v0.2.15 - support smc-python v0.5.3

deploy/__init__.py

@@ -1,6 +1,6 @@
 import logging
 
-__version__ = '0.2.14'
+__version__ = '0.2.15'
 
 try:  # Python 2.7+
     from logging import NullHandler

deploy/__main__.py

@@ -224,25 +224,27 @@ def task_runner(ngfw, queue=None, sleep=5, duration=48):
     """
     # Wait max of 4 minutes for initial contact 
     waiter = ngfw.get_waiter()
-    follower = None
+    policy_task = None # ProgressTask
     for _ in range(duration):
         ready = next(waiter)
         if ready:
             ngfw.bind_license()
-            follower = ready.upload_policy()
+            policy_task = ready.upload_policy()
             break
         time.sleep(sleep)
 
     # Follower link can be none if upload policy times out 
     result = []
-    if follower:
-        waiter = ngfw.policy_waiter(follower)
-        for _ in range(duration):
-            status = next(waiter)
-            if status is not None:
-                result = status
-                break
-            time.sleep(sleep)
+    if policy_task:
+        logger.info('Uploading policy for {}..'.format(ngfw.name))
+        start_time = time.time()
+        for status in policy_task.wait(timeout=sleep, max_intervals=duration):
+            logger.info('[{}]: policy progress -> {}%'.format(
+                ngfw.name, status))
+        logger.info('Upload policy task completed for {} in {} seconds'.format(
+            ngfw.name, time.time() - start_time))
+        if not policy_task.success:
+            result = [policy_task.last_message]
     else:
         result = ['Timed out waiting for initial contact, manual intervention required']
     if queue:
@@ -258,8 +260,8 @@ def generate_report(results):
         if not errors:
             logger.info('Finished running stonesoft deploy for: {}'.format(name))
         else:
-            logger.error('Exception occurred deploying: {}, reason: {}'
-                         .format(name, errors[0]))
+            logger.error('Exception occurred deploying: {}, reason: {}'.format(
+                name, errors[0]))
 
 def deploy(vpc, ngfw, awscfg):
     """

deploy/ngfw.py

@@ -11,8 +11,7 @@
 from smc.core.engines import Layer3Firewall
 from smc.api.exceptions import TaskRunFailed, LicenseError, MissingRequiredInput,\
     DeleteElementFailed, CreatePolicyFailed
-from smc.administration.tasks import Task
-from smc.actions.search import element_by_href_as_json, element_name_by_href
+from smc.actions.search import element_name_by_href
 from smc.policy.layer3 import FirewallPolicy
 from smc.core.contact_address import ContactAddress
 from smc.elements.servers import ManagementServer, LogServer
@@ -119,10 +118,10 @@ def upload_policy(self):
         has succeeded so it's not queued. Monitor the upload process from 
         the SMC Administration->Tasks menu
         
-        :return: `smc.actions.tasks.Task` follower link
+        :return: ProgressTask
         """
         try:
-            return next(self.engine.upload('{}'.format(self.firewall_policy)))
+            return self.engine.upload('{}'.format(self.firewall_policy))
         except TaskRunFailed as e:
             logger.error(e)
 
@@ -206,12 +205,10 @@ def add_location(self, location_name):
         """
         if self.nat_address: #SMC behind NAT
             # Add to management server
-            mgt = list(ManagementServer.objects.filter('Management*'))  # @UndefinedVariable
-            for server in mgt:
-                server.add_contact_address(self.nat_address, location_name)
-            log = list(LogServer.objects.filter('Log*'))  # @UndefinedVariable
-            for server in log:
-                server.add_contact_address(self.nat_address, location_name)
+            mgt = ManagementServer.objects.first()
+            mgt.add_contact_address(self.nat_address, location_name)
+            log = LogServer.objects.first()
+            log.add_contact_address(self.nat_address, location_name)
             return location_helper(location_name)
 
     def add_contact_address(self, elastic_ip):
@@ -270,26 +267,7 @@ def get_waiter(self, status='Configured'):
                 yield self
             yield None
 
-    def policy_waiter(self, follower):
-        """
-        Wait for policy upload
-        """
-        logger.info('Uploading policy for {}..'.format(self.engine.name))
-        start_time = time.time()
-        while True:
-            reply = Task(**element_by_href_as_json(follower))
-            if reply.progress:
-                logger.info('[{}]: policy progress -> {}%'.format(self.engine.name, 
-                                                                  reply.progress))
-            if not reply.in_progress:
-                logger.info('Upload policy task completed for {} in {} seconds'
-                            .format(self.engine.name, time.time() - start_time))
-                if not reply.success:
-                    yield [reply.last_message]
-                else:
-                    yield []
-            yield None
-
+
 def del_fw_from_smc(instance_ids):
     """
     FW name is 'instance_id (availability zone). To do proper cleanup,
@@ -298,13 +276,12 @@ def del_fw_from_smc(instance_ids):
     :param list instance_ids: string of instance ids
     :return: None
     """
-    firewalls = list(Search('single_fw').objects.all())
+    firewalls = list(Layer3Firewall.objects.all())
     for instance in instance_ids:
         for fw in firewalls:
             if fw.name.startswith(instance):
                 # Remove Locations from mgmt / log server
-                location_ref = fw.attr_by_name('location_ref')
-                location_name = element_name_by_href(location_ref)
+                location_name = element_name_by_href(fw.location_ref)
                 mgt = list(ManagementServer.objects.filter('Management*'))  # @UndefinedVariable
                 for server in mgt:
                     server.remove_contact_address(location_name)
@@ -326,11 +303,12 @@ def del_fw_from_smc(instance_ids):
                 else:
                     logger.info("Successfully removed NGFW.")
 
+
 def del_from_smc_vpn_policy(name):
     # Temporary solution - SMC API (6.1.1) does not expose the associated
     # VPN policies on the engine so we need to iterate each VPN policy and
     # look for our engine
-    for policyvpn in list(Search('vpn').objects.all()):
+    for policyvpn in list(VPNPolicy.objects.all()):
         policyvpn.open()
         for gw in policyvpn.central_gateway_node.all():
             if gw.name.startswith(name):
@@ -352,14 +330,14 @@ def obtain_vpnpolicy(vpn_policy=None):
     
     :return: list available VPN Policies
     """
-    policy = [vpn.name for vpn in list(Search('vpn').objects.all())]
+    policy = [vpn.name for vpn in list(VPNPolicy.objects.all())]
     if vpn_policy is None:
         return policy
     else:
         if not vpn_policy in policy:
-            raise MissingRequiredInput('VPN policy not found, name provided: '
-                                        '{}. Available policies: {}'
-                                        .format(vpn_policy, policy))
+            raise MissingRequiredInput(
+                'VPN policy not found, name provided: {}. Available policies: {}'
+                .format(vpn_policy, policy))
 
 def obtain_fwpolicy(firewall_policy=None):
     """
@@ -374,9 +352,9 @@ def obtain_fwpolicy(firewall_policy=None):
         return policy
     else:
         if not firewall_policy in policy:
-            raise MissingRequiredInput('Firewall policy not found, name provided: '
-                                       '{}. Available policies: {}'
-                                       .format(firewall_policy, policy))
+            raise MissingRequiredInput(
+                'Firewall policy not found, name provided: {}. Available policies: {}'
+                .format(firewall_policy, policy))
 
 def validate(firewall_policy=None, vpn=None, antivirus=None, 
              gti=None, dns=None, **kwargs):

setup.py

@@ -5,7 +5,7 @@ def readme():
         return f.read()
 
 setup(name='stonesoft-aws',
-      version='0.2.14',
+      version='0.2.15',
       description='Stonesoft NGFW deployer for AWS',
       url='http://github.com/gabstopper/stonesoft-aws',
       author='David LePage',