Merge pull request #10 from cdot65/update-limit

Update limit
cdot65 · Oct 8, 2024 · 61879c9 · 61879c9
2 parents 14f39de + 3ca0282
commit 61879c9
Show file tree

Hide file tree

Showing 7 changed files with 154 additions and 2 deletions.
diff --git a/docs/about/release-notes.md b/docs/about/release-notes.md
@@ -4,6 +4,18 @@ Welcome to the release notes for the `scm-config-clone` tool. This document prov
 
 ---
 
+## Version 0.1.1
+
+**Release Date:** October 8, 2024
+
+### Introduction
+
+- **Features**:
+  - **Security Profile Groups**: Adding a new command for security profile groups.
+  - **Limit Update**: Update the limit parameter within the request to 5000.
+
+---
+
 ## Version 0.1.0
 
 **Release Date:** October 8, 2024

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "scm-config-clone"
-version = "0.1.0"
+version = "0.1.1"
 description = "A command-line tool to clone configuration objects between Palo Alto Networks Strata Cloud Manager (SCM) tenants."
 authors = ["Calvin Remsburg <calvin@cdot.io>"]
 license = "Apache 2.0"

diff --git a/scm_config_clone/commands/__init__.py b/scm_config_clone/commands/__init__.py
@@ -8,4 +8,5 @@
 
 from .clone_address_objects import clone_address_objects
 from .clone_address_groups import clone_address_groups
+from .clone_security_profile_groups import clone_security_profile_groups
 from .create_secrets_file import create_secrets_file
diff --git a/scm_config_clone/commands/clone_address_objects.py b/scm_config_clone/commands/clone_address_objects.py
@@ -2,7 +2,6 @@
 
 import typer
 import logging
-from pathlib import Path
 
 from scm_config_clone.utilities.helpers import (
     authenticate_scm,

diff --git a/scm_config_clone/commands/clone_security_profile_groups.py b/scm_config_clone/commands/clone_security_profile_groups.py
@@ -0,0 +1,82 @@
+# scm_config_clone/commands/clone_security_profile_groups.py
+
+import typer
+import logging
+
+from scm_config_clone.utilities.helpers import (
+    authenticate_scm,
+    create_scm_security_profile_groups,
+)
+from scm_config_clone.config.settings import load_settings
+from panapi.config.security import ProfileGroup
+
+logger = logging.getLogger(__name__)
+
+
+def clone_security_profile_groups(
+    settings_file: str = typer.Option(
+        ".secrets.yaml",
+        "--settings-file",
+        "-s",
+        help="Path to the settings YAML file.",
+    ),
+):
+    """
+    Clone security profile groups from the source to the destination SCM tenant.
+
+    Authenticates with both source and destination tenants, retrieves security profile groups from the source,
+    and creates them in the destination tenant.
+
+    Args:
+        settings_file (str): Path to the YAML settings file.
+
+    Error:
+        typer.Exit: Exits the application if an error occurs during the process.
+
+    Return:
+        None
+    """
+    typer.echo("Starting security profile groups migration...")
+
+    # Load settings
+    settings = load_settings(settings_file)
+
+    # Authenticate with source tenant
+    try:
+        source_session = authenticate_scm(settings["source_scm"])
+    except Exception as e:
+        logger.error(f"Error authenticating with source tenant: {e}")
+        raise typer.Exit(code=1)
+
+    # Retrieve security profile groups from source
+    try:
+        folder = {"folder": settings["source_scm"]["folder"]}
+        source_profile_group = ProfileGroup(**folder)
+        profile_groups = source_profile_group.list(source_session)
+        logger.info(f"Retrieved {len(profile_groups)} security profile groups from source.")
+    except Exception as e:
+        logger.error(f"Error retrieving security profile groups from source: {e}")
+        raise typer.Exit(code=1)
+
+    # Authenticate with destination tenant
+    try:
+        destination_session = authenticate_scm(settings["destination_scm"])
+    except Exception as e:
+        logger.error(f"Error authenticating with destination tenant: {e}")
+        raise typer.Exit(code=1)
+
+    # Create security profile groups in destination
+    try:
+        created_profile_groups = create_scm_security_profile_groups(
+            profile_groups=profile_groups,
+            folder=settings["destination_scm"]["folder"],
+            session=destination_session,
+        )
+        logger.info(
+            f"Successfully created {len(created_profile_groups)} security profile groups in destination."
+        )
+    except Exception as e:
+        logger.error(f"Error creating security profile groups in destination: {e}")
+        raise typer.Exit(code=1)
+
+    typer.echo("Security profile groups migration completed successfully.")
diff --git a/scm_config_clone/main.py b/scm_config_clone/main.py
@@ -20,6 +20,7 @@
 from scm_config_clone.commands import (
     clone_address_objects,
     clone_address_groups,
+    clone_security_profile_groups,
     create_secrets_file,
 )
 
@@ -36,6 +37,7 @@
 # Register commands
 app.command()(clone_address_objects)
 app.command()(clone_address_groups)
+app.command()(clone_security_profile_groups)
 app.command()(create_secrets_file)
 
 if __name__ == "__main__":

diff --git a/scm_config_clone/utilities/helpers.py b/scm_config_clone/utilities/helpers.py
@@ -5,6 +5,7 @@
 
 from panapi import PanApiSession
 from panapi.config.objects import Address, AddressGroup
+from panapi.config.security import ProfileGroup
 
 logger = logging.getLogger(__name__)
 
@@ -67,6 +68,7 @@ def create_scm_address_objects(
         scm_address_data = {
             "name": address_object.name,
             "folder": folder,
+            "limit": 5000,
         }
 
         # Optional fields
@@ -130,6 +132,7 @@ def create_scm_address_groups(
         scm_address_group_data = {
             "folder": folder,
             "name": address_group.name,
+            "limit": 5000,
         }
 
         # Optional fields
@@ -160,3 +163,56 @@ def create_scm_address_groups(
             raise
 
     return scm_address_groups
+
+
+def create_scm_security_profile_groups(
+    profile_groups: List[ProfileGroup],
+    folder: str,
+    session: PanApiSession,
+) -> List[Dict[str, str]]:
+    """
+    Create security profile groups in the destination SCM tenant.
+
+    Iterates over list of security profile groups and creates them in the specified folder of the destination tenant.
+
+    Args:
+        profile_groups (List[ProfileGroup]): List of security profile groups to create.
+        folder (str): Folder name in the destination tenant.
+        session (PanApiSession): Authenticated API session for the destination tenant.
+
+    Error:
+        Exception: Raises an exception if creation fails.
+
+    Return:
+        List[Dict[str, str]]: List of created security profile group data.
+    """
+    scm_profile_groups = []
+
+    for profile_group in profile_groups:
+        # Extract attributes
+        scm_profile_group_data = {
+            "name": profile_group.name,
+            "folder": folder,
+            "limit": 5000,
+        }
+
+        # Optional fields
+        if getattr(profile_group, "description", None):
+            scm_profile_group_data["description"] = profile_group.description
+
+
+        logger.debug(f"Processing scm_profile_group_data: {scm_profile_group_data}.")
+
+        # Create address object
+        try:
+            scm_address = Address(**scm_profile_group_data)
+            scm_address.create(session)
+            scm_profile_groups.append(scm_profile_group_data)
+            logger.info(f"Created address object {profile_group.name}")
+        except Exception as e:
+            logger.error(f"Error creating address object {profile_group.name}: {e}")
+            raise
+
+    return scm_profile_groups
+
+