search

PaloAltoNetworks / SkilletBuilder

Docs and tutorial for Skillet template building
MIT License
8 stars 12 forks source link

Unable to output json snippets in generated skillet #24

Closed Wireee closed 3 years ago

Wireee commented 3 years ago

Describe the bug

When trying to execute "Generate Skillet" in PanHandler, nothing is generated in the snipets section of the generated yaml file.

Expected behavior

Print the output of the generate_skillet_snippets.py in the snippets section of the generated skillet.

Current behavior

Nothing in the snippets section

Possible solution

Sound that the output of generate_skillet_snippets.py is not parsed correctly in json format.

Steps to reproduce

  1. In PanHandler ui launch "Generate a Skillet"

  2. Select From Running NGFW

  3. Configuration changes are retrieved successfuly Capture

  4. Snippets section of the generated skillet is empty Capture2

The snippets variable seems empty, I've added this line in skeleton_xml/meta-cnc-skeleton.conf to check : {{ snippets|pprint }}

Context / Environment

Just trying to generate a skillet from a running PA-3020 PANOS v9.1.8

BoraMutluoglu commented 3 years ago

Hello, thanks for reporting this bug. This bug is fixed in Dev Panhandler Version: 4.0.

Wireee commented 3 years ago

Hello thanks for your help. Still not working with the last Dev Panhandler Version 4.0

Here the digest of the image I just pulled from docker hub : paloaltonetworks/panhandler:dev DIGEST:sha256:53fc8adfa0c6f3fd5c36e6f50c552ef21db8f7f6993ea023ec26e57b624f9faa

I've deleted and re create the docker volumes to make sure having a clean install.

Is the correct version?

scotchoaf commented 3 years ago

@alexandreLecAxians

I am able to recreate the issue and see that the output of the skillet generation doesn't get written to the panhandler context as the variable 'skillets'. When viewing the context 'snippets' is empty as you note. This in term sends a null to the skeleton.yaml file jinja logic used to generate the output, https://github.com/PaloAltoNetworks/SkilletBuilder/blob/82d9fe66db604d4fdb9dbd07cb9037a362f69c20/skeleton_yaml/meta-cnc-skeleton.conf#L78

investigating and working on a fix

scotchoaf commented 3 years ago

@alexandreLecAxians

Also note that in the newer panhandler release you can also generate snippets natively. If you go into the repo details page for imported content and select 'Create Skillet' there is a similar option to generate a skillet using a file diff using the PAN-OS API or by uploading two files. This is the integrated build option you should be able to use as a workaround or to replace the older SkilletBuilder skillet model.

nembery commented 3 years ago

@alexandreLecAxians I just pushed some updates which should fix these issues. I've only tested in panhandler:dev as a new release is incoming in the next couple of days. Please take a look and let me know if we can close this bug.

Wireee commented 3 years ago

Now it's work nicely ! Thank you for your support, we can close it :)