#!/usr/bin/env python3 # # Copyright 2022, Mischa Peters , Alkira. # push-debug.py # Version 0.1 - 20220617 - initial release # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # import os import sys import re import json import time import logging import requests import configparser import argparse # Parse all arguments parser = argparse.ArgumentParser(description="Push JSON config to AlkiraAPI (debug)") parser.add_argument("-t", "--tenant", type=str, default='alkira.cnf', help="location of alikira.cnf (default: alkira.cnfi)") parser.add_argument("-f", "--file", type=str, help="location of the JSON connector file") parser.add_argument("-p", "--pretty", help="make the JSON pretty!", action="store_true") parser.add_argument("-v", "--verbose", type=int, default=0, help="Verbose level 0 or 1 (default: 0)") if len(sys.argv)==1: parser.print_help(sys.stderr) sys.exit(1) try: args = parser.parse_args() ALKIRA_CONFIG = args.tenant json_file = args.file except argparse.ArgumentError as e: print(str(e)) sys.exit() try: loglevel = { 0: logging.INFO, 1: logging.DEBUG }[args.verbose] except KeyError: loglevel = logging.INFO ############################################### # Set loglevel (logging.INFO, logging.DEBUG) logging.basicConfig(level=loglevel) logging = logging.getLogger('AlkiraAPI') # Tenant config if not os.path.isfile(ALKIRA_CONFIG): logging.error(f"The config file {ALKIRA_CONFIG} doesn't exist") sys.exit(1) alkira = configparser.RawConfigParser() alkira.read(ALKIRA_CONFIG) ALKIRA_TENANT = alkira.get('alkira', 'ALKIRA_TENANT') ALKIRA_USERNAME = alkira.get('alkira', 'ALKIRA_USERNAME') ALKIRA_PASSWORD = alkira.get('alkira', 'ALKIRA_PASSWORD') ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api' ############################################### # Set default headers headers = {'Content-Type': "application/json"} # Naming exceptions url_exceptions = { "saas": "internet", "pan": "panfw", "ftntfw": "ftnt-fw-", "ftntfwservices": "ftnt-fw-services", "chkpfw": "chkp-fw-", "ocivcnconnectors": "oci-vcn-connectors", "ftntfwservices": "ftnt-fw-services" } service_credentials = { "panfwservices": "pan", "ftntfwservices": "ftntfw" } service_instance_credentials = { "ftntfwservices": "ftntfw-" } # Authenticate body = {'userName': ALKIRA_USERNAME, 'password': ALKIRA_PASSWORD} url = f'{ALKIRA_BASE_URI}/login' session = requests.session() response = session.post(url, data=json.dumps(body), headers=headers) # Get TenantID url = f'{ALKIRA_BASE_URI}/tenantnetworks' response = session.get(url, headers=headers) data = response.json() tenantNetworkId = data[0]['id'] tenantName = data[0]['name'] logging.info(f'Tenant Name: {tenantName}') logging.info(f'Tenant ID: {tenantNetworkId}') # Do Things connector_result = re.match(r'(\w+)(\d+)', json_file) connector_name = connector_result.group(1) connector_number = connector_result.group(2) logging.debug(f'Connector Name: {connector_name} - Number: {connector_number}') if connector_name in service_credentials.keys(): credentials_url = service_credentials[connector_name] body = { "credentials": { "userName": "admin", "password": "Blabla123" }, "name": "fwcredentials14" } if args.pretty: print(json.dumps(body, indent=4)) else: print(json.dumps(body)) print('=== Create Credentials') url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}' response = session.post(url, data=json.dumps(body), headers=headers) print(response.status_code) print(response.content) json_body = response.json() if response.status_code == 200: fw_id = json_body['id'] print(f'credentialId: {fw_id}') if connector_name in service_instance_credentials.keys(): credentials_url = service_instance_credentials[connector_name] print('=== Create Instance Credentials') url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}instance' response = session.post(url, data=json.dumps(body), headers=headers) print(response.status_code) print(response.content) json_body = response.json() if response.status_code == 200: instance_id = json_body['id'] print(f'instance credentialId: {instance_id}') with open (json_file, 'r') as f: body = json.load(f) if connector_name in url_exceptions.keys(): connector_name = url_exceptions[connector_name] if 'credentialId' in body: body['credentialId'] = fw_id print(f'JSON credentialId: {fw_id}') if 'instances' in body: body['instances'][0]['credentialId'] = instance_id print(f'JSON credentialId: {instance_id}') if args.pretty: print(json.dumps(body, indent=4)) else: print(json.dumps(body)) print('=== Create FW Instance') url = f'{ALKIRA_BASE_URI}/tenantnetworks/{tenantNetworkId}/{connector_name}' response = session.post(url, data=json.dumps(body), headers=headers) print(response.status_code) print(response.content) if response.status_code == 400: print(f'=== Remove credential {fw_id}') url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}/{fw_id}' response = session.delete(url, headers=headers) print(response.status_code) print(response.content) if connector_name in service_instance_credentials.keys(): credential_url = service_instance_credentials[connector_name] print(f'=== Remove instance credential {instance_id}') url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}instance/{instance_id}' response = session.delete(url, headers=headers) print(response.status_code) print(response.content)