Skip to content

Commit

Permalink
ansible version 2.0.0
Browse files Browse the repository at this point in the history
  • Loading branch information
chkp-orso committed Sep 15, 2020
1 parent 0d2f4ec commit f8bde4c
Show file tree
Hide file tree
Showing 5 changed files with 287 additions and 1 deletion.
5 changes: 5 additions & 0 deletions plugins/doc_fragments/checkpoint_commands.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ class ModuleDocFragment(object):
- Wait for the task to end. Such as publish task.
type: bool
default: True
wait_for_task_timeout:
description:
- How many minutes to wait until throwing a timeout error.
type: int
default: 30
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
Expand Down
5 changes: 5 additions & 0 deletions plugins/doc_fragments/checkpoint_objects.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@ class ModuleDocFragment(object):
- Wait for the task to end. Such as publish task.
type: bool
default: True
wait_for_task_timeout:
description:
- How many minutes to wait until throwing a timeout error.
type: int
default: 30
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
Expand Down
8 changes: 7 additions & 1 deletion plugins/module_utils/checkpoint.py
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
checkpoint_argument_spec_for_objects = dict(
auto_publish_session=dict(type='bool'),
wait_for_task=dict(type='bool', default=True),
wait_for_task_timeout=dict(type='int', default=30),
state=dict(type='str', choices=['present', 'absent'], default='present'),
version=dict(type='str')
)
Expand All @@ -47,6 +48,7 @@

checkpoint_argument_spec_for_commands = dict(
wait_for_task=dict(type='bool', default=True),
wait_for_task_timeout=dict(type='int', default=30),
version=dict(type='str')
)

Expand All @@ -70,6 +72,7 @@ def is_checkpoint_param(parameter):
if parameter == 'auto_publish_session' or \
parameter == 'state' or \
parameter == 'wait_for_task' or \
parameter == 'wait_for_task_timeout' or \
parameter == 'version':
return False
return True
Expand Down Expand Up @@ -101,8 +104,11 @@ def get_payload_from_parameters(params):
def wait_for_task(module, version, connection, task_id):
task_id_payload = {'task-id': task_id, 'details-level': 'full'}
task_complete = False
minutes_until_timeout = 30
if module.params['wait_for_task_timeout'] is not None and module.params['wait_for_task_timeout'] >= 0:
minutes_until_timeout = module.params['wait_for_task_timeout']
max_num_iterations = minutes_until_timeout * 30
current_iteration = 0
max_num_iterations = 300

# As long as there is a task in progress
while not task_complete and current_iteration < max_num_iterations:
Expand Down
122 changes: 122 additions & 0 deletions plugins/modules/cp_mgmt_set_session.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Ansible module to manage CheckPoint Firewall (c) 2019
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#

from __future__ import (absolute_import, division, print_function)

__metaclass__ = type

ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}

DOCUMENTATION = """
---
module: cp_mgmt_set_session
short_description: Edit user's current session.
description:
- Edit user's current session.
- All operations are performed over Web Services API.
version_added: "2.9"
author: "Or Soffer (@chkp-orso)"
options:
description:
description:
- Session description.
type: str
new_name:
description:
- New name of the object.
type: str
tags:
description:
- Collection of tag identifiers.
type: list
color:
description:
- Color of the object. Should be one of existing colors.
type: str
choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
comments:
description:
- Comments string.
type: str
details_level:
description:
- The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
representation of the object.
type: str
choices: ['uid', 'standard', 'full']
ignore_warnings:
description:
- Apply changes ignoring warnings.
type: bool
ignore_errors:
description:
- Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
type: bool
extends_documentation_fragment: check_point.mgmt.checkpoint_commands
"""

EXAMPLES = """
- name: set-session
cp_mgmt_set_session:
description: Session to work on ticket number CR00323665
state: present
"""

RETURN = """
cp_mgmt_set_session:
description: The checkpoint set-session output.
returned: always.
type: dict
"""

from ansible.module_utils.basic import AnsibleModule
from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command


def main():
argument_spec = dict(
description=dict(type='str'),
new_name=dict(type='str'),
tags=dict(type='list'),
color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
'yellow']),
comments=dict(type='str'),
details_level=dict(type='str', choices=['uid', 'standard', 'full']),
ignore_warnings=dict(type='bool'),
ignore_errors=dict(type='bool')
)
argument_spec.update(checkpoint_argument_spec_for_commands)

module = AnsibleModule(argument_spec=argument_spec)

command = "set-session"

result = api_command(module, command)
module.exit_json(**result)


if __name__ == '__main__':
main()
148 changes: 148 additions & 0 deletions plugins/modules/cp_mgmt_show_logs.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,148 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Ansible module to manage CheckPoint Firewall (c) 2019
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#

from __future__ import (absolute_import, division, print_function)

__metaclass__ = type

ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}

DOCUMENTATION = """
---
module: cp_mgmt_show_logs
short_description: Showing logs according to the given filter.
description:
- Showing logs according to the given filter.
- All operations are performed over Web Services API.
version_added: "2.9"
author: "Or Soffer (@chkp-orso)"
options:
new_query:
description:
- Running a new query.
type: dict
suboptions:
filter:
description:
- The filter as entered in SmartConsole/SmartView.
type: str
time_frame:
description:
- Specify the time frame to query logs.
type: str
choices: ['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday', 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']
custom_start:
description:
- This option is only applicable when using the custom time-frame option.
type: str
custom_end:
description:
- This option is only applicable when using the custom time-frame option.
type: str
max_logs_per_request:
description:
- Limit the number of logs to be retrieved.
type: int
top:
description:
- Top results configuration.
type: dict
suboptions:
field:
description:
- The field on which the top command is executed.
type: str
choices: ['sources', 'destinations', 'services', 'actions', 'blades' , 'origins', 'users', 'applications']
count:
description:
- The number of results to retrieve.
type: int
type:
description:
- Type of logs to return.
type: str
choices: ['logs', 'audit']
log_servers:
description:
- List of IP's of logs servers to query.
type: list
query_id:
description:
- Get the next page of last run query with specified limit.
type: str
ignore_warnings:
description:
- Ignore warnings if exist.
type: bool
extends_documentation_fragment: check_point.mgmt.checkpoint_commands
"""

EXAMPLES = """
- name: show-logs
cp_mgmt_show_logs:
new_query:
filter: blade:"Threat Emulation"
max_logs_per_request: '2'
time_frame: today
"""

RETURN = """
cp_mgmt_show_logs:
description: The checkpoint show-logs output.
returned: always.
type: dict
"""

from ansible.module_utils.basic import AnsibleModule
from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command


def main():
argument_spec = dict(
new_query=dict(type='dict', options=dict(
filter=dict(type='str'),
time_frame=dict(type='str', choices=['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday',
'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']),
custom_start=dict(type='str'),
custom_end=dict(type='str'),
max_logs_per_request=dict(type='int'),
top=dict(type='dict', options=dict(
field=dict(type='str', choices=['sources', 'destinations', 'services', 'actions', 'blades', 'origins', 'users', 'applications']),
count=dict(type='int')
)),
type=dict(type='str', choices=['logs', 'audit']),
log_servers=dict(type='list')
)),
query_id=dict(type='str'),
ignore_warnings=dict(type='bool')
)
argument_spec.update(checkpoint_argument_spec_for_commands)

module = AnsibleModule(argument_spec=argument_spec)

command = "show-logs"

result = api_command(module, command)
module.exit_json(**result)


if __name__ == '__main__':
main()

0 comments on commit f8bde4c

Please sign in to comment.