RHINENG-9772: add "crowdstrike" field to system_profile

Signed-off-by: Xiaoxue Wang <[email protected]>
RedHatInsights · May 31, 2024 · 8bb2fad · 8bb2fad
1 parent 7a0f4a9
commit 8bb2fad
Show file tree

Hide file tree

Showing 8 changed files with 63 additions and 2 deletions.
diff --git a/dev/test-archives/core-base/data/insights_commands/opt.CrowdStrike.falconctl_-g_--aid b/dev/test-archives/core-base/data/insights_commands/opt.CrowdStrike.falconctl_-g_--aid
@@ -0,0 +1 @@
+aid="44e3b7d20b434a2bb2815d9808fa3a8b".
diff --git a/dev/test-archives/core-base/data/insights_commands/opt.CrowdStrike.falconctl_-g_--backend b/dev/test-archives/core-base/data/insights_commands/opt.CrowdStrike.falconctl_-g_--backend
@@ -0,0 +1 @@
+backend=kernel.
diff --git a/dev/test-archives/core-base/meta_data/insights.specs.Specs.falconctl_aid.json b/dev/test-archives/core-base/meta_data/insights.specs.Specs.falconctl_aid.json
@@ -0,0 +1 @@
+{"name": "insights.specs.Specs.falconctl_aid", "exec_time": 7.009506225585938e-05, "errors": [], "results": {"type": "insights.core.spec_factory.CommandOutputProvider", "object": {"rc": null, "cmd": "/opt/CrowdStrike/falconctl -g --aid", "args": null, "save_as": false, "relative_path": "insights_commands/opt.CrowdStrike.falconctl_-g_--aid"}}, "ser_time": 0.010624408721923828}
diff --git a/dev/test-archives/core-base/meta_data/insights.specs.Specs.falconctl_backend.json b/dev/test-archives/core-base/meta_data/insights.specs.Specs.falconctl_backend.json
@@ -0,0 +1 @@
+{"name": "insights.specs.Specs.falconctl_backend", "exec_time": 7.009506225585938e-05, "errors": [], "results": {"type": "insights.core.spec_factory.CommandOutputProvider", "object": {"rc": null, "cmd": "/opt/CrowdStrike/falconctl -g --backend", "args": null, "save_as": false, "relative_path": "insights_commands/opt.CrowdStrike.falconctl_-g_--backend"}}, "ser_time": 0.010624408721923828}
diff --git a/pyproject.toml b/pyproject.toml
@@ -12,7 +12,7 @@ python = "~3.8"
 prometheus-client = "0.7.1"
 requests = "2.31.0"
 confluent-kafka = "1.5.0"
-insights-core = "3.3.19"
+insights-core = "3.3.25"
 app-common-python = "0.2.3"
 watchtower = "^1.0.6"
 logstash_formatter = "^0.5.17"

diff --git a/requirements.txt b/requirements.txt
@@ -8,7 +8,7 @@ defusedxml==0.6.0
 flake8==3.8.4
 freezegun==0.3.15
 idna==2.10
-insights-core==3.3.19
+insights-core==3.3.25
 Jinja2==2.11.3
 jsonschema==3.2.0
 lockfile==0.12.2

diff --git a/src/puptoo/process/profile.py b/src/puptoo/process/profile.py
@@ -22,6 +22,7 @@
 from insights.parsers.dmidecode import DMIDecode
 from insights.parsers.dnf_modules import DnfModules
 from insights.parsers.dnf_module import DnfModuleList
+from insights.parsers.falconctl import FalconctlAid, FalconctlBackend
 from insights.parsers.gcp_license_codes import GCPLicenseCodes
 from insights.parsers.gcp_network_interfaces import GCPNetworkInterfaces
 from insights.parsers.greenboot_status import GreenbootStatus
@@ -135,6 +136,8 @@ def catch_error(parser, error):
         IrisCpf,
         IrisList,
         SubscriptionManagerFacts,
+        FalconctlAid,
+        FalconctlBackend,
         EAPJSONReports
     ]
 )
@@ -193,6 +196,8 @@ def system_profile(
     iris_cpfs,
     iris_list,
     subscription_manager_facts,
+    falconctl_aid,
+    falconctl_backend,
     eap_json_reports
 ):
     """
@@ -735,6 +740,14 @@ def system_profile(
         if subscription_manager_facts.get('conversions.activity') == 'conversion':
             profile["conversions"]["activity"] = True
 
+    crowdstrike_facts = {}
+    if falconctl_aid:
+        crowdstrike_facts["falcon_aid"] = falconctl_aid.aid
+    if falconctl_backend:
+        crowdstrike_facts["falcon_backend"] = falconctl_backend.backend
+    if crowdstrike_facts:
+        profile["crowdstrike"] = crowdstrike_facts
+
     metadata_response = make_metadata()
     profile_sans_none = _remove_empties(profile)
     metadata_response.update(profile_sans_none)

diff --git a/tests/test_crowdstrike.py b/tests/test_crowdstrike.py
@@ -0,0 +1,44 @@
+from insights.specs import Specs
+from insights.tests import InputData, run_test
+from src.puptoo.process.profile import system_profile
+
+FALCONCTL_AID = """
+aid="44e3b7d20b434a2bb2815d9808fa3a8b".
+""".strip()
+
+FALCONCTL_BACKEND = """
+backend=kernel.
+""".strip()
+
+
+def test_crowdstrike():
+    input_data = InputData()
+    input_data.add(Specs.falconctl_aid, FALCONCTL_AID)
+    input_data.add(Specs.falconctl_backend, FALCONCTL_BACKEND)
+    result = run_test(system_profile, input_data)
+    assert result["crowdstrike"] == {
+        "falcon_aid": "44e3b7d20b434a2bb2815d9808fa3a8b",
+        "falcon_backend": "kernel",
+    }
+
+    input_data = InputData()
+    input_data.add(Specs.falconctl_aid, FALCONCTL_AID)
+    input_data.add(Specs.falconctl_backend, "")
+    result = run_test(system_profile, input_data)
+    assert result["crowdstrike"] == {
+        "falcon_aid": "44e3b7d20b434a2bb2815d9808fa3a8b",
+    }
+
+    input_data = InputData()
+    input_data.add(Specs.falconctl_aid, "")
+    input_data.add(Specs.falconctl_backend, FALCONCTL_BACKEND)
+    result = run_test(system_profile, input_data)
+    assert result["crowdstrike"] == {
+        "falcon_backend": "kernel",
+    }
+
+    input_data = InputData()
+    input_data.add(Specs.falconctl_aid, "")
+    input_data.add(Specs.falconctl_backend, "")
+    result = run_test(system_profile, input_data)
+    assert "crowdstrike" not in result
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"name": "insights.specs.Specs.falconctl_aid", "exec_time": 7.009506225585938e-05, "errors": [], "results": {"type": "insights.core.spec_factory.CommandOutputProvider", "object": {"rc": null, "cmd": "/opt/CrowdStrike/falconctl -g --aid", "args": null, "save_as": false, "relative_path": "insights_commands/opt.CrowdStrike.falconctl_-g_--aid"}}, "ser_time": 0.010624408721923828}