From 123cdbe669c3e13cc3d603aef723580bcc5fc60c Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Thu, 7 Jul 2022 19:39:03 +0200 Subject: [PATCH 1/8] added nolint:dupl --- boxen/platforms/ipinfusion_ocnos.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxen/platforms/ipinfusion_ocnos.go b/boxen/platforms/ipinfusion_ocnos.go index a0e2c83..8c05013 100644 --- a/boxen/platforms/ipinfusion_ocnos.go +++ b/boxen/platforms/ipinfusion_ocnos.go @@ -26,7 +26,7 @@ func (p *IPInfusionOcNOS) Package( return nil, nil, err } -func (p *IPInfusionOcNOS) Install(opts ...instance.Option) error { +func (p *IPInfusionOcNOS) Install(opts ...instance.Option) error { // nolint:dupl p.Loggers.Base.Info("install requested") a, opts, err := setInstallArgs(opts...) From 4ca9f2b2f9e1c5c884d7c88221c552f7a78fffbb Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Thu, 7 Jul 2022 19:39:32 +0200 Subject: [PATCH 2/8] added initial checkpoint cloudguard integration --- README.md | 4 +- boxen/assets/assets.go | 7 + .../configs/checkpoint_cloudguard.template | 4 + .../profiles/checkpoint_cloudguard.yaml | 31 +++ .../checkpoint_cloudguard.yaml | 26 +++ boxen/instance/qemulaunchcmd.go | 11 + boxen/platforms/checkpoint_cloudguard.go | 221 ++++++++++++++++++ boxen/platforms/console.go | 4 +- boxen/platforms/constants.go | 31 +-- boxen/platforms/factory.go | 32 +++ boxen/platforms/timeouts.go | 2 + go.mod | 2 +- go.sum | 20 +- 13 files changed, 361 insertions(+), 34 deletions(-) create mode 100644 boxen/assets/assets.go create mode 100644 boxen/assets/configs/checkpoint_cloudguard.template create mode 100644 boxen/assets/profiles/checkpoint_cloudguard.yaml create mode 100644 boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml create mode 100644 boxen/platforms/checkpoint_cloudguard.go diff --git a/README.md b/README.md index a87a3b4..5408289 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ --- -boxen -- put your network operating systems in a box (or if you speak 🇩🇪, fight them! 🤣)! +boxen -- put your network operating systems in a box (or if you speak 🇩🇪, fight them! 🤣)! boxen is a cli tool written in Go that allows you to package your network operating systems neatly into little... boxes (container images) so they are easily portable, and, most importantly, so you @@ -39,6 +39,8 @@ Please note that this is a work in progress... especially the documentation! - vSRX (tested with 17.3R2.10) - Palo Alto - PA-VM (tested with 10.0.6) +- Checkpoint + - Cloudguard (tested with R81.10) Additional platforms can of course be added! diff --git a/boxen/assets/assets.go b/boxen/assets/assets.go new file mode 100644 index 0000000..7058ef9 --- /dev/null +++ b/boxen/assets/assets.go @@ -0,0 +1,7 @@ +package assets + +import "embed" + +//go:embed scrapli_platforms/* +// ScrapliPlatformsAssets is the embed FS for the included scrapli platform definition yaml files. +var ScrapliPlatformsAssets embed.FS diff --git a/boxen/assets/configs/checkpoint_cloudguard.template b/boxen/assets/configs/checkpoint_cloudguard.template new file mode 100644 index 0000000..c2d4378 --- /dev/null +++ b/boxen/assets/configs/checkpoint_cloudguard.template @@ -0,0 +1,4 @@ +lock database override +set interface eth0 ipv4-address 10.0.0.15 subnet-mask 255.255.255.0 +set interface eth0 state on +unlock database \ No newline at end of file diff --git a/boxen/assets/profiles/checkpoint_cloudguard.yaml b/boxen/assets/profiles/checkpoint_cloudguard.yaml new file mode 100644 index 0000000..eb75dca --- /dev/null +++ b/boxen/assets/profiles/checkpoint_cloudguard.yaml @@ -0,0 +1,31 @@ +--- +hardware: + memory: 8192 + acceleration: + - kvm + serial_port_count: 1 + nic_type: virtio-net-pci + nic_count: 8 + nic_per_bus: 26 +advanced: + cpu: + emulation: host + cores: 4 +tcp_nat_ports: + - 22 + - 23 + - 257 + - 443 + - 830 + - 4434 + - 8211 + - 18190 + - 18191 + - 18192 + - 18210 + - 18211 + - 18221 + - 18264 + - 19009 +udp_nat_ports: + - 161 diff --git a/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml b/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml new file mode 100644 index 0000000..9a24eff --- /dev/null +++ b/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml @@ -0,0 +1,26 @@ +--- +default: + driver-type: "network" + privilege-levels: + configuration: + name: "configuration" + pattern: '(?im)^[\w.\-@/:]{1,63}>\s*$' + previous-priv: "" + deescalate: "" + escalate: "" + escalate-auth: false + escalate-prompt: + default-desired-privilege-level: "configuration" + # failed-when-contains: + # - "% Ambiguous command" + # - "% Incomplete command" + # - "% Invalid input detected" + # - "% Unknown command" + textfsm-platform: "" # ignored in go because no ntc-templates + network-on-open: + - operation: "acquire-priv" # targets default desired priv by default + network-on-close: + - operation: "acquire-priv" + - operation: "channel.write" + input: "exit" + - operation: "channel.return" diff --git a/boxen/instance/qemulaunchcmd.go b/boxen/instance/qemulaunchcmd.go index 9efc1f0..96a3458 100644 --- a/boxen/instance/qemulaunchcmd.go +++ b/boxen/instance/qemulaunchcmd.go @@ -136,6 +136,17 @@ func (i *Qemu) launchCmdCPU() []string { }...) } + // when only cores are specified, the `-smp %s` gets appended + if c.Cores != 0 && c.Threads == 0 && c.Sockets == 0 { + if len(cpuCmd) == 0 { + cpuCmd = append(cpuCmd, []string{"-cpu", "max"}...) + } + + cpuCmd = append( + cpuCmd, + []string{"-smp", fmt.Sprint(c.Cores)}...) + } + return cpuCmd } diff --git a/boxen/platforms/checkpoint_cloudguard.go b/boxen/platforms/checkpoint_cloudguard.go new file mode 100644 index 0000000..8bb0dae --- /dev/null +++ b/boxen/platforms/checkpoint_cloudguard.go @@ -0,0 +1,221 @@ +package platforms + +import ( + _ "embed" // embed FS + "fmt" + "time" + + sopoptions "github.com/scrapli/scrapligo/driver/opoptions" + + "github.com/carlmontanari/boxen/boxen/instance" +) + +const ( + CheckpointCloudguardDefaultUser = "admin" + CheckpointCloudguardDefaultPass = "admin" + + CheckpointCloudguardDefaultScrapliPlatformDefinitionFile = "checkpoint_cloudguard.yaml" + + checkpointCloudGuardDefaultBootTime = 720 +) + +type CheckpointCloudguard struct { + *instance.Qemu + *ScrapliConsole +} + +func (p *CheckpointCloudguard) Package( + _, _ string, +) (packageFiles, runFiles []string, err error) { + return nil, nil, err +} + +func (p *CheckpointCloudguard) Install(opts ...instance.Option) error { // nolint:dupl + p.Loggers.Base.Info("install requested") + + a, opts, err := setInstallArgs(opts...) + if err != nil { + return err + } + + c := make(chan error, 1) + stop := make(chan bool, 1) + + go func() { //nolint:dupl + err = p.Qemu.Start(opts...) + if err != nil { + c <- err + } + + p.Loggers.Base.Debug("instance started, waiting for start ready state") + + err = p.startReady() + if err != nil { + p.Loggers.Base.Criticalf("error waiting for start ready state: %s\n", err) + + c <- err + } + + p.Loggers.Base.Debug("start ready state acquired, logging in") + + err = p.login( + &loginArgs{ + username: CheckpointCloudguardDefaultUser, + password: CheckpointCloudguardDefaultPass, + }, + ) + if err != nil { + c <- err + } + + p.Loggers.Base.Debug("log in complete") + + if a.configLines != nil { + p.Loggers.Base.Debug("install config lines provided, executing scrapligo on open") + + err = p.defOnOpen(p.c) + if err != nil { + p.Loggers.Base.Criticalf("error running scrapligo on open: %s\n", err) + + c <- err + } + + err = p.Config(a.configLines) + if err != nil { + p.Loggers.Base.Criticalf("error sending install config lines: %s\n", err) + + c <- err + } + } + + p.Loggers.Base.Debug("initial installation complete") + + err = p.SaveConfig() + if err != nil { + p.Loggers.Base.Criticalf("error saving config: %s\n", err) + + c <- err + } + + // small delay ensuring config is saved nicely, without this extra sleep things just seem to + // not actually "save" despite the "save complete" or whatever output. + time.Sleep(5 * time.Second) // nolint:gomnd + + c <- nil + stop <- true + }() + + go p.WatchMainProc(c, stop) + + err = <-c + if err != nil { + return err + } + + p.Loggers.Base.Info("install complete, stopping instance") + + return p.Stop(opts...) +} + +func (p *CheckpointCloudguard) Start(opts ...instance.Option) error { + p.Loggers.Base.Info("start platform instance requested") + + a, opts, err := setStartArgs(opts...) + if err != nil { + return err + } + + err = p.Qemu.Start(opts...) + if err != nil { + return err + } + + err = p.startReady() + if err != nil { + p.Loggers.Base.Criticalf("error waiting for start ready state: %s\n", err) + + return err + } + + if !a.prepareConsole { + p.Loggers.Base.Info("prepare console not requested, starting instance complete") + + return nil + } + + err = p.login( + &loginArgs{ + username: CheckpointCloudguardDefaultUser, + password: CheckpointCloudguardDefaultPass, + }, + ) + if err != nil { + return err + } + + err = p.defOnOpen(p.c) + if err != nil { + return err + } + + p.Loggers.Base.Info("starting platform instance complete") + + return nil +} + +func (p *CheckpointCloudguard) startReady() error { + // openRetry doesn't do auth and doesn't call onOpen as it is set to nil somewhere before this + err := p.openRetry() + if err != nil { + return err + } + + err = p.readUntil( + []byte("This system is for authorized use only"), + getPlatformBootTimeout(PlatformTypeCheckpointCloudguard), + ) + + return err +} + +func (p *CheckpointCloudguard) SaveConfig() error { + p.Loggers.Base.Info("save config requested") + + _, err := p.c.SendCommand( + "save config", + sopoptions.WithTimeoutOps( + time.Duration(getPlatformSaveTimeout(PlatformTypeCheckpointCloudguard))*time.Second, + ), + ) + + return err +} + +func (p *CheckpointCloudguard) SetUserPass(usr, pwd string) error { + if usr == CheckpointCloudguardDefaultPass && pwd == CheckpointCloudguardDefaultPass { + p.Loggers.Base.Info("skipping user creation, since credentials match defaults for platform") + return nil + } + + p.Loggers.Base.Infof("set user/password for user '%s' requested", usr) + + return p.Config([]string{ + fmt.Sprintf( + "add user %s uid 0 homedir /home/%s", + usr, + usr), + fmt.Sprintf( + "add rba user %s roles adminRole", + usr), + fmt.Sprintf( + "set user %s newpass %s", + usr, + pwd), + }) +} + +func (p *CheckpointCloudguard) SetHostname(h string) error { + p.Loggers.Base.Infof("set hostname '%s' requested", h) + + return p.Config([]string{fmt.Sprintf("set hostname %s", h)}) +} diff --git a/boxen/platforms/console.go b/boxen/platforms/console.go index b855a2b..4b55622 100644 --- a/boxen/platforms/console.go +++ b/boxen/platforms/console.go @@ -38,7 +38,7 @@ type ScrapliConsole struct { } func NewScrapliConsole( - scrapliPlatform string, + scrapliPlatform interface{}, port int, usr, pwd string, l *instance.Loggers, @@ -82,7 +82,7 @@ func NewScrapliConsole( } con := &ScrapliConsole{ - pT: scrapliPlatform, + pT: "bandaid", c: c, defOnOpen: c.OnOpen, logger: l.Base, diff --git a/boxen/platforms/constants.go b/boxen/platforms/constants.go index b30df36..b8c920c 100644 --- a/boxen/platforms/constants.go +++ b/boxen/platforms/constants.go @@ -6,22 +6,25 @@ const ( VendorJuniper = "juniper" VendorPaloAlto = "paloalto" VendorIPInfusion = "ipinfusion" + VendorCheckpoint = "checkpoint" - PlatformAristaVeos = "veos" - PlatformCiscoCsr1000v = "csr1000v" - PlatformCiscoXrv9k = "xrv9k" - PlatformCiscoN9kv = "n9kv" - PlatformJuniperVsrx = "vsrx" - PlatformPaloAltoPanos = "panos" - PlatformIPInfusionOcNOS = "ocnos" + PlatformAristaVeos = "veos" + PlatformCiscoCsr1000v = "csr1000v" + PlatformCiscoXrv9k = "xrv9k" + PlatformCiscoN9kv = "n9kv" + PlatformJuniperVsrx = "vsrx" + PlatformPaloAltoPanos = "panos" + PlatformIPInfusionOcNOS = "ocnos" + PlatformCheckpointCloudguard = "cloudguard" - PlatformTypeAristaVeos = "arista_veos" - PlatformTypeCiscoCsr1000v = "cisco_csr1000v" - PlatformTypeCiscoXrv9k = "cisco_xrv9k" - PlatformTypeCiscoN9kv = "cisco_n9kv" - PlatformTypeJuniperVsrx = "juniper_vsrx" - PlatformTypePaloAltoPanos = "paloalto_panos" - PlatformTypeIPInfusionOcNOS = "ipinfusion_ocnos" + PlatformTypeAristaVeos = "arista_veos" + PlatformTypeCiscoCsr1000v = "cisco_csr1000v" + PlatformTypeCiscoXrv9k = "cisco_xrv9k" + PlatformTypeCiscoN9kv = "cisco_n9kv" + PlatformTypeJuniperVsrx = "juniper_vsrx" + PlatformTypePaloAltoPanos = "paloalto_panos" + PlatformTypeIPInfusionOcNOS = "ipinfusion_ocnos" + PlatformTypeCheckpointCloudguard = "checkpoint_cloudguard" NicE1000 = "e1000" NicVirtio = "virtio-net-pci" diff --git a/boxen/platforms/factory.go b/boxen/platforms/factory.go index 28251f4..5b165ad 100644 --- a/boxen/platforms/factory.go +++ b/boxen/platforms/factory.go @@ -3,6 +3,7 @@ package platforms import ( "fmt" + "github.com/carlmontanari/boxen/boxen/assets" soptions "github.com/scrapli/scrapligo/driver/options" "github.com/carlmontanari/boxen/boxen/config" @@ -37,6 +38,10 @@ func GetPlatformType(v, p string) string { if p == PlatformIPInfusionOcNOS { return PlatformTypeIPInfusionOcNOS } + case VendorCheckpoint: + if p == PlatformCheckpointCloudguard { + return PlatformTypeCheckpointCloudguard + } } return "" @@ -58,6 +63,8 @@ func GetPlatformEmptyStruct(pT string) (Platform, error) { return &PaloAltoPanos{}, nil case PlatformTypeIPInfusionOcNOS: return &IPInfusionOcNOS{}, nil + case PlatformTypeCheckpointCloudguard: + return &CheckpointCloudguard{}, nil } return nil, fmt.Errorf( @@ -179,6 +186,31 @@ func NewPlatformFromConfig( //nolint:funlen Qemu: q, ScrapliConsole: con, } + case PlatformTypeCheckpointCloudguard: + var platformDefinition []byte + + platformDefinition, err = assets.ScrapliPlatformsAssets.ReadFile( + "scrapli_platforms/" + CheckpointCloudguardDefaultScrapliPlatformDefinitionFile, + ) + + if err != nil { + return nil, fmt.Errorf("%w: scrapligo driver is not found for %q platform: %v", + util.ErrAllocationError, pT, err) + } + + con, err = NewScrapliConsole( + platformDefinition, + q.Hardware.SerialPorts[0], + q.Credentials.Username, + q.Credentials.Password, + l, + soptions.WithReturnChar("\r"), + ) + + p = &CheckpointCloudguard{ + Qemu: q, + ScrapliConsole: con, + } default: return nil, fmt.Errorf("%w: scrapligo driver is not found for %q platform", util.ErrAllocationError, pT) diff --git a/boxen/platforms/timeouts.go b/boxen/platforms/timeouts.go index eb81b01..d59b930 100644 --- a/boxen/platforms/timeouts.go +++ b/boxen/platforms/timeouts.go @@ -23,6 +23,8 @@ func getPlatformBootTimeout(pT string) int { t = ciscoXrv9kDefaultBootTime case PlatformTypePaloAltoPanos: t = paloAltoPanosDefaultBootTime + case PlatformTypeCheckpointCloudguard: + t = checkpointCloudGuardDefaultBootTime default: t = DefaultBootTime } diff --git a/go.mod b/go.mod index 4e87aae..0c7f709 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.17 require ( github.com/google/uuid v1.3.0 - github.com/scrapli/scrapligo v1.0.0 + github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85 github.com/scrapli/scrapligocfg v1.0.0 github.com/urfave/cli/v2 v2.3.0 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 diff --git a/go.sum b/go.sum index f7e4aa6..0abc938 100644 --- a/go.sum +++ b/go.sum @@ -23,23 +23,11 @@ github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBO github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/scrapli/scrapligo v0.1.4-0.20220628200407-3403e187b4af/go.mod h1:7eQKtz7zKeJ8JUhdHCw+Bv+q58Dd1cBKD50phWg2VsA= -github.com/scrapli/scrapligo v0.1.4-0.20220629193817-80c964e0e358 h1:0x9j1AxaNqcLPfJ8XUR2N0FNTAhiN+3DNCW8GI0zXYc= -github.com/scrapli/scrapligo v0.1.4-0.20220629193817-80c964e0e358/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v0.1.4-0.20220630193827-b2cf12687330 h1:+rFbpSao0Sy6okVDCPzqMCTBarYqVz71ZLzHNUx2gec= -github.com/scrapli/scrapligo v0.1.4-0.20220630193827-b2cf12687330/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v0.1.4-0.20220630194205-64cbf99b8c3b h1:xHlI8NLSJ6X+U/QxvAVniB4qdkaERXUAXeU/5KOCJzc= -github.com/scrapli/scrapligo v0.1.4-0.20220630194205-64cbf99b8c3b/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v0.1.4-0.20220630214823-34a4338bd1b2 h1:Cqt0+F1Wr957vJtzk4E4oN8qBAFZ/9MZ5PdFHkNRH28= -github.com/scrapli/scrapligo v0.1.4-0.20220630214823-34a4338bd1b2/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v1.0.0 h1:UQru4yyoAvU0tdpfoZ8gAp/rdT5XQ6GRg41xkOdF2A4= github.com/scrapli/scrapligo v1.0.0/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligocfg v0.0.0-20220628205358-4ca0f262a07f h1:iFIeNid4SFTEsxo7mAm68NauShw3NJhIjHJzYLjhReI= -github.com/scrapli/scrapligocfg v0.0.0-20220628205358-4ca0f262a07f/go.mod h1:FDVAo2U0AlgzW8by6wD0tjjR80coQjz5Yb+aYfyaUP4= -github.com/scrapli/scrapligocfg v0.0.0-20220630194834-3d2110c1b17e h1:gsrNJGBuIIoIm/FhlTkCgLQAnsZs3e47nH1vtTk/Y5Q= -github.com/scrapli/scrapligocfg v0.0.0-20220630194834-3d2110c1b17e/go.mod h1:O3xAZAfG9isKRI0X/izI+uZ0h+rvttsbq7IYeXj7RV8= -github.com/scrapli/scrapligocfg v0.0.0-20220630215039-a5be7fb902c0 h1:l6Z9dgShZjUB/APl6WAdV+VBlaxbmG0CgohDncNEdxY= -github.com/scrapli/scrapligocfg v0.0.0-20220630215039-a5be7fb902c0/go.mod h1:D3TlU5LWrPbC0oCCQVaQl3XjZF8UNB2DiP0FHHun4oQ= +github.com/scrapli/scrapligo v1.0.2-0.20220703185227-76ee64b36a38 h1:Vgv2m9/GT9iIZA1HZIIImIZZibF/emxwB2aZFWN95NQ= +github.com/scrapli/scrapligo v1.0.2-0.20220703185227-76ee64b36a38/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= +github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85 h1:1kjli4yi3++QsOsaeVQ0G4OjOO6WtoBNqNx1+0sYLII= +github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= github.com/scrapli/scrapligocfg v1.0.0 h1:540SuGqqM6rKN87SLCfR54IageQ6s3a/ZOycGRgbbak= github.com/scrapli/scrapligocfg v1.0.0/go.mod h1:9+6k9dQeIqEZEg6EK5YXEjuVb7h+nvvel26CY1RGjy4= github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= From 85dfacaeec6e2a310b7838dc8f28a153b323e82a Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Sun, 10 Jul 2022 20:26:16 +0200 Subject: [PATCH 3/8] removed cloudguard assets in favor of gist based definition --- boxen/assets/assets.go | 7 ----- .../configs/checkpoint_cloudguard.template | 1 + .../checkpoint_cloudguard.yaml | 26 ------------------- boxen/platforms/checkpoint_cloudguard.go | 2 +- boxen/platforms/console.go | 6 +++-- boxen/platforms/factory.go | 7 +---- 6 files changed, 7 insertions(+), 42 deletions(-) delete mode 100644 boxen/assets/assets.go delete mode 100644 boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml diff --git a/boxen/assets/assets.go b/boxen/assets/assets.go deleted file mode 100644 index 7058ef9..0000000 --- a/boxen/assets/assets.go +++ /dev/null @@ -1,7 +0,0 @@ -package assets - -import "embed" - -//go:embed scrapli_platforms/* -// ScrapliPlatformsAssets is the embed FS for the included scrapli platform definition yaml files. -var ScrapliPlatformsAssets embed.FS diff --git a/boxen/assets/configs/checkpoint_cloudguard.template b/boxen/assets/configs/checkpoint_cloudguard.template index c2d4378..dfca7b3 100644 --- a/boxen/assets/configs/checkpoint_cloudguard.template +++ b/boxen/assets/configs/checkpoint_cloudguard.template @@ -1,4 +1,5 @@ lock database override set interface eth0 ipv4-address 10.0.0.15 subnet-mask 255.255.255.0 set interface eth0 state on +set ipv6-state on unlock database \ No newline at end of file diff --git a/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml b/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml deleted file mode 100644 index 9a24eff..0000000 --- a/boxen/assets/scrapli_platforms/checkpoint_cloudguard.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -default: - driver-type: "network" - privilege-levels: - configuration: - name: "configuration" - pattern: '(?im)^[\w.\-@/:]{1,63}>\s*$' - previous-priv: "" - deescalate: "" - escalate: "" - escalate-auth: false - escalate-prompt: - default-desired-privilege-level: "configuration" - # failed-when-contains: - # - "% Ambiguous command" - # - "% Incomplete command" - # - "% Invalid input detected" - # - "% Unknown command" - textfsm-platform: "" # ignored in go because no ntc-templates - network-on-open: - - operation: "acquire-priv" # targets default desired priv by default - network-on-close: - - operation: "acquire-priv" - - operation: "channel.write" - input: "exit" - - operation: "channel.return" diff --git a/boxen/platforms/checkpoint_cloudguard.go b/boxen/platforms/checkpoint_cloudguard.go index 8bb0dae..d541fe9 100644 --- a/boxen/platforms/checkpoint_cloudguard.go +++ b/boxen/platforms/checkpoint_cloudguard.go @@ -14,7 +14,7 @@ const ( CheckpointCloudguardDefaultUser = "admin" CheckpointCloudguardDefaultPass = "admin" - CheckpointCloudguardDefaultScrapliPlatformDefinitionFile = "checkpoint_cloudguard.yaml" + CheckpointCloudguardDefaultScrapliPlatformDefinitionFile = "https://gist.githubusercontent.com/hellt/1eee1024bc1cb3121aaeac199d48663a/raw/07caf0b024802da2dbb6fe17dbabcb26231b8cb6/checkpoint_cloudguard.yaml" // nolint:lll checkpointCloudGuardDefaultBootTime = 720 ) diff --git a/boxen/platforms/console.go b/boxen/platforms/console.go index 4b55622..dc8d09a 100644 --- a/boxen/platforms/console.go +++ b/boxen/platforms/console.go @@ -38,7 +38,7 @@ type ScrapliConsole struct { } func NewScrapliConsole( - scrapliPlatform interface{}, + scrapliPlatform string, port int, usr, pwd string, l *instance.Loggers, @@ -82,7 +82,9 @@ func NewScrapliConsole( } con := &ScrapliConsole{ - pT: "bandaid", + // (hellt) TODO: change this to a method call that returns platform type out of a scrapli definition + // to support plugging in platform types from yml files referenced via URL/paths + pT: scrapliPlatform, c: c, defOnOpen: c.OnOpen, logger: l.Base, diff --git a/boxen/platforms/factory.go b/boxen/platforms/factory.go index 5b165ad..bdaac56 100644 --- a/boxen/platforms/factory.go +++ b/boxen/platforms/factory.go @@ -3,7 +3,6 @@ package platforms import ( "fmt" - "github.com/carlmontanari/boxen/boxen/assets" soptions "github.com/scrapli/scrapligo/driver/options" "github.com/carlmontanari/boxen/boxen/config" @@ -187,11 +186,7 @@ func NewPlatformFromConfig( //nolint:funlen ScrapliConsole: con, } case PlatformTypeCheckpointCloudguard: - var platformDefinition []byte - - platformDefinition, err = assets.ScrapliPlatformsAssets.ReadFile( - "scrapli_platforms/" + CheckpointCloudguardDefaultScrapliPlatformDefinitionFile, - ) + platformDefinition := CheckpointCloudguardDefaultScrapliPlatformDefinitionFile if err != nil { return nil, fmt.Errorf("%w: scrapligo driver is not found for %q platform: %v", From 4e2408dcb1e6662c43f3763f9f2f4f505ebc4518 Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Sun, 10 Jul 2022 20:29:25 +0200 Subject: [PATCH 4/8] long lines are overrated --- boxen/platforms/console.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/boxen/platforms/console.go b/boxen/platforms/console.go index dc8d09a..833bef2 100644 --- a/boxen/platforms/console.go +++ b/boxen/platforms/console.go @@ -82,8 +82,9 @@ func NewScrapliConsole( } con := &ScrapliConsole{ - // (hellt) TODO: change this to a method call that returns platform type out of a scrapli definition - // to support plugging in platform types from yml files referenced via URL/paths + // (hellt) TODO: change this to a method call that returns the platform type. + // This is to support plugging in platform types + // from yml files referenced via URL/paths pT: scrapliPlatform, c: c, defOnOpen: c.OnOpen, From c83ec6ebc5042e19f76d6eda8f1c2ab351be9bf7 Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Sun, 10 Jul 2022 21:03:19 +0200 Subject: [PATCH 5/8] added GetPlatformScrapliDefinition --- boxen/platforms/checkpoint_cloudguard.go | 2 +- boxen/platforms/factory.go | 58 ++++++++++++++++++------ 2 files changed, 44 insertions(+), 16 deletions(-) diff --git a/boxen/platforms/checkpoint_cloudguard.go b/boxen/platforms/checkpoint_cloudguard.go index d541fe9..43ba00a 100644 --- a/boxen/platforms/checkpoint_cloudguard.go +++ b/boxen/platforms/checkpoint_cloudguard.go @@ -14,7 +14,7 @@ const ( CheckpointCloudguardDefaultUser = "admin" CheckpointCloudguardDefaultPass = "admin" - CheckpointCloudguardDefaultScrapliPlatformDefinitionFile = "https://gist.githubusercontent.com/hellt/1eee1024bc1cb3121aaeac199d48663a/raw/07caf0b024802da2dbb6fe17dbabcb26231b8cb6/checkpoint_cloudguard.yaml" // nolint:lll + CheckpointCloudguardScrapliPlatform = "https://gist.githubusercontent.com/hellt/1eee1024bc1cb3121aaeac199d48663a/raw/07caf0b024802da2dbb6fe17dbabcb26231b8cb6/checkpoint_cloudguard.yaml" // nolint:lll checkpointCloudGuardDefaultBootTime = 720 ) diff --git a/boxen/platforms/factory.go b/boxen/platforms/factory.go index bdaac56..658cc5e 100644 --- a/boxen/platforms/factory.go +++ b/boxen/platforms/factory.go @@ -2,6 +2,7 @@ package platforms import ( "fmt" + "os" soptions "github.com/scrapli/scrapligo/driver/options" @@ -72,6 +73,38 @@ func GetPlatformEmptyStruct(pT string) (Platform, error) { ) } +// GetPlatformScrapliDefinition sets the scrapli platform definition to a value +// of the BOXEN_SCRAPLI_PLATFORM_DEFINITION env var or to a default string value. +func GetPlatformScrapliDefinition(p string) string { + scrapliPlatform := os.Getenv("BOXEN_SCRAPLI_PLATFORM_DEFINITION") + if scrapliPlatform != "" { + return scrapliPlatform + } + + // retrieve default scrapli platform url/name + // when env var is not set + switch p { + case PlatformTypeAristaVeos: + return AristaVeosScrapliPlatform + case PlatformTypeCiscoCsr1000v: + return CiscoCsr1000vScrapliPlatform + case PlatformTypeCiscoXrv9k: + return CiscoXrv9kScrapliPlatform + case PlatformTypeCiscoN9kv: + return CiscoN9kvScrapliPlatform + case PlatformTypeJuniperVsrx: + return JuniperVsrxScrapliPlatform + case PlatformTypePaloAltoPanos: + return PaloAltoPanosScrapliPlatform + case PlatformTypeIPInfusionOcNOS: + return IPInfusionOcNOSScrapliPlatform + case PlatformTypeCheckpointCloudguard: + return CheckpointCloudguardScrapliPlatform + } + + return "" +} + func NewPlatformFromConfig( //nolint:funlen n string, c *config.Config, @@ -89,10 +122,12 @@ func NewPlatformFromConfig( //nolint:funlen var con *ScrapliConsole + scrapliPlatform := GetPlatformScrapliDefinition(pT) + switch pT { case PlatformTypeAristaVeos: con, err = NewScrapliConsole( - AristaVeosScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -105,7 +140,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypeCiscoCsr1000v: con, err = NewScrapliConsole( - CiscoCsr1000vScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -118,7 +153,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypeCiscoXrv9k: con, err = NewScrapliConsole( - CiscoXrv9kScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -132,7 +167,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypeCiscoN9kv: con, err = NewScrapliConsole( - CiscoN9kvScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -146,7 +181,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypeJuniperVsrx: con, err = NewScrapliConsole( - JuniperVsrxScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -159,7 +194,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypePaloAltoPanos: con, err = NewScrapliConsole( - PaloAltoPanosScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -173,7 +208,7 @@ func NewPlatformFromConfig( //nolint:funlen } case PlatformTypeIPInfusionOcNOS: con, err = NewScrapliConsole( - IPInfusionOcNOSScrapliPlatform, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, @@ -186,15 +221,8 @@ func NewPlatformFromConfig( //nolint:funlen ScrapliConsole: con, } case PlatformTypeCheckpointCloudguard: - platformDefinition := CheckpointCloudguardDefaultScrapliPlatformDefinitionFile - - if err != nil { - return nil, fmt.Errorf("%w: scrapligo driver is not found for %q platform: %v", - util.ErrAllocationError, pT, err) - } - con, err = NewScrapliConsole( - platformDefinition, + scrapliPlatform, q.Hardware.SerialPorts[0], q.Credentials.Username, q.Credentials.Password, From 52a562dee0d66d78b50eb71ab64efffeff9c047c Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Sun, 10 Jul 2022 21:15:01 +0200 Subject: [PATCH 6/8] refactored smp qemu --- boxen/instance/qemulaunchcmd.go | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/boxen/instance/qemulaunchcmd.go b/boxen/instance/qemulaunchcmd.go index 96a3458..4a36097 100644 --- a/boxen/instance/qemulaunchcmd.go +++ b/boxen/instance/qemulaunchcmd.go @@ -123,28 +123,23 @@ func (i *Qemu) launchCmdCPU() []string { cpuCmd = append(cpuCmd, []string{"-cpu", c.Emulation}...) } - if c.Cores != 0 && c.Threads != 0 && c.Sockets != 0 { + if c.Cores != 0 { if len(cpuCmd) == 0 { cpuCmd = append(cpuCmd, []string{"-cpu", "max"}...) } - cpuCmd = append( - cpuCmd, - []string{ - "-smp", - fmt.Sprintf("cores=%d,threads=%d,sockets=%d", c.Cores, c.Threads, c.Sockets), - }...) - } - - // when only cores are specified, the `-smp %s` gets appended - if c.Cores != 0 && c.Threads == 0 && c.Sockets == 0 { - if len(cpuCmd) == 0 { - cpuCmd = append(cpuCmd, []string{"-cpu", "max"}...) + if c.Threads != 0 && c.Sockets != 0 { + cpuCmd = append( + cpuCmd, + []string{ + "-smp", + fmt.Sprintf("cores=%d,threads=%d,sockets=%d", c.Cores, c.Threads, c.Sockets), + }...) + } else if c.Threads == 0 && c.Sockets == 0 { + cpuCmd = append( + cpuCmd, + []string{"-smp", fmt.Sprint(c.Cores)}...) } - - cpuCmd = append( - cpuCmd, - []string{"-smp", fmt.Sprint(c.Cores)}...) } return cpuCmd From e8f25814ac69b8ca80599e7ef4be4c550472b564 Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Mon, 11 Jul 2022 09:25:29 +0200 Subject: [PATCH 7/8] added platform type fetching --- boxen/platforms/console.go | 5 +---- go.mod | 2 +- go.sum | 6 ++---- 3 files changed, 4 insertions(+), 9 deletions(-) diff --git a/boxen/platforms/console.go b/boxen/platforms/console.go index 833bef2..81ed4c7 100644 --- a/boxen/platforms/console.go +++ b/boxen/platforms/console.go @@ -82,10 +82,7 @@ func NewScrapliConsole( } con := &ScrapliConsole{ - // (hellt) TODO: change this to a method call that returns the platform type. - // This is to support plugging in platform types - // from yml files referenced via URL/paths - pT: scrapliPlatform, + pT: p.GetPlatformType(), c: c, defOnOpen: c.OnOpen, logger: l.Base, diff --git a/go.mod b/go.mod index 0c7f709..9c81637 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.17 require ( github.com/google/uuid v1.3.0 - github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85 + github.com/scrapli/scrapligo v1.1.0 github.com/scrapli/scrapligocfg v1.0.0 github.com/urfave/cli/v2 v2.3.0 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 diff --git a/go.sum b/go.sum index 0abc938..3f82aa0 100644 --- a/go.sum +++ b/go.sum @@ -24,10 +24,8 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/scrapli/scrapligo v1.0.0/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v1.0.2-0.20220703185227-76ee64b36a38 h1:Vgv2m9/GT9iIZA1HZIIImIZZibF/emxwB2aZFWN95NQ= -github.com/scrapli/scrapligo v1.0.2-0.20220703185227-76ee64b36a38/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= -github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85 h1:1kjli4yi3++QsOsaeVQ0G4OjOO6WtoBNqNx1+0sYLII= -github.com/scrapli/scrapligo v1.0.2-0.20220703215242-e7bff0960e85/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= +github.com/scrapli/scrapligo v1.1.0 h1:KjCam57kIV2rlxAQg/J1G7v/xgRHvpJF+Gjz+LXhQaI= +github.com/scrapli/scrapligo v1.1.0/go.mod h1:jvRMdb90MNnswMiku8UNXj8JZaOIPhwhcqqFwr9qeoY= github.com/scrapli/scrapligocfg v1.0.0 h1:540SuGqqM6rKN87SLCfR54IageQ6s3a/ZOycGRgbbak= github.com/scrapli/scrapligocfg v1.0.0/go.mod h1:9+6k9dQeIqEZEg6EK5YXEjuVb7h+nvvel26CY1RGjy4= github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= From 1a4df2348b9b66afa59c7d0ade02c079e955a798 Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Mon, 11 Jul 2022 09:26:49 +0200 Subject: [PATCH 8/8] removed unused embed --- boxen/platforms/checkpoint_cloudguard.go | 1 - 1 file changed, 1 deletion(-) diff --git a/boxen/platforms/checkpoint_cloudguard.go b/boxen/platforms/checkpoint_cloudguard.go index 43ba00a..8b99cd2 100644 --- a/boxen/platforms/checkpoint_cloudguard.go +++ b/boxen/platforms/checkpoint_cloudguard.go @@ -1,7 +1,6 @@ package platforms import ( - _ "embed" // embed FS "fmt" "time"