feat: non-interactive mode and firewall/batch CLI options to set firewalls to be upgraded

alperenkose commented 3 months ago

Checklist for This Pull Request

🚨Please adhere to the guidelines for contributing to this repository.

[ ] Ensure you are submitting your pull request to a branch dedicated to a specific topic/feature/bugfix. Avoid using the master branch for pull requests.
[x] Target your pull request to the main development branch in this repository.
[x] Ensure your commit messages follow the project's preferred format.
[x] Check that your code additions do not fail any linting checks or unit tests.

Pull Request Description

This PR introduces --non-interactive option to firewall and batch commands as well as CLI options to set firewalls to be upgraded.

Non interactive option

With the --non-interactive flag it is possible to upgrade firewalls non-interactively without being prompted for confirmations.

Non-interactive mode requires parameters like hostname, username, password to be passed in order to avoid prompts.

Dry run behaviour adjusted to be the default selection in interactive mode, additionally when --dry-run option is set "dry run" prompts are avoided. You can only disable dry run by answering the dry run prompts as "no" or running the tool in non-interactive mode.

Firewall --peer and Batch --inventory options to set firewalls to be upgraded

--peer CLI option introduced in firewall command in order to allow specifying peer hostname/IP if auto-detected management IP is not accessible.

--inventory CLI option introduced in batch command to allow specifying the list of firewalls to upgrade in CLI.

Usage

Non-interactive HA upgrade with firewall command and peer IP:

pan-os-upgrade firewall --hostname fw-ha-01 --peer fw-ha-02 --username admin --password XXXXX --version 10.0.11-h4 --non-interactive

Non-interactive HA upgrade with batch command and inventory option:

pan-os-upgrade batch --hostname panorama-node --username admin --password XXXXX --version 10.0.11-h4 --non-interactive --inventory fw-ha-01,fw-ha-02

Non-interactive standalone upgrade with firewall command:

pan-os-upgrade firewall --hostname fw-stdnaln-01 --username admin --password XXXXX --version 10.0.11-h4 --non-interactive

What does this pull request accomplish?

Feature addition

Are there any breaking changes included?

[ ] Yes
[x] No

Is there anything the reviewers should know?

Needed to change common_setup method to set dirs and logging only, and call connect_to_host separately because --dry-run option should be overridden if --non-interactive flag is set, and it should be prompted if --non-interactive flag is NOT set at the very beginning of the method. This required logging which wasn't possible before calling common_setup but setting up the connection was not necessary at this time.

cdot65 commented 3 months ago

Looks great, testing now

Let's get a couple new tests that validate the execution of the flags.

cdot65 commented 3 months ago

Great job with your contribution @alperenkose !

cdot65 / pan-os-upgrade