software for any
|
||||
# purpose with or without fee is hereby granted, provided that the above
|
||||
@ -101,6 +102,14 @@ service_instance_credentials = {
|
||||
"ftntfwservices": "ftntfw-"
|
||||
}
|
||||
|
||||
# Credential Types
|
||||
credential_types = {
|
||||
"awsvpc": "",
|
||||
"azurevnet": "",
|
||||
"gcpvpc": "",
|
||||
"ocivcn": "",
|
||||
}
|
||||
|
||||
def alkira_login():
|
||||
body = {'userName': ALKIRA_USERNAME,
|
||||
'password': ALKIRA_PASSWORD}
|
||||
@ -170,10 +179,12 @@ def alkira_service(session, connector_name):
|
||||
return service_credentialid, service_instance_credentialid
|
||||
|
||||
# Authenticate
|
||||
logging.info('=== Authenticating')
|
||||
s = alkira_login()
|
||||
logging.debug(s)
|
||||
|
||||
# Get TenantID
|
||||
logging.info('=== Fetching Tenant Info')
|
||||
r = alkira_get(s, '/tenantnetworks')
|
||||
data = r.json()
|
||||
tenantNetworkId = data[0]['id']
|
||||
@ -181,14 +192,24 @@ tenantName = data[0]['name']
|
||||
logging.info(f'Tenant Name: {tenantName}')
|
||||
logging.info(f'Tenant ID: {tenantNetworkId}')
|
||||
|
||||
# Get Credentials
|
||||
logging.info('=== Fetching Credentials')
|
||||
r = alkira_get(s, '/credentials')
|
||||
data = r.json()
|
||||
logging.debug(json.dumps(data))
|
||||
for key in data:
|
||||
if key['credentialType'].lower() in credential_types:
|
||||
logging.debug(f"CredentialType: {key['credentialType']} - CredentialId: {key['credentialId']}")
|
||||
credential_types[key['credentialType'].lower()] = key['credentialId']
|
||||
|
||||
# Push connectors
|
||||
logging.info('=== Push Connectors')
|
||||
|
||||
for connector in config.sections():
|
||||
section = config[connector]
|
||||
connector_result = re.match(r'(\w+)(\d+)', connector)
|
||||
connector_name = connector_result.group(1)
|
||||
connector_number = connector_result.group(2)
|
||||
connector_result = re.match(r'(\w+)(connectors|services)(\d+)', connector)
|
||||
connector_type = connector_result.group(1)
|
||||
connector_name = f'{connector_type}{connector_result.group(2)}'
|
||||
connector_number = connector_result.group(3)
|
||||
logging.debug(f'{connector_folder}/{connector_name}{connector_number}.txt')
|
||||
config_path = (f'{connector_folder}/{connector_name}{connector_number}.txt')
|
||||
|
||||
@ -199,58 +220,52 @@ for connector in config.sections():
|
||||
with open (config_path, 'r') as f:
|
||||
body = json.load(f)
|
||||
|
||||
if 'connectors' in connector_name and connector_type in credential_types and credential_types[connector_type]:
|
||||
if 'credentialId' in body:
|
||||
logging.debug(f"JSON credentialid: {body['credentialId']}")
|
||||
logging.debug(f'API credentialid: {credential_types[connector_type]}')
|
||||
body['credentialId'] = credential_types[connector_type]
|
||||
|
||||
if 'cxp' in body:
|
||||
cxp = body['cxp']
|
||||
logging.debug(f'JSON cxp: {cxp}')
|
||||
logging.debug(f"JSON cxp: {body['cxp']}")
|
||||
if 'cxp' in section:
|
||||
cxp = section['cxp']
|
||||
logging.debug(f'CONFIG cxp: {cxp}')
|
||||
body['cxp'] = cxp
|
||||
logging.debug(f"CONFIG cxp: {section['cxp']}")
|
||||
body['cxp'] = section['cxp']
|
||||
|
||||
if 'segments' in body:
|
||||
segments = body['segments'][0]
|
||||
logging.debug(f'JSON segments: {segments}')
|
||||
logging.debug(f"JSON segments: {body['segments'][0]}")
|
||||
if 'segments' in section:
|
||||
segments = section['segments']
|
||||
logging.debug(f'CONFIG segments: {segments}')
|
||||
body['segments'][0] = segments
|
||||
logging.debug(f"CONFIG segments: {section['segments']}")
|
||||
body['segments'][0] = section['segments']
|
||||
|
||||
if 'group' in body:
|
||||
group = body['group']
|
||||
logging.debug(f'JSON group: {group}')
|
||||
if 'group' in section:
|
||||
group = section['group']
|
||||
logging.debug(f'CONFIG group: {group}')
|
||||
body['group'] = group
|
||||
logging.debug(f"JSON group: {body['group']}")
|
||||
if 'group' in section:
|
||||
logging.debug(f"CONFIG group: {section['group']}")
|
||||
body['group'] = section['group']
|
||||
|
||||
if 'billingTags' in body:
|
||||
billingtags = body['billingTags'][0]
|
||||
logging.debug(f'JSON billingtags: {billingtags}')
|
||||
logging.debug(f"JSON billingtags: {body['billingTags'][0]}")
|
||||
if 'billingtags' in section:
|
||||
billingtags = section['billingtags']
|
||||
logging.debug(f'CONFIG billingtags: {billingtags}')
|
||||
body['billingTags'][0] = billingtags
|
||||
logging.debug(f"CONFIG billingtags: {section['billingtags']}")
|
||||
body['billingTags'][0] = section['billingtags']
|
||||
|
||||
if 'size' in body:
|
||||
size = body['size']
|
||||
logging.debug(f'JSON size: {size}')
|
||||
logging.debug(f"JSON size: {body['size']}")
|
||||
if 'size' in section:
|
||||
size = section['size']
|
||||
logging.debug(f'CONFIG size: {size}')
|
||||
body['size'] = size
|
||||
logging.debug(f"CONFIG size: {section['size']}")
|
||||
body['size'] = section['size']
|
||||
|
||||
if 'credentialId' in body and 'service_credentialid' in locals():
|
||||
logging.debug(f'Set credentialId: {service_credentialid}')
|
||||
logging.debug(f'API credentialid: {service_credentialid}')
|
||||
body['credentialId'] = service_credentialid
|
||||
|
||||
if 'instances' in body:
|
||||
if 'credentialId' in body['instances'][0] and 'service_instance_credentialid' in locals():
|
||||
logging.debug(f'Set instance credentialId: {service_instance_credentialid}')
|
||||
body['instances'][0]['credentialId'] = service_instance_credentialid
|
||||
if 'instances' in body and'credentialId' in body['instances'][0] and 'service_instance_credentialid' in locals():
|
||||
logging.debug(f'API instance credentialid: {service_instance_credentialid}')
|
||||
body['instances'][0]['credentialId'] = service_instance_credentialid
|
||||
|
||||
print(json.dumps(body))
|
||||
logging.debug(json.dumps(body))
|
||||
logging.info(f'=== Pushing {connector_name} to {cxp} (size: {size}; segment: {segments})')
|
||||
logging.info(f"=== Pushing {body['name'][:30]} ({connector_name}) to {body['cxp']} (size: {body['size']}; segment: {body['segments'][0]})")
|
||||
logging.debug(f'CONNECTOR BEFORE AGAIN: {connector_name}')
|
||||
if connector_name in url_exceptions.keys():
|
||||
connector_name = url_exceptions[connector_name]
|
||||
@ -258,6 +273,3 @@ for connector in config.sections():
|
||||
r = alkira_post(s, f'/tenantnetworks/{tenantNetworkId}/{connector_name}', body)
|
||||
logging.info(r.status_code)
|
||||
logging.debug(r.content)
|
||||
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user