Class: Puppet::Transport::Panos

Inherits:

Object

• Object
• Puppet::Transport::Panos

Defined in:

lib/puppet/transport/panos.rb

Overview

The main connection class to a PAN-OS API endpoint

Defined Under Namespace

Classes: API

Class Method Summary

• .validate_connection_info(connection_info) ⇒ Object

Instance Method Summary

• #apikey ⇒ Object
• #commit ⇒ Object
• #delete_config(xpath) ⇒ Object
• #edit_config(xpath, document) ⇒ Object
• #facts(context) ⇒ Object
• #fetch_device_facts(context) ⇒ Object
• #get_config(xpath) ⇒ Object
• #import(file_path, category) ⇒ Object
• #initialize(_context, connection_info) ⇒ Panos constructor

  attr_reader :config.

• #load_config(file_name) ⇒ Object
• #outstanding_changes? ⇒ Boolean
• #parse_device_facts(response) ⇒ Object
• #set_config(xpath, document) ⇒ Object
• #show_config ⇒ Object
• #validate ⇒ Object

Constructor Details

#initialize(_context, connection_info) ⇒ Panos

attr_reader :config

# File 'lib/puppet/transport/panos.rb', line 17

def initialize(_context, connection_info)
  @connection_info = self.class.validate_connection_info(connection_info)
end

Class Method Details

.validate_connection_info(connection_info) ⇒ Object

Raises:

• (Puppet::ResourceError)

# File 'lib/puppet/transport/panos.rb', line 10

def self.validate_connection_info(connection_info)
  raise Puppet::ResourceError, 'Could not find "user"/"password" or "apikey" in the configuration' unless (connection_info.key?(:user) && connection_info.key?(:password)) || connection_info.key?(:apikey) # rubocop:disable Metrics/LineLength
  connection_info
end

Instance Method Details

#apikey ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 105

def apikey
  api.apikey
end

#commit ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 99

def commit
  Puppet.debug('Committing outstanding changes')
  # https://<firewall>/api/?type=commit&cmd=<commit></commit>
  api.job_request('commit', cmd: '<commit></commit>')
end

#delete_config(xpath) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 62

def delete_config(xpath)
  Puppet.debug("Deleting #{xpath}")
  # https://<firewall>/api/?key=apikey&type=config&action=delete&xpath=xpath-value
  api.request('config', action: 'delete', xpath: xpath)
end

#edit_config(xpath, document) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 56

def edit_config(xpath, document)
  Puppet.debug("Updating #{xpath}")
  # https://<firewall>/api/?key=apikey&type=config&action=edit&xpath=xpath-value&element=element-value
  api.request('config', action: 'edit', xpath: xpath, element: document)
end

#facts(context) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 21

def facts(context)
  @facts ||= parse_device_facts(fetch_device_facts(context))
end

#fetch_device_facts(context) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 25

def fetch_device_facts(context)
  context.debug('Retrieving PANOS Device Facts')
  # https://<firewall>/api/?key=apikey&type=version
  api.request('version')
end

#get_config(xpath) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 44

def get_config(xpath)
  Puppet.debug("Retrieving #{xpath}")
  # https://<firewall>/api/?key=apikey&type=config&action=get&xpath=<path-to-config-node>
  api.request('config', action: 'get', xpath: xpath)
end

#import(file_path, category) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 68

def import(file_path, category)
  Puppet.debug("Importing #{category}")
  # https://<firewall>/api/?key=apikey&type=import&category=category
  # POST: File(file_path)
  api.upload('import', file_path, category: category)
end

#load_config(file_name) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 75

def load_config(file_name)
  Puppet.debug('Loading Config')
  # https://<firewall>/api/?type=op&cmd=<load><config><from>file_name</from></config></load>
  api.request('op', cmd: "<load><config><from>#{file_name}</from></config></load>")
end

#outstanding_changes? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/transport/panos.rb', line 87

def outstanding_changes?
  # /api/?type=op&cmd=<check><pending-changes></pending-changes></check>
  result = api.request('op', cmd: '<check><pending-changes></pending-changes></check>')
  result.elements['/response/result'].text == 'yes'
end

#parse_device_facts(response) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 31

def parse_device_facts(response)
  facts = {}

  model = response.elements['/response/result/model'].text
  version = response.elements['/response/result/sw-version'].text
  vsys = response.elements['/response/result/multi-vsys'].text

  facts['operatingsystem'] = model if model
  facts['operatingsystemrelease'] = version if version
  facts['multi-vsys'] = vsys if vsys
  facts
end

#set_config(xpath, document) ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 50

def set_config(xpath, document)
  Puppet.debug("Writing to #{xpath}")
  # https://<firewall>/api/?key=apikey&type=config&action=set&xpath=xpath-value&element=element-value
  api.request('config', action: 'set', xpath: xpath, element: document)
end

#show_config ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 81

def show_config
  Puppet.debug('Retrieving Config')
  # https://<firewall>/api/?type=op&cmd=<show><config><running></running></config></show>
  api.request('op', cmd: '<show><config><running></running></config></show>')
end

#validate ⇒ Object

# File 'lib/puppet/transport/panos.rb', line 93

def validate
  Puppet.debug('Validating configuration')
  # https://<firewall>/api/?type=op&cmd=<validate><full></full></validate>
  api.job_request('op', cmd: '<validate><full></full></validate>')
end