An efficient tool to execute configuration backups, network state snapshots, system readiness checks, and operating system upgrades of Palo Alto Networks firewalls and Panorama appliances.
This PR introduces a dedicated function, create_firewall_mapping, designed to accurately map firewall hostnames to their corresponding Firewall objects and details. The new function replaces the previous use of zip in the batch subcommand, which led to issues with firewall objects not being properly associated with their details due to misalignment in the lists.
Problem
The existing implementation used zip(all_firewalls, firewalls_info) to combine lists of Firewall objects and their information. However, this approach assumed that the order and length of both lists would always align, which was not guaranteed, especially after introducing multithreading for fetching firewall information. This led to incorrect mappings, where firewall details were associated with the wrong Firewall objects.
Solution
To address this issue, we implemented the create_firewall_mapping function. This function constructs a dictionary where each key is a firewall hostname, and the value is another dictionary containing the corresponding Firewall object and its detailed information. The mapping is based on the serial number of the firewalls, ensuring that the details are correctly associated even if the order of objects or information changes.
Benefits
Accuracy: By mapping based on the serial number, we eliminate the risk of misalignment between the Firewall objects and their details.
Reusability: The function can be used in multiple parts of the script, reducing code duplication and enhancing maintainability.
Testability: Isolating the mapping logic into its own function allows for more straightforward unit testing, ensuring the reliability of the mapping.
Changes Made:
Added the create_firewall_mapping function.
Replaced the zip usage in the batch subcommand with a call to create_firewall_mapping.
Updated the corresponding parts of the script to utilize the new mapping.
Testing
Added unit tests for the create_firewall_mapping function to cover various scenarios, including mismatched lists and missing items.
Manually tested the batch subcommand to ensure that firewall details are correctly associated with their Firewall objects.
This change resolves the issue of incorrect firewall object mapping and improves the overall robustness and maintainability of the script.
Overview
This PR introduces a dedicated function,
create_firewall_mapping
, designed to accurately map firewall hostnames to their corresponding Firewall objects and details. The new function replaces the previous use of zip in the batch subcommand, which led to issues with firewall objects not being properly associated with their details due to misalignment in the lists.Problem
The existing implementation used
zip(all_firewalls, firewalls_info)
to combine lists of Firewall objects and their information. However, this approach assumed that the order and length of both lists would always align, which was not guaranteed, especially after introducing multithreading for fetching firewall information. This led to incorrect mappings, where firewall details were associated with the wrong Firewall objects.Solution
To address this issue, we implemented the create_firewall_mapping function. This function constructs a dictionary where each key is a firewall hostname, and the value is another dictionary containing the corresponding Firewall object and its detailed information. The mapping is based on the serial number of the firewalls, ensuring that the details are correctly associated even if the order of objects or information changes.
Benefits
Changes Made:
create_firewall_mapping
function.create_firewall_mapping
.Testing
Added unit tests for the
create_firewall_mapping
function to cover various scenarios, including mismatched lists and missing items.Manually tested the batch subcommand to ensure that firewall details are correctly associated with their Firewall objects.
This change resolves the issue of incorrect firewall object mapping and improves the overall robustness and maintainability of the script.