Baselined from internal Repository

last_commit:9decb0a854c200e22696749b77b73c42d3b75a97

.github/workflows/docker-publish.yml

@@ -0,0 +1,53 @@
+name: Docker Build & Publish
+
+on:
+  push:
+    branches:
+      - main
+      - master
+    tags:
+      - '*'
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+
+jobs:
+  push:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
+
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

CODE_OF_CONDUCT.md

@@ -0,0 +1,45 @@
+# Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as maintainers of this Cisco Sample Code pledge to making participation with our project a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Showing empathy towards other people
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other interactions with this project that are not aligned to this Code of Conduct, or to ban temporarily or permanently any person for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project. Examples of representing a project include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the Cisco SE GitHub team at [email protected]. The team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project or Cisco SE Leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -0,0 +1,11 @@
+# Cisco Sample Code
+
+This project, and the code contained herein, is provided for example and/or demonstration purposes by Cisco for use by our partners and customers in working with Cisco's products and services. While Cisco's customers and partners are free to use this code pursuant to the terms set forth in the [LICENSE][LICENSE], this is not an Open Source project as we are not seeking to build a community around this project and its capabilities.
+
+
+We do desire to provide functional and high-quality examples and demonstrations.  If you should discover some bug, issue, or opportunity for enhancement with the code contained in this project, please do notify us by:
+
+1. **Reviewing Open Issues** to verify that the issue hasn't already been reported.
+2. **Opening a New Issue** to report the bug, issue, or enhancement opportunity.
+
+[LICENSE]: ../LICENSE

Dockerfile

@@ -0,0 +1,7 @@
+FROM python:3.9-slim-buster
+WORKDIR /app
+COPY ./requirements.txt /app
+RUN pip install -r requirements.txt
+COPY . .
+EXPOSE 5000
+CMD ["python", "./<app-name>.py"]

LICENSE.md

@@ -0,0 +1,81 @@
+CISCO SAMPLE CODE LICENSE
+                                  Version 1.1
+                Copyright (c) 2022 Cisco and/or its affiliates
+
+   These terms govern this Cisco Systems, Inc. ("Cisco"), example or demo
+   source code and its associated documentation (together, the "Sample
+   Code"). By downloading, copying, modifying, compiling, or redistributing
+   the Sample Code, you accept and agree to be bound by the following terms
+   and conditions (the "License"). If you are accepting the License on
+   behalf of an entity, you represent that you have the authority to do so
+   (either you or the entity, "you"). Sample Code is not supported by Cisco
+   TAC and is not tested for quality or performance. This is your only
+   license to the Sample Code and all rights not expressly granted are
+   reserved.
+
+   1. LICENSE GRANT: Subject to the terms and conditions of this License,
+      Cisco hereby grants to you a perpetual, worldwide, non-exclusive, non-
+      transferable, non-sublicensable, royalty-free license to copy and
+      modify the Sample Code in source code form, and compile and
+      redistribute the Sample Code in binary/object code or other executable
+      forms, in whole or in part, solely for use with Cisco products and
+      services. For interpreted languages like Java and Python, the
+      executable form of the software may include source code and
+      compilation is not required.
+
+   2. CONDITIONS: You shall not use the Sample Code independent of, or to
+      replicate or compete with, a Cisco product or service. Cisco products
+      and services are licensed under their own separate terms and you shall
+      not use the Sample Code in any way that violates or is inconsistent
+      with those terms (for more information, please visit:
+      www.cisco.com/go/terms).
+
+   3. OWNERSHIP: Cisco retains sole and exclusive ownership of the Sample
+      Code, including all intellectual property rights therein, except with
+      respect to any third-party material that may be used in or by the
+      Sample Code. Any such third-party material is licensed under its own
+      separate terms (such as an open source license) and all use must be in
+      full accordance with the applicable license. This License does not
+      grant you permission to use any trade names, trademarks, service
+      marks, or product names of Cisco. If you provide any feedback to Cisco
+      regarding the Sample Code, you agree that Cisco, its partners, and its
+      customers shall be free to use and incorporate such feedback into the
+      Sample Code, and Cisco products and services, for any purpose, and
+      without restriction, payment, or additional consideration of any kind.
+      If you initiate or participate in any litigation against Cisco, its
+      partners, or its customers (including cross-claims and counter-claims)
+      alleging that the Sample Code and/or its use infringe any patent,
+      copyright, or other intellectual property right, then all rights
+      granted to you under this License shall terminate immediately without
+      notice.
+
+   4. LIMITATION OF LIABILITY: CISCO SHALL HAVE NO LIABILITY IN CONNECTION
+      WITH OR RELATING TO THIS LICENSE OR USE OF THE SAMPLE CODE, FOR
+      DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO DIRECT, INCIDENTAL,
+      AND CONSEQUENTIAL DAMAGES, OR FOR ANY LOSS OF USE, DATA, INFORMATION,
+      PROFITS, BUSINESS, OR GOODWILL, HOWEVER CAUSED, EVEN IF ADVISED OF THE
+      POSSIBILITY OF SUCH DAMAGES.
+
+   5. DISCLAIMER OF WARRANTY: SAMPLE CODE IS INTENDED FOR EXAMPLE PURPOSES
+      ONLY AND IS PROVIDED BY CISCO "AS IS" WITH ALL FAULTS AND WITHOUT
+      WARRANTY OR SUPPORT OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY
+      LAW, ALL EXPRESS AND IMPLIED CONDITIONS, REPRESENTATIONS, AND
+      WARRANTIES INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OR
+      CONDITION OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-
+      INFRINGEMENT, SATISFACTORY QUALITY, NON-INTERFERENCE, AND ACCURACY,
+      ARE HEREBY EXCLUDED AND EXPRESSLY DISCLAIMED BY CISCO. CISCO DOES NOT
+      WARRANT THAT THE SAMPLE CODE IS SUITABLE FOR PRODUCTION OR COMMERCIAL
+      USE, WILL OPERATE PROPERLY, IS ACCURATE OR COMPLETE, OR IS WITHOUT
+      ERROR OR DEFECT.
+
+   6. GENERAL: This License shall be governed by and interpreted in
+      accordance with the laws of the State of California, excluding its
+      conflict of laws provisions. You agree to comply with all applicable
+      United States export laws, rules, and regulations. If any provision of
+      this License is judged illegal, invalid, or otherwise unenforceable,
+      that provision shall be severed and the rest of the License shall
+      remain in full force and effect. No failure by Cisco to enforce any of
+      its rights related to the Sample Code or to a breach of this License
+      in a particular situation will act as a waiver of such rights. In the
+      event of any inconsistencies with any other terms, this License shall
+      take precedence.

README.md

@@ -0,0 +1,86 @@
+# GVE DevNet SDWAN Ansible Attach Device Template
+This prototype leverages Ansible to attach device templates. The device information is derived from the database and formatted using Python. 
+![/IMAGES/worflow.png](/IMAGES/workflow.png)
+
+## Contacts
+* Roaa AlKhalaf
+
+## Solution Components
+* Catalyst SDWAN
+* Python
+* Ansible
+* SQLite DB
+* vManage REST APIs
+
+
+
+## Prerequisites
+**Catalyst SD-WAN Credentials**: vManage REST API access control is based on sessions. All users will be able to get a session after successfully logging in. In order to use the Catalyst SD-WAN APIs, you need to make note of the vManage server IP address, username, and password of your instance of Catalyst SD-WAN. These credentials will be used to generate a session token and a CSRF prevention token if needed for POST operations. Note these values to add to the credentials file during the installation phase.
+
+> For more information about Catalyst SD-WAN API authentication, read the [documentation](https://developer.cisco.com/docs/sdwan/#!authentication/how-to-authenticate)
+
+## Installation/Configuration
+1. Clone this repository with `git clone [repository name]`. To find the repository name, click the green `Code` button above the repository files. Then, the dropdown menu will show the https domain name. Click the copy button to the right of the domain name to get the value to replace [repository name] placeholder.
+2. Add the required credentials and paths to the `.env` file:
+```
+VMA_HOST=vManage IP
+VMA_USER=vManage username
+VMA_PASSWORD=vManage password
+MAPPINGS_PATH= path to the xlsx file that maps the DB values to the CSV values
+PLAYBOOK_PATH=./code/playbooks/test.yml
+DB_PATH=DB path
+```
+3. Set up a Python virtual environment. Make sure Python 3 is installed in your environment, and if not, you may download Python [here](https://www.python.org/downloads/). Once Python 3 is installed in your environment, you can activate the virtual environment with the instructions found [here](https://docs.python.org/3/tutorial/venv.html).
+4. Install the requirements with `pip3 install -r requirements.txt`
+
+## Usage
+
+# Python Scripts
+There are 3 Python scripts in this repository: 
+1. `create_mappings` script that reads the excel file that maps template to CSV. 
+2. `get_devices` script that leverages the vManage REST APIs to retrieve the devices IDs to be used when attaching the device template. 
+3. `main` script that handles the DB connection and retrieve the information for each device and attach and add it to the Ansible playbook. 
+
+> Make sure to update the `map_templates_to_devices` dictionary. This is needed to determine the correct attachment of template to each device. 
+
+To run the code, use the following command, note that the `test.yml` will be populated with devices information upon the successful execution of this main script:
+```
+$ python3 main.py
+```
+# Ansible 
+1. Navigate to the `code` folder. 
+2. Update the `inventory.yml` file:
+```
+all:
+  hosts:
+    vManage:
+      ansible_host: vManage IP
+      ansible_port: 443
+      username: vManage username
+      password: vManage password
+```
+3. Run the Ansible playbook with the following command:
+```
+$ ansible-playbook ./playbooks/test.yml
+```
+
+#
+# Screenshots
+
+![/IMAGES/0image.png](/IMAGES/0image.png)
+
+### LICENSE
+
+Provided under Cisco Sample Code License, for details see [LICENSE](LICENSE.md)
+
+### CODE_OF_CONDUCT
+
+Our code of conduct is available [here](CODE_OF_CONDUCT.md)
+
+### CONTRIBUTING
+
+See our contributing guidelines [here](CONTRIBUTING.md)
+
+#### DISCLAIMER:
+<b>Please note:</b> This script is meant for demo purposes only. All tools/ scripts in this repo are released for use "AS IS" without any warranties of any kind, including, but not limited to their installation, use, or performance. Any use of these scripts and tools is at your own risk. There is no guarantee that they have been through thorough testing in a comparable environment and we are not responsible for any damage or data loss incurred with their use.
+You are responsible for reviewing and testing any scripts you run thoroughly before use in any non-testing environment.

code/ansible.cfg

@@ -0,0 +1,3 @@
+[defaults]
+roles_path = ./roles
+inventory = inventory.yml

code/inventory.yml

@@ -0,0 +1,7 @@
+all:
+  hosts:
+    vManage:
+      ansible_host: 
+      ansible_port: 443
+      username: 
+      password: 

code/playbooks/test.yml

@@ -0,0 +1,7 @@
+- connection: local
+  gather_facts: false
+  hosts: all
+  name: Cisco DevNet SDWAN Ansible PoV
+  roles:
+  - role: login
+  - role: token

code/roles/attach_device_template/tasks/attach_template.yml

@@ -0,0 +1,16 @@
+- name: attach device template
+  uri:
+    url: https://{{ansible_host}}:{{ansible_port}}/dataservice/template/device/config/attachfeature
+    method: POST
+    return_content: yes
+    validate_certs: no
+    body: "{{lookup('file', '{{ role_path }}/files/attach_template')}}"
+    body_format: json
+    headers:
+      X-XSRF-TOKEN: "{{token_result.content}}"
+      Cookie: "{{login.set_cookie}}"
+      Content-Type: "application/json"
+  register: result
+
+-  debug:
+    msg: "{{result}}"

code/roles/attach_device_template/tasks/get_device_template_db.yml

@@ -0,0 +1,13 @@
+- uri:
+    url: https://{{ansible_host}}:{{ansible_port}}/dataservice/template/device
+    method: GET
+    validate_certs: no
+    headers:
+      Cookie: "{{login.set_cookie}}"
+      Content-Type: "application/json"
+  register: device_template_list
+
+- set_fact:
+    device_template_db: "{{ device_template_db|default({}) | combine( {item.templateName: item.templateId} ) }}"
+  no_log: True
+  with_items: "{{ device_template_list.json.data }}"

code/roles/attach_device_template/tasks/main.yml

@@ -0,0 +1,7 @@
+- import_tasks: get_device_template_db.yml
+
+- import_tasks: render_attach_template.yml
+
+- import_tasks: attach_template.yml
+
+- import_tasks: wait_until_completed.yml

code/roles/attach_device_template/tasks/render_attach_template.yml

@@ -0,0 +1,14 @@
+- name: Clean rendered templates
+  file:
+    path: "{{item}}"
+    state: absent
+    force: true
+  run_once: True
+  with_fileglob:
+    - "{{role_path}}/files/*"
+
+- name: generate template
+  connection: local
+  template:
+    src: ATTACH_VEDGE.j2
+    dest: "{{ role_path }}/files/attach_template"

code/roles/attach_device_template/tasks/wait_until_completed.yml

@@ -0,0 +1,19 @@
+- debug:
+    msg: "{{result.json.id}}"
+
+- uri:
+    url: https://{{ansible_host}}:{{ansible_port}}/dataservice/device/action/status/{{result.json.id}}
+    method: GET
+    return_content: yes
+    validate_certs: no
+    headers:
+      Cookie: "{{login.set_cookie}}"
+      Content-Type: "application/json"
+  register: state
+  until: "state.json.data[0].status != 'In progress'"
+  retries: 10
+  delay: 10
+
+- debug:
+    msg: "{{state.json}}"
+