added option for insecure http driver download

added option for insecure http driver download to the falco docker entrypoint. Signed-off-by: Tom Müller <60851960+toamto94@users.noreply.github.com>
2025-07-15 07:22:05 +00:00 · 2024-02-07 20:49:20 +01:00 · 2024-02-07 20:49:20 +01:00 · 56a4e31d18
commit 56a4e31d18
parent 159e3f6ffc
1 changed files with 11 additions and 6 deletions
--- a/docker/falco/docker-entrypoint.sh
+++ b/docker/falco/docker-entrypoint.sh
@ -28,11 +28,12 @@ print_usage() {
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "FALCO_DRIVER_LOADER_OPTIONS options:"
-	echo "  --help         show this help message"
-	echo "  --clean        try to remove an already present driver installation"
-	echo "  --compile      try to compile the driver locally (default true)"
-	echo "  --download     try to download a prebuilt driver (default true)"
-	echo "  --print-env    skip execution and print env variables for other tools to consume"
+	echo "  --help           show this help message"
+	echo "  --clean          try to remove an already present driver installation"
+	echo "  --compile        try to compile the driver locally (default true)"
+	echo "  --download       try to download a prebuilt driver (default true)"
+ 	echo "  --http-insecure	 enable insecure downloads"
+	echo "  --print-env      skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
@ -57,6 +58,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then

    ENABLE_COMPILE="false"
    ENABLE_DOWNLOAD="false"
+    HTTP_INSECURE="false"
    has_driver=
    has_opts=
    for opt in "${falco_driver_loader_option_arr[@]}"
@ -88,6 +90,9 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
                ENABLE_DOWNLOAD="true"
                has_opts="true"
                ;;
+	    --http-insecure)
+		HTTP_INSECURE="true"
+		;;	
            --source-only)
                >&2 echo "Support dropped in Falco 0.37.0."
                print_usage
@ -113,7 +118,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
        ENABLE_COMPILE="true"
        ENABLE_DOWNLOAD="true"
    fi
-    /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
+    /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE

 fi