fix(falcon_configure): remove block/rescue and up default retry time

After much discussion, this is a safer starting point. We will up the default amount of time to waiting for an AID to 2 minutes, but will still allow it to be customizable.
CrowdStrike · Dec 13, 2024 · e66bd39 · e66bd39
1 parent 87e383f
commit e66bd39
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 36 deletions.
diff --git a/roles/falcon_configure/defaults/main.yml b/roles/falcon_configure/defaults/main.yml
@@ -47,7 +47,7 @@ falcon_provisioning_token:
 ######### Wait for AID generation #########
 # Number of retries to attempt when waiting to retrieve the Falcon Agent ID (AID)
 # after sensor restart.
-falcon_aid_retries: 6
+falcon_aid_retries: 12
 
 # Number of seconds to wait between retries when waiting to retrieve the Falcon Agent ID (AID)
 # after sensor restart.

diff --git a/roles/falcon_configure/tasks/configure.yml b/roles/falcon_configure/tasks/configure.yml
@@ -33,44 +33,18 @@
       # noqa args[module]
       # noqa no-handler
 
-    - name: Wait for AID to be generated block
+    # Wait for aid to be generated
+    - name: CrowdStrike Falcon | Wait for Falcon Sensor to Generate AID
+      crowdstrike.falcon.falconctl_info:
+        name:
+          - aid
+      register: get_aid
+      retries: "{{ falcon_aid_retries | int }}"
+      delay: "{{ falcon_aid_delay | int }}"
+      until: get_aid.falconctl_info.aid
       when:
         - info.falconctl_info.cid
         - falconctl_result.changed
-      block:
-        # Wait for aid to be generated
-        - name: CrowdStrike Falcon | Wait for Falcon Sensor to Generate AID
-          crowdstrike.falcon.falconctl_info:
-            name:
-              - aid
-          register: get_aid
-          retries: "{{ falcon_aid_retries | int }}"
-          delay: "{{ falcon_aid_delay | int }}"
-          until: get_aid.falconctl_info.aid
-
-      rescue:
-        - name: CrowdStrike Falcon | Second attempt to get AID
-          crowdstrike.falcon.falconctl_info:
-            name:
-              - aid
-          register: get_aid_retry
-          retries: "{{ falcon_aid_retries | int }}"
-          delay: "{{ falcon_aid_delay | int }}"
-          until: get_aid_retry.falconctl_info.aid
-          ignore_errors: true
-
-        - name: CrowdStrike Falcon | Fail if AID Generation Fails
-          ansible.builtin.fail:
-            msg: "{{ error_msg }}"
-          vars:
-            error_msg:
-              error: "Failed to generate Falcon Sensor AID after multiple attempts."
-              troubleshooting_steps:
-                - "Verify the sensor is properly installed"
-                - "Confirm the CID is correct"
-                - "Check system can reach the CrowdStrike cloud"
-                - "Manually verify AID with: sudo /opt/CrowdStrike/falconctl -g --aid"
-          when: not get_aid_retry.falconctl_info.aid
 
     # Handle Master Image steps
     - name: CrowdStrike Falcon | Master Image Prep | Removing AID