.. _terraform-commits: ============================= Terraform and Commits ============================= One thing to know when working with Terraform is that it does not have support for committing your configuration. To commit your configuration, you can use the following `Golang `_ code. .. code-block:: go package main import ( "encoding/json" "flag" "log" "os" "github.com/PaloAltoNetworks/pango" ) type Credentials struct { Hostname string `json:"hostname"` Username string `json:"username"` Password string `json:"password"` ApiKey string `json:"api_key"` Protocol string `json:"protocol"` Port uint `json:"port"` Timeout int `json:"timeout"` } func getCredentials(configFile, hostname, username, password, apiKey string) (Credentials) { var ( config Credentials val string ok bool ) // Auth from the config file. if configFile != "" { fd, err := os.Open(configFile) if err != nil { log.Fatalf("ERROR: %s", err) } defer fd.Close() dec := json.NewDecoder(fd) err = dec.Decode(&config) if err != nil { log.Fatalf("ERROR: %s", err) } } // Auth from env variables. if val, ok = os.LookupEnv("PANOS_HOSTNAME"); ok { config.Hostname = val } if val, ok = os.LookupEnv("PANOS_USERNAME"); ok { config.Username = val } if val, ok = os.LookupEnv("PANOS_PASSWORD"); ok { config.Password = val } if val, ok = os.LookupEnv("PANOS_API_KEY"); ok { config.ApiKey = val } // Auth from CLI args. if hostname != "" { config.Hostname = hostname } if username != "" { config.Username = username } if password != "" { config.Password = password } if apiKey != "" { config.ApiKey = apiKey } if config.Hostname == "" { log.Fatalf("ERROR: No hostname specified") } else if config.Username == "" && config.ApiKey == "" { log.Fatalf("ERROR: No username specified") } else if config.Password == "" && config.ApiKey == "" { log.Fatalf("ERROR: No password specified") } return config } func main() { var ( err error configFile, hostname, username, password, apiKey string job uint ) log.SetFlags(log.Ldate | log.Ltime | log.Lmicroseconds) flag.StringVar(&configFile, "config", "", "JSON config file with panos connection info") flag.StringVar(&hostname, "host", "", "PAN-OS hostname") flag.StringVar(&username, "user", "", "PAN-OS username") flag.StringVar(&password, "pass", "", "PAN-OS password") flag.StringVar(&apiKey, "key", "", "PAN-OS API key") flag.Parse() config := getCredentials(configFile, hostname, username, password, apiKey) fw := &pango.Firewall{Client: pango.Client{ Hostname: config.Hostname, Username: config.Username, Password: config.Password, ApiKey: config.ApiKey, Protocol: config.Protocol, Port: config.Port, Timeout: config.Timeout, Logging: pango.LogOp | pango.LogAction, }} if err = fw.Initialize(); err != nil { log.Fatalf("Failed: %s", err) } job, err = fw.Commit(flag.Arg(0), true, true, false, true) if err != nil { log.Fatalf("Error in commit: %s", err) } else if job == 0 { log.Printf("No commit needed") } else { log.Printf("Committed config successfully") } } This code reads the hostname, username, and password from the environment variables we set earlier. You will need to do the following to compile and run this code: 1. Open a text editor, add the code above to it and save the file as ``commit.go``. 2. Install the Go libraries for PAN-OS. .. code-block:: bash $ go get github.com/PaloAltoNetworks/pango 3. Compile the source code. .. code-block:: bash $ go build commit.go 4. Run the executable (using your existing environment variables). .. code-block:: bash $ ./commit