github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-26 14:52:20 +00:00
Code Issues Projects Releases Wiki Activity

new(userspace/falco): allow --support to print expanded configuration file.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro 2024-04-09 11:08:04 +02:00 committed by poiana
parent 2a856f2cd3
commit de9efcbec7
4 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
userspace/falco/app/actions/print_support.cpp
View File

@ -108,7 +108,7 @@ falco::app::run_result falco::app::actions::print_support(falco::app::state& s)
support["version"] = infos.falco_version; support["version"] = infos.falco_version;
support["engine_info"] = infos.as_json(); support["engine_info"] = infos.as_json();
support["cmdline"] = s.cmdline; support["cmdline"] = s.cmdline;
support["config"] = read_file(s.options.conf_filename); support["config"] = s.config->dump();
support["rules_files"] = nlohmann::json::array(); support["rules_files"] = nlohmann::json::array();
for(const auto& filename : s.config->m_loaded_rules_filenames) for(const auto& filename : s.config->m_loaded_rules_filenames)
{ {

27
userspace/falco/configuration.cpp
View File

@ -85,16 +85,14 @@ falco_configuration::falco_configuration():
void falco_configuration::init(const std::vector<std::string>& cmdline_options) void falco_configuration::init(const std::vector<std::string>& cmdline_options)
{ {
yaml_helper config;
config.load_from_string(""); config.load_from_string("");
init_cmdline_options(config, cmdline_options); init_cmdline_options(cmdline_options);
load_yaml("default", config); load_yaml("default");
} }
void falco_configuration::init(const std::string& conf_filename, std::vector<std::string>& loaded_conf_files, void falco_configuration::init(const std::string& conf_filename, std::vector<std::string>& loaded_conf_files,
std::vector<std::string>& loaded_conf_warnings, const std::vector<std::string> &cmdline_options) std::vector<std::string>& loaded_conf_warnings, const std::vector<std::string> &cmdline_options)
{ {
yaml_helper config;
try try
{ {
config.load_from_file(conf_filename, loaded_conf_files, loaded_conf_warnings); config.load_from_file(conf_filename, loaded_conf_files, loaded_conf_warnings);
@ -104,11 +102,16 @@ void falco_configuration::init(const std::string& conf_filename, std::vector<std
std::cerr << "Cannot read config file (" + conf_filename + "): " + e.what() + "\n"; std::cerr << "Cannot read config file (" + conf_filename + "): " + e.what() + "\n";
throw e; throw e;
} }
init_cmdline_options(config, cmdline_options); init_cmdline_options(cmdline_options);
load_yaml(conf_filename, config); load_yaml(conf_filename);
} }
void falco_configuration::load_engine_config(const std::string& config_name, const yaml_helper& config) std::string falco_configuration::dump()
{
return config.dump();
}
void falco_configuration::load_engine_config(const std::string& config_name)
{ {
// Set driver mode if not already set. // Set driver mode if not already set.
const std::unordered_map<std::string, engine_kind_t> engine_mode_lut = { const std::unordered_map<std::string, engine_kind_t> engine_mode_lut = {
@ -177,9 +180,9 @@ void falco_configuration::load_engine_config(const std::string& config_name, con
} }
} }
void falco_configuration::load_yaml(const std::string& config_name, const yaml_helper& config) void falco_configuration::load_yaml(const std::string& config_name)
{ {
load_engine_config(config_name, config); load_engine_config(config_name);
m_log_level = config.get_scalar<std::string>("log_level", "info"); m_log_level = config.get_scalar<std::string>("log_level", "info");
std::list<std::string> rules_files; std::list<std::string> rules_files;
@ -588,15 +591,15 @@ static bool split(const std::string &str, char delim, std::pair<std::string, std
return true; return true;
} }
void falco_configuration::init_cmdline_options(yaml_helper& config, const std::vector<std::string> &cmdline_options) void falco_configuration::init_cmdline_options(const std::vector<std::string> &cmdline_options)
{ {
for(const std::string &option : cmdline_options) for(const std::string &option : cmdline_options)
{ {
set_cmdline_option(config, option); set_cmdline_option(option);
} }
} }
void falco_configuration::set_cmdline_option(yaml_helper& config, const std::string &opt) void falco_configuration::set_cmdline_option(const std::string &opt)
{ {
std::pair<std::string, std::string> keyval; std::pair<std::string, std::string> keyval;

12
userspace/falco/configuration.h
View File

@ -89,6 +89,8 @@ public:
void init(const std::string& conf_filename, std::vector<std::string>& loaded_conf_files, std::vector<std::string>& loaded_conf_warnings, const std::vector<std::string>& cmdline_options); void init(const std::string& conf_filename, std::vector<std::string>& loaded_conf_files, std::vector<std::string>& loaded_conf_warnings, const std::vector<std::string>& cmdline_options);
void init(const std::vector<std::string>& cmdline_options); void init(const std::vector<std::string>& cmdline_options);
std::string dump();
static void read_rules_file_directory(const std::string& path, std::list<std::string>& rules_filenames, std::list<std::string> &rules_folders); static void read_rules_file_directory(const std::string& path, std::list<std::string>& rules_filenames, std::list<std::string> &rules_folders);
// Rules list as passed by the user // Rules list as passed by the user
@ -162,11 +164,11 @@ public:
gvisor_config m_gvisor = {}; gvisor_config m_gvisor = {};
private: private:
void load_yaml(const std::string& config_name, const yaml_helper& config); void load_yaml(const std::string& config_name);
void load_engine_config(const std::string& config_name, const yaml_helper& config); void load_engine_config(const std::string& config_name);
void init_cmdline_options(yaml_helper& config, const std::vector<std::string>& cmdline_options); void init_cmdline_options(const std::vector<std::string>& cmdline_options);
/** /**
* Given a <key>=<value> specifier, set the appropriate option * Given a <key>=<value> specifier, set the appropriate option
@ -174,7 +176,9 @@ private:
* characters for nesting. Currently only 1- or 2- level keys * characters for nesting. Currently only 1- or 2- level keys
* are supported and only scalar values are supported. * are supported and only scalar values are supported.
*/ */
void set_cmdline_option(yaml_helper& config, const std::string& spec); void set_cmdline_option(const std::string& spec);
yaml_helper config;
}; };
namespace YAML { namespace YAML {

7
userspace/falco/yaml_helper.h
View File

@ -215,6 +215,13 @@ public:
return node.IsDefined(); return node.IsDefined();
} }
std::string dump() const
{
YAML::Emitter emitter;
emitter << YAML::DoubleQuoted << YAML::Flow << YAML::LowerNull << YAML::BeginSeq << m_root;
return emitter.c_str() + 1; // drop initial '[' char
}
private: private:
YAML::Node m_root; YAML::Node m_root;