Invalid tags in the falcon-sensor/us-2 registry

[nhenderson]

The following command using the docker runtime succeeds, but gives invalid tags in the output:

./falcon-container-sensor-pull.sh --list-tags --type falcon-sensor

Expected output: A list of valid tags:

{
  "name": "falcon-sensor",
  "repository": "registry.crowdstrike.com/falcon-sensor/us-2/release/falcon-sensor",
  "tags": [
    "6.35.0-13206.falcon-linux.x86_64.Release.US-2",
    "6.35.0-13207.falcon-linux.x86_64.Release.US-2",
    ...
    "7.14.0-16703-1.falcon-linux.x86_64.Release.US-2",
    "7.15.0-16803-1.falcon-linux.x86_64.Release.US-2"
  ]
}

Actual output: An invalid list of tags:

{
  "name": "falcon-sensor",
  "repository": "registry.crowdstrike.com/falcon-sensor/us-2/release/falcon-sensor",
  "tags": [
    "6.35.0-13206.falcon-linux.x86_64.Release.US-2",
    "6.35.0-13207.falcon-linux.x86_64.Release.US-2",
    ...
    "7.14.0-16703-1.falcon-linux.x86_64.Release.US-2",
    "7.15.0-16803-1.falcon-linux.Release.US-2",
    "sha256:8e23bd57b2b5a7abe6964eccb94bfd7b64cc62ca0fb9e2e220564d93940bf4f8",
    "sha256:c1fa0f026a29d2612d6c6172b166bb471d5ad0afe7400d9072cdb39ed81e6784"
  ]
}

If we run the same command, with the runtime set to podman, ( ./falcon-container-sensor-pull.sh --list-tags --type falcon-sensor --runtime podman ), then then script fails with the following output: Output:

Error: 1 error occurred:
    * getting repository tags: registry returned invalid tag "sha256:8e23bd57b2b5a7abe6964eccb94bfd7b64cc62ca0fb9e2e220564d93940bf4f8": invalid tag format

NOTE: The invalid sha256: tags are also causing the following command to fail:

./falcon-container-sensor-pull.sh
--cid ${FALCON_CID}
--client-id ${FALCON_CLIENT_ID}
--client-secret ${FALCON_CLIENT_SECRET}
--region us-2
--platform x86_64
--type falcon-sensor
--runtime podman

Output:

Error: 1 error occurred:
    * getting repository tags: registry returned invalid tag "sha256:8e23bd57b2b5a7abe6964eccb94bfd7b64cc62ca0fb9e2e220564d93940bf4f8": invalid tag format
Error: invalid reference format

Therefore please remove the invalid sha:256 tags from the registry.crowdstrike.com/falcon-sensor/us-2/release/falcon-sensor registry.

[carlosmmatos]

@nhenderson Thanks for opening up the issue. Just as a sanity check, you are running the latest version of the script correct? You can check by grepping for the user-agent string, not the best way to do it, but it gives us something:

grep -i user-agent falcon-container-sensor-pull.sh

Latest is currently 1.4.1.

As for Podman/Skopeo, what versions for those are you using as well as we have seen issues associated with the latest versions and are working to see what we can do to fix it. ref: https://github.com/containers/skopeo/issues/2346

[nhenderson]

Hi, @carlosmmatos,

Thank you for getting back to me on this. I really do appreciate it. I am using the 1.4.1 version of the falcon-container-sensor-pull.sh script. I am also using the following container image to run podman: quay.io/podman/stable:latest. That image currently has podman v5.0.3 installed. The issue above occurs with podman v5.0.3. Interestingly enough, I tried downgrading to podman v5.0.2 by using the quay.io/podman/stable:v5.0.2 image. When using podman v5.0.2, the falcon-container-sensor-pull.sh script worked as expected. So, it looks like the issue is with the podman version 5.0.3, not with the falcon-container-sensor-pull.sh script. Thank you for taking the time to look at this issue. You may close this issue now.

[carlosmmatos]

@nhenderson - just fyi there is a workaround I'm implementing for this in #307 since you should not be limited to a certain version of a tool.

[nhenderson]

@carlosmmatos Thank you for fixing my issue, I really appreciate it!