Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(falcon_configure): control aid generation wait time and logic #586

Merged
merged 3 commits into from
Dec 13, 2024
Merged

fix(falcon_configure): control aid generation wait time and logic #586

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c3d8aaf
fix(falcon_configure): control aid generation wait time and logic
carlosmmatos Dec 12, 2024
87e383f
chore: add changelog fragment
carlosmmatos Dec 12, 2024
e66bd39
fix(falcon_configure): remove block/rescue and up default retry time
carlosmmatos Dec 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/583-aid-retry.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
bugfixes:
- falcon_configure - fix issue where AID generation task would fail/timeout (https://github.com/CrowdStrike/ansible_collection_falcon/pull/586)
9 changes: 9 additions & 0 deletions roles/falcon_configure/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,15 @@ Configures the CrowdStrike Falcon Sensor. This role is focused mainly on configu

- `falcon_remove_aid` - Remove the Falcon Agent ID (AID) (bool, default: ***null***)

### Linux Specific Variables

- `falcon_aid_retries` - Number of retries to attempt when waiting to retrieve the Falcon Agent ID (AID) (int, default: ***6***)
- `falcon_aid_delay` - Number of seconds to wait between `falcon_aid_retries` when waiting to retrieve the Falcon Agent ID (AID) (int, default: ***10***)

> These variables control the retry behavior when attempting to retrieve the Falcon Agent ID (AID) after configuring
> and restarting the sensor. The default values should work for most, but you may need to increase them in
> environments with slower startup times.

### Windows Specific Variables

- `falcon_windows_become` - Whether to become a privileged user on Windows (bool, default: ***true***)
Expand Down
10 changes: 10 additions & 0 deletions roles/falcon_configure/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,16 @@ falcon_client_secret:
#
falcon_provisioning_token:

######### Wait for AID generation #########
# Number of retries to attempt when waiting to retrieve the Falcon Agent ID (AID)
# after sensor restart.
falcon_aid_retries: 12

# Number of seconds to wait between retries when waiting to retrieve the Falcon Agent ID (AID)
# after sensor restart.
falcon_aid_delay: 10
###########################################

# Falcon requires that a master image remove the Falcon Agent ID (AID). This
# ensures instances spun up from the master receive their own, unique,
# Falcon Agent ID.
Expand Down
9 changes: 4 additions & 5 deletions roles/falcon_configure/tasks/configure.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,13 @@
crowdstrike.falcon.falconctl_info:
name:
- aid
register: info
retries: 6
delay: 10
until: info.falconctl_info.aid
register: get_aid
retries: "{{ falcon_aid_retries | int }}"
delay: "{{ falcon_aid_delay | int }}"
until: get_aid.falconctl_info.aid
when:
- info.falconctl_info.cid
- falconctl_result.changed
# noqa no-handler

# Handle Master Image steps
- name: CrowdStrike Falcon | Master Image Prep | Removing AID
Expand Down
Loading