fix(cli): restore behavior of -pc -pm -pk CLI options

Signed-off-by: Luca Guerra <luca@guerra.sh>
2025-06-27 15:17:50 +00:00 · 2022-03-07 17:34:43 +00:00 · 2022-03-07 17:34:43 +00:00 · 9dd85bf9db
commit 9dd85bf9db
parent 6c4b267109
3 changed files with 4 additions and 13 deletions
--- a/userspace/falco/app_cmdline_options.cpp
+++ b/userspace/falco/app_cmdline_options.cpp
@ -181,13 +181,7 @@ void cmdline_options::define()
 		("M",                             "Stop collecting after <num_seconds> reached.", cxxopts::value(duration_to_tot)->default_value("0"), "<num_seconds>")
 		("N",                             "When used with --list/--list-source, only print field names.", cxxopts::value(names_only)->default_value("false"))
 		("o,option",                      "Set the value of option <opt> to <val>. Overrides values in configuration file. <opt> can be identified using its location in configuration file using dot notation. Elements which are entries of lists can be accessed via square brackets [].\n    E.g. base.id = val\n         base.subvalue.subvalue2 = val\n         base.list[1]=val", cxxopts::value(cmdline_config_options), "<opt>=<val>")
-		("p,print",                       "Add additional information to each falco notification's output.", cxxopts::value(print_additional), "<output_format>")
-		("pcontainer",                    "Add additional information to each falco notification's output, using a container-friendly format. Specifying -pc/-pcontainer will change the interpretation of %%container.info in rule output fields.", cxxopts::value(print_container)->default_value("false"))
-		("pc",                            "Short for -pcontainer", cxxopts::value(print_container)->default_value("false"))
-		("pkubernetes",                   "Add additional information to each falco notification's output, using a kubernetes-friendly format. Additionally, specifying -pk/-pkubernetes will change the interpretation of %%container.info in rule output fields.", cxxopts::value(print_kubernetes)->default_value("false"))
-		("pk",                            "Short for -pkubernetes", cxxopts::value(print_kubernetes)->default_value("false"))
-		("pmesos",                        "Add additional information to each falco notification's output, using a mesos-friendly format. Additionally, specifying -pm/-pmesos will change the interpretation of %%container.info in rule output fields.", cxxopts::value(print_mesos)->default_value("false"))
-		("pm",                            "Short for -pmesos", cxxopts::value(print_mesos)->default_value("false"))
+		("p,print",                       "Add additional information to each falco notification's output.\nWith -pc or -pcontainer will use a container-friendly format.\nWith -pk or -pkubernetes will use a kubernetes-friendly format.\nWith -pm or -pmesos will use a mesos-friendly format.\nAdditionally, specifying -pc/-pk/-pm will change the interpretation of %container.info in rule output fields.", cxxopts::value(print_additional), "<output_format>")
 		("P,pidfile",                     "When run as a daemon, write pid to specified file", cxxopts::value(pidfilename)->default_value("/var/run/falco.pid"), "<pid_file>")
 		("r",                             "Rules file/directory (defaults to value set in configuration file, or /etc/falco_rules.yaml). Can be specified multiple times to read from multiple files/directories.", cxxopts::value<std::vector<std::string>>(), "<rules_file>")
 		("s",                             "If specified, append statistics related to Falco's reading/processing of events to this file (only useful in live mode).", cxxopts::value(stats_filename), "<stats_file>")
--- a/userspace/falco/app_cmdline_options.h
+++ b/userspace/falco/app_cmdline_options.h
@ -57,9 +57,6 @@ public:
 	bool names_only;
 	std::vector<std::string> cmdline_config_options;
 	std::string print_additional;
-	bool print_container;
-	bool print_kubernetes;
-	bool print_mesos;
 	std::string pidfilename;
 	std::list<std::string> rules_filenames;
 	std::string stats_filename;
--- a/userspace/falco/falco.cpp
+++ b/userspace/falco/falco.cpp
@ -388,17 +388,17 @@ static void configure_output_format(falco::app::application &app, falco_engine *
 	std::string output_format;
 	bool replace_container_info = false;

-	if(app.options().print_container)
+	if(app.options().print_additional == "c" || app.options().print_additional == "container")
 	{
 		output_format = "container=%container.name (id=%container.id)";
 		replace_container_info = true;
 	}
-	else if(app.options().print_kubernetes)
+	else if(app.options().print_additional == "k" || app.options().print_additional == "kubernetes")
 	{
 		output_format = "k8s.ns=%k8s.ns.name k8s.pod=%k8s.pod.name container=%container.id";
 		replace_container_info = true;
 	}
-	else if(app.options().print_mesos)
+	else if(app.options().print_additional == "m" || app.options().print_additional == "mesos")
 	{
 		output_format = "task=%mesos.task.name container=%container.id";
 		replace_container_info = true;