search

CrowdStrike / puppet-falcon

https://forge.puppet.com/modules/crowdstrike/falcon
MIT License
7 stars 8 forks source link

falcon_version returns absent causing API download/install loops #94

Closed cconfredo closed 2 months ago

cconfredo commented 2 months ago

This looks to be causing an API-based download and installation with every Puppet run.

When nodes are configured with:

falcon::version_manage: true
falcon::update_policy: 'platform_default'

falcon_version doesn't return the same as facter falcon.version:

Debug: Facter: fact "falcon" has resolved to: {"version"=>"7.17.0-17005"} # Detected installed version
Debug: falcon_version fact returns absent
Debug: Falcon is installed check returns false
Debug: Desired falcon version is 7.17.0-17005
Notice: Downloading sensor package to location: /tmp/falcon-sensor_7.17.0-17005_amd64.deb
Notice: /Stage[main]/Falcon::Install/Sensor_download[Download Sensor Package]/ensure: created

Switching :version from a symbol to a string changes the behavior:

$ sudo puppet agent --test --debug | grep -i falcon
     falcon_fact = Facter.value('falcon')
     Puppet.debug("Falcon fact: #{falcon_fact}")
-    falcon_version = falcon_fact&.fetch(:version, :absent)
+    falcon_version = falcon_fact&.fetch("version", :absent)
     installed = [:absent, :purged, :undef, nil].include?(falcon_version) ? false : true
...
Debug: falcon_version fact returns 7.17.0-17005
Debug: Falcon is installed check returns true

Puppet v7.32.1 Facter v4.8.0 puppet-falcon v0.7.1, reproducible on v0.10.0

ffalor commented 2 months ago

@cconfredo the latest version should fix this, thanks for reporting the issue. mod 'crowdstrike-falcon', '0.11.0'