Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add per-admin parameter to Panorama push #366

Merged
merged 4 commits into from
Jan 17, 2023
Merged

Add per-admin parameter to Panorama push #366

merged 4 commits into from
Jan 17, 2023

Conversation

jamesholland-uk
Copy link
Member

Description

Adding support for the PAN-OS 10.2 feature of Administrator-Level Push from Panorama to Managed Devices

Depends upon supporting change in pan-os-python.

Motivation and Context

Motivation is adding support for a new PAN-OS feature, and also to support adding this feature in pan-os-ansible (ref - will close this issue)

How Has This Been Tested?

Tested locally, with Panorama 11.0.0 and managed firewall 10.2.3

  tasks:
    - name: Commit and Push template configuration
      panos_commit_push:
        provider: "{{ device }}"
        style: "device group"
        name: "poc-dg"
        admins:
          - "other"
        include_template: no
        force_template_values: no
      register: results
    - debug:
        msg: "Job ID: {{ results.jobid }} finished"

Screenshots (if appropriate)

Screenshot 2022-12-22 at 13 44 56

Types of changes

  • New feature (non-breaking change which adds functionality)

Checklist

  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes if appropriate.
  • All new and existing tests passed.

@jamesholland-uk jamesholland-uk added the enhancement New feature or request label Dec 22, 2022
@jamesholland-uk jamesholland-uk added the pan-os-python Needs support in upstream pan-os-python library label Dec 22, 2022
shinmog
shinmog requested changes Jan 11, 2023
View reviewed changes
Copy link
Collaborator

@shinmog shinmog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change requires a certain minimum version of PAN-OS, which is present in the docstring, so that's good.

However, it also requires a certain minimum version of pan-os-python, which is not reflected in the code right now. You can configure this as min_pandevice_version. However, you can't actually do that until you know which version of pan-os-python is going to contain the change for admin specific push. So pan-os-python needs to release that first, then this code can reflect that.

@jamesholland-uk
Copy link
Member Author

Thanks @shinmog, that all makes sense. The change in pan-os-python is merged and awaiting release. It didn't pass all the tests, but that was the issue in CI with the version of the poetry action (and also poetry itself got a version upgrade), and that change is also merged. So do we 1) push the pan-os-python CI change from develop to master, 2) rerun the CI tests on my PR in pan-os-python, 3) push the changes from the PR from develop to master, 4) get the pan-os-python version and put it into this PR per your note, 5) release pan-os-ansible? Phew!

@jamesholland-uk
Copy link
Member Author

jamesholland-uk commented Jan 13, 2023
edited
Loading

  1. push the pan-os-python CI change from develop to master - done
  2. rerun the CI tests on my PR in pan-os-python - done
  3. push the changes from the PR from develop to master - done
  4. get the pan-os-python version and put it into this PR per your note - done
  5. release pan-os-ansible...........

Let me know if there are any other modifications needed for us to go live with this PR @shinmog?

shinmog
shinmog approved these changes Jan 16, 2023
View reviewed changes
Copy link
Collaborator

@shinmog shinmog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@jamesholland-uk jamesholland-uk merged commit 09d661e into develop Jan 17, 2023
@jamesholland-uk jamesholland-uk deleted the add-admins-arg-to-panorama-push branch January 17, 2023 10:06
github-actions bot pushed a commit that referenced this pull request Jan 17, 2023
@semantic-release-bot
chore(release): 2.13.0
37f9f1b 
## [2.13.0](v2.12.2...v2.13.0) (2023-01-17)

### Features

* Add per-admin parameter to Panorama push ([#366](#366)) ([09d661e](09d661e)), closes [#361](#361)

### Bug Fixes

* **panos_software:** Refresh device version before getting version ([#363](#363)) ([cce2509](cce2509))
@github-actions
Copy link

🎉 This PR is included in version 2.13.0 🎉

The release is available on Ansible Galaxy and GitHub release

Posted by semantic-release bot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shinmog shinmog shinmog approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request pan-os-python Needs support in upstream pan-os-python library released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jamesholland-uk @shinmog