(MODULES-10385) - Work expanded to cover remaining types

- panos_address_group - panos_net_policy - panos_security_policy_rule - panos_service_group - panos_service - panos_tag - panos_zone
puppetlabs · Mar 24, 2020 · c614554 · c614554
1 parent e084774
commit c614554
Show file tree

Hide file tree

Showing 14 changed files with 49 additions and 21 deletions.
diff --git a/lib/puppet/provider/panos_address_group/panos_address_group.rb b/lib/puppet/provider/panos_address_group/panos_address_group.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_address_group type using the Resource API.
-class Puppet::Provider::PanosAddressGroup::PanosAddressGroup < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosAddressGroup::PanosAddressGroup < Puppet::Provider::PanosVsysBase
   def validate_should(should)
     if should[:type] == 'static' && !should.key?(:static_members)
       raise Puppet::ResourceError, 'Static Address group must provide `static_members`'

diff --git a/lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb b/lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_NAT_policy type using the Resource API.
-class Puppet::Provider::PanosNatPolicy::PanosNatPolicy < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosNatPolicy::PanosNatPolicy < Puppet::Provider::PanosVsysBase
   def munge(entry)
     entry[:bi_directional] = string_to_bool(entry[:bi_directional]) unless entry[:bi_directional].nil?
     entry[:nat_type] = 'ipv4' if entry[:nat_type].nil?

diff --git a/lib/puppet/provider/panos_security_policy_rule/panos_security_policy_rule.rb b/lib/puppet/provider/panos_security_policy_rule/panos_security_policy_rule.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_security_policy_rule type using the Resource API.
-class Puppet::Provider::PanosSecurityPolicyRule::PanosSecurityPolicyRule < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosSecurityPolicyRule::PanosSecurityPolicyRule < Puppet::Provider::PanosVsysBase
   def munge(entry)
     none_attrs = [:profile_type, :qos_type]
 

diff --git a/lib/puppet/provider/panos_service/panos_service.rb b/lib/puppet/provider/panos_service/panos_service.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_service_type type using the Resource API.
-class Puppet::Provider::PanosService::PanosService < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosService::PanosService < Puppet::Provider::PanosVsysBase
   def xml_from_should(name, should)
     builder = Builder::XmlMarkup.new
     builder.entry('name' => name) do

diff --git a/lib/puppet/provider/panos_service_group/panos_service_group.rb b/lib/puppet/provider/panos_service_group/panos_service_group.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_service_group type using the Resource API.
-class Puppet::Provider::PanosServiceGroup::PanosServiceGroup < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosServiceGroup::PanosServiceGroup < Puppet::Provider::PanosVsysBase
   def xml_from_should(name, should)
     builder = Builder::XmlMarkup.new
     builder.entry('name' => name) do

diff --git a/lib/puppet/provider/panos_tag/panos_tag.rb b/lib/puppet/provider/panos_tag/panos_tag.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_tags type using the Resource API.
-class Puppet::Provider::PanosTag::PanosTag < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosTag::PanosTag < Puppet::Provider::PanosVsysBase
   def initialize
     super()
     @code_from_color = {

diff --git a/lib/puppet/provider/panos_zone/panos_zone.rb b/lib/puppet/provider/panos_zone/panos_zone.rb
@@ -1,7 +1,7 @@
-require_relative '../panos_provider'
+require_relative '../panos_vsys_base'
 
 # Implementation for the panos_tags type using the Resource API.
-class Puppet::Provider::PanosZone::PanosZone < Puppet::Provider::PanosProvider
+class Puppet::Provider::PanosZone::PanosZone < Puppet::Provider::PanosVsysBase
   def munge(entry)
     bool_attrs = [:enable_user_identification, :enable_packet_buffer_protection, :nsx_service_profile]
     bool_attrs.each do |attr|

diff --git a/lib/puppet/type/panos_address_group.rb b/lib/puppet/type/panos_address_group.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "address_groups" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/address-group',
+  base_xpath: 'address-group',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -19,6 +19,10 @@
       desc:    'Whether this resource should be present or absent on the target system.',
       default: 'present',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the address groups xpath.',
+    },
     description: {
       type:      'Optional[String]',
       desc:      'Provide a description of this address-group.',

diff --git a/lib/puppet/type/panos_nat_policy.rb b/lib/puppet/type/panos_nat_policy.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "NAT Policy Rule" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/rulebase/nat/rules',
+  base_xpath: 'rulebase/nat/rules',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -24,6 +24,10 @@
       desc:  'A description of the NAT Policy Rule',
       xpath: 'description/text()',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the policies xpath.',
+    },
     nat_type: {
       type:    'Enum["ipv4", "nat64", "nptv6"]',
       desc:    'The nat type of the policy',

diff --git a/lib/puppet/type/panos_security_policy_rule.rb b/lib/puppet/type/panos_security_policy_rule.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capilities to manage "Security Policy Rules" on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/rulebase/security/rules',
+  base_xpath: 'rulebase/security/rules',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -19,6 +19,10 @@
       desc:    'Whether this resource should be present or absent on the target system.',
       default: 'present',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the rules xpath.',
+    },
     rule_type: {
       type:    'Enum["universal", "interzone", "intrazone"]',
       desc:    <<DESC,

diff --git a/lib/puppet/type/panos_service.rb b/lib/puppet/type/panos_service.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "service" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/service',
+  base_xpath: 'service',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -24,6 +24,10 @@
       desc:  'Provide a description of this service.',
       xpath: 'description/text()',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the services xpath.',
+    },
     protocol: {
       type:    'Enum["tcp", "udp"]',
       desc:    'Specify the protocol used by the service',

diff --git a/lib/puppet/type/panos_service_group.rb b/lib/puppet/type/panos_service_group.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "Service Group" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/service-group',
+  base_xpath: 'service-group',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -19,6 +19,10 @@
       desc:    'Whether this resource should be present or absent on the target system.',
       default: 'present',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the service groups xpath.',
+    },
     services: {
       type:         'Array[String]',
       desc:         'An array of `panos_service`, or `panos_service_group` that form this group.',

diff --git a/lib/puppet/type/panos_tag.rb b/lib/puppet/type/panos_tag.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "tags" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/tag',
+  base_xpath: 'tag',
   features: ['remote_resource', 'canonicalize'],
   attributes: {
     name: {
@@ -19,6 +19,10 @@
       desc:    'Whether this resource should be present or absent on the target system.',
       default: 'present',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the tags xpath.',
+    },
     color: {
       type:  'Optional[String]',
       desc:  'The color of the tag',

diff --git a/lib/puppet/type/panos_zone.rb b/lib/puppet/type/panos_zone.rb
@@ -5,7 +5,7 @@
   docs: <<-EOS,
 This type provides Puppet with the capabilities to manage "zone" objects on Palo Alto devices.
 EOS
-  base_xpath: '/config/devices/entry/vsys/entry/zone',
+  base_xpath: 'zone',
   features: ['remote_resource'],
   attributes: {
     name: {
@@ -19,6 +19,10 @@
       desc:    'Whether this resource should be present or absent on the target system.',
       default: 'present',
     },
+    vsys: {
+      type:      'Optional[String]',
+      desc:      'The vsys of the zones xpath.',
+    },
     network: {
       type:    'Enum["tap", "virtual-wire", "layer2", "layer3", "tunnel"]',
       desc:    'The network type of this zone. An interface can belong to only one zone in one virtual system. Note: `tunnel` can only be set on PAN-OS version 8.1.0.',