From 56a4e31d18828940ec93c05eaf8d93c53589f553 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=20M=C3=BCller?=
 <60851960+toamto94@users.noreply.github.com>
Date: Wed, 7 Feb 2024 20:49:20 +0100
Subject: [PATCH] added option for insecure http driver download
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

added option for insecure http driver download to the falco docker entrypoint.

Signed-off-by: Tom Müller <60851960+toamto94@users.noreply.github.com>
---
 docker/falco/docker-entrypoint.sh | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/docker/falco/docker-entrypoint.sh b/docker/falco/docker-entrypoint.sh
index db967ca9..8b57a9ee 100755
--- a/docker/falco/docker-entrypoint.sh
+++ b/docker/falco/docker-entrypoint.sh
@@ -28,11 +28,12 @@ print_usage() {
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "FALCO_DRIVER_LOADER_OPTIONS options:"
-	echo "  --help         show this help message"
-	echo "  --clean        try to remove an already present driver installation"
-	echo "  --compile      try to compile the driver locally (default true)"
-	echo "  --download     try to download a prebuilt driver (default true)"
-	echo "  --print-env    skip execution and print env variables for other tools to consume"
+	echo "  --help           show this help message"
+	echo "  --clean          try to remove an already present driver installation"
+	echo "  --compile        try to compile the driver locally (default true)"
+	echo "  --download       try to download a prebuilt driver (default true)"
+ 	echo "  --http-insecure	 enable insecure downloads"
+	echo "  --print-env      skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
@@ -57,6 +58,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
 
     ENABLE_COMPILE="false"
     ENABLE_DOWNLOAD="false"
+    HTTP_INSECURE="false"
     has_driver=
     has_opts=
     for opt in "${falco_driver_loader_option_arr[@]}"
@@ -88,6 +90,9 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
                 ENABLE_DOWNLOAD="true"
                 has_opts="true"
                 ;;
+	    --http-insecure)
+		HTTP_INSECURE="true"
+		;;	
             --source-only)
                 >&2 echo "Support dropped in Falco 0.37.0."
                 print_usage
@@ -113,7 +118,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
         ENABLE_COMPILE="true"
         ENABLE_DOWNLOAD="true"
     fi
-    /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
+    /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE
 
 fi