Merge pull request #697 from mr-jungchoi/falconctl-cloud

feat(node-sensor): add falcon.cloud option for unified sensor installation

Author: mr-jungchoi

api/falcon/v1alpha1/falcon_unified.go

@@ -0,0 +1,11 @@
+package v1alpha1
+
+// FalconUnified Sensor configuration settings, extends FalconSensor with fields used for unified installation
+type FalconUnified struct {
+	FalconSensor `json:",inline"`
+
+	// Falcon Customer Cloud Region - With the unified installer, you can let the sensor discover the CID's cloud automatically, or you can specify the cloud where the CID resides.
+	// +kubebuilder:validation:Enum=us-1;us-2;eu-1;us-gov-1;us-gov-2
+	// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="CrowdStrike Falcon Cloud Region"
+	Cloud string `json:"cloud,omitempty"`
+}

api/falcon/v1alpha1/falcondeployment_types.go

@@ -61,7 +61,7 @@ type FalconDeploymentSpec struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Configuration",order=8
 	FalconAdmission FalconAdmissionSpec `json:"falconAdmission,omitempty"`
 
-	// Falcon Admission Controller Configuration
+	// Falcon Node Sensor Controller Configuration
 	// +kubebuilder:default:={}
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Node Sensor Configuration",order=9
 	FalconNodeSensor FalconNodeSensorSpec `json:"falconNodeSensor,omitempty"`

api/falcon/v1alpha1/falconnodesensor_types.go

@@ -29,7 +29,7 @@ type FalconNodeSensorSpec struct {
 
 	// +kubebuilder:default:={}
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Sensor Configuration",order=2
-	Falcon FalconSensor `json:"falcon,omitempty"`
+	Falcon FalconUnified `json:"falcon,omitempty"`
 
 	// FalconAPI configures connection from your local Falcon operator to CrowdStrike Falcon platform.
 	//
@@ -261,9 +261,9 @@ func (node *FalconNodeSensor) SetFalconAPISpec(falconApiSpec *FalconAPI) {
 }
 
 func (node *FalconNodeSensor) GetFalconSpec() FalconSensor {
-	return node.Spec.Falcon
+	return node.Spec.Falcon.FalconSensor
 }
 
 func (node *FalconNodeSensor) SetFalconSpec(falconSpec FalconSensor) {
-	node.Spec.Falcon = falconSpec
+	node.Spec.Falcon.FalconSensor = falconSpec
 }

api/falcon/v1alpha1/zz_generated.deepcopy.go

@@ -1440,6 +1440,22 @@ func (in *FalconSensor) DeepCopy() *FalconSensor {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FalconUnified) DeepCopyInto(out *FalconUnified) {
+	*out = *in
+	in.FalconSensor.DeepCopyInto(&out.FalconSensor)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconUnified.
+func (in *FalconUnified) DeepCopy() *FalconUnified {
+	if in == nil {
+		return nil
+	}
+	out := new(FalconUnified)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PriorityClassConfig) DeepCopyInto(out *PriorityClassConfig) {
 	*out = *in

bundle/manifests/falcon-operator.clusterserviceversion.yaml

@@ -148,7 +148,7 @@ metadata:
     capabilities: Seamless Upgrades
     categories: Security,Monitoring
     containerImage: quay.io/crowdstrike/falcon-operator
-    createdAt: "2025-07-30T19:54:28Z"
+    createdAt: "2025-08-11T17:31:06Z"
     description: Falcon Operator installs CrowdStrike Falcon Sensors on the cluster
     features.operators.openshift.io/cnf: "false"
     features.operators.openshift.io/cni: "false"
@@ -1359,7 +1359,7 @@ spec:
       - description: Set the falcon image analyzer volume mount path.
         displayName: Falcon Image Analyzer Volume Mount Path
         path: falconImageAnalyzer.imageAnalyzerConfig.mountPath
-      - description: Falcon Admission Controller Configuration
+      - description: Falcon Node Sensor Controller Configuration
         displayName: Falcon Node Sensor Configuration
         path: falconNodeSensor
       - description: Configure resource requests and limits for the DaemonSet Sensor.
@@ -1447,6 +1447,11 @@ spec:
           This is useful for passing along AWS IAM Role or GCP Workload Identity.
         displayName: Annotations
         path: falconContainerSensor.injector.serviceAccount.annotations
+      - description: Falcon Customer Cloud Region - With the unified installer, you
+          can let the sensor discover the CID's cloud automatically, or you can specify
+          the cloud where the CID resides.
+        displayName: CrowdStrike Falcon Cloud Region
+        path: falconNodeSensor.falcon.cloud
       - description: |-
           Advanced configures various options that go against industry practices or are otherwise not recommended for use.
           Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.
@@ -1829,6 +1834,11 @@ spec:
           Autopilot clusters, but can be set for any cluster.
         displayName: Priority Class
         path: node.priorityClass
+      - description: Falcon Customer Cloud Region - With the unified installer, you
+          can let the sensor discover the CID's cloud automatically, or you can specify
+          the cloud where the CID resides.
+        displayName: CrowdStrike Falcon Cloud Region
+        path: falcon.cloud
       - description: |-
           Advanced configures various options that go against industry practices or are otherwise not recommended for use.
           Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.

bundle/manifests/falcon.crowdstrike.com_falcondeployments.yaml

@@ -3789,11 +3789,12 @@ spec:
                 type: object
               falconNodeSensor:
                 default: {}
-                description: Falcon Admission Controller Configuration
+                description: Falcon Node Sensor Controller Configuration
                 properties:
                   falcon:
                     default: {}
-                    description: CrowdStrike Falcon Sensor configuration settings.
+                    description: FalconUnified Sensor configuration settings, extends
+                      FalconSensor with fields used for unified installation
                     properties:
                       apd:
                         default: false
@@ -3819,6 +3820,18 @@ spec:
                         description: Falcon Customer ID (CID)
                         pattern: ^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$
                         type: string
+                      cloud:
+                        description: Falcon Customer Cloud Region - With the unified
+                          installer, you can let the sensor discover the CID's cloud
+                          automatically, or you can specify the cloud where the CID
+                          resides.
+                        enum:
+                        - us-1
+                        - us-2
+                        - eu-1
+                        - us-gov-1
+                        - us-gov-2
+                        type: string
                       provisioning_token:
                         description: Installation token that prevents unauthorized
                           hosts from being accidentally or maliciously added to your

bundle/manifests/falcon.crowdstrike.com_falconnodesensors.yaml

@@ -50,7 +50,8 @@ spec:
             properties:
               falcon:
                 default: {}
-                description: CrowdStrike Falcon Sensor configuration settings.
+                description: FalconUnified Sensor configuration settings, extends
+                  FalconSensor with fields used for unified installation
                 properties:
                   apd:
                     default: false
@@ -76,6 +77,17 @@ spec:
                     description: Falcon Customer ID (CID)
                     pattern: ^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$
                     type: string
+                  cloud:
+                    description: Falcon Customer Cloud Region - With the unified installer,
+                      you can let the sensor discover the CID's cloud automatically,
+                      or you can specify the cloud where the CID resides.
+                    enum:
+                    - us-1
+                    - us-2
+                    - eu-1
+                    - us-gov-1
+                    - us-gov-2
+                    type: string
                   provisioning_token:
                     description: Installation token that prevents unauthorized hosts
                       from being accidentally or maliciously added to your customer

config/crd/bases/falcon.crowdstrike.com_falcondeployments.yaml

@@ -3797,11 +3797,12 @@ spec:
                 type: object
               falconNodeSensor:
                 default: {}
-                description: Falcon Admission Controller Configuration
+                description: Falcon Node Sensor Controller Configuration
                 properties:
                   falcon:
                     default: {}
-                    description: CrowdStrike Falcon Sensor configuration settings.
+                    description: FalconUnified Sensor configuration settings, extends
+                      FalconSensor with fields used for unified installation
                     properties:
                       apd:
                         default: false
@@ -3827,6 +3828,18 @@ spec:
                         description: Falcon Customer ID (CID)
                         pattern: ^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$
                         type: string
+                      cloud:
+                        description: Falcon Customer Cloud Region - With the unified
+                          installer, you can let the sensor discover the CID's cloud
+                          automatically, or you can specify the cloud where the CID
+                          resides.
+                        enum:
+                        - us-1
+                        - us-2
+                        - eu-1
+                        - us-gov-1
+                        - us-gov-2
+                        type: string
                       provisioning_token:
                         description: Installation token that prevents unauthorized
                           hosts from being accidentally or maliciously added to your

config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml

@@ -50,7 +50,8 @@ spec:
             properties:
               falcon:
                 default: {}
-                description: CrowdStrike Falcon Sensor configuration settings.
+                description: FalconUnified Sensor configuration settings, extends
+                  FalconSensor with fields used for unified installation
                 properties:
                   apd:
                     default: false
@@ -76,6 +77,17 @@ spec:
                     description: Falcon Customer ID (CID)
                     pattern: ^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$
                     type: string
+                  cloud:
+                    description: Falcon Customer Cloud Region - With the unified installer,
+                      you can let the sensor discover the CID's cloud automatically,
+                      or you can specify the cloud where the CID resides.
+                    enum:
+                    - us-1
+                    - us-2
+                    - eu-1
+                    - us-gov-1
+                    - us-gov-2
+                    type: string
                   provisioning_token:
                     description: Installation token that prevents unauthorized hosts
                       from being accidentally or maliciously added to your customer

config/manifests/bases/falcon-operator.clusterserviceversion.yaml

@@ -1215,7 +1215,7 @@ spec:
       - description: Set the falcon image analyzer volume mount path.
         displayName: Falcon Image Analyzer Volume Mount Path
         path: falconImageAnalyzer.imageAnalyzerConfig.mountPath
-      - description: Falcon Admission Controller Configuration
+      - description: Falcon Node Sensor Controller Configuration
         displayName: Falcon Node Sensor Configuration
         path: falconNodeSensor
       - description: Configure resource requests and limits for the DaemonSet Sensor.
@@ -1303,6 +1303,11 @@ spec:
           This is useful for passing along AWS IAM Role or GCP Workload Identity.
         displayName: Annotations
         path: falconContainerSensor.injector.serviceAccount.annotations
+      - description: Falcon Customer Cloud Region - With the unified installer, you
+          can let the sensor discover the CID's cloud automatically, or you can specify
+          the cloud where the CID resides.
+        displayName: CrowdStrike Falcon Cloud Region
+        path: falconNodeSensor.falcon.cloud
       - description: |-
           Advanced configures various options that go against industry practices or are otherwise not recommended for use.
           Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.
@@ -1685,6 +1690,11 @@ spec:
           Autopilot clusters, but can be set for any cluster.
         displayName: Priority Class
         path: node.priorityClass
+      - description: Falcon Customer Cloud Region - With the unified installer, you
+          can let the sensor discover the CID's cloud automatically, or you can specify
+          the cloud where the CID resides.
+        displayName: CrowdStrike Falcon Cloud Region
+        path: falcon.cloud
       - description: |-
           Advanced configures various options that go against industry practices or are otherwise not recommended for use.
           Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.