Add notion of falco application object/cmdline opts skeleton

Add a notion of a falco application object. Eventually this will
replace the bulk of falco_init and contain methods to:

- Parse/validate command line options
- Parse/validate falco config
- Initialize prerequsites (inspector, falco engine, webserver, etc)
- Load plugins
- Load/validate rules
- Command/subcommand execution (e.g. --list/--list-fields, or
  nothing specified to run "main" loop)

For now, it is only responsible for command line options handling,
which is stubbed out.

Currently, the only public methods are init() to initialize everything
and copts() to access command line options.

Command line options are held in a different class
falco::app::cmdline_opts. application::copts() returns a reference to
that object, which allows access to parsed command line options bound
to various public instance variables.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>

userspace/falco/CMakeLists.txt

@@ -15,6 +15,7 @@ configure_file(config_falco.h.in config_falco.h)
 
 set(
   FALCO_SOURCES
+  application.cpp
   configuration.cpp
   logger.cpp
   falco_outputs.cpp
@@ -33,6 +34,7 @@ set(
   "${PROJECT_BINARY_DIR}/userspace/falco"
   "${PROJECT_BINARY_DIR}/driver/src"
   "${STRING_VIEW_LITE_INCLUDE}"
+  "${CXXOPTS_INCLUDE_DIR}"
   "${YAMLCPP_INCLUDE_DIR}"
   "${CMAKE_CURRENT_BINARY_DIR}"
   "${DRAIOS_DEPENDENCIES_DIR}/yaml-${DRAIOS_YAML_VERSION}/target/include"
@@ -46,6 +48,7 @@ set(
   luajit
   lpeg
   lyaml
+  cxxopts
 )
 
 set(

userspace/falco/application.cpp

@@ -0,0 +1,61 @@
+/*
+Copyright (C) 2022 The Falco Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// The falco "app" holds application-level configuration and contains
+// the implementation of any subcommand-like behaviors like --list, -i
+// (print_ignored_events), etc.
+
+// It also contains the code to initialize components like the
+// inspector, falco engine, etc.
+
+#include "application.h"
+#include "falco_common.h"
+
+namespace falco {
+namespace app {
+
+application::application()
+	: m_initialized(false)
+{
+}
+
+application::~application()
+{
+}
+
+cmdline_options &application::options()
+{
+	if(!m_initialized)
+	{
+		throw falco_exception("App init() not called yet");
+	}
+
+	return m_cmdline_options;
+}
+
+bool application::init(int argc, char **argv, std::string &errstr)
+{
+	if(!m_cmdline_options.parse(argc, argv, errstr))
+	{
+		return false;
+	}
+
+	m_initialized = true;
+	return true;
+}
+
+}; // namespace app
+}; // namespace falco

userspace/falco/application.h

@@ -0,0 +1,53 @@
+/*
+Copyright (C) 2022 The Falco Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// The falco "app" will eventually replace the monolithic code in
+// falco.cpp. We expect it will be responsible for the following:
+//  - Parsing/validating command line options
+//  - Parsing/validing falco config
+//  - Initialize prerequsites (inspector, falco engine, webserver, etc)
+//  - Loading plugins
+//  - Loading/validating rules
+//  - Command/subcommand execution (e.g. --list/--list-fields, or
+//    nothing specified to run "main" loop)
+
+// For now, it is only responsible for command line options.
+#pragma once
+
+#include "app_cmdline_options.h"
+
+#include <string>
+
+namespace falco {
+namespace app {
+
+class application {
+public:
+
+	application();
+	virtual ~application();
+
+	cmdline_options &options();
+	bool init(int argc, char **argv, std::string &errstr);
+
+private:
+
+	cmdline_options m_cmdline_options;
+	bool m_initialized;
+};
+
+}; // namespace app
+}; // namespace falco

userspace/falco/falco.cpp

@@ -37,6 +37,7 @@ limitations under the License.
 #include <eventformatter.h>
 #include <plugin.h>
 
+#include "application.h"
 #include "logger.h"
 #include "utils.h"
 #include "fields_info.h"
@@ -507,6 +508,8 @@ static void list_source_fields(falco_engine *engine, bool verbose, bool names_on
 //
 int falco_init(int argc, char **argv)
 {
+	falco::application app;
+
 	int result = EXIT_SUCCESS;
 	sinsp* inspector = NULL;
 	sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL;
@@ -608,6 +611,14 @@ int falco_init(int argc, char **argv)
 		set<string> disabled_rule_tags;
 		set<string> enabled_rule_tags;
 
+		std::string errstr;
+		bool successful = app.init(argc, argv, errstr);
+
+		if(!successful)
+		{
+			throw falco_exception(string("Could not initialize: ") + errstr);
+		}
+
 		//
 		// Parse the args
 		//