Merge branch 'develop' into prep1.5.0

.github/workflows/ci.yml

@@ -17,6 +17,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Linting: black"
         run: "poetry run invoke black"
   bandit:
@@ -28,6 +30,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Linting: bandit"
         run: "poetry run invoke bandit"
     needs:
@@ -41,6 +45,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Type-Hints: mypy"
         run: "poetry run invoke mypy"
     needs:
@@ -54,6 +60,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Linting: pydocstyle"
         run: "poetry run invoke pydocstyle"
     needs:
@@ -67,6 +75,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Linting: flake8"
         run: "poetry run invoke flake8"
     needs:
@@ -80,6 +90,8 @@ jobs:
         uses: "actions/checkout@v2"
       - name: "Setup environment"
         uses: "networktocode/gh-action-setup-poetry-environment@v2"
+        with:
+          python-version: "3.11"
       - name: "Linting: yamllint"
         run: "poetry run invoke yamllint"
     needs:
@@ -88,7 +100,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.8", "3.9", "3.10", "3.11"]
     runs-on: "ubuntu-20.04"
     env:
       PYTHON_VER: "${{ matrix.python-version }}"
@@ -125,7 +137,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.7"]
+        python-version: ["3.11"]
     env:
       PYTHON_VER: "${{ matrix.python-version }}"
     steps:
@@ -161,7 +173,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.8", "3.9", "3.10", "3.11"]
     runs-on: "ubuntu-20.04"
     env:
       PYTHON_VER: "${{ matrix.python-version }}"
@@ -208,7 +220,7 @@ jobs:
       - name: "Set up Python"
         uses: "actions/setup-python@v2"
         with:
-          python-version: "3.9"
+          python-version: "3.11"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"
@@ -237,7 +249,7 @@ jobs:
       - name: "Set up Python"
         uses: "actions/setup-python@v2"
         with:
-          python-version: "3.9"
+          python-version: "3.11"
       - name: "Install Python Packages"
         run: "pip install poetry"
       - name: "Set env"

docs/dev/attribution.md

@@ -13,16 +13,16 @@ Influencers
 
 In many instances variables and function names were reused, but the code was built from scratch to avoid any potential licensing issues. Functions that were known to be rewritten and their known origin.
 
-| Function         | Origin  |
-| ---------------- | ------- |
-| asn_to_int       | NAPALM  |
-| is_ip            | IPCal   |
-| ip_to_bin        | IPCal   |
-| get_usable_range | IPCal   |
-| encrypt_type7    | unknown |
-| decrypt_type7    | unknown |
-| vlan_to_list     | Ansible |
-| sanitize_config  | NAPALM  |
+| Function            | Origin  |
+| ------------------- | ------- |
+| asn_to_int          | NAPALM  |
+| is_ip               | IPCal   |
+| ip_to_bin           | IPCal   |
+| get_usable_range    | IPCal   |
+| encrypt_cisco_type7 | unknown |
+| decrypt_cisco_type7 | unknown |
+| vlan_to_list        | Ansible |
+| sanitize_config     | NAPALM  |
 
 Relevant PR's
 

docs/dev/code_reference/os_version.md

@@ -0,0 +1,5 @@
+# OS Version
+
+::: netutils.os_version
+    options:
+        show_submodules: True

docs/dev/include_parser_list.md

@@ -15,4 +15,6 @@
 | linux | netutils.config.parser.LINUXConfigParser |
 | mikrotik_routeros | netutils.config.parser.RouterOSConfigParser |
 | mrv_optiswitch | netutils.config.parser.OptiswitchConfigParser |
-| nokia_sros | netutils.config.parser.NokiaConfigParser |
+| nokia_sros | netutils.config.parser.NokiaConfigParser |
+| paloalto_panos | netutils.config.parser.PaloAltoNetworksConfigParser |
+| ruckus_fastiron | netutils.config.parser.FastironConfigParser |

docs/requirements.txt

@@ -1,8 +1,8 @@
-mkdocs==1.3.1
+mkdocs==1.4.3
 # Material for MkDocs theme
-mkdocs-material==8.3.9
+mkdocs-material==8.5.8
 # Render custom markdown for version added/changed/remove notes
 mkdocs-version-annotations==1.0.0
 # Automatic documentation from sources, for MkDocs
-mkdocstrings==0.19
-mkdocstrings-python==0.7.1
+mkdocstrings==0.22.0
+mkdocstrings-python==1.1.2

docs/user/include_jinja_list.md

@@ -16,6 +16,7 @@
 | feature_compliance | netutils.config.compliance.feature_compliance |
 | find_unordered_cfg_lines | netutils.config.compliance.find_unordered_cfg_lines |
 | section_config | netutils.config.compliance.section_config |
+| paloalto_panos_brace_to_set | netutils.config.conversion.paloalto_panos_brace_to_set |
 | fqdn_to_ip | netutils.dns.fqdn_to_ip |
 | is_fqdn_resolvable | netutils.dns.is_fqdn_resolvable |
 | abbreviated_interface_name | netutils.interface.abbreviated_interface_name |
@@ -52,15 +53,20 @@
 | mac_to_int | netutils.mac.mac_to_int |
 | mac_type | netutils.mac.mac_type |
 | get_upgrade_path | netutils.os_version.get_upgrade_path |
+| compare_cisco_type5 | netutils.password.compare_cisco_type5 |
+| compare_cisco_type7 | netutils.password.compare_cisco_type7 |
+| compare_cisco_type9 | netutils.password.compare_cisco_type9 |
 | compare_type5 | netutils.password.compare_type5 |
 | compare_type7 | netutils.password.compare_type7 |
-| compare_type9 | netutils.password.compare_type9 |
-| decrypt_juniper | netutils.password.decrypt_juniper |
+| decrypt_cisco_type7 | netutils.password.decrypt_cisco_type7 |
+| decrypt_juniper_type9 | netutils.password.decrypt_juniper_type9 |
 | decrypt_type7 | netutils.password.decrypt_type7 |
-| encrypt_juniper | netutils.password.encrypt_juniper |
+| encrypt_cisco_type5 | netutils.password.encrypt_cisco_type5 |
+| encrypt_cisco_type7 | netutils.password.encrypt_cisco_type7 |
+| encrypt_cisco_type9 | netutils.password.encrypt_cisco_type9 |
+| encrypt_juniper_type9 | netutils.password.encrypt_juniper_type9 |
 | encrypt_type5 | netutils.password.encrypt_type5 |
 | encrypt_type7 | netutils.password.encrypt_type7 |
-| encrypt_type9 | netutils.password.encrypt_type9 |
 | get_hash_salt | netutils.password.get_hash_salt |
 | tcp_ping | netutils.ping.tcp_ping |
 | longest_prefix_match | netutils.route.longest_prefix_match |

docs/user/lib_mapper/hierconfig.md

@@ -1,6 +1,7 @@
 | HIERCONFIG | | NORMALIZED |
 | ---------- | -- | ------ |
 | eos | → | arista_eos |
+| fastiron | → | ruckus_fastiron |
 | ios | → | cisco_ios |
 | iosxe | → | cisco_xe |
 | iosxr | → | cisco_xr |

docs/user/lib_mapper/hierconfig_reverse.md

@@ -4,4 +4,5 @@
 | cisco_ios | → | ios |
 | cisco_nxos | → | nxos |
 | cisco_xe | → | iosxe |
-| cisco_xr | → | iosxr |
+| cisco_xr | → | iosxr |
+| ruckus_fastiron | → | fastiron |

docs/user/lib_use_cases.md

@@ -54,12 +54,12 @@ The following function will help in deploying list of VLANs and match the config
 You may want to compare a known password with a given encrypted password. This can help in verifying if the passwords are as expected for compliance reasons.
 
 ```python
->>> from netutils.password import compare_type5
+>>> from netutils.password import compare_cisco_type5
 >>>
->>> compare_type5("cisco","$1$nTc1$Z28sUTcWfXlvVe2x.3XAa.")
+>>> compare_cisco_type5("cisco","$1$nTc1$Z28sUTcWfXlvVe2x.3XAa.")
 True
 >>>
->>> compare_type5("not_cisco","$1$nTc1$Z28sUTcWfXlvVe2x.3XAa.")
+>>> compare_cisco_type5("not_cisco","$1$nTc1$Z28sUTcWfXlvVe2x.3XAa.")
 False
 >>>
 ```

mkdocs.yml

@@ -134,6 +134,7 @@ nav:
           - Library Helpers: "dev/code_reference/lib_helpers.md"
           - Library Mapping: "dev/code_reference/lib_mapping.md"
           - Mac Address: "dev/code_reference/mac.md"
+          - OS Version: "dev/code_reference/os_version.md"
           - Password: "dev/code_reference/password.md"
           - Ping: "dev/code_reference/ping.md"
           - Protocol Mapper: "dev/code_reference/protocol_mapper.md"

netutils/__init__.py

@@ -1,9 +1,7 @@
 """Initialization file for library."""
 
-try:
-    from importlib import metadata  # type: ignore[attr-defined]
-except ImportError:
-    # Python version < 3.8
-    import importlib_metadata as metadata  # type: ignore[no-redef]
+
+from importlib import metadata
+
 
 __version__ = metadata.version(__name__)

netutils/config/compliance.py

@@ -2,6 +2,8 @@
 
 import typing as t
 
+from netutils.config.utils import _open_file_config
+
 from . import parser  # pylint: disable=relative-beyond-top-level
 
 parser_map: t.Dict[str, t.Type[parser.BaseConfigParser]] = {
@@ -20,9 +22,12 @@
     "aruba_aoscx": parser.ArubaConfigParser,
     "mrv_optiswitch": parser.OptiswitchConfigParser,
     "extreme_netiron": parser.NetironConfigParser,
+    "paloalto_panos": parser.PaloAltoNetworksConfigParser,
     "mikrotik_routeros": parser.RouterOSConfigParser,
+    "ruckus_fastiron": parser.FastironConfigParser,
 }
 
+
 # TODO: Once support for 3.7 is dropped, there should be a typing.TypedDict for this which should then also be used
 # as the return type for a bunch of the following methods.
 default_feature: t.Dict[str, t.Union[str, bool, None]] = {
@@ -107,15 +112,6 @@ def _is_feature_ordered_compliant(feature_intended_cfg: str, feature_actual_cfg:
     return False
 
 
-def _open_file_config(cfg_path: str) -> str:
-    """Open config file from local disk."""
-    # This might fail, raising an IOError
-    with open(cfg_path, encoding="utf-8") as filehandler:
-        device_cfg = filehandler.read()
-
-    return device_cfg.strip()
-
-
 def compliance(
     features: t.List[t.Dict[str, t.Union[str, bool, t.List[str]]]],
     backup: str,

netutils/config/conversion.py

@@ -0,0 +1,94 @@
+"""Configuration conversion methods for different network operating systems."""
+
+import typing as t
+
+from netutils.config.utils import _open_file_config
+
+conversion_map: t.Dict[str, t.List[str]] = {
+    "paloalto_panos": ["paloalto_panos_brace_to_set"],
+}
+
+
+def paloalto_panos_brace_to_set(cfg: str, cfg_type: str = "file") -> str:
+    r"""Convert Palo Alto Brace format configuration to set format.
+
+    Args:
+        cfg: Configuration as a string
+        cfg_type: A string that is effectively a choice between `file` and `string`. Defaults to `file`.
+
+    Returns:
+        str: Converted configuration as a string.
+
+    Examples:
+            >>> config = '''
+            ...     config {
+            ...            mgt-config {
+            ...                users {
+            ...                  admin {
+            ...                    phash *;
+            ...                    permissions {
+            ...                      role-based {
+            ...                        superuser yes;
+            ...                      }
+            ...                    }
+            ...                    public-key thisisasuperduperlongbase64encodedstring;
+            ...                }
+            ...                panadmin {
+            ...                    permissions {
+            ...                      role-based {
+            ...                        superuser yes;
+            ...                      }
+            ...                    }
+            ...                    phash passwordhash;
+            ...                }
+            ...              }
+            ...            }
+            ...         }'''
+            >>> paloalto_panos_brace_to_set(cfg=config, cfg_type='string') == \
+            ... '''set mgt-config users admin phash *
+            ... set mgt-config users admin permissions role-based superuser yes
+            ... set mgt-config users admin public-key thisisasuperduperlongbase64encodedstring
+            ... set mgt-config users panadmin permissions role-based superuser yes
+            ... set mgt-config users panadmin phash passwordhash'''
+            True
+    """
+    stack: t.List[str] = []
+    cfg_value: t.List[str] = []
+    cfg_string: str = ""
+
+    if cfg_type not in ["file", "string"]:
+        raise ValueError("The variable `cfg_type` must be either `file` or `string`.")
+    if cfg_type == "file":
+        cfg_list = _open_file_config(cfg).splitlines()
+    else:
+        cfg_list = cfg.splitlines()
+
+    for i, line in enumerate(cfg_list):
+        line = line.strip()
+        if line.endswith(";") and not line.endswith('";'):
+            line = line.split(";", 1)[0]
+            line = "".join(str(s) for s in stack) + line
+            line = line.split("config ", 1)[1]
+            line = "set " + line
+            cfg_value.append(line.strip())
+        elif line.endswith('login-banner "') or line.endswith('content "'):
+            _first_banner_line = "".join(str(s) for s in stack) + line
+            cfg_value.append("set " + _first_banner_line.split("config ", 1)[1])
+
+            for banner_line in cfg_list[i + 1:]:  # fmt: skip
+                if '"' in banner_line:
+                    banner_line = banner_line.split(";", 1)[0]
+                    cfg_value.append(banner_line.strip())
+                    break
+                cfg_value.append(banner_line.strip())
+        elif line.endswith("{"):
+            stack.append(line[:-1])
+        elif line == "}" and len(stack) > 0:
+            stack.pop()
+
+    for _l, _line in enumerate(cfg_value):
+        cfg_string += _line
+        if _l < len(cfg_value) - 1:
+            cfg_string += "\n"
+
+    return cfg_string