Open ffalor opened 1 year ago
ansible/ansible-rulebook isn't ansible/ansible and alot of stuff is different and/or not implemented as of now.
my suggestion is that you get the environment variables using os.getenv()
in the event_source instead.
@ffalor We don't have full Jinja2 support in the rulebook. In your case you should be able to change the rulebook to
sources:
- crowd strike.falcon.eventstream:
falcon_client_id: "{{ FALCON_CLIENT_ID }}"
falcon_client_secret: "{{ FALCON_CLIENT_SECRET }}"
falcon_cloud: "us-2"
{{ FALCON_CLIENT_ID }}
would get the environment variable?
The env var name is passed via the command line and collected into a variable pool which is later used in substitution.
ansible-rulebook -i inventory.yml --rulebook rulebooks/event_stream_example.yml --env-vars FALCON_CLIENT_ID,FALCON_CLIENT_SECRET`
thanks @mkanoor for making me aware. one caveat seems to be they have to be quoted and always returned as strings.
thanks for explaining how --env-vars works.
Description
This could be a me issue because I am learning rulebooks & ansible at the same time.
Running:
ansible-rulebook -i inventory.yml --rulebook rulebooks/event_stream_example.yml --env-vars FALCON_CLIENT_ID,FALCON_CLIENT_SECRET
Results in this error (I've tried with and without --env-vars):
It looks like I do have the
env
lookup pluging