Tools for working with PAN-OS Skillets in Python 3
Project description
Skilletlib
Base Classes and Utilities for working with Skillets in Python 3.7+. Skilletlib encapsulates all the logic necessary to execute a skillet in your app or tooling.
See here for information about Skillets and what skillets may be available.
About Skillets
Skillets are designed to be sharable units of configuration or validation data. They are perfectly suited for 'Compliance as Code' or 'Infrastructure as Code' type environments. All the 'knowledge' of doing a thing is encapsulated in the skillet. Skillets strive to be tooling agnostic. A subject matter expert should not have to define best practices in multiple domain specific languages. Ideally, this should be expressed once, and executed in a variety of tools. Skilletlib makes it easy to allow Skillets to be executed in your tooling of choice.
Skillets are meant to be stored and shared via source control repositories along with the rest of your infrastructure. This allows complex NGFW configurations and use case specific compliance checks to be executed as part of your deployment pipeline.
Resources
Installation
Skilletlib is distributed as a python shared library on pypi.org.
pip install skilletlib
Example Loading a Skillet
from skilletlib import SkilletLoader
# init SkilletLoader Class
sl = SkilletLoader()
# Load the skillet found in the current directory
skillet = sl.load_skillet_from_path('.')
# Every skillet requires a context, which is a dict containing
# any user-input or other variables to allow customization.
context = dict()
# In this example, our skillet needs a configuration.xml file to be loaded into a variable
# called 'config'
with open('config.xml', 'r') as config:
context['config'] = config.read()
# execute the skillet and return the results
out = skillet.execute(context)
# Do something interesting with the results, like print it out :-)
print(out)
print('all done')
Loading Skillets from a Git repository
from skilletlib import SkilletLoader
repo_url = 'https://github.com/nembery/Skillets'
repo_branch = 'develop'
directory = '/var/tmp/skillets'
repo_name = 'example skillets'
sl = SkilletLoader()
skillets = sl.load_from_git(repo_url, repo_name, repo_branch, local_dir=directory)
for s in skillets:
print(s.name)
using Skilletlib to find recent changes in Set CLI Format
import os
# The Panos class is a wrapper around the XML API that provides some convience methods
from skilletlib import Panos
auth = {
'hostname': os.environ.get('ip_address', ''),
'api_username': os.environ.get('username', ''),
'api_password': os.environ.get('password', ''),
'debug': os.environ.get('debug', True),
}
device = Panos(**auth)
# you can pass negative integers to the 'get_configuration' method to retrive the most to least recent
# running configurations. This is very useful to finding the Set CLI or XML equivelent of GUI configuration
# changes
previous_config = device.get_configuration(config_source='-1')
latest_config = device.get_configuration(config_source='running')
# The 'generate_set_cli_from_configs' method returns the difference between two config files. In this case,
# we'll use the running config and the most recent running config audit backup. This will give us all the
# changes made via the most recent commit in Set CLI format
cmds = device.generate_set_cli_from_configs(previous_config, latest_config)
for cmd in cmds:
print(cmd)
Other projects that use Skilletlib
Here are a couple of examples of other projects that use skilletlib
- Panhandler Panhandler is a tool to manage collections of Skillets and their respective git repositories
- SLI SLI is a CLI interface to Skilletlib. This tool allows rapid testing and prototyping of Skillets
- SkilletLoader SkilletLoader is a tool to load and test skillets in a CI/CD pipeline via Docker
- Ansible Skillets Ansible roles and libraries for loading PAN-OS and related skillets via Ansible playbooks
- Demisto XSOAR Integration Experimental in development Demisto XSOAR integration
Other utilities in Skilletlib
Skilletlib also includes a collection of tools and methods called 'Panoply' which eases working with emphemeral PAN-OS and Panorama devices, such as in a CI/CD Pipeline or development environment.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file skilletlib-1.1.0.tar.gz.
File metadata
- Download URL: skilletlib-1.1.0.tar.gz
- Upload date:
- Size: 72.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.41.1 CPython/3.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9c7a3f6ad2c08b70b329e3689279abed1cf28677dcf3f235995a0da8c91bde70
|
|
| MD5 |
9358347742de56f8fa0e923539949300
|
|
| BLAKE2b-256 |
2b29776f602973f9795d9b20df4b276ce98e938ee45ddceb25ef76c809096898
|
File details
Details for the file skilletlib-1.1.0-py3-none-any.whl.
File metadata
- Download URL: skilletlib-1.1.0-py3-none-any.whl
- Upload date:
- Size: 100.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.41.1 CPython/3.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
60464a3b68512738e722402f36daa022ab3ce16695e9620c9e5adbf33b28f7ea
|
|
| MD5 |
31db90a1b6dd99c613bae079d7bda2d8
|
|
| BLAKE2b-256 |
1f8e6faccefaf4ea47c616b4cfcb1505eca1abcd5eb4caf458a8bc37974cbc55
|
