Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(sensor_download): add file operation support to module #485

Merged
merged 3 commits into from
Apr 6, 2024
Merged

fix(sensor_download): add file operation support to module #485

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
642b462
fix(sensor_download): add file operation support to module
carlosmmatos Apr 6, 2024
42d06b3
chore: add changelog fragment
carlosmmatos Apr 6, 2024
1a1eb9c
Updated example and fixed fragment
carlosmmatos Apr 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/add-file-ops-sensor-download.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
bugfixes:
- sensor_download: added the ability to set file permissions on downloaded files (https://github.com/CrowdStrike/ansible_collection_falcon/pull/485)
29 changes: 27 additions & 2 deletions plugins/modules/sensor_download.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@
required: false

extends_documentation_fragment:
- files
- crowdstrike.falcon.credentials
- crowdstrike.falcon.credentials.auth

Expand All @@ -65,6 +66,13 @@
hash: "1234567890123456789012345678901234567890123456789012345678901234"
dest: "/tmp/windows"
name: falcon-sensor.exe

- name: Download the Falcon Sensor Installer to a temporary directory and set permissions
crowdstrike.falcon.sensor_download:
hash: "1234567890123456789012345678901234567890123456789012345678901234"
mode: "0755"
carlosmmatos marked this conversation as resolved.
Show resolved Hide resolved
owner: "root"
group: "root"
"""

RETURN = r"""
Expand Down Expand Up @@ -112,10 +120,18 @@ def argspec():
return args


def update_permissions(module, changed, path):
"""Update the permissions on the file if needed."""
file_args = module.load_file_common_arguments(module.params, path=path)

return module.set_fs_attributes_if_different(file_args, changed=changed)


def main():
"""Entry point for module execution."""
module = AnsibleModule(
argument_spec=argspec(),
add_file_common_args=True,
supports_check_mode=True,
)

Expand Down Expand Up @@ -165,9 +181,15 @@ def main():
# Compare sha256 hashes to see if any changes have been made
dest_hash = module.sha256(path)
if dest_hash == sensor_hash:
# File already exists and is the same
# File already exists and content is the same. Update permissions if needed.
msg = "File already exists and content is the same."

if update_permissions(module, result["changed"], path):
msg += " Permissions were updated."
result.update(changed=True)

module.exit_json(
msg="File already exists and content is the same.",
msg=msg,
path=path,
**result,
)
Expand All @@ -193,6 +215,9 @@ def main():
with open(path, "wb") as save_file:
save_file.write(download)

# Set permissions on the file
update_permissions(module, result["changed"], path)

result.update(path=path)
module.exit_json(**result)
else:
Expand Down
Loading