|
1 | 1 | # falcon-container-sensor-pull |
2 | | -## Bash script to pull latest Falcon Container or Node Kernel Mode DaemonSet Sensor from the CrowdStrike Container Registry to your local docker images |
| 2 | +Bash script to pull latest Falcon Container or Node Kernel Mode DaemonSet Sensor from the CrowdStrike Container Registry to your local docker registry or remote registry with Skopeo |
3 | 3 |
|
4 | | -### Prerequisite: |
5 | | -Script requires the following packages to be available: `curl`, `jq`, `docker` |
| 4 | +## Prerequisite: |
6 | 5 |
|
7 | | -CrowdStrike API Client created with `Falcon Images Download` scope assigned. |
8 | | -### Usage: |
9 | | -Make the script file executable `chmod +x ./falcon-container-sensor-pull.sh` |
| 6 | +- Script requires the following commands to be installed: |
| 7 | + - `curl` |
| 8 | + - `docker`, `podman`, or `skopeo` |
| 9 | +- CrowdStrike API Client created with `Falcon Images Download` scope assigned. |
| 10 | +- If you are using docker, make sure that docker is running locally. |
10 | 11 |
|
11 | | -Ensure docker is running locally. |
| 12 | +## Usage: |
12 | 13 |
|
13 | | -Execute the script with the relevant input arguments, GovCloud customers can omit the region flag and simply use the `--gov` flag to correctly set the endpoint. |
| 14 | +``` |
| 15 | +usage: ./falcon-container-sensor-pull.sh |
| 16 | +
|
| 17 | +Required Flags: |
| 18 | + -u, --client-id <FALCON_CLIENT_ID> Falcon API OAUTH Client ID |
| 19 | + -s, --client-secret <FALCON_CLIENT_SECRET> Falcon API OAUTH Client Secret |
| 20 | +
|
| 21 | +Optional Flags: |
| 22 | + -f, --cid <FALCON_CID> Falcon Customer ID |
| 23 | + -r, --region <FALCON_REGION> Falcon Cloud |
| 24 | + -c, --copy <REGISTRY/NAMESPACE> registry to copy image e.g. myregistry.com/mynamespace |
| 25 | + -v, --version <SENSOR_VERSION> specify sensor version to retrieve from the registry |
| 26 | +
|
| 27 | + -n, --node download node sensor instead of container sensor |
| 28 | + --runtime use a different container runtime [docker, podman, skopeo]. Default is docker. |
| 29 | + --dump-credentials print registry credentials to stdout to copy/paste into container tools. |
14 | 30 |
|
15 | | -### Example usage to download DaemonSet Sensor from Falcon US-2: |
| 31 | +Help Options: |
| 32 | + -h, --help display this help message |
16 | 33 | ``` |
| 34 | + |
| 35 | +Execute the script with the relevant input arguments. |
| 36 | + |
| 37 | +### Example usage to download DaemonSet Sensor |
| 38 | + |
| 39 | +#### Example using `autodiscover`: |
17 | 40 | ./falcon-container-sensor-pull.sh \ |
18 | | ---cid <ABCDEFGHIJKLMN> \ |
19 | | ---clientid <ABCDEFG123456> \ |
20 | | ---clientsecret <ABCDEFG123456> \ |
21 | | ---region US-2 \ |
| 41 | +--client-id <ABCDEFG123456> \ |
| 42 | +--client-secret <ABCDEFG123456> \ |
22 | 43 | --node |
23 | | -``` |
24 | | -### Full list of variables available: |
25 | | -Variables can be passed to the script either via Arguments or via EnvVars: |
26 | 44 |
|
27 | | -| Short Form | Long Form | EnvVar | Default |Description | |
28 | | -|:-------------------|--------------------------------|--------------------|-------------------|----------------------------------------------------------------------------------------| |
29 | | -| `-f <CID>` | `--cid <CID>` | `$CID` | `None` (Required) |CrowdStrike Customer ID (CID) | |
30 | | -| `-u <CLIENT_ID>` | `--clientid <CLIENT_ID>` | `$CS_CLIENT_ID` | `None` (Required) |CrowdStrike API Client ID | |
31 | | -| `-s <CLIENTSECRET>`| `--clientsecret <CLIENTSECRET>`| `$CS_CLIENT_SECRET`| `None` (Required) |CrowdStrike API Client Secret | |
32 | | -| `-r <REGION>` | `--region <REGION>` | `$REGION` | `US-1` (Optional) |CrowdStrike Region | |
33 | | -| `-g` | `--gov` | `$GOV` | `false` (Optional)|Flag to set falcon API endpoints and registry to falcon gov cloud| |
34 | | -| `-n` | `--node` | `$NODE` | `false` (Optional)|Flag to download Node Sensor, if not set script defaults to downloading container sensor| |
35 | | -| `-h` | `--help` | N/A | `None` |Display help message | |
| 45 | +#### Example without using `autodiscover`: |
36 | 46 |
|
| 47 | +``` |
| 48 | +./falcon-container-sensor-pull.sh \ |
| 49 | +--cid <ABCDEFG123456> \ |
| 50 | +--client-id <ABCDEFG123456> \ |
| 51 | +--client-secret <ABCDEFG123456> \ |
| 52 | +--region us-2 \ |
| 53 | +--node |
| 54 | +``` |
37 | 55 |
|
| 56 | +### Full list of variables available: |
| 57 | +Settings can be passed to the script through CLI Flags or environment variables: |
38 | 58 |
|
| 59 | +| Flags | Environment Variables | Default | Description | |
| 60 | +|:-----------------------------------------------|-------------------------|----------------------------|------------------------------------------------------------------------------------------| |
| 61 | +| `-f`, `--cid <FALCON_CID>` | `$FALCON_CID | `None` (Optional) | CrowdStrike Customer ID (CID) | |
| 62 | +| `-u`, `--client-id <FALCON_CLIENT_ID>` | `$FALCON_CLIENT_ID` | `None` (Required) | CrowdStrike API Client ID | |
| 63 | +| `-s`, `--client-secret <FALCON_CLIENT_SECRET>` | `$FALCON_CLIENT_SECRET` | `None` (Required) | CrowdStrike API Client Secret | |
| 64 | +| `-r`, `--region <FALCON_CLOUD>` | `$FALCON_CLOUD` | `us-1` (Optional) | CrowdStrike Region | |
| 65 | +| `-c`, `--copy <REGISTRY/NAMESPACE>` | `$COPY` | `None` (Optional) | Registry to copy image e.g. myregistry.com/mynamespace to | |
| 66 | +| `-v`, `--version <SENSOR_VERSION>` | `$SENSOR_VERSION` | `None` (Optional) | Specify sensor version to retrieve from the registry | |
| 67 | +| `-n`, `--node` | `$SENSORTYPE` | `falcon-sensor` (Optional) | Flag to download Node Sensor, if not set script defaults to downloading container sensor | |
| 68 | +| `--runtime` | `$CONTAINER_TOOL` | `docker` (Optional) | Use a different container runtime [docker, podman, skopeo]. Default is docker. | |
| 69 | +| `--dump-credentials` | `$CREDS` | `False` (Optional) | Print registry credentials to stdout to copy/paste into container tools. | |
| 70 | +| `-h`, `--help` | N/A | `None` | Display help message | |
0 commit comments