From bb8f6fa136d488ada3dc57df4d57448d837267c7 Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Fri, 23 Jan 2026 11:02:07 +0100 Subject: [PATCH] chore(userspace): deprecate `--gvisor-generate-config` CLI option DEPRECATION NOTICE: deprecate `--gvisor-generate-config` CLI option Signed-off-by: Leonardo Di Giovanna --- .../falco/app/actions/print_generated_gvisor_config.cpp | 5 +++++ userspace/falco/app/options.cpp | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/userspace/falco/app/actions/print_generated_gvisor_config.cpp b/userspace/falco/app/actions/print_generated_gvisor_config.cpp index 5ca72b65..6adb06bb 100644 --- a/userspace/falco/app/actions/print_generated_gvisor_config.cpp +++ b/userspace/falco/app/actions/print_generated_gvisor_config.cpp @@ -17,6 +17,7 @@ limitations under the License. #include "config_falco.h" #include "actions.h" +#include "logger.h" using namespace falco::app; using namespace falco::app::actions; @@ -26,6 +27,10 @@ falco::app::run_result falco::app::actions::print_generated_gvisor_config(falco: return run_result::ok(); } + falco_logger::log(falco_logger::level::WARNING, + "Using feature for deprecated gVisor engine. Please consider switching to " + "another engine."); + sinsp i; std::string gvisor_config = i.generate_gvisor_config(s.options.gvisor_generate_config_with_socket); diff --git a/userspace/falco/app/options.cpp b/userspace/falco/app/options.cpp index b46cf902..ff653994 100644 --- a/userspace/falco/app/options.cpp +++ b/userspace/falco/app/options.cpp @@ -104,7 +104,7 @@ void options::define(cxxopts::Options& opts) ("dry-run", "Run Falco without processing events. It can help check that the configuration and rules do not have any errors.", cxxopts::value(dry_run)->default_value("false")) ("enable-source", "Enable a specific . By default, all loaded sources get enabled. Available sources are 'syscall' plus all sources defined by loaded plugins supporting the event sourcing capability. This option can be passed multiple times. When using this option, only the event sources specified by it will be enabled. This option can not be mixed with --disable-source. This option has no effect when reproducing events from a capture file.", cxxopts::value(enable_sources), "") #ifdef HAS_GVISOR - ("gvisor-generate-config", "Generate a configuration file that can be used for gVisor and exit. See --gvisor-config for more details.", cxxopts::value(gvisor_generate_config_with_socket)->implicit_value("/run/falco/gvisor.sock"), "") + ("gvisor-generate-config", "DEPRECATED: Generate a configuration file that can be used for gVisor and exit.", cxxopts::value(gvisor_generate_config_with_socket)->implicit_value("/run/falco/gvisor.sock"), "") #endif ("i", "Print those events that are ignored by default for performance reasons and exit.", cxxopts::value(print_ignored_events)->default_value("false")) ("L", "Show the name and description of all rules and exit. If json_output is set to true, it prints details about all rules, macros, and lists in JSON format.", cxxopts::value(describe_all_rules)->default_value("false")) @@ -117,7 +117,7 @@ void options::define(cxxopts::Options& opts) ("N", "Only print field names when used in conjunction with the --list option. It has no effect when used with other options.", cxxopts::value(names_only)->default_value("false")) ("o,option", "Set the value of option to . Overrides values in the configuration file. can be identified using its location in the configuration file using dot notation. Elements of list entries can be accessed via square brackets [].\n E.g. base.id = val\n base.subvalue.subvalue2 = val\n base.list[1]=val", cxxopts::value(cmdline_config_options), "=") ("plugin-info", "Print info for the plugin specified by and exit.\nThis includes all descriptive information like name and author, along with the\nschema format for the init configuration and a list of suggested open parameters.\n can be the plugin's name or its configured 'library_path'.", cxxopts::value(print_plugin_info), "") - ("p,print", "DEPRECATED: use -o append_output... instead. Print additional information in the rule's output.\nUse -pc or -pcontainer to append container details to syscall events.\nUse -pk or -pkubernetes to add both container and Kubernetes details to syscall events.\nIf using gVisor, choose -pcg or -pkg variants (or -pcontainer-gvisor and -pkubernetes-gvisor, respectively).\nThe details will be directly appended to the rule's output.\nAlternatively, use -p for a custom format. In this case, the given will be appended to the rule's output without any replacement to all events, including plugin events.", cxxopts::value(print_additional), "") + ("p,print", "DEPRECATED: use -o append_output... instead. Print additional information in the rule's output.\nUse -pc or -pcontainer to append container details to syscall events.\nUse -pk or -pkubernetes to add both container and Kubernetes details to syscall events.\nThe details will be directly appended to the rule's output.\nAlternatively, use -p for a custom format. In this case, the given will be appended to the rule's output without any replacement to all events, including plugin events.", cxxopts::value(print_additional), "") ("P,pidfile", "Write PID to specified path. By default, no PID file is created.", cxxopts::value(pidfilename)->default_value(""), "") ("r", "Rules file or directory to be loaded. This option can be passed multiple times. Falco defaults to the values in the configuration file when this option is not specified. Only files with .yml or .yaml extension are considered.", cxxopts::value>(), "") ("support", "Print support information, including version, rules files used, loaded configuration, etc., and exit. The output is in JSON format.", cxxopts::value(print_support)->default_value("false"))