diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d22ab96..0bb76f6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ permissions: contents: write env: - TAG: ${{ github.event.release.tag_name }} + TAG: ${{ github.event.release.tag_name }} jobs: release: @@ -33,12 +33,20 @@ jobs: - name: Download falcon-installer run: | REL=$(basename $(curl -Ls -o /dev/null -w %{url_effective} https://github.com/CrowdStrike/falcon-installer/releases/latest) | sed s/v//g) + + # Add Linux installer curl -sSLo falcon-installer-linux-x86_64.tar.gz https://github.com/CrowdStrike/falcon-installer/releases/latest/download/falcon-installer-${REL}-linux-x86_64.tar.gz - tar -xzf falcon-installer-linux-x86_64.tar.gz - chmod +x falcon-installer && rm -f falcon-installer-linux-x86_64.tar.gz - cp -p falcon-installer final_blobs/falcon-installer + tar -xzf falcon-installer-linux-x86_64.tar.gz -C final_blobs/ + chmod +x final_blobs/falcon-installer && rm -f falcon-installer-linux-x86_64.tar.gz bosh add-blob final_blobs/falcon-installer falcon-installer - rm final_blobs/falcon-installer + + # Add Windows installer + curl -sSLo falcon-installer-windows-x86_64.zip https://github.com/CrowdStrike/falcon-installer/releases/latest/download/falcon-installer-${REL}-windows-x86_64.zip + unzip -o falcon-installer-windows-x86_64.zip -d final_blobs/ + chmod +x final_blobs/falcon-installer.exe && rm -f falcon-installer-windows-x86_64.zip + bosh add-blob final_blobs/falcon-installer.exe falcon-installer.exe + + rm final_blobs/{falcon-installer,falcon-installer.exe,README.md,LICENSE} - name: Set Release Version run: | diff --git a/config/final.yml b/config/final.yml index 09c72b8..5b37fd8 100644 --- a/config/final.yml +++ b/config/final.yml @@ -1,7 +1,6 @@ -name: falcon-linux-sensor +name: falcon-sensor blobstore: provider: local options: blobstore_path: final_blobs - diff --git a/jobs/falcon-linux-sensor/spec b/jobs/falcon-linux-sensor/spec index 260cb04..1ef20ee 100755 --- a/jobs/falcon-linux-sensor/spec +++ b/jobs/falcon-linux-sensor/spec @@ -13,7 +13,7 @@ properties: oauth.client_secret: description: Falcon OAuth Client Secret oauth.cloud: - description: Falcon Cloud + description: Falcon Cloud Region falcon.cid: description: Falcon Customer ID (CID) with Checksum (Optional) falcon.apd: diff --git a/jobs/falcon-windows-sensor/monit b/jobs/falcon-windows-sensor/monit new file mode 100755 index 0000000..e69de29 diff --git a/jobs/falcon-windows-sensor/spec b/jobs/falcon-windows-sensor/spec new file mode 100755 index 0000000..a625cfd --- /dev/null +++ b/jobs/falcon-windows-sensor/spec @@ -0,0 +1,34 @@ +--- +name: falcon-windows-sensor + +templates: + bin/pre-start.ps1.erb: bin/pre-start.ps1 + +packages: + - falcon-windows-sensor + +properties: + oauth.client_id: + description: Falcon OAuth Client ID + oauth.client_secret: + description: Falcon OAuth Client Secret + oauth.cloud: + description: Falcon Cloud Region + falcon.cid: + description: Falcon Customer ID (CID) with Checksum (Optional) + falcon.apd: + description: Configures if the proxy should be enabled or disabled, By default, the proxy is enabled. + falcon.aph: + description: The proxy host for the sensor to use when communicating with CrowdStrike + falcon.app: + description: The proxy port for the sensor to use when communicating with CrowdStrike + falcon.provisioning_token: + description: The provisioning token to use for installing the sensor + falcon.provisioning_wait_time: + description: The time in milliseconds to wait for the sensor to be provisioned + falcon.tags: + description: "Sensor grouping tags are optional, user-defined identifiers that can used to group and filter hosts. Allowed characters: all alphanumerics, '/', '-', and '_'." + falcon.sensor_update_policy: + description: Name of the sensor update policy. + version: + description: Bosh release version diff --git a/jobs/falcon-windows-sensor/templates/bin/pre-start.ps1.erb b/jobs/falcon-windows-sensor/templates/bin/pre-start.ps1.erb new file mode 100755 index 0000000..603683d --- /dev/null +++ b/jobs/falcon-windows-sensor/templates/bin/pre-start.ps1.erb @@ -0,0 +1,38 @@ +$FALCON_ARGS="" +<% if p("falcon.cid", nil) -%> + $FALCON_ARGS += " --cid=<%= p('falcon.cid') %>" +<% end -%> +<% if p("falcon.apd", nil) -%> + $FALCON_ARGS += " --apd=<%= p('falcon.apd') %>" +<% end -%> +<% if p("falcon.app", nil) -%> + $FALCON_ARGS += " --app=<%= p('falcon.app') %>" +<% end -%> +<% if p("falcon.aph", nil) -%> + $FALCON_ARGS += " --aph=<%= p('falcon.aph') %>" +<% end -%> +<% if p("falcon.provisioning_token", nil) -%> + $FALCON_ARGS += " --provisioning_token=<%= p('falcon.provisioning_token') %>" +<% end -%> +<% if p("falcon.provisioning_wait_time", nil) -%> + $FALCON_ARGS += " --provisioning_wait_time=<%= p('falcon.provisioning_wait_time') %>" +<% end -%> +<% if p("falcon.tags", nil) -%> + $FALCON_ARGS += " --tags=<%= p('falcon.tags') %>" +<% end -%> + +if (-Not (Get-Service | Where-Object { $_.Name -eq 'CSFalconService' })) { + $FALCON_ARGS += " --client-id=<%= p('oauth.client_id') %>" + $FALCON_ARGS += " --client-secret=<%= p('oauth.client_secret') %>" + <% if p("oauth.cloud", nil) -%> + $FALCON_ARGS += " --cloud=<%= p('oauth.cloud') %>" + <% end -%> + <% if p("falcon.sensor_update_policy", nil) -%> + $FALCON_ARGS += " --sensor-update-policy=<%= p('falcon.sensor_update_policy') %>" + <% end -%> + + $FALCON_ARGS += " --user-agent=falcon-boshrelease/<%= p('version') %> --verbose --enable-logging --tmpdir C:\var\vcap\sys\log\falcon-windows-sensor" + + $process = (Start-Process -FilePath "C:\var\vcap\packages\falcon-windows-sensor\falcon-installer.exe" -ArgumentList $FALCON_ARGS -PassThru -NoNewWindow) + Wait-Process -Id $process.Id +} diff --git a/packages/falcon-windows-sensor/packaging b/packages/falcon-windows-sensor/packaging new file mode 100755 index 0000000..94973d3 --- /dev/null +++ b/packages/falcon-windows-sensor/packaging @@ -0,0 +1,3 @@ +$BOSH_INSTALL_TARGET = Resolve-Path "${env:BOSH_INSTALL_TARGET}" +New-Item -ItemType "directory" -Force "${BOSH_INSTALL_TARGET}" +copy "falcon-installer.exe" "${BOSH_INSTALL_TARGET}" diff --git a/packages/falcon-windows-sensor/spec b/packages/falcon-windows-sensor/spec new file mode 100755 index 0000000..30aa03e --- /dev/null +++ b/packages/falcon-windows-sensor/spec @@ -0,0 +1,7 @@ +--- +name: falcon-windows-sensor + +dependencies: [] + +files: + - falcon-installer.exe diff --git a/tile.yml b/tile.yml index d2024a2..a23c785 100644 --- a/tile.yml +++ b/tile.yml @@ -20,6 +20,9 @@ properties: type: string label: Author value: CrowdStrike +- name: version + type: string + value: 1.1.0 # Specify the packages to be included in your tile. # The format of the section to include depends on the type @@ -38,7 +41,6 @@ packages: # command: python app.py # memory: 256M - # New bosh release package with standalone job # - name: my-bosh-release # type: bosh-release @@ -71,17 +73,13 @@ packages: # default: specify a value # label: Label for the field on the GUI # description: Longer description of the field's purpose -properties: -- name: version - type: string - value: 1.1.0 # Uncomment this section if you want to display forms with configurable # properties in Ops Manager. These properties will be passed to your # applications as environment variables. You can also refer to them # elsewhere in this template by using: # (( .properties. )) -# +# # forms: # - name: buildpack_properties # label: Buildpack @@ -101,21 +99,21 @@ forms: type: string label: OAuth Client ID constraints: - - must_match_regex: '^[a-fA-F0-9]{32}$' - error_message: 'Invalid OAuth Client ID format. Please use a valid OAuth Client ID.' + - must_match_regex: "^[a-fA-F0-9]{32}$" + error_message: "Invalid OAuth Client ID format. Please use a valid OAuth Client ID." - name: client_secret type: secret label: OAuth Client Secret constraints: - - must_match_regex: '^[a-zA-Z0-9]{40}$' - error_message: 'Invalid OAuth Client Secret format. Please use a valid OAuth Client Secret.' + - must_match_regex: "^[a-zA-Z0-9]{40}$" + error_message: "Invalid OAuth Client Secret format. Please use a valid OAuth Client Secret." - name: cloud type: string - label: Falcon Cloud Region (e.g. us-1, us-2, eu-1, gov1) + label: Falcon Cloud Region (e.g. us-1, us-2, eu-1, gov1). Default is autodiscover. optional: true constraints: - - must_match_regex: '^(us-1|us-2|eu-1|gov1|)$' - error_message: 'Invalid CrowdStrike region. Please provide a valid region or remove the entry for autodiscover.' + - must_match_regex: "^(us-1|us-2|eu-1|gov1|)$" + error_message: "Invalid CrowdStrike region. Please provide a valid region or remove the entry for autodiscover." - name: falcon label: Falcon Sensor Settings @@ -127,8 +125,8 @@ forms: description: Falcon Customer ID (CID) with Checksum (Optional) optional: true constraints: - - must_match_regex: '^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$' - error_message: 'Invalid CID format. Please use a valid CID with checksum.' + - must_match_regex: "^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$" + error_message: "Invalid CID format. Please use a valid CID with checksum." - name: apd type: string label: Disable Proxy @@ -150,8 +148,16 @@ forms: description: The provisioning token to use for installing the sensor optional: true constraints: - - must_match_regex: '^[0-9a-fA-F]{8}$' - error_message: 'Invalid Provisioning Token format. Please use a valid Provisioning Token.' + - must_match_regex: "^[0-9a-fA-F]{8}$" + error_message: "Invalid Provisioning Token format. Please use a valid Provisioning Token." + - name: provisioning_wait_time + type: string + label: Provisioning Wait Time (Windows Only) + description: Time to wait, in milliseconds, for sensor to provision + optional: true + constraints: + - must_match_regex: "^[0-9]*$" + error_message: "Invalid Provisioning Wait Time format. Please use a valid Provisioning Wait Time in milliseconds." - name: tags type: string label: Tags @@ -210,16 +216,16 @@ forms: # or added to the tile separately using a package of type bosh-release. runtime_configs: -- name: falcon-linux-sensor-config +- name: falcon-sensor-config runtime_config: releases: - - name: falcon-linux-sensor + - name: falcon-sensor version: (( .properties.version.value )) addons: - name: falcon-linux-sensor jobs: - name: falcon-linux-sensor - release: falcon-linux-sensor + release: falcon-sensor properties: oauth: client_id: (( .properties.client_id.value )) @@ -240,3 +246,29 @@ runtime_configs: - os: ubuntu-bionic - os: ubuntu-xenial - os: ubuntu-trusty + + - name: falcon-windows-sensor + jobs: + - name: falcon-windows-sensor + release: falcon-sensor + properties: + oauth: + client_id: (( .properties.client_id.value )) + client_secret: (( .properties.client_secret.value )) + cloud: (( .properties.cloud.value )) + falcon: + cid: (( .properties.cid.value )) + apd: (( .properties.apd.value )) + aph: (( .properties.aph.value )) + app: (( .properties.app.value )) + provisioning_token: (( .properties.provisioning_token.value )) + provisioning_wait_time: (( .properties.provisioning_wait_time.value )) + tags: (( .properties.tags.value )) + sensor_update_policy: (( .properties.sensor_update_policy.value )) + version: (( .properties.version.value )) + include: + stemcell: + - os: windows2012R2 + - os: windows2016 + - os: windows1803 + - os: windows2019