chore(scripts): use new default value for falcoctl driver.host-root config key.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-06 11:26:44 +00:00 · 2023-11-29 17:47:08 +01:00 · 2023-11-29 17:47:08 +01:00 · ade27c2546
commit ade27c2546
parent 2244cc6f71
4 changed files with 250 additions and 7 deletions
--- a/docker/driver-loader-legacy/docker-entrypoint.sh
+++ b/docker/driver-loader-legacy/docker-entrypoint.sh
@ -18,6 +18,28 @@
 #
 print_usage() {
 	echo ""
 	echo "Usage:"
 	echo "  falco-driver-loader [driver] [options]"
 	echo ""
 	echo "Available drivers:"
 	echo "  kmod           kernel module (default)"
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "Options:"
 	echo "  --help         show this help message"
 	echo "  --clean        try to remove an already present driver installation"
 	echo "  --compile      try to compile the driver locally (default true)"
 	echo "  --download     try to download a prebuilt driver (default true)"
 	echo "  --print-env    skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
 	echo "  FALCOCTL_DRIVER_NAME              specify a different name for the driver"
 	echo ""
 }
 echo "* Setting up /usr/src links from host"
 for i in "$HOST_ROOT/usr/src"/*
@ -26,5 +48,64 @@ do
    ln -s "$i" "/usr/src/$base"
 done
-/usr/bin/falcoctl driver config "$@"
+ENABLE_COMPILE="false"
-/usr/bin/falcoctl driver install
+ENABLE_DOWNLOAD="false"
 has_driver=
 has_opts=
 while test $# -gt 0; do
 	case "$1" in
 		kmod|ebpf)
 			if [ -n "$has_driver" ]; then
 				>&2 echo "Only one driver per invocation"
 				print_usage
 				exit 1
 			else
 				/usr/bin/falcoctl driver config "--type $1"
 				has_driver="true"
 			fi
 			;;
 		-h|--help)
 			print_usage
 			exit 0
 			;;
 		--clean)
 			/usr/bin/falcoctl driver cleanup
 			exit 0
 			;;
 		--compile)
 			ENABLE_COMPILE="true"
 			has_opts="true"
 			;;
 		--download)
 			ENABLE_DOWNLOAD="true"
 			has_opts="true"
 			;;
 		--source-only)
 		    >&2 echo "Support dropped in Falco 0.37.0."
 			print_usage
 			exit 1
 			;;
 		--print-env)
 			/usr/bin/falcoctl driver printenv
 			exit 0
 			;;
 		--*)
 			>&2 echo "Unknown option: $1"
 			print_usage
 			exit 1
 			;;
 		*)
 			>&2 echo "Unknown driver: $1"
 			print_usage
 			exit 1
 			;;
 	esac
    shift
 done
 if [ -z "$has_opts" ]; then
 	ENABLE_COMPILE="true"
 	ENABLE_DOWNLOAD="true"
 fi
 /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
--- a/docker/driver-loader/docker-entrypoint.sh
+++ b/docker/driver-loader/docker-entrypoint.sh
@ -18,6 +18,28 @@
 #
 print_usage() {
 	echo ""
 	echo "Usage:"
 	echo "  falco-driver-loader [driver] [options]"
 	echo ""
 	echo "Available drivers:"
 	echo "  kmod           kernel module (default)"
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "Options:"
 	echo "  --help         show this help message"
 	echo "  --clean        try to remove an already present driver installation"
 	echo "  --compile      try to compile the driver locally (default true)"
 	echo "  --download     try to download a prebuilt driver (default true)"
 	echo "  --print-env    skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
 	echo "  FALCOCTL_DRIVER_NAME              specify a different name for the driver"
 	echo ""
 }
 echo "* Setting up /usr/src links from host"
 for i in "$HOST_ROOT/usr/src"/*
@ -26,5 +48,64 @@ do
    ln -s "$i" "/usr/src/$base"
 done
-/usr/bin/falcoctl driver config "$@"
+ENABLE_COMPILE="false"
-/usr/bin/falcoctl driver install
+ENABLE_DOWNLOAD="false"
 has_driver=
 has_opts=
 while test $# -gt 0; do
 	case "$1" in
 		kmod|ebpf)
 			if [ -n "$has_driver" ]; then
 				>&2 echo "Only one driver per invocation"
 				print_usage
 				exit 1
 			else
 				/usr/bin/falcoctl driver config "--type $1"
 				has_driver="true"
 			fi
 			;;
 		-h|--help)
 			print_usage
 			exit 0
 			;;
 		--clean)
 			/usr/bin/falcoctl driver cleanup
 			exit 0
 			;;
 		--compile)
 			ENABLE_COMPILE="true"
 			has_opts="true"
 			;;
 		--download)
 			ENABLE_DOWNLOAD="true"
 			has_opts="true"
 			;;
 		--source-only)
 		    >&2 echo "Support dropped in Falco 0.37.0."
 			print_usage
 			exit 1
 			;;
 		--print-env)
 			/usr/bin/falcoctl driver printenv
 			exit 0
 			;;
 		--*)
 			>&2 echo "Unknown option: $1"
 			print_usage
 			exit 1
 			;;
 		*)
 			>&2 echo "Unknown driver: $1"
 			print_usage
 			exit 1
 			;;
 	esac
    shift
 done
 if [ -z "$has_opts" ]; then
 	ENABLE_COMPILE="true"
 	ENABLE_DOWNLOAD="true"
 fi
 /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
--- a/docker/falco/docker-entrypoint.sh
+++ b/docker/falco/docker-entrypoint.sh
@ -17,6 +17,29 @@
 # limitations under the License.
 #
 print_usage() {
 	echo ""
 	echo "Usage:"
 	echo "  falco-driver-loader [driver] [options]"
 	echo ""
 	echo "Available drivers:"
 	echo "  kmod           kernel module (default)"
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "Options:"
 	echo "  --help         show this help message"
 	echo "  --clean        try to remove an already present driver installation"
 	echo "  --compile      try to compile the driver locally (default true)"
 	echo "  --download     try to download a prebuilt driver (default true)"
 	echo "  --print-env    skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
 	echo "  FALCOCTL_DRIVER_NAME              specify a different name for the driver"
 	echo ""
 }
 # Set the SKIP_DRIVER_LOADER variable to skip loading the driver
 if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
@ -31,8 +54,66 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
    # convert the optional space-separated env variable FALCO_DRIVER_LOADER_OPTIONS to array, prevent 
    # shell expansion and use it as argument list for falcoctl
    read -a falco_driver_loader_option_arr <<< $FALCO_DRIVER_LOADER_OPTIONS
-    /usr/bin/falcoctl driver config "${falco_driver_loader_option_arr[@]}"
+
-    /usr/bin/falcoctl driver install
+    ENABLE_COMPILE="false"
    ENABLE_DOWNLOAD="false"
    has_driver=
    has_opts=
    for opt in "${falco_driver_loader_option_arr[@]}"
        case "$1" in
            kmod|ebpf)
                if [ -n "$has_driver" ]; then
                    >&2 echo "Only one driver per invocation"
                    print_usage
                    exit 1
                else
                    /usr/bin/falcoctl driver config "--type $opt"
                    has_driver="true"
                fi
                ;;
            -h|--help)
                print_usage
                exit 0
                ;;    
            --clean)
                /usr/bin/falcoctl driver cleanup
                exit 0
                ;;
            --compile)
                ENABLE_COMPILE="true"
                has_opts="true"
                ;;
            --download)
                ENABLE_DOWNLOAD="true"
                has_opts="true"
                ;;
            --source-only)
                >&2 echo "Support dropped in Falco 0.37.0."
                print_usage
                exit 1
                ;;    
            --print-env)
                /usr/bin/falcoctl driver printenv
                exit 0
                ;;
            --*)
                >&2 echo "Unknown option: $1"
                print_usage
                exit 1
                ;;
            *)
                >&2 echo "Unknown driver: $1"
                print_usage
                exit 1
                ;;
        esac
    done
    if [ -z "$has_opts" ]; then
        ENABLE_COMPILE="true"
        ENABLE_DOWNLOAD="true"
    fi
    /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
 fi
 exec "$@"
--- a/scripts/falcoctl/falcoctl.yaml.in
+++ b/scripts/falcoctl/falcoctl.yaml.in
@ -4,7 +4,7 @@ driver:
    repos:
        - "@DRIVERS_REPO@"
    version: "@DRIVER_VERSION@"
-    hostroot: ""
+    hostroot: "/"
 artifact:
  follow:
    every: 6h0m0s