ansible version 2.0.0

chkp-orso · chkp-orso · commit f8bde4cebd86 · 2020-09-15T16:55:50.000+03:00
diff --git a/plugins/doc_fragments/checkpoint_commands.py b/plugins/doc_fragments/checkpoint_commands.py
@@ -17,6 +17,11 @@ class ModuleDocFragment(object):
       - Wait for the task to end. Such as publish task.
     type: bool
     default: True
+  wait_for_task_timeout:
+    description:
+      - How many minutes to wait until throwing a timeout error.
+    type: int
+    default: 30
   version:
     description:
       - Version of checkpoint. If not given one, the latest version taken.
diff --git a/plugins/doc_fragments/checkpoint_objects.py b/plugins/doc_fragments/checkpoint_objects.py
@@ -30,6 +30,11 @@ class ModuleDocFragment(object):
       - Wait for the task to end. Such as publish task.
     type: bool
     default: True
+  wait_for_task_timeout:
+    description:
+      - How many minutes to wait until throwing a timeout error.
+    type: int
+    default: 30
   version:
     description:
       - Version of checkpoint. If not given one, the latest version taken.
diff --git a/plugins/module_utils/checkpoint.py b/plugins/module_utils/checkpoint.py
@@ -37,6 +37,7 @@
 checkpoint_argument_spec_for_objects = dict(
     auto_publish_session=dict(type='bool'),
     wait_for_task=dict(type='bool', default=True),
+    wait_for_task_timeout=dict(type='int', default=30),
     state=dict(type='str', choices=['present', 'absent'], default='present'),
     version=dict(type='str')
 )
@@ -47,6 +48,7 @@
 
 checkpoint_argument_spec_for_commands = dict(
     wait_for_task=dict(type='bool', default=True),
+    wait_for_task_timeout=dict(type='int', default=30),
     version=dict(type='str')
 )
 
@@ -70,6 +72,7 @@ def is_checkpoint_param(parameter):
     if parameter == 'auto_publish_session' or \
             parameter == 'state' or \
             parameter == 'wait_for_task' or \
+            parameter == 'wait_for_task_timeout' or \
             parameter == 'version':
         return False
     return True
@@ -101,8 +104,11 @@ def get_payload_from_parameters(params):
 def wait_for_task(module, version, connection, task_id):
     task_id_payload = {'task-id': task_id, 'details-level': 'full'}
     task_complete = False
+    minutes_until_timeout = 30
+    if module.params['wait_for_task_timeout'] is not None and module.params['wait_for_task_timeout'] >= 0:
+        minutes_until_timeout = module.params['wait_for_task_timeout']
+    max_num_iterations = minutes_until_timeout * 30
     current_iteration = 0
-    max_num_iterations = 300
 
     # As long as there is a task in progress
     while not task_complete and current_iteration < max_num_iterations:
diff --git a/plugins/modules/cp_mgmt_set_session.py b/plugins/modules/cp_mgmt_set_session.py
@@ -0,0 +1,122 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+                    'status': ['preview'],
+                    'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_session
+short_description: Edit user's current session.
+description:
+  - Edit user's current session.
+  - All operations are performed over Web Services API.
+version_added: "2.9"
+author: "Or Soffer (@chkp-orso)"
+options:
+  description:
+    description:
+      - Session description.
+    type: str
+  new_name:
+    description:
+      - New name of the object.
+    type: str
+  tags:
+    description:
+      - Collection of tag identifiers.
+    type: list
+  color:
+    description:
+      - Color of the object. Should be one of existing colors.
+    type: str
+    choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+             'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+             'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+  comments:
+    description:
+      - Comments string.
+    type: str
+  details_level:
+    description:
+      - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+        representation of the object.
+    type: str
+    choices: ['uid', 'standard', 'full']
+  ignore_warnings:
+    description:
+      - Apply changes ignoring warnings.
+    type: bool
+  ignore_errors:
+    description:
+      - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+    type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-session
+  cp_mgmt_set_session:
+    description: Session to work on ticket number CR00323665
+    state: present
+"""
+
+RETURN = """
+cp_mgmt_set_session:
+  description: The checkpoint set-session output.
+  returned: always.
+  type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+    argument_spec = dict(
+        description=dict(type='str'),
+        new_name=dict(type='str'),
+        tags=dict(type='list'),
+        color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+                                        'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+                                        'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+                                        'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+                                        'yellow']),
+        comments=dict(type='str'),
+        details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+        ignore_warnings=dict(type='bool'),
+        ignore_errors=dict(type='bool')
+    )
+    argument_spec.update(checkpoint_argument_spec_for_commands)
+
+    module = AnsibleModule(argument_spec=argument_spec)
+
+    command = "set-session"
+
+    result = api_command(module, command)
+    module.exit_json(**result)
+
+
+if __name__ == '__main__':
+    main()
diff --git a/plugins/modules/cp_mgmt_show_logs.py b/plugins/modules/cp_mgmt_show_logs.py
@@ -0,0 +1,148 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+                    'status': ['preview'],
+                    'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_logs
+short_description: Showing logs according to the given filter.
+description:
+  - Showing logs according to the given filter.
+  - All operations are performed over Web Services API.
+version_added: "2.9"
+author: "Or Soffer (@chkp-orso)"
+options:
+  new_query:
+    description:
+      - Running a new query.
+    type: dict
+    suboptions:
+      filter:
+        description:
+          - The filter as entered in SmartConsole/SmartView.
+        type: str
+      time_frame:
+        description:
+          - Specify the time frame to query logs.
+        type: str
+        choices: ['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday', 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']
+      custom_start:
+        description:
+          - This option is only applicable when using the custom time-frame option.
+        type: str
+      custom_end:
+        description:
+          - This option is only applicable when using the custom time-frame option.
+        type: str
+      max_logs_per_request:
+        description:
+          - Limit the number of logs to be retrieved.
+        type: int
+      top:
+        description:
+          - Top results configuration.
+        type: dict
+        suboptions:
+          field:
+            description:
+              - The field on which the top command is executed.
+            type: str
+            choices: ['sources', 'destinations', 'services', 'actions', 'blades' , 'origins', 'users', 'applications']
+          count:
+            description:
+              - The number of results to retrieve.
+            type: int
+      type:
+        description:
+          - Type of logs to return.
+        type: str
+        choices: ['logs', 'audit']
+      log_servers:
+        description:
+          - List of IP's of logs servers to query.
+        type: list
+  query_id:
+    description:
+      - Get the next page of last run query with specified limit.
+    type: str
+  ignore_warnings:
+    description:
+      - Ignore warnings if exist.
+    type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-logs
+  cp_mgmt_show_logs:
+    new_query:
+      filter: blade:"Threat Emulation"
+      max_logs_per_request: '2'
+      time_frame: today
+"""
+
+RETURN = """
+cp_mgmt_show_logs:
+  description: The checkpoint show-logs output.
+  returned: always.
+  type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+    argument_spec = dict(
+        new_query=dict(type='dict', options=dict(
+            filter=dict(type='str'),
+            time_frame=dict(type='str', choices=['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday',
+                                                 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']),
+            custom_start=dict(type='str'),
+            custom_end=dict(type='str'),
+            max_logs_per_request=dict(type='int'),
+            top=dict(type='dict', options=dict(
+                field=dict(type='str', choices=['sources', 'destinations', 'services', 'actions', 'blades', 'origins', 'users', 'applications']),
+                count=dict(type='int')
+            )),
+            type=dict(type='str', choices=['logs', 'audit']),
+            log_servers=dict(type='list')
+        )),
+        query_id=dict(type='str'),
+        ignore_warnings=dict(type='bool')
+    )
+    argument_spec.update(checkpoint_argument_spec_for_commands)
+
+    module = AnsibleModule(argument_spec=argument_spec)
+
+    command = "show-logs"
+
+    result = api_command(module, command)
+    module.exit_json(**result)
+
+
+if __name__ == '__main__':
+    main()
