Blame

Date:
Message:
added other FW exceptions to push-json.py, made panfwservices1.txt working (again)
Actions:
History | Blob | Raw File
  1 8fb2495f 2022-07-05 mischa #!/usr/bin/env python3

  2 8fb2495f 2022-07-05 mischa #

  3 8fb2495f 2022-07-05 mischa # Copyright 2022, Mischa Peters <mischa AT alkira DOT net>, Alkira.

  4 8fb2495f 2022-07-05 mischa # push-debug.py

  5 8fb2495f 2022-07-05 mischa # Version 0.1 - 20220617 - initial release

  6 8fb2495f 2022-07-05 mischa # Version 0.2 - 20220621 - simplified structure, generic

  7 8fb2495f 2022-07-05 mischa #

  8 8fb2495f 2022-07-05 mischa # Permission to use, copy, modify, and distribute this software for any

  9 8fb2495f 2022-07-05 mischa # purpose with or without fee is hereby granted, provided that the above

 10 8fb2495f 2022-07-05 mischa # copyright notice and this permission notice appear in all copies.

 11 8fb2495f 2022-07-05 mischa #

 12 8fb2495f 2022-07-05 mischa # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

 13 8fb2495f 2022-07-05 mischa # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

 14 8fb2495f 2022-07-05 mischa # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

 15 8fb2495f 2022-07-05 mischa # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

 16 8fb2495f 2022-07-05 mischa # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

 17 8fb2495f 2022-07-05 mischa # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

 18 8fb2495f 2022-07-05 mischa # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

 19 8fb2495f 2022-07-05 mischa #

 20 8fb2495f 2022-07-05 mischa import os

 21 8fb2495f 2022-07-05 mischa import sys

 22 8fb2495f 2022-07-05 mischa import re

 23 8fb2495f 2022-07-05 mischa import json

 24 8fb2495f 2022-07-05 mischa import time

 25 8fb2495f 2022-07-05 mischa import logging

 26 8fb2495f 2022-07-05 mischa import requests

 27 8fb2495f 2022-07-05 mischa import configparser

 28 8fb2495f 2022-07-05 mischa import argparse

 29 8fb2495f 2022-07-05 mischa 

 30 8fb2495f 2022-07-05 mischa # Parse all arguments

 31 8fb2495f 2022-07-05 mischa parser = argparse.ArgumentParser(description="Push single JSON file to AlkiraAPI (debug)")

 32 8fb2495f 2022-07-05 mischa parser.add_argument("-t", "--tenant", type=str, default='alkira.cnf', help="location of alikira.cnf (default: alkira.cnfi)")

 33 8fb2495f 2022-07-05 mischa parser.add_argument("-f", "--file", type=str, help="location of the JSON connector file")

 34 8fb2495f 2022-07-05 mischa parser.add_argument("-p", "--pretty", help="make the JSON pretty!", action="store_true")

 35 8fb2495f 2022-07-05 mischa parser.add_argument("-v", "--verbose", type=int, default=0, help="Verbose level 0 or 1 (default: 0)")

 36 8fb2495f 2022-07-05 mischa 

 37 8fb2495f 2022-07-05 mischa if len(sys.argv)==1:

 38 8fb2495f 2022-07-05 mischa     parser.print_help(sys.stderr)

 39 8fb2495f 2022-07-05 mischa     sys.exit(1)

 40 8fb2495f 2022-07-05 mischa 

 41 8fb2495f 2022-07-05 mischa try:

 42 8fb2495f 2022-07-05 mischa 	args = parser.parse_args()

 43 8fb2495f 2022-07-05 mischa 	ALKIRA_CONFIG = args.tenant

 44 8fb2495f 2022-07-05 mischa 	connector = args.file

 45 8fb2495f 2022-07-05 mischa except argparse.ArgumentError as e:

 46 8fb2495f 2022-07-05 mischa 	print(str(e))

 47 8fb2495f 2022-07-05 mischa 	sys.exit()

 48 8fb2495f 2022-07-05 mischa 

 49 8fb2495f 2022-07-05 mischa try:

 50 8fb2495f 2022-07-05 mischa 	loglevel = {

 51 8fb2495f 2022-07-05 mischa 		0: logging.INFO,

 52 8fb2495f 2022-07-05 mischa 		1: logging.DEBUG

 53 8fb2495f 2022-07-05 mischa 	}[args.verbose]

 54 8fb2495f 2022-07-05 mischa except KeyError:

 55 8fb2495f 2022-07-05 mischa 	loglevel = logging.INFO

 56 8fb2495f 2022-07-05 mischa 

 57 8fb2495f 2022-07-05 mischa ###############################################

 58 8fb2495f 2022-07-05 mischa 

 59 8fb2495f 2022-07-05 mischa # Set loglevel (logging.INFO, logging.DEBUG)

 60 8fb2495f 2022-07-05 mischa logging.basicConfig(level=loglevel)

 61 8fb2495f 2022-07-05 mischa logging = logging.getLogger('AlkiraAPI')

 62 8fb2495f 2022-07-05 mischa 

 63 8fb2495f 2022-07-05 mischa # Tenant config

 64 8fb2495f 2022-07-05 mischa if not os.path.isfile(ALKIRA_CONFIG):

 65 8fb2495f 2022-07-05 mischa         logging.error(f"The config file {ALKIRA_CONFIG} doesn't exist")

 66 8fb2495f 2022-07-05 mischa         sys.exit(1)

 67 8fb2495f 2022-07-05 mischa alkira = configparser.RawConfigParser()

 68 8fb2495f 2022-07-05 mischa alkira.read(ALKIRA_CONFIG)

 69 8fb2495f 2022-07-05 mischa 

 70 8fb2495f 2022-07-05 mischa ALKIRA_TENANT = alkira.get('alkira', 'ALKIRA_TENANT')

 71 8fb2495f 2022-07-05 mischa ALKIRA_USERNAME = alkira.get('alkira', 'ALKIRA_USERNAME')

 72 8fb2495f 2022-07-05 mischa ALKIRA_PASSWORD = alkira.get('alkira', 'ALKIRA_PASSWORD')

 73 8fb2495f 2022-07-05 mischa ALKIRA_BASE_URI = f'https://{ALKIRA_TENANT}/api'

 74 8fb2495f 2022-07-05 mischa AWS_SERVICE_USERNAME = alkira.get('services', 'AWS_SERVICE_USERNAME')

 75 8fb2495f 2022-07-05 mischa SERVICE_PASSWORD = alkira.get('services', 'SERVICE_PASSWORD')

 76 8fb2495f 2022-07-05 mischa CIDR_NAME = alkira.get('globalcidr', 'CIDR_NAME')

 77 8fb2495f 2022-07-05 mischa CIDR_DESCR = alkira.get('globalcidr', 'CIDR_DESCR')

 78 8fb2495f 2022-07-05 mischa CIDR_PREFIX = alkira.get('globalcidr', 'CIDR_PREFIX')

 79 8fb2495f 2022-07-05 mischa CIDR_CXP = alkira.get('globalcidr', 'CIDR_CXP')

 80 8fb2495f 2022-07-05 mischa 

 81 8fb2495f 2022-07-05 mischa ###############################################

 82 8fb2495f 2022-07-05 mischa 

 83 8fb2495f 2022-07-05 mischa # Set default headers

 84 8fb2495f 2022-07-05 mischa headers = {'Content-Type': "application/json"}

 85 8fb2495f 2022-07-05 mischa 

 86 8fb2495f 2022-07-05 mischa # URL Exceptions

 87 8fb2495f 2022-07-05 mischa url_exceptions = {

 88 8fb2495f 2022-07-05 mischa 	"saas": "internet",

 89 8fb2495f 2022-07-05 mischa 	"pan": "panfw",

 90 8fb2495f 2022-07-05 mischa 	"chkpfwservices": "chkp-fw-services",

 91 8fb2495f 2022-07-05 mischa 	"ftntfwservices": "ftnt-fw-services",

 92 5f0eb2bc 2022-07-08 mischa 	"ocivcnconnectors": "oci-vcn-connectors",

 93 8fb2495f 2022-07-05 mischa 	"remoteaccessconnectors": "alkira-remote-access-connector-templates"

 94 8fb2495f 2022-07-05 mischa 	}

 95 8fb2495f 2022-07-05 mischa 

 96 8fb2495f 2022-07-05 mischa # URL Exceptions creating credentials

 97 8fb2495f 2022-07-05 mischa service_credentials = {

 98 5f0eb2bc 2022-07-08 mischa 	"chkpfwservices": "chkp-fw",

 99 8fb2495f 2022-07-05 mischa 	"ftntfwservices": "ftntfw",

100 5f0eb2bc 2022-07-08 mischa 	"panfwservices": "pan"

101 8fb2495f 2022-07-05 mischa 	}

102 8fb2495f 2022-07-05 mischa 

103 8fb2495f 2022-07-05 mischa # URL Exceptions creating instance credentials

104 8fb2495f 2022-07-05 mischa service_instance_credentials = {

105 5f0eb2bc 2022-07-08 mischa 	"chkpfwservices": "chkp-fw-",

106 5f0eb2bc 2022-07-08 mischa 	"ftntfwservices": "ftntfw-"

107 8fb2495f 2022-07-05 mischa 	}

108 8fb2495f 2022-07-05 mischa 

109 8fb2495f 2022-07-05 mischa # Global CIDR

110 8fb2495f 2022-07-05 mischa service_global_cidr = [

111 5f0eb2bc 2022-07-08 mischa 	"chkpfwservices",

112 5f0eb2bc 2022-07-08 mischa 	"ftntfwservices",

113 5f0eb2bc 2022-07-08 mischa 	"panfwservices"

114 8fb2495f 2022-07-05 mischa 	]

115 8fb2495f 2022-07-05 mischa 

116 8fb2495f 2022-07-05 mischa # Credential Types

117 8fb2495f 2022-07-05 mischa credential_types = {

118 8fb2495f 2022-07-05 mischa 	"awsvpc": "",

119 8fb2495f 2022-07-05 mischa 	"azurevnet": "",

120 8fb2495f 2022-07-05 mischa 	"gcpvpc": "",

121 8fb2495f 2022-07-05 mischa 	"ocivcn": "",

122 8fb2495f 2022-07-05 mischa 	}

123 8fb2495f 2022-07-05 mischa 

124 8fb2495f 2022-07-05 mischa # Authenticate

125 8fb2495f 2022-07-05 mischa logging.info('=== Authenticating')

126 8fb2495f 2022-07-05 mischa body = {'userName': ALKIRA_USERNAME,

127 8fb2495f 2022-07-05 mischa 	'password': ALKIRA_PASSWORD}

128 8fb2495f 2022-07-05 mischa url = f'{ALKIRA_BASE_URI}/login'

129 8fb2495f 2022-07-05 mischa session = requests.session()

130 8fb2495f 2022-07-05 mischa response = session.post(url, data=json.dumps(body), headers=headers)

131 8fb2495f 2022-07-05 mischa 

132 8fb2495f 2022-07-05 mischa # Get TenantID

133 8fb2495f 2022-07-05 mischa logging.info('=== Fetching Tenant Info')

134 8fb2495f 2022-07-05 mischa url = f'{ALKIRA_BASE_URI}/tenantnetworks'

135 8fb2495f 2022-07-05 mischa response = session.get(url, headers=headers)

136 8fb2495f 2022-07-05 mischa data = response.json()

137 8fb2495f 2022-07-05 mischa tenantNetworkId = data[0]['id']

138 8fb2495f 2022-07-05 mischa tenantName = data[0]['name']

139 8fb2495f 2022-07-05 mischa logging.info(f'Tenant Name: {tenantName}')

140 8fb2495f 2022-07-05 mischa logging.info(f'Tenant ID: {tenantNetworkId}')

141 8fb2495f 2022-07-05 mischa 

142 8fb2495f 2022-07-05 mischa # Get Credentials

143 8fb2495f 2022-07-05 mischa logging.info('=== Fetching Credentials')

144 8fb2495f 2022-07-05 mischa url = f'{ALKIRA_BASE_URI}/credentials'

145 8fb2495f 2022-07-05 mischa response = session.get(url, headers=headers)

146 8fb2495f 2022-07-05 mischa data = response.json()

147 8fb2495f 2022-07-05 mischa logging.debug(json.dumps(data))

148 8fb2495f 2022-07-05 mischa for key in data:

149 8fb2495f 2022-07-05 mischa         if key['credentialType'].lower() in credential_types:

150 8fb2495f 2022-07-05 mischa                 logging.debug(f"CredentialType: {key['credentialType']} - CredentialId: {key['credentialId']}")

151 8fb2495f 2022-07-05 mischa                 credential_types[key['credentialType'].lower()] = key['credentialId']

152 8fb2495f 2022-07-05 mischa 

153 8fb2495f 2022-07-05 mischa # Push connector

154 8fb2495f 2022-07-05 mischa logging.info('=== Push Connector')

155 8fb2495f 2022-07-05 mischa connector_result = re.match(r'(\w+\/)?(\w+)(connectors|services)(\d+)', connector)

156 8fb2495f 2022-07-05 mischa if connector_result.group(1):

157 8fb2495f 2022-07-05 mischa 	config_path = connector_result.group(1)

158 8fb2495f 2022-07-05 mischa connector_type = connector_result.group(2)

159 8fb2495f 2022-07-05 mischa connector_name = f'{connector_type}{connector_result.group(3)}'

160 8fb2495f 2022-07-05 mischa connector_number = connector_result.group(4)

161 8fb2495f 2022-07-05 mischa logging.info(f'Name: {connector_name} #{connector_number}')

162 8fb2495f 2022-07-05 mischa 

163 8fb2495f 2022-07-05 mischa if connector_name in service_credentials.keys():

164 8fb2495f 2022-07-05 mischa 	print('=== Create Credentials')

165 8fb2495f 2022-07-05 mischa 	credentials_url = service_credentials[connector_name]

166 8fb2495f 2022-07-05 mischa 	fwcredential = f'fwcredentials-{time.time()}'

167 8fb2495f 2022-07-05 mischa 	body = {

168 8fb2495f 2022-07-05 mischa 		"credentials": {

169 8fb2495f 2022-07-05 mischa 			"userName": AWS_SERVICE_USERNAME,

170 8fb2495f 2022-07-05 mischa 			"password": SERVICE_PASSWORD

171 8fb2495f 2022-07-05 mischa 		},

172 8fb2495f 2022-07-05 mischa 		"name": fwcredential

173 8fb2495f 2022-07-05 mischa 	}

174 8fb2495f 2022-07-05 mischa 	if args.pretty:

175 8fb2495f 2022-07-05 mischa 		print(json.dumps(body, indent=4))

176 8fb2495f 2022-07-05 mischa 	else:

177 8fb2495f 2022-07-05 mischa 		print(json.dumps(body))

178 8fb2495f 2022-07-05 mischa 

179 8fb2495f 2022-07-05 mischa 	url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}'

180 8fb2495f 2022-07-05 mischa 	print(url)

181 8fb2495f 2022-07-05 mischa 	response = session.post(url, data=json.dumps(body), headers=headers)

182 8fb2495f 2022-07-05 mischa 	print(response.status_code)

183 8fb2495f 2022-07-05 mischa 	print(response.content)

184 8fb2495f 2022-07-05 mischa 	json_body = response.json()

185 8fb2495f 2022-07-05 mischa 	if response.status_code == 200:

186 8fb2495f 2022-07-05 mischa 		service_credentialid = json_body['id']

187 8fb2495f 2022-07-05 mischa 		print(f'credentialId: {service_credentialid}')

188 8fb2495f 2022-07-05 mischa 

189 8fb2495f 2022-07-05 mischa 	if connector_name in service_instance_credentials.keys():

190 8fb2495f 2022-07-05 mischa 		credentials_url = service_instance_credentials[connector_name]

191 8fb2495f 2022-07-05 mischa 

192 8fb2495f 2022-07-05 mischa 	print('=== Create Instance Credentials')

193 8fb2495f 2022-07-05 mischa 	url = f'{ALKIRA_BASE_URI}/credentials/{credentials_url}instance'

194 8fb2495f 2022-07-05 mischa 	print(url)

195 8fb2495f 2022-07-05 mischa 	response = session.post(url, data=json.dumps(body), headers=headers)

196 8fb2495f 2022-07-05 mischa 	print(response.status_code)

197 8fb2495f 2022-07-05 mischa 	print(response.content)

198 8fb2495f 2022-07-05 mischa 	json_body = response.json()

199 8fb2495f 2022-07-05 mischa 	if response.status_code == 200:

200 8fb2495f 2022-07-05 mischa 		service_instance_credentialid = json_body['id']

201 8fb2495f 2022-07-05 mischa 		print(f'instance credentialId: {service_instance_credentialid}')

202 8fb2495f 2022-07-05 mischa 

203 8fb2495f 2022-07-05 mischa if connector_name in service_global_cidr:

204 8fb2495f 2022-07-05 mischa 	print('=== Create Global CIDR')

205 8fb2495f 2022-07-05 mischa 	body = {

206 8fb2495f 2022-07-05 mischa 		"name": CIDR_NAME,

207 8fb2495f 2022-07-05 mischa 		"description": CIDR_DESCR,

208 8fb2495f 2022-07-05 mischa 		"values": [

209 8fb2495f 2022-07-05 mischa 			CIDR_PREFIX

210 8fb2495f 2022-07-05 mischa 		],

211 8fb2495f 2022-07-05 mischa 		"cxp": CIDR_CXP

212 8fb2495f 2022-07-05 mischa 	}

213 8fb2495f 2022-07-05 mischa 	if args.pretty:

214 8fb2495f 2022-07-05 mischa 		print(json.dumps(body, indent=4))

215 8fb2495f 2022-07-05 mischa 	else:

216 8fb2495f 2022-07-05 mischa 		print(json.dumps(body))

217 8fb2495f 2022-07-05 mischa 

218 8fb2495f 2022-07-05 mischa 	url = f'{ALKIRA_BASE_URI}/tenantnetworks/{tenantNetworkId}/global-cidr-lists'

219 8fb2495f 2022-07-05 mischa 	print(url)

220 8fb2495f 2022-07-05 mischa 	response = session.post(url, data=json.dumps(body), headers=headers)

221 8fb2495f 2022-07-05 mischa 	print(response.status_code)

222 8fb2495f 2022-07-05 mischa 	print(response.content)

223 8fb2495f 2022-07-05 mischa 	json_body = response.json()

224 8fb2495f 2022-07-05 mischa 	if response.status_code == 201:

225 8fb2495f 2022-07-05 mischa 		global_cidr_id = json_body['id']

226 8fb2495f 2022-07-05 mischa 		print(f'global cidr id: {global_cidr_id}')

227 8fb2495f 2022-07-05 mischa 

228 8fb2495f 2022-07-05 mischa with open (connector, 'r') as f:

229 8fb2495f 2022-07-05 mischa 	body = json.load(f)

230 8fb2495f 2022-07-05 mischa 

231 8fb2495f 2022-07-05 mischa if 'connectors' in connector_name and connector_type in credential_types and credential_types[connector_type]:

232 8fb2495f 2022-07-05 mischa 	if 'credentialId' in body:

233 8fb2495f 2022-07-05 mischa 		logging.debug(f"JSON credentialid: {body['credentialId']}")

234 8fb2495f 2022-07-05 mischa 		logging.debug(f'API credentialid: {credential_types[connector_type]}')

235 8fb2495f 2022-07-05 mischa 		body['credentialId'] = credential_types[connector_type]

236 8fb2495f 2022-07-05 mischa 

237 8fb2495f 2022-07-05 mischa if 'services' in connector_name and 'credentialId' in body:

238 8fb2495f 2022-07-05 mischa 	body['credentialId'] = service_credentialid

239 8fb2495f 2022-07-05 mischa 	print(f'JSON credentialId: {service_credentialid}')

240 8fb2495f 2022-07-05 mischa 

241 8fb2495f 2022-07-05 mischa if 'services' in connector_name and 'instances' in body:

242 8fb2495f 2022-07-05 mischa 	body['instances'][0]['credentialId'] = service_instance_credentialid

243 8fb2495f 2022-07-05 mischa 	print(f'JSON credentialId: {service_instance_credentialid}')

244 8fb2495f 2022-07-05 mischa 

245 8fb2495f 2022-07-05 mischa if 'services' in connector_name and 'managementServer' in body:

246 8fb2495f 2022-07-05 mischa 	body['managementServer']['globalCidrListId'] = global_cidr_id

247 8fb2495f 2022-07-05 mischa 	print(f'JSON globalCidrListId: {global_cidr_id}')

248 8fb2495f 2022-07-05 mischa 

249 8fb2495f 2022-07-05 mischa if args.pretty:

250 8fb2495f 2022-07-05 mischa 	print(json.dumps(body, indent=4))

251 8fb2495f 2022-07-05 mischa else:

252 8fb2495f 2022-07-05 mischa 	print(json.dumps(body))

253 8fb2495f 2022-07-05 mischa 

254 8fb2495f 2022-07-05 mischa if connector_name in url_exceptions.keys():

255 8fb2495f 2022-07-05 mischa 	connector_name = url_exceptions[connector_name]

256 8fb2495f 2022-07-05 mischa 

257 8fb2495f 2022-07-05 mischa print(f'=== Create {connector_name}')

258 8fb2495f 2022-07-05 mischa url = f'{ALKIRA_BASE_URI}/tenantnetworks/{tenantNetworkId}/{connector_name}'

259 8fb2495f 2022-07-05 mischa response = session.post(url, data=json.dumps(body), headers=headers)

260 8fb2495f 2022-07-05 mischa print(response.status_code)

261 8fb2495f 2022-07-05 mischa print(response.content)