Merge pull request #586 from carlosmmatos/carlosmmatos/issue583

fix(falcon_configure): control aid generation wait time and logic
CrowdStrike · Dec 13, 2024 · daefb46 · daefb46
2 parents 25f64d0 + e66bd39
commit daefb46
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 5 deletions.
diff --git a/changelogs/fragments/583-aid-retry.yml b/changelogs/fragments/583-aid-retry.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - falcon_configure - fix issue where AID generation task would fail/timeout (https://github.com/CrowdStrike/ansible_collection_falcon/pull/586)
diff --git a/roles/falcon_configure/README.md b/roles/falcon_configure/README.md
@@ -32,6 +32,15 @@ Configures the CrowdStrike Falcon Sensor. This role is focused mainly on configu
 
 - `falcon_remove_aid` - Remove the Falcon Agent ID (AID) (bool, default: ***null***)
 
+### Linux Specific Variables
+
+- `falcon_aid_retries` - Number of retries to attempt when waiting to retrieve the Falcon Agent ID (AID) (int, default: ***6***)
+- `falcon_aid_delay` - Number of seconds to wait between `falcon_aid_retries` when waiting to retrieve the Falcon Agent ID (AID) (int, default: ***10***)
+
+> These variables control the retry behavior when attempting to retrieve the Falcon Agent ID (AID) after configuring
+> and restarting the sensor. The default values should work for most, but you may need to increase them in
+> environments with slower startup times.
+
 ### Windows Specific Variables
 
 - `falcon_windows_become` - Whether to become a privileged user on Windows (bool, default: ***true***)

diff --git a/roles/falcon_configure/defaults/main.yml b/roles/falcon_configure/defaults/main.yml
@@ -44,6 +44,16 @@ falcon_client_secret:
 #
 falcon_provisioning_token:
 
+######### Wait for AID generation #########
+# Number of retries to attempt when waiting to retrieve the Falcon Agent ID (AID)
+# after sensor restart.
+falcon_aid_retries: 12
+
+# Number of seconds to wait between retries when waiting to retrieve the Falcon Agent ID (AID)
+# after sensor restart.
+falcon_aid_delay: 10
+###########################################
+
 # Falcon requires that a master image remove the Falcon Agent ID (AID). This
 # ensures instances spun up from the master receive their own, unique,
 # Falcon Agent ID.

diff --git a/roles/falcon_configure/tasks/configure.yml b/roles/falcon_configure/tasks/configure.yml
@@ -38,14 +38,13 @@
       crowdstrike.falcon.falconctl_info:
         name:
           - aid
-      register: info
-      retries: 6
-      delay: 10
-      until: info.falconctl_info.aid
+      register: get_aid
+      retries: "{{ falcon_aid_retries | int }}"
+      delay: "{{ falcon_aid_delay | int }}"
+      until: get_aid.falconctl_info.aid
       when:
         - info.falconctl_info.cid
         - falconctl_result.changed
-      # noqa no-handler
 
     # Handle Master Image steps
     - name: CrowdStrike Falcon | Master Image Prep | Removing AID
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		bugfixes:
		- falcon_configure - fix issue where AID generation task would fail/timeout (https://github.com/CrowdStrike/ansible_collection_falcon/pull/586)