Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Host hide module + doc updates #399

Merged
merged 11 commits into from
Sep 11, 2023
Merged

Host hide module + doc updates #399

merged 11 commits into from
Sep 11, 2023

Conversation

carlosmmatos
Copy link
Contributor

This PR introduces the host_hide module. This is the final API call to complete the roles.

This also updates all the README's to ensure they all follow the same formatting. A few minor fixes here and there as well.

@carlosmmatos carlosmmatos added documentation Improvements or additions to documentation enhancement New feature or request minor_changes New features, like plugin or module options devel Keep track of devel branch work labels Sep 4, 2023
@carlosmmatos carlosmmatos self-assigned this Sep 4, 2023
evanstoner
evanstoner reviewed Sep 5, 2023
View reviewed changes
plugins/modules/host_hide.py Show resolved Hide resolved
plugins/modules/host_hide.py Outdated
- To prevent unnecessary detections from an inactive or a duplicate host,
you can opt to hide the host from the console. This action does not uninstall or
deactivate the sensor. Detection reporting resumes after a host is unhidden.
- The module will return a list of successfull and failed hosts IDs for the action performed.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall I really don't like this "action module" approach. I'd expect something much more like this in Ansible:

- host:
    ids:
      - abcd1234
    state: hidden # or active

In this case the host module would probably grow pretty large over time and be one of the primary modules. E.g. control sensor update policies attached to a host with a sensor_update_policy attribute. But that seems ok to me since hosts are a central part of the platform.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Host module would imply being able to manage the full lifecycle of an object (ie host). But that is not how the API works, we can't create hosts, or delete them, so basically it makes more sense imo to break down the hosts api into actionable modules. Ie, host_hide, host_contain, host_info

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe something in the middle to make it a little more idempotent-y:

- host_hide:
    hosts:
      - abcd1234
    # hidden: true is the default
- host_hide:
    hosts:
      - abcd1234
    hidden: false

Same thing for host_contain with a contained boolean.

@codecov-commenter
Copy link

codecov-commenter commented Sep 9, 2023
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (devel@299d07d). Click here to learn what that means.
The diff coverage is n/a.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

@@           Coverage Diff            @@
##             devel     #399   +/-   ##
========================================
  Coverage         ?   44.30%           
========================================
  Files            ?       14           
  Lines            ?      544           
  Branches         ?      100           
========================================
  Hits             ?      241           
  Misses           ?      302           
  Partials         ?        1
Flag Coverage Δ
sanity 44.30% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@carlosmmatos
chore: update role for new module changes
4bc914b
@carlosmmatos
fix(host_hide): removed failing module and updated documentation
c355b2a 
User is responsible for managing failed states based on the failed_hosts
dictionary we provide.
evanstoner
evanstoner approved these changes Sep 11, 2023
View reviewed changes
Copy link
Contributor

@evanstoner evanstoner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Refactoring of hide_host.yml is beautiful.

@carlosmmatos carlosmmatos merged commit e9f3d5a into CrowdStrike:devel Sep 11, 2023
1 check passed
@carlosmmatos carlosmmatos deleted the host-actions-module branch September 11, 2023 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evanstoner evanstoner evanstoner approved these changes

Assignees

@carlosmmatos carlosmmatos

Labels
devel Keep track of devel branch work documentation Improvements or additions to documentation enhancement New feature or request minor_changes New features, like plugin or module options
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@carlosmmatos @codecov-commenter @evanstoner