Merge pull request #10 from redhatrises/enable_windows

feat: enable sensor install on windows

.github/workflows/release.yml

@@ -11,7 +11,7 @@ permissions:
   contents: write
 
 env:
-  TAG: ${{ github.event.release.tag_name }} 
+  TAG: ${{ github.event.release.tag_name }}
 
 jobs:
   release:
@@ -33,12 +33,20 @@ jobs:
       - name: Download falcon-installer
         run: |
           REL=$(basename $(curl -Ls -o /dev/null -w %{url_effective} https://github.com/CrowdStrike/falcon-installer/releases/latest) | sed s/v//g)
+
+          # Add Linux installer
           curl -sSLo falcon-installer-linux-x86_64.tar.gz https://github.com/CrowdStrike/falcon-installer/releases/latest/download/falcon-installer-${REL}-linux-x86_64.tar.gz
-          tar -xzf falcon-installer-linux-x86_64.tar.gz
-          chmod +x falcon-installer && rm -f falcon-installer-linux-x86_64.tar.gz
-          cp -p falcon-installer final_blobs/falcon-installer
+          tar -xzf falcon-installer-linux-x86_64.tar.gz -C final_blobs/
+          chmod +x final_blobs/falcon-installer && rm -f falcon-installer-linux-x86_64.tar.gz
           bosh add-blob final_blobs/falcon-installer falcon-installer
-          rm final_blobs/falcon-installer
+
+          # Add Windows installer
+          curl -sSLo falcon-installer-windows-x86_64.zip https://github.com/CrowdStrike/falcon-installer/releases/latest/download/falcon-installer-${REL}-windows-x86_64.zip
+          unzip -o falcon-installer-windows-x86_64.zip -d final_blobs/
+          chmod +x final_blobs/falcon-installer.exe && rm -f falcon-installer-windows-x86_64.zip
+          bosh add-blob final_blobs/falcon-installer.exe falcon-installer.exe
+
+          rm final_blobs/{falcon-installer,falcon-installer.exe,README.md,LICENSE}
 
       - name: Set Release Version
         run: |

config/final.yml

@@ -1,7 +1,6 @@
-name: falcon-linux-sensor
+name: falcon-sensor
 
 blobstore:
   provider: local
   options:
     blobstore_path: final_blobs
-

jobs/falcon-linux-sensor/spec

@@ -13,7 +13,7 @@ properties:
   oauth.client_secret:
     description: Falcon OAuth Client Secret
   oauth.cloud:
-    description: Falcon Cloud
+    description: Falcon Cloud Region
   falcon.cid:
     description: Falcon Customer ID (CID) with Checksum (Optional)
   falcon.apd:

jobs/falcon-windows-sensor/spec

@@ -0,0 +1,34 @@
+---
+name: falcon-windows-sensor
+
+templates:
+  bin/pre-start.ps1.erb: bin/pre-start.ps1
+
+packages:
+  - falcon-windows-sensor
+
+properties:
+  oauth.client_id:
+    description: Falcon OAuth Client ID
+  oauth.client_secret:
+    description: Falcon OAuth Client Secret
+  oauth.cloud:
+    description: Falcon Cloud Region
+  falcon.cid:
+    description: Falcon Customer ID (CID) with Checksum (Optional)
+  falcon.apd:
+    description: Configures if the proxy should be enabled or disabled, By default, the proxy is enabled.
+  falcon.aph:
+    description: The proxy host for the sensor to use when communicating with CrowdStrike
+  falcon.app:
+    description: The proxy port for the sensor to use when communicating with CrowdStrike
+  falcon.provisioning_token:
+    description: The provisioning token to use for installing the sensor
+  falcon.provisioning_wait_time:
+    description: The time in milliseconds to wait for the sensor to be provisioned
+  falcon.tags:
+    description: "Sensor grouping tags are optional, user-defined identifiers that can used to group and filter hosts. Allowed characters: all alphanumerics, '/', '-', and '_'."
+  falcon.sensor_update_policy:
+    description: Name of the sensor update policy.
+  version:
+    description: Bosh release version

jobs/falcon-windows-sensor/templates/bin/pre-start.ps1.erb

@@ -0,0 +1,38 @@
+$FALCON_ARGS=""
+<% if p("falcon.cid", nil) -%>
+    $FALCON_ARGS += " --cid=<%= p('falcon.cid') %>"
+<% end -%>
+<% if p("falcon.apd", nil) -%>
+    $FALCON_ARGS += " --apd=<%= p('falcon.apd') %>"
+<% end -%>
+<% if p("falcon.app", nil) -%>
+    $FALCON_ARGS += " --app=<%= p('falcon.app') %>"
+<% end -%>
+<% if p("falcon.aph", nil) -%>
+    $FALCON_ARGS += " --aph=<%= p('falcon.aph') %>"
+<% end -%>
+<% if p("falcon.provisioning_token", nil) -%>
+    $FALCON_ARGS += " --provisioning_token=<%= p('falcon.provisioning_token') %>"
+<% end -%>
+<% if p("falcon.provisioning_wait_time", nil) -%>
+    $FALCON_ARGS += " --provisioning_wait_time=<%= p('falcon.provisioning_wait_time') %>"
+<% end -%>
+<% if p("falcon.tags", nil) -%>
+    $FALCON_ARGS += " --tags=<%= p('falcon.tags') %>"
+<% end -%>
+
+if (-Not (Get-Service | Where-Object { $_.Name -eq 'CSFalconService' })) {
+    $FALCON_ARGS += " --client-id=<%= p('oauth.client_id') %>"
+    $FALCON_ARGS += " --client-secret=<%= p('oauth.client_secret') %>"
+    <% if p("oauth.cloud", nil) -%>
+    $FALCON_ARGS += " --cloud=<%= p('oauth.cloud') %>"
+    <% end -%>
+    <% if p("falcon.sensor_update_policy", nil) -%>
+    $FALCON_ARGS += " --sensor-update-policy=<%= p('falcon.sensor_update_policy') %>"
+    <% end -%>
+
+    $FALCON_ARGS += " --user-agent=falcon-boshrelease/<%= p('version') %> --verbose --enable-logging --tmpdir C:\var\vcap\sys\log\falcon-windows-sensor"
+
+    $process = (Start-Process -FilePath "C:\var\vcap\packages\falcon-windows-sensor\falcon-installer.exe" -ArgumentList $FALCON_ARGS -PassThru -NoNewWindow)
+    Wait-Process -Id $process.Id
+}

packages/falcon-windows-sensor/packaging

@@ -0,0 +1,3 @@
+$BOSH_INSTALL_TARGET = Resolve-Path "${env:BOSH_INSTALL_TARGET}"
+New-Item -ItemType "directory" -Force "${BOSH_INSTALL_TARGET}"
+copy "falcon-installer.exe" "${BOSH_INSTALL_TARGET}"

packages/falcon-windows-sensor/spec

@@ -0,0 +1,7 @@
+---
+name: falcon-windows-sensor
+
+dependencies: []
+
+files:
+  - falcon-installer.exe

tile.yml

@@ -20,6 +20,9 @@ properties:
   type: string
   label: Author
   value: CrowdStrike
+- name: version
+  type: string
+  value: 1.1.0
 
 # Specify the packages to be included in your tile.
 # The format of the section to include depends on the type
@@ -38,7 +41,6 @@ packages:
 #   command: python app.py
 #   memory: 256M
 
-
 # New bosh release package with standalone job
 # - name: my-bosh-release
 #   type: bosh-release
@@ -71,17 +73,13 @@ packages:
 #   default: specify a value
 #   label: Label for the field on the GUI
 #   description: Longer description of the field's purpose
-properties:
-- name: version
-  type: string
-  value: 1.1.0
 
 # Uncomment this section if you want to display forms with configurable
 # properties in Ops Manager. These properties will be passed to your
 # applications as environment variables. You can also refer to them
 # elsewhere in this template by using:
 #     (( .properties.<property-name> ))
-# 
+#
 # forms:
 # - name: buildpack_properties
 #   label: Buildpack
@@ -101,21 +99,21 @@ forms:
     type: string
     label: OAuth Client ID
     constraints:
-    - must_match_regex: '^[a-fA-F0-9]{32}$'
-      error_message: 'Invalid OAuth Client ID format. Please use a valid OAuth Client ID.'
+    - must_match_regex: "^[a-fA-F0-9]{32}$"
+      error_message: "Invalid OAuth Client ID format. Please use a valid OAuth Client ID."
   - name: client_secret
     type: secret
     label: OAuth Client Secret
     constraints:
-    - must_match_regex: '^[a-zA-Z0-9]{40}$'
-      error_message: 'Invalid OAuth Client Secret format. Please use a valid OAuth Client Secret.'
+    - must_match_regex: "^[a-zA-Z0-9]{40}$"
+      error_message: "Invalid OAuth Client Secret format. Please use a valid OAuth Client Secret."
   - name: cloud
     type: string
-    label: Falcon Cloud Region (e.g. us-1, us-2, eu-1, gov1)
+    label: Falcon Cloud Region (e.g. us-1, us-2, eu-1, gov1). Default is autodiscover.
     optional: true
     constraints:
-    - must_match_regex: '^(us-1|us-2|eu-1|gov1|)$'
-      error_message: 'Invalid CrowdStrike region. Please provide a valid region or remove the entry for autodiscover.'
+    - must_match_regex: "^(us-1|us-2|eu-1|gov1|)$"
+      error_message: "Invalid CrowdStrike region. Please provide a valid region or remove the entry for autodiscover."
 
 - name: falcon
   label: Falcon Sensor Settings
@@ -127,8 +125,8 @@ forms:
     description: Falcon Customer ID (CID) with Checksum (Optional)
     optional: true
     constraints:
-    - must_match_regex: '^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$'
-      error_message: 'Invalid CID format. Please use a valid CID with checksum.'
+    - must_match_regex: "^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$"
+      error_message: "Invalid CID format. Please use a valid CID with checksum."
   - name: apd
     type: string
     label: Disable Proxy
@@ -150,8 +148,16 @@ forms:
     description: The provisioning token to use for installing the sensor
     optional: true
     constraints:
-    - must_match_regex: '^[0-9a-fA-F]{8}$'
-      error_message: 'Invalid Provisioning Token format. Please use a valid Provisioning Token.'
+    - must_match_regex: "^[0-9a-fA-F]{8}$"
+      error_message: "Invalid Provisioning Token format. Please use a valid Provisioning Token."
+  - name: provisioning_wait_time
+    type: string
+    label: Provisioning Wait Time (Windows Only)
+    description: Time to wait, in milliseconds, for sensor to provision
+    optional: true
+    constraints:
+    - must_match_regex: "^[0-9]*$"
+      error_message: "Invalid Provisioning Wait Time format. Please use a valid Provisioning Wait Time in milliseconds."
   - name: tags
     type: string
     label: Tags
@@ -210,16 +216,16 @@ forms:
 # or added to the tile separately using a package of type bosh-release.
 
 runtime_configs:
-- name: falcon-linux-sensor-config
+- name: falcon-sensor-config
   runtime_config:
     releases:
-    - name: falcon-linux-sensor
+    - name: falcon-sensor
       version: (( .properties.version.value ))
     addons:
     - name: falcon-linux-sensor
       jobs:
       - name: falcon-linux-sensor
-        release: falcon-linux-sensor
+        release: falcon-sensor
         properties:
           oauth:
             client_id: (( .properties.client_id.value ))
@@ -240,3 +246,29 @@ runtime_configs:
         - os: ubuntu-bionic
         - os: ubuntu-xenial
         - os: ubuntu-trusty
+
+    - name: falcon-windows-sensor
+      jobs:
+      - name: falcon-windows-sensor
+        release: falcon-sensor
+        properties:
+          oauth:
+            client_id: (( .properties.client_id.value ))
+            client_secret: (( .properties.client_secret.value ))
+            cloud: (( .properties.cloud.value ))
+          falcon:
+            cid: (( .properties.cid.value ))
+            apd: (( .properties.apd.value ))
+            aph: (( .properties.aph.value ))
+            app: (( .properties.app.value ))
+            provisioning_token: (( .properties.provisioning_token.value ))
+            provisioning_wait_time: (( .properties.provisioning_wait_time.value ))
+            tags: (( .properties.tags.value ))
+            sensor_update_policy: (( .properties.sensor_update_policy.value ))
+          version: (( .properties.version.value ))
+      include:
+        stemcell:
+        - os: windows2012R2
+        - os: windows2016
+        - os: windows1803
+        - os: windows2019