Comments (6)
Hi @christophercollins - I lead CrowdStrike's technical relationship with Red Hat. I was able to reproduce this and will reach out to our friends at Red Hat to assist!
from ansible_collection_falcon.
@evanstoner Thanks for the quick look into this and look forward to where this ends up. Appreciate it :)
from ansible_collection_falcon.
@christophercollins I did some more messing around with this and got it to work building the image. We are still going to wait on what the RH folks tell us, but in the meantime, you can try to see if the following workaround is suitable:
(Based off this article)
example execution-environment.yml
:
---
version: 1
dependencies:
galaxy: requirements.yml
python: requirements.txt
system: bindep.txt
example requirements.yml
:
---
collections:
- name: crowdstrike.falcon
requirements.txt
from our collection:
aiohttp==3.8.5
crowdstrike-falconpy==1.3.0
example bindep.txt
that seems to be working:
findutils [platform:centos-8 platform:rhel-8]
systemd-devel [platform:centos-8 platform:rhel-8]
gcc [platform:centos-8 platform:rhel-8]
make [platform:centos-8 platform:rhel-8]
python38-devel [platform:centos-8 platform:rhel-8]
python38-cffi [platform:centos-8 platform:rhel-8]
python38-cryptography [platform:centos-8 platform:rhel-8]
python38-pycparser [platform:centos-8 platform:rhel-8]
from ansible_collection_falcon.
@carlosmmatos Thanks for looking into it. Part of the issue definitely was a few missing packages in the bindep.txt file that I needed. The image does build after that but with an issue/extra context I think I should bring up. I'll try to be as concise as possible but apologies if this is a bit verbose :)
An issue I see here is that typically when building execution environments we usually set the base image that ansible builder layers on top of to RedHat's supported one (which is required for official support I believe) which is provided behind the customer portal and is "registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8:latest" that contains a supported installation of ansible in the image as well as a bunch of pre-installed collections (AWS, Azure, ansible.posix, etc). There's also a minimal version that doesn't have any default collections installed but has just a supported version of ansible. In ansible-builder you specify the image you want to use like:
version: 1
build_arg_defaults:
EE_BASE_IMAGE: "registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8"
dependencies:
galaxy: requirements.yml
python: requirements.txt
system: bindep.txt
When you build with no image specified it defaults to "quay.io/ansible/ansible-runner:latest" which is quite different than the supported one. One issue is it has ansible-core 2.12.x which is unsupported by the crowd strike collection so I had to also add ansible==6.7.0
to the requirements.txt file so it would upgrade to at least 2.13.0 which you do support. After that I could use it.
I did manage to get it running with the supported base image but with a minor change. If I have everything the same that works using the ansible-builder default image, but change the base image being used to their supported version, it still would fail at the compile process during the pip installs, but after I went into the container I saw the issue is that it is using python3.9.16 in the supported base execution environment image so I had to change the one bindep package to be python39-devel [platform:centos-8 platform:rhel-8]
so 39 instead of 38 and it finally built and I can use it using the supported execution environment :)
from ansible_collection_falcon.
Related Issues (20)
- Instaltion method API (Windows) HOT 2
- Install crowdstrike on windows - Ansible not finishing HOT 14
- Uninstall - Win Error HOT 5
- Uninstall role also to remove nodes from console HOT 2
- Installation fails on Ubuntu 22.04 with ansible.legacy.apt parameter 'allow_downgrade' HOT 6
- ruff errors on 3.3.1
- Removing AID failing in crowdstrike.falcon.falcon_configure HOT 3
- Consider using our own revoke token API call
- Consider update Ansible version support
- v3 new release prep
- Update Required Ansible Version
- Update module url links
- missing win_auth.yml in 4.x HOT 1
- CrowdStrike Falcon | Authenticate to CrowdStrike API - Sorry, try again HOT 9
- Test instances clutter up the Integration SA CID
- Add user-agent string to EDA
- Failed to generate access token for customer HOT 7
- Required changes for Red Hat certification HOT 1
- Having issues installing crowdstrike with galaxy HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible_collection_falcon.