chore(userspace/falco): drop container_engines config key.

Also, default falco.yaml will only host container plugin configuration but won't enable the plugin. Instead, a configuration override file will be installed only on linux non-musl deployments, enabled the plugin. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-29 16:17:32 +00:00 · 2025-02-06 11:21:05 +01:00 · 2025-02-06 11:21:05 +01:00 · bb13702f0f
commit bb13702f0f
parent fafeddaf35
5 changed files with 11 additions and 77 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -268,11 +268,18 @@ if(NOT WIN32
 )
 	include(falcoctl)
 	include(container_plugin)
+	# Install the plugin
 	install(
 		FILES "${PROJECT_BINARY_DIR}/container_plugin-prefix/src/libcontainer.so"
 		DESTINATION "${FALCO_ABSOLUTE_SHARE_DIR}/plugins"
 		COMPONENT "${FALCO_COMPONENT_NAME}"
 	)
+	# Install additional config override file to enable the container plugin
+	install(
+		FILES "${PROJECT_SOURCE_DIR}/config/falco.container_plugin.yaml"
+		DESTINATION "${FALCO_ETC_DIR}/config.d"
+		COMPONENT "${FALCO_COMPONENT_NAME}"
+	)
 endif()

 # Packages configuration
--- a/config/falco.container_plugin.yaml
+++ b/config/falco.container_plugin.yaml
@ -0,0 +1,2 @@
+# Enable container plugin for linux non musl installation.
+load_plugins: [container]
--- a/falco.yaml
+++ b/falco.yaml
@ -460,7 +460,7 @@ engine:
 # For example, if you want to use the `k8saudit` plugin,
 # ensure it is configured appropriately and then change this to: 
 # load_plugins: [k8saudit, json]
-load_plugins: [container]
+load_plugins: []

 # Customize subsettings for each enabled plugin. These settings will only be
 # applied when the corresponding plugin is enabled using the `load_plugins`
@ -1335,22 +1335,3 @@ base_syscalls:
 falco_libs:
  thread_table_size: 262144
  snaplen: 80
-
-# [Deprecated] `container_engines`
-#
-# The following options are deprecated and will be forwarded to the container plugin init_config.
-container_engines:
-  docker:
-    enabled: true
-  cri:
-    enabled: true
-    sockets: ["/run/containerd/containerd.sock", "/run/crio/crio.sock", "/run/k3s/containerd/containerd.sock"]
-    disable_async: false
-  podman:
-    enabled: true
-  lxc:
-    enabled: true
-  libvirt_lxc:
-    enabled: true
-  bpm:
-    enabled: true
--- a/userspace/falco/configuration.cpp
+++ b/userspace/falco/configuration.cpp
@ -693,61 +693,6 @@ void falco_configuration::load_yaml(const std::string &config_name) {
 	}

 	m_watch_config_files = m_config.get_scalar<bool>("watch_config_files", true);
-
-	load_container_config();
-}
-
-void falco_configuration::load_container_config() {
-	// Find container plugin
-	const std::string *init_cfg;
-	for(const auto &p : m_plugins) {
-		if(p.m_name == "container") {
-			// Store the point to be later overridden
-			init_cfg = &p.m_init_config;
-		}
-	}
-
-	if(m_config.is_defined("container_engines.docker.enabled")) {
-		const auto docker_enabled =
-		        m_config.get_scalar<bool>("container_engines.docker.enabled", true);
-		// TODO update init_cfg
-	}
-
-	if(m_config.is_defined("container_engines.podman.enabled")) {
-		const auto podman_enabled =
-		        m_config.get_scalar<bool>("container_engines.podman.enabled", true);
-		// TODO update init_cfg
-	}
-
-	if(m_config.is_defined("container_engines.cri.enabled")) {
-		const auto cri_enabled = m_config.get_scalar<bool>("container_engines.cri.enabled", true);
-		// TODO update init_cfg
-
-		if(cri_enabled) {
-			std::vector<std::string> cri_socket_paths;
-			m_config.get_sequence<std::vector<std::string>>(cri_socket_paths,
-			                                                "container_engines.cri.sockets");
-			auto disable_cri_async =
-			        m_config.get_scalar<bool>("container_engines.cri.disable-cri-async", false);
-			// TODO update initcfg
-		}
-	}
-
-	if(m_config.is_defined("container_engines.lxc.enabled")) {
-		const auto lxc_enabled = m_config.get_scalar<bool>("container_engines.lxc.enabled", true);
-		// TODO update init_cfg
-	}
-
-	if(m_config.is_defined("container_engines.libvirt_lxc.enabled")) {
-		const auto libvirt_lxc_enabled =
-		        m_config.get_scalar<bool>("container_engines.libvirt_lxc.enabled", true);
-		// TODO update init_cfg
-	}
-
-	if(m_config.is_defined("container_engines.bpm.enabled")) {
-		const auto bpm_enabled = m_config.get_scalar<bool>("container_engines.bpm.enabled", true);
-		// TODO update init_cfg
-	}
 }

 void falco_configuration::read_rules_file_directory(const std::string &path,
--- a/userspace/falco/configuration.h
+++ b/userspace/falco/configuration.h
@ -213,7 +213,6 @@ public:
 private:
 	void merge_config_files(const std::string& config_name, config_loaded_res& res);
 	void load_yaml(const std::string& config_name);
-	void load_container_config();
 	void init_logger();
 	void load_engine_config(const std::string& config_name);
 	void init_cmdline_options(const std::vector<std::string>& cmdline_options);