Add generic api resource (#195)

CheckPointSW · Nov 10, 2024 · 351a6f0 · 351a6f0
1 parent ff0149c
commit 351a6f0
Show file tree

Hide file tree

Showing 6 changed files with 204 additions and 31 deletions.
diff --git a/checkpoint/provider.go b/checkpoint/provider.go
@@ -328,6 +328,7 @@ func Provider() terraform.ResourceProvider {
 			"checkpoint_management_cme_gw_configurations_aws":                      resourceManagementCMEGWConfigurationsAWS(),
 			"checkpoint_management_cme_gw_configurations_azure":                    resourceManagementCMEGWConfigurationsAzure(),
 			"checkpoint_management_cme_gw_configurations_gcp":                      resourceManagementCMEGWConfigurationsGCP(),
+			"checkpoint_generic_api":                                               resourceManagementGenericApi(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"checkpoint_management_outbound_inspection_certificate":           dataSourceManagementOutboundInspectionCertificate(),

diff --git a/checkpoint/resource_checkpoint_management_command_gaia_api.go b/checkpoint/resource_checkpoint_management_command_gaia_api.go
@@ -6,7 +6,6 @@ import (
 	checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-	"log"
 )
 
 func resourceManagementGaiaApi() *schema.Resource {
@@ -15,44 +14,47 @@ func resourceManagementGaiaApi() *schema.Resource {
 		Read:   readManagementGaiaApi,
 		Delete: deleteManagementGaiaApi,
 		Schema: map[string]*schema.Schema{
-			"target": {
+			"command_name": {
 				Type:        schema.TypeString,
 				Required:    true,
 				ForceNew:    true,
-				Description: "Gateway-object-name or gateway-ip-address or gateway-UID.",
+				Description: "GAIA API command name or path",
 			},
-			"other_parameter": {
+			"target": {
 				Type:        schema.TypeString,
-				Optional:    true,
+				Required:    true,
 				ForceNew:    true,
-				Description: "Other input parameters that gateway needs it.",
+				Description: "Gateway object name or Gateway IP address or Gateway UID",
 			},
-			"command_name": {
+			"other_parameter": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				ForceNew:    true,
-				Description: "Target's api command.",
+				Description: "Other input parameters for the request payload in JSON format",
 			},
 			"response_message": {
 				Type:        schema.TypeString,
 				Computed:    true,
-				Description: "Response's object from the target in json format.\n",
+				Description: "Response message in JSON format",
 			},
 		},
 	}
 }
 
 func createManagementGaiaApi(d *schema.ResourceData, m interface{}) error {
-
 	client := m.(*checkpoint.ApiClient)
 
 	var payload = map[string]interface{}{}
-	if v, ok := d.GetOk("target"); ok {
-		payload["target"] = v.(string)
-	}
 
 	if v, ok := d.GetOk("other_parameter"); ok {
-		payload["other-parameter"] = v.(string)
+		err := json.Unmarshal([]byte(v.(string)), &payload)
+		if err != nil {
+			return fmt.Errorf(err.Error())
+		}
+	}
+
+	if v, ok := d.GetOk("target"); ok {
+		payload["target"] = v.(string)
 	}
 
 	commandName := "gaia-api/" + d.Get("command_name").(string)
@@ -65,19 +67,13 @@ func createManagementGaiaApi(d *schema.ResourceData, m interface{}) error {
 		return fmt.Errorf(GaiaApiRes.ErrorMsg)
 	}
 
-	gaiaApi := GaiaApiRes.GetData()
-
-	if v := gaiaApi["command-name"]; v != nil {
-		_ = d.Set("command_name", v)
-	}
+	gaiaApiResponse := GaiaApiRes.GetData()
 
-	if v := gaiaApi["response-message"]; v != nil {
+	if v := gaiaApiResponse["response-message"]; v != nil {
 		valToReturn, err := json.Marshal(v)
-
 		if err != nil {
-			log.Println(err.Error())
+			return fmt.Errorf(err.Error())
 		}
-
 		_ = d.Set("response_message", string(valToReturn))
 	}
 
@@ -90,7 +86,6 @@ func readManagementGaiaApi(d *schema.ResourceData, m interface{}) error {
 }
 
 func deleteManagementGaiaApi(d *schema.ResourceData, m interface{}) error {
-
 	d.SetId("")
 	return nil
 }
diff --git a/checkpoint/resource_checkpoint_management_generic_api.go b/checkpoint/resource_checkpoint_management_generic_api.go
@@ -0,0 +1,93 @@
+package checkpoint
+
+import (
+	"encoding/json"
+	"fmt"
+	checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func resourceManagementGenericApi() *schema.Resource {
+	return &schema.Resource{
+		Create: createManagementGenericApi,
+		Read:   readManagementGenericApi,
+		Delete: deleteManagementGenericApi,
+		Schema: map[string]*schema.Schema{
+			"api_command": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "API command name or path",
+			},
+			"payload": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				ForceNew:    true,
+				Description: "Request payload in JSON format",
+			},
+			"method": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				ForceNew:    true,
+				Description: "HTTP request method",
+				Default:     "POST",
+			},
+			"response": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Response message in JSON format",
+			},
+		},
+	}
+}
+
+func createManagementGenericApi(d *schema.ResourceData, m interface{}) error {
+	client := m.(*checkpoint.ApiClient)
+
+	apiCommand := d.Get("api_command").(string)
+
+	// Convert payload from string to map
+	var payload = map[string]interface{}{}
+	if v, ok := d.GetOk("payload"); ok {
+		err := json.Unmarshal([]byte(v.(string)), &payload)
+		if err != nil {
+			return fmt.Errorf(err.Error())
+		}
+	}
+
+	var method string
+	if v, ok := d.GetOk("method"); ok {
+		method = v.(string)
+	}
+
+	genericApiRes, err := client.ApiCall(apiCommand, payload, client.GetSessionID(), true, client.IsProxyUsed(), method)
+	if err != nil {
+		return fmt.Errorf(err.Error())
+	}
+	if !genericApiRes.Success {
+		return fmt.Errorf(genericApiRes.ErrorMsg)
+	}
+
+	// Convert response from map to string
+	jsonResponse, err := json.Marshal(genericApiRes.GetData())
+	if err != nil {
+		return fmt.Errorf(err.Error())
+	}
+	if jsonResponse != nil {
+		_ = d.Set("response", string(jsonResponse))
+	}
+
+	d.SetId("generic-api-" + apiCommand + "-" + acctest.RandString(10))
+
+	return readManagementGaiaApi(d, m)
+}
+
+func readManagementGenericApi(d *schema.ResourceData, m interface{}) error {
+	return nil
+}
+
+func deleteManagementGenericApi(d *schema.ResourceData, m interface{}) error {
+	d.SetId("")
+	return nil
+}
diff --git a/website/checkpoint.erb b/website/checkpoint.erb
@@ -660,6 +660,9 @@
                 </li>
                <li<%= sidebar_current("docs-checkpoint-resource-checkpoint-vsx-provisioning-tool") %>>
                   <a href="/docs/providers/checkpoint/r/checkpoint_management_vsx_provisioning_tool.html">checkpoint_management_vsx_provisioning_tool</a>
+               </li>
+			   <li<%= sidebar_current("docs-checkpoint-resource-checkpoint-generic_api") %>>
+                  <a href="/docs/providers/checkpoint/r/checkpoint_generic_api.html">checkpoint_generic_api</a>
                </li>
           </ul>
         </li>

diff --git a/website/docs/r/checkpoint_management_gaia_api.html.markdown b/website/docs/r/checkpoint_management_gaia_api.html.markdown
@@ -8,26 +8,49 @@ This resource allows you to execute Check Point Gaia Api.
 
 # Resource: checkpoint_management_command_gaia_api
 
-This resource allows you to execute Check Point Gaia Api.
+This resource allows you to run generic `gaia-api` command from the Management.<br>
+See the [GAIA API reference](https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html) for a complete list of APIs you can run on your Check Point server.<br>
+<b>NOTE:</b> Please add a rule to allow the connection from the management to the targets.<br>
 
 ## Example Usage
 
 
 ```hcl
-resource "checkpoint_management_command_gaia_api" "example" {
+resource "checkpoint_management_command_gaia_api" "example1" {
   target = "my_gateway"
   command_name = "show-hostname"
 }
+
+resource "checkpoint_management_command_gaia_api" "example2" {
+  target = "my_gateway"
+  command_name = "show-interface"
+  other_parameter = <<EOT
+    {
+      "name" : "eth0"
+    }
+  EOT
+}
+
+resource "checkpoint_management_command_gaia_api" "example3" {
+  target = "my_gateway"
+  command_name = "v1.3/show-diagnostics"
+  other_parameter = <<EOT
+    {
+      "category" : "os",
+      "topic" : "disk"
+    }
+  EOT
+}
 ```
 
 ## Argument Reference
 
 The following arguments are supported:
 
-* `target` - (Required) Gateway-object-name or gateway-ip-address or gateway-UID. 
-* `command_name` - (Required) Target's api command.
-* `other_parameter` - (Optional) Other input parameters that gateway needs it. 
-* `response_message` - Response's object from the target in json format.
+* `target` - (Required) Gateway object name or Gateway IP address or Gateway UID. 
+* `command_name` - (Required) GAIA API command name or path.
+* `other_parameter` - (Optional) Other input parameters for the request payload in JSON format. You can use [heredoc strings](https://developer.hashicorp.com/terraform/language/expressions/strings#heredoc-strings) to write freestyle JSON. 
+* `response_message` - Response message in JSON format.
 
 
 ## How To Use

diff --git a/website/docs/r/checkpoint_management_generic_api.html.markdown b/website/docs/r/checkpoint_management_generic_api.html.markdown
@@ -0,0 +1,58 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_generic_api"
+sidebar_current: "docs-checkpoint-resource-checkpoint-generic-api"
+description: |-
+This resource allows you to execute generic Management API calls.
+---
+
+# Resource: checkpoint_generic_api
+
+This resource allows you to execute Check Point generic Management or GAIA API.<br>
+See the [Management API reference](https://sc1.checkpoint.com/documents/latest/APIs/index.html) or [GAIA API reference](https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html) for a complete list of APIs you can run on your Check Point server.<br>
+<b>NOTE:</b> If you configure the provider [context](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#context-1) to `gaia_api` you can execute only GAIA API and GAIA resources. Management API or any other resources will not be supported.
+
+## Example Usage
+
+
+```hcl
+# Run generic Management API when provider context is 'web_api'
+resource "checkpoint_generic_api" "api1" {
+  api_command = "add-host"
+  payload = <<EOT
+  {
+    "name": "host1",
+    "ip-address": "1.2.3.4"
+  }
+  EOT
+}
+
+# Run generic Management API when provider context is 'web_api'
+resource "checkpoint_generic_api" "api2" {
+  api_command = "show-hosts"
+}
+
+# Run generic Management API when provider context is 'web_api'
+resource "checkpoint_generic_api" "api3" {
+  api_command = "gaia-api/show-proxy"
+  payload = <<EOT
+  {
+    "target": "gateway1",
+  }
+  EOT
+}
+
+# Run generic GAIA API when provider context is 'gaia_api'
+resource "checkpoint_generic_api" "api4" {
+  api_command = "show-proxy"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `api_command` - (Required) API command name or path.
+* `payload` - (Optional) Request payload in JSON format. You can use [heredoc strings](https://developer.hashicorp.com/terraform/language/expressions/strings#heredoc-strings) to write freestyle JSON.
+* `method` - (Optional) HTTP request method. Default is `POST`.
+* `response` - Response message in JSON format.