From 20a7946dfcf2ba3d20a6cd60c729c1da906af3d9 Mon Sep 17 00:00:00 2001 From: Carlos Matos Date: Wed, 4 Dec 2024 15:57:13 -0500 Subject: [PATCH 1/2] fix(falcon_install): fixes issue with deleting sensor when running localhost Fixes #578 This PR addresses the issue of prematurely deleting the downloaded sensor file prior to installation. We have removed the logic to it's own task file that runs at the end of the play. --- roles/falcon_install/tasks/api.yml | 11 ----------- roles/falcon_install/tasks/cleanup.yml | 10 ++++++++++ roles/falcon_install/tasks/main.yml | 7 +++++++ 3 files changed, 17 insertions(+), 11 deletions(-) create mode 100644 roles/falcon_install/tasks/cleanup.yml diff --git a/roles/falcon_install/tasks/api.yml b/roles/falcon_install/tasks/api.yml index f4264b95..028f521d 100644 --- a/roles/falcon_install/tasks/api.yml +++ b/roles/falcon_install/tasks/api.yml @@ -98,17 +98,6 @@ register: win_falcon_sensor_copied when: ansible_os_family == "Windows" -- name: CrowdStrike Falcon | Remove Downloaded Sensor Installation directory (local) - ansible.builtin.file: - path: "{{ item }}" - state: absent - changed_when: false - delegate_to: localhost - loop: - - "{{ falcon_sensor_download.path }}" - - "{{ falcon_sensor_download.path + '.lock' }}" - when: falcon_api_sensor_download_cleanup - - name: CrowdStrike Falcon | Set full file download path (non-windows) ansible.builtin.set_fact: falcon_sensor_pkg: "{{ falcon_sensor_copied.dest }}" diff --git a/roles/falcon_install/tasks/cleanup.yml b/roles/falcon_install/tasks/cleanup.yml new file mode 100644 index 00000000..5f629739 --- /dev/null +++ b/roles/falcon_install/tasks/cleanup.yml @@ -0,0 +1,10 @@ +- name: CrowdStrike Falcon | Remove Downloaded Sensor Installation directory (local) + ansible.builtin.file: + path: "{{ item }}" + state: absent + changed_when: false + delegate_to: localhost + loop: + - "{{ falcon_sensor_download.path }}" + - "{{ falcon_sensor_download.path + '.lock' }}" + when: falcon_api_sensor_download_cleanup diff --git a/roles/falcon_install/tasks/main.yml b/roles/falcon_install/tasks/main.yml index 7682ce18..77f2af7f 100644 --- a/roles/falcon_install/tasks/main.yml +++ b/roles/falcon_install/tasks/main.yml @@ -50,3 +50,10 @@ block: - ansible.builtin.include_tasks: win_install.yml # noqa name[missing] + +- name: Cleanup block + when: + - falcon_install_method == "api" + block: + - ansible.builtin.include_tasks: cleanup.yml + # noqa name[missing] From cd6fc170cc1399daf94b2d89ef9581ac55dfb2cc Mon Sep 17 00:00:00 2001 From: Carlos Matos Date: Wed, 4 Dec 2024 16:11:21 -0500 Subject: [PATCH 2/2] chore: add changelog and some gitignore stuff --- .gitignore | 2 ++ changelogs/fragments/578-localhost-deletion.yml | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 changelogs/fragments/578-localhost-deletion.yml diff --git a/.gitignore b/.gitignore index b4beecfb..81024721 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,5 @@ __pycache__/ /.vscode html/ ansible.cfg +Vagrantfile +.vagrant/ diff --git a/changelogs/fragments/578-localhost-deletion.yml b/changelogs/fragments/578-localhost-deletion.yml new file mode 100644 index 00000000..d967c02b --- /dev/null +++ b/changelogs/fragments/578-localhost-deletion.yml @@ -0,0 +1,2 @@ +bugfixes: + - falcon_install - fixes issue with premature localhost deletion of downloaded sensor (https://github.com/CrowdStrike/ansible_collection_falcon/pull/584)