palo_alto 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +2 -0
  4. data/examples/test_config.rb +31 -15
  5. data/examples/test_op.rb +54 -73
  6. data/lib/palo_alto/config.rb +79922 -52904
  7. data/lib/palo_alto/op.rb +5290 -756
  8. data/lib/palo_alto/version.rb +1 -1
  9. data/lib/palo_alto.rb +41 -31
  10. metadata +2 -2
data/lib/palo_alto/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PaloAlto
4
- VERSION = '0.4.0'
4
+ VERSION = '0.5.1'
5
5
  end
data/lib/palo_alto.rb CHANGED
@@ -129,6 +129,7 @@ module PaloAlto
129
129
  raise SessionTimedOutException
130
130
  when '400', '403'
131
131
  begin
132
+ pp [:error, options[:host], response.code, response.message]
132
133
  data = Nokogiri::XML.parse(response.body)
133
134
  message = data.xpath('//response/response/msg').text
134
135
  code = response.code.to_i
@@ -194,7 +195,7 @@ module PaloAlto
194
195
  new_xpath = 'response/result/' + search_xpath[(remove+2)..]
195
196
 
196
197
  results = cache.xpath(new_xpath)
197
- xml = Nokogiri.parse("<?xml version=\"1.0\"?><response><result>#{results.to_s}</result></response>")
198
+ xml = Nokogiri.parse("<?xml version=\"1.0\"?><response><result>#{results.to_s}</result></response>")
198
199
 
199
200
  if debug.include?(:statistics)
200
201
  warn "Elapsed for parsing cache: #{Time.now - start_time} seconds"
@@ -215,7 +216,7 @@ module PaloAlto
215
216
  options[:verify_ssl] = verify_ssl
216
217
  options[:payload] = payload
217
218
  options[:debug] = debug
218
- options[:timeout] = timeout || 180
219
+ options[:timeout] = timeout || 600
219
220
  options[:headers] = if payload[:type] == 'keygen'
220
221
  {}
221
222
  else
@@ -262,6 +263,7 @@ module PaloAlto
262
263
  rescue TemporaryException => e
263
264
  dont_retry_at = [
264
265
  'Partial revert is not allowed. Full system commit must be completed.',
266
+ 'Local commit jobs are queued. Revert operation is not allowed.',
265
267
  'Config for scope ',
266
268
  'Config is not currently locked for scope ',
267
269
  'Commit lock is not currently held by',
@@ -275,7 +277,7 @@ module PaloAlto
275
277
  max_retries = if dont_retry_at.any? { |str| e.message.start_with?(str) }
276
278
  0
277
279
  elsif e.message.start_with?('Timed out while getting config lock. Please try again.')
278
- 10
280
+ 30
279
281
  else
280
282
  1
281
283
  end
@@ -321,23 +323,31 @@ module PaloAlto
321
323
  cmd = if all
322
324
  'commit'
323
325
  else
324
- { commit: { partial: [
325
- { 'admin': admins },
326
- if device_groups
327
- device_groups.empty? ? 'no-device-group' : { 'device-group': device_groups }
328
- end,
329
- if templates
330
- templates.empty? ? 'no-template' : { 'template': templates }
331
- end,
332
- 'no-template-stack',
333
- 'no-log-collector',
334
- 'no-log-collector-group',
335
- 'no-wildfire-appliance',
336
- 'no-wildfire-appliance-cluster',
337
- { 'device-and-network': 'excluded' },
338
- { 'shared-object': 'excluded' }
339
- ].compact } }
326
+ commit_partial = {
327
+ 'no-template-stack': true,
328
+ 'no-log-collector': true,
329
+ 'no-log-collector-group': true,
330
+ 'no-wildfire-appliance': true,
331
+ 'no-wildfire-appliance-cluster': true,
332
+ 'device-and-network': 'excluded',
333
+ 'shared-object': 'excluded'
334
+ }
335
+
336
+ if device_groups
337
+ commit_partial.merge!(device_groups.empty? ? {'no-device-group': true} : { 'device-group': device_groups })
338
+ end
339
+
340
+ if templates
341
+ commit_partial.merge!(templates.empty? ? {'no-template': true} : { 'template': templates })
342
+ end
343
+
344
+ if admins
345
+ commit_partial.merge!({'admin': admins})
346
+ end
347
+
348
+ { commit: { partial: commit_partial } }
340
349
  end
350
+
341
351
  result = op.execute(cmd)
342
352
 
343
353
  return result if raw_result
@@ -358,7 +368,7 @@ module PaloAlto
358
368
  def primary_active?
359
369
  cmd = { show: { 'high-availability': 'state' } }
360
370
  state = op.execute(cmd)
361
- state.at_xpath('response/result/local-info/state').text == 'primary-active'
371
+ state.at_xpath('response/result/local-info/state')&.text == 'primary-active'
362
372
  end
363
373
 
364
374
  # area: config, commit
@@ -500,17 +510,17 @@ module PaloAlto
500
510
  cmd = if all
501
511
  { revert: 'config' }
502
512
  else
503
- { revert: { config: { partial: [
504
- { 'admin': [username] },
505
- 'no-template',
506
- 'no-template-stack',
507
- 'no-log-collector',
508
- 'no-log-collector-group',
509
- 'no-wildfire-appliance',
510
- 'no-wildfire-appliance-cluster',
511
- { 'device-and-network': 'excluded' },
512
- { 'shared-object': 'excluded' }
513
- ] } } }
513
+ { revert: { config: { partial: {
514
+ 'admin': [username],
515
+ 'no-template': true,
516
+ 'no-template-stack': true,
517
+ 'no-log-collector': true,
518
+ 'no-log-collector-group': true,
519
+ 'no-wildfire-appliance': true,
520
+ 'no-wildfire-appliance-cluster': true,
521
+ 'device-and-network': 'excluded',
522
+ 'shared-object': 'excluded'
523
+ } } } }
514
524
  end
515
525
 
516
526
  waited = 0
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: palo_alto
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sebastian Roesner
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-10-19 00:00:00.000000000 Z
11
+ date: 2024-04-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri