feat(bash install): add ability to prepare the sensor for gold images

Fixes CrowdStrike#355 This PR introduces the ability to now prepare the Falcon sensor to be created as a gold image/template. It also fixes some minor output issues.
carlosmmatos · Aug 16, 2024 · 00181d1 · 00181d1
1 parent 26e4fd2
commit 00181d1
Showing 1 changed file with 43 additions and 3 deletions.
diff --git a/bash/install/falcon-linux-install.sh b/bash/install/falcon-linux-install.sh
@@ -77,11 +77,15 @@ Other Options
     - ALLOW_LEGACY_CURL                 (default: false)
         To use the legacy version of curl; version < 7.55.0.
 
-    - GET_ACCESS_TOKEN                  (default: unset)
+    - GET_ACCESS_TOKEN                  (default: false)
         Prints an access token and exits.
         Requires FALCON_CLIENT_ID and FALCON_CLIENT_SECRET.
         Accepted values are ['true', 'false'].
 
+    - PREP_GOLDEN_IMAGE                 (default: false)
+        To prepare the sensor to be used in a golden image.
+        Accepted values are ['true', 'false'].
+
 EOF
 }
 
@@ -121,7 +125,14 @@ main() {
         cs_sensor_restart
         echo '[ Ok ]'
     fi
-    echo 'Falcon Sensor installed successfully.'
+    if [ "${PREP_GOLDEN_IMAGE}" = "true" ]; then
+        echo -n 'Prepping Golden Image  ... '
+        cs_golden_image_prep
+        echo '[ Ok ]'
+        echo 'Falcon Sensor is ready for golden image creation.'
+    else
+        echo 'Falcon Sensor installed successfully.'
+    fi
 }
 
 cs_sensor_register() {
@@ -171,7 +182,7 @@ cs_sensor_register() {
     fi
     # run the configuration command
     # shellcheck disable=SC2086
-    /opt/CrowdStrike/falconctl -s -f ${cs_falcon_args}
+    /opt/CrowdStrike/falconctl -s -f ${cs_falcon_args} >/dev/null
 }
 
 cs_sensor_is_running() {
@@ -191,6 +202,35 @@ cs_sensor_restart() {
     fi
 }
 
+cs_golden_image_prep() {
+    local wait_time=60
+    local sleep_interval=5
+    local aid
+
+    get_aid() {
+        /opt/CrowdStrike/falconctl -g --aid | awk -F '"' '{print $2}'
+    }
+
+    aid=$(get_aid)
+    while [ -z "$aid" ]; do
+        if [ "$wait_time" -le 0 ]; then
+            echo '[ Failed ]'
+            die "Failed to retrieve existing AID. Please check the sensor status."
+        fi
+        sleep "$sleep_interval"
+        wait_time=$((wait_time - sleep_interval))
+        aid=$(get_aid)
+    done
+
+    # Remove the aid
+    /opt/CrowdStrike/falconctl -d -f --aid >/dev/null
+
+    # Check if a provisioning token was used, if so add it back
+    if [ -n "$cs_falcon_token" ]; then
+        /opt/CrowdStrike/falconctl -s -f --provisioning-token="$cs_falcon_token" >/dev/null
+    fi
+}
+
 cs_sensor_install() {
     local tempdir package_name
     tempdir=$(mktemp -d)