VMware Cloud Community
craigso
Enthusiast
Enthusiast
Jump to solution

Pass endpoint as an input to a vRO action or workflow to access properties

Hello,

Thank you for taking the time to read this post!

I'm currently writing some code to make an API call to an IPAM solution. We've got this working as part of our IPAM integration using the IPAM plugin. The problem is these values are passed via the IPAM plugin using a composite type input which we can't replicate with an input type. We would like to make a few API calls from a blueprint to get things like current address space consumption and present that to a user.

We have an endpoint registered in vRO that holds specific properties for example, username, password, api url, auth key, and other properties. We would like to add this endpoint to an action or workflow to allow access to these properties via Endpoint.Username, Endpoint.Password, etc.

Has anyone accomplished this? Or have an idea how we might be able to do this with out existing Endpoint in vRO?

Thank you!

1 Solution

Accepted Solutions
iiliev
VMware Employee
VMware Employee
Jump to solution

OK, the selected node shown on the screenshot is of type vCACCAFE:Endpoint  (scripting type vCACCAFEEndpoint)

If you know the ID of your concrete endpoint, you can retrieve it from vRO using a code like the following (which tries to find the endpoint and then prints its name):

var endpointId = "7a6..."; // the ID of your endpoint

var endpoint = Server.findForType("vCACCAFE:Endpoint", endpointId);

if (endpoint == null) {

   throw "Endpoint not found!";

}

System.log("Endpoint name: " + endpoint.name);

If you don't know the ID of the concrete endpoint, you can enumerate all available endpoints with code like the following:

var endpoints = Server.findAllForType("vCACCAFE:Endpoint");

if (endpoints == null) {

  throw "Endpoints not found!";

}

for each (var endpoint in endpoints) {

  System.log("Endpoint name: " + endpoint.name);

}

View solution in original post

Reply
0 Kudos
18 Replies
craigso
Enthusiast
Enthusiast
Jump to solution

Another acceptable method would be to somehow pass the endpoint data into action or workflow, this might even be preferred as this is how the IPAM workflow work.

Reply
0 Kudos
bdamian
Expert
Expert
Jump to solution

Hi, craigso,

I don't quite understand your needs.

You want a vRO Action and you want to call this action to retrieve some data from an Endpoint.

From where do you want to call this action?

Could you give me more details?

---
Damián Bacalov
vExpert 2017-2023 (7 years)
https://www.linkedin.com/in/damianbacalov/
https://tecnologiaimasd.blogspot.com/
twitter @bdamian
Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

Sure! Sorry I was not clear before.

The goal would be to call this action from a blueprint via a dropdown. Either using a custom form or standard form. The goal is to fetch the networks (we've got this part) then call the action to get stats on the selected subnet via IPAM API call, similar to what's shown below. We would be calling this action using an external source to call the action.

pastedImage_0.png

Now we could hard code all this information into the action, but that wouldn't be ideal. We need some way to lookup the network profile from vRO to pull the endpoint, then get the details that way. Alternatively, we could also try to add the endpoint directly, as an input. That might not be ideal either, but would be slightly better than hard coding into the action.

Hopefully that clears it up a bit. Please let me know if I can explain anything else in more detail.

Reply
0 Kudos
iiliev
VMware Employee
VMware Employee
Jump to solution

Still not sure where and how you want to call the action, but perhaps you can use an action input parameter of type Properties.

The keys would be the names of the data properties you want to pass, and the values would be the actual values of these properties. Something like the following:

var props = new Properties();

props.put("endpointUsername", "myusername");

props.put("endpointPassword", "mysecret");

props.put("apiUrl", "https://someurl/address");

props.put("authKey", "key-0123456789");

// then pass props object as an input to your action

Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

Thank you for the reply. My apologies for not being clear. And perhaps this is the wrong approach, let me try to fill in where I can.

I'd like to call the action from the blueprint. I'm not set on how this will be done, but I've done it in the past by using an external source on a form element like this:

pastedImage_0.png

The goal is that when a user is provisioning a VM and when they select a network from a blueprint dropdown item, it will calculate the real time utilization of the selected IP range by calling an action or workflow from vRO and then present that back to the user on the request form. There may be better ways to do this, I'm not opposed to any of them, this just happens to be the way I'm familiar with.

The input of properties would probably work, but it would still be hard coded in a sense. Am I understanding that correctly? My teams goal is to pull this from existing data within vRO. Here is the endpoint in vRO which a has all the data we need.

pastedImage_1.png

Again, thank you for taking the time to reply. Any input here is very much appreciated!

Reply
0 Kudos
iiliev
VMware Employee
VMware Employee
Jump to solution

OK, the selected node shown on the screenshot is of type vCACCAFE:Endpoint  (scripting type vCACCAFEEndpoint)

If you know the ID of your concrete endpoint, you can retrieve it from vRO using a code like the following (which tries to find the endpoint and then prints its name):

var endpointId = "7a6..."; // the ID of your endpoint

var endpoint = Server.findForType("vCACCAFE:Endpoint", endpointId);

if (endpoint == null) {

   throw "Endpoint not found!";

}

System.log("Endpoint name: " + endpoint.name);

If you don't know the ID of the concrete endpoint, you can enumerate all available endpoints with code like the following:

var endpoints = Server.findAllForType("vCACCAFE:Endpoint");

if (endpoints == null) {

  throw "Endpoints not found!";

}

for each (var endpoint in endpoints) {

  System.log("Endpoint name: " + endpoint.name);

}

Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

oh great!

I'll give this a shot now and report back!

Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

So I can access some of the properties of the endpoint, but appears only the properties listed here: pastedImage_0.png

The data I need is in extensionData which I don't seem to have access to still, or I simply don't know how to access it. I tried printing it out and also tried JSON.stringify(endpoint.extensionData));

Also I found using the input type of vCACCAFE:Endpoint as you mentioned below, then selecting the endpoint, I get the same results.

There is a chance this could work, if we can access and use the data in extensionData.

Reply
0 Kudos
iiliev
VMware Employee
VMware Employee
Jump to solution

The extensionData attribute is of type vCACCAFELiteralMap. Check here what is does look like - http://vroapi.com/Class/vCACCAFE/7.5.0/vCACCAFELiteralMap

Here is some code showing how to enumerate all keys/values in this map:

var edata = endpoint.extensionData;

var keys = edata.keySet();

System.log("Keys: " + keys); 

for each (var key in keys) {

    System.log("key: " + key + "   value: " + edata.get(key)); 

}

Note that each value returned by edata.get() call above is of type that is a descendant of vCACCAFELiteral; for example, vCACCAFEStringLiteral. You can browse the definitions of these literal types at the site above.

bdamian
Expert
Expert
Jump to solution

Hi, if I understand correctly, you have a dropdown for the user to select the network. Once selected, you want to show the status of that network. Is that right?

If this is the problem, you can use a single dropdown for all that. You can create a drop down with options like this: "192.168.0.1 (65% full)" but the value of the selected option could be "192.168.0.1".

It make sense?

---
Damián Bacalov
vExpert 2017-2023 (7 years)
https://www.linkedin.com/in/damianbacalov/
https://tecnologiaimasd.blogspot.com/
twitter @bdamian
craigso
Enthusiast
Enthusiast
Jump to solution

Yes, this does make sense and I think we are leaning towards doing exactly this.

Post upgrading to vRA 7.5 we are having an issue calling the getApplicableNetworks action from a dropdown. We have a ticket open regarding this issue, once thats resolved I'll be sure to update this post and mark the correct answer appropriately.

Thanks for your help so far,

Reply
0 Kudos
bdamian
Expert
Expert
Jump to solution

I've rewrite "getApplicableNetworks" action several times. The original version shows applicable networks for the user and not for the Business Group.

I'm glad I could help.

---
Damián Bacalov
vExpert 2017-2023 (7 years)
https://www.linkedin.com/in/damianbacalov/
https://tecnologiaimasd.blogspot.com/
twitter @bdamian
Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

We are taking this approach to grab the endpoint and it's properties. We are having issues getting the string value for the secureStrings though. For some reason we can't use the data. Is there something special about the secureString type?

We can get the name, URL, etc.

Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

iiliev

So we've gone down the path of enumerating though the vCACCAFELiteralMap and we are able to get most of the data. One issue we are having is getting the password, it's a SecureString. For some reason we can't get the actual value of this from the endpoint property. Here is what is returned when we get the the password property. Is there some method of actual showing the value? or.. more importantly we don't care to see what the password is, we just need to be able to pass it to an API for authorization. Are there additional steps needed to use this secure string?

Line 18 prints:

DynamicWrapper (Instance) : [vCACCAFESecureStringLiteral]-[class com.vmware.vcac.platform.content.literals.SecureStringLiteral] -- VALUE : SecureString[********]

Here is the enumeration code:

var endpoints = Server.findAllForType("vCACCAFE:Endpoint"); 

if (endpoints == null) { 

     throw "Endpoints not found!"; 

for each (var endpoint in endpoints) { 

     if(endpoint.name == 'nsdb1'){

          var edata = endpoint.extensionData; 

          var keys = edata.keySet();

          var dns = edata.get('SecondaryDNS');

          System.log('DNS: ' + dns.getValue());

          var apiURL = edata.get('address');

          System.log(apiURL);

          var apiUsername = edata.get('username');

          var pw = edata.get('password');

          var apiPassword = pw ;

          System.log(apiPassword);

          var apiApikey = edata.get('apikey');

          System.log('API: ' + apiApikey);

          System.log("Keys: " + keys);   

          for each (var key in keys) { 

               System.log("key: " + key + "   value: " + edata.get(key));   

          } 

     } 

iiliev
VMware Employee
VMware Employee
Jump to solution

As far as I know, there is no public scripting API to decrypt SecureStringLiteral values.

Reply
0 Kudos
craigso
Enthusiast
Enthusiast
Jump to solution

Thank you. After talking with support they confirmed they weren't able to do it either.

We are looking for another way. We know it's possible to pass an endpoint then grab the values. The VMware IPAM plugin SDK passes the endpoint to our workflows. We just don't understand how the VMware IPAM plugin works enough to reverse engineer the behavior. Still a work in progress.

Reply
0 Kudos
Paul_SI
Enthusiast
Enthusiast
Jump to solution

Hi iiliev​,

Sorry to crosspost, but I'm really cracking my head here on this :smileyconfused:  Could you perhaps take a look at: Change vCenter location during blueprint requested fase

I'm trying to change the EndpointId during the deployment of the VM, so that the VM is deployed to another vCenter instead of the one related to that reservation.

Regards, Paul

Reply
0 Kudos
iiliev
VMware Employee
VMware Employee
Jump to solution

Hi Paul,

I took a look, but my knowledge on vRA API is fairly limited, so I'm not sure if such change is possible and if yes, how it can be done.

Reply
0 Kudos