quick and dirty check if ansible works

newrelic · Dec 15, 2023 · c470a6b · c470a6b
1 parent 6354fd3
commit c470a6b
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 12 deletions.
diff --git a/ansible/build-fb-suse/playbook.yml b/ansible/build-fb-suse/playbook.yml
@@ -33,6 +33,28 @@
     - name: Gather facts for first time
       ansible.builtin.setup:
 
+    - name: GET falcon sensor
+      amazon.aws.s3_object:
+        bucket: "{{ tags.crowdstrike_bucket }}"
+        object: "{{ tags.crowdstrike_package_name }}"
+        dest: /tmp/falcon-sensor.rpm
+        mode: get
+
+    - name: Install falcon
+      ansible.builtin.command:
+        cmd: "zypper --no-gpg-checks install -y /tmp/{{ tags.crowdstrike_package_name }}"
+        creates: /opt/CrowdStrike/falconctl
+
+    - name: Configure falcon
+      ansible.builtin.command:
+        cmd: "/opt/CrowdStrike/falconctl -s -f --cid={{ lookup('ansible.builtin.env', 'CROWDSTRIKE_CCID') }}"
+
+    - name: Enable and start falcon
+      ansible.builtin.service:
+        state: started
+        enabled: true
+        name: falcon-sensor
+
     - name: Install dependencies
       community.general.zypper:
         name: "{{ item }}"

diff --git a/ansible/build-fb-suse/requirements.yml b/ansible/build-fb-suse/requirements.yml
@@ -1,4 +1,7 @@
-collections: []
+collections:
+  - name: community.aws
+    # Fixes https://github.com/ansible-collections/community.aws/pull/558
+    version: 6.3.0
 
 roles:
   - name: andrewrothstein.gh

diff --git a/terraform/ec2-instances-creator/main.tf b/terraform/ec2-instances-creator/main.tf
@@ -59,6 +59,8 @@ module "ec2_instance" {
     fb_version = each.value.fbVersion
     instance_type = var.instance_type
     fb_package_name = each.value.targetPackageName
+    crowdstrike_bucket =  var.crowdstrike_bucket
+    crowdstrike_package_name = each.value.crowdstrikePackageName
   })
 
   volume_tags = merge(local.default_tags, {

diff --git a/terraform/ec2-instances-creator/user_data_script.tftpl b/terraform/ec2-instances-creator/user_data_script.tftpl
@@ -23,17 +23,17 @@ sudo /opt/CrowdStrike/falconctl -s -f --cid=${crowdstrike_ccid}
 sudo systemctl enable falcon-sensor
 sudo systemctl start falcon-sensor
 %{endif}
-%{if package_manager_type == "zypp"}
-cd /tmp
-curl %{if arch == "x86_64"}"https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip"%{else}"https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip"%{endif} -o "awscliv2.zip"
-unzip awscliv2.zip
-sudo ./aws/install
-sudo aws s3 cp ${crowdstrike_bucket}/${crowdstrike_package_name} ./
-sudo zypper --no-gpg-checks install -y ./${crowdstrike_package_name}
-sudo /opt/CrowdStrike/falconctl -s -f --cid=${crowdstrike_ccid}
-sudo systemctl enable falcon-sensor
-sudo systemctl start falcon-sensor
-%{endif}
+#%{if package_manager_type == "zypp"}
+#cd /tmp
+#curl %{if arch == "x86_64"}"https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip"%{else}"https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip"%{endif} -o "awscliv2.zip"
+#unzip awscliv2.zip
+#sudo ./aws/install
+#sudo aws s3 cp ${crowdstrike_bucket}/${crowdstrike_package_name} ./
+#sudo zypper --no-gpg-checks install -y ./${crowdstrike_package_name}
+#sudo /opt/CrowdStrike/falconctl -s -f --cid=${crowdstrike_ccid}
+#sudo systemctl enable falcon-sensor
+#sudo systemctl start falcon-sensor
+#%{endif}
 %{if package_manager_type == "exe"}
 msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi /qn
 aws s3 cp ${crowdstrike_bucket}/${crowdstrike_package_name} C:\Temp\