test(osquery): remove osquery bits to unblock AMI builds

jchancojr · jchancojr · commit 4d2c41ae668d · 2025-11-17T11:51:21.000-05:00
diff --git a/ansible/files/permission_check.py b/ansible/files/permission_check.py
@@ -161,13 +161,13 @@
 
 # This program depends on osquery being installed on the system
 # Function to run osquery
-def run_osquery(query):
-    process = subprocess.Popen(
-        ["osqueryi", "--json", query], stdout=subprocess.PIPE, stderr=subprocess.PIPE
-    )
-    output, error = process.communicate()
-    return output.decode("utf-8")
-
+#def run_osquery(query):
+#    process = subprocess.Popen(
+#        ["osqueryi", "--json", query], stdout=subprocess.PIPE, stderr=subprocess.PIPE
+#    )
+#    output, error = process.communicate()
+#    return output.decode("utf-8")
+#
 
 def parse_json(json_str):
     try:
diff --git a/ansible/playbook.yml b/ansible/playbook.yml
@@ -210,19 +210,19 @@
         apt autoremove -y --purge snapd
       when: stage2_nix
 
-    - name: Install osquery from nixpkgs binary cache
-      become: yes
-      shell: |
-        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:nixos/nixpkgs/f98ec4f73c762223d62bee706726138cb6ea27cc#osquery"
-      when: stage2_nix
-
-    - name: Run osquery permission checks
-      become: yes
-      shell: |
-        systemctl start postgresql.service
-        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && /usr/bin/python3 /tmp/ansible-playbook/ansible/files/permission_check.py {{ '--qemu' if qemu_mode is defined else '' }}"
-        systemctl stop postgresql.service
-      when: stage2_nix
+        #    - name: Install osquery from nixpkgs binary cache
+        #      become: yes
+        #      shell: |
+        #        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:nixos/nixpkgs/f98ec4f73c762223d62bee706726138cb6ea27cc#osquery"
+        #      when: stage2_nix
+
+        #    - name: Run osquery permission checks
+        #      become: yes
+        #      shell: |
+        #        systemctl start postgresql.service
+        #        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && /usr/bin/python3 /tmp/ansible-playbook/ansible/files/permission_check.py {{ '--qemu' if qemu_mode is defined else '' }}"
+        #        systemctl stop postgresql.service
+        #      when: stage2_nix
 
     - name: Run fail2ban configuration checks
       become: yes
@@ -232,11 +232,11 @@
         systemctl stop fail2ban.service
       when: stage2_nix
 
-    - name: Remove osquery    
-      become: yes
-      shell: |
-        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile remove osquery"
-      when: stage2_nix
+        #    - name: Remove osquery    
+        #      become: yes
+        #      shell: |
+        #        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile remove osquery"
+        #      when: stage2_nix
 
     - name: nix collect garbage
       become: yes
