github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-18 00:31:30 +00:00
Code Issues Projects Releases Wiki Activity

new(userspace/falco): added --config-schema action to print config schema.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro 2024-09-06 09:18:46 +02:00 committed by poiana
parent dabfe0e154
commit f3eecb6b21
6 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
userspace/falco/CMakeLists.txt
View File

@ -49,6 +49,7 @@ add_library(falco_application STATIC
app/actions/validate_rules_files.cpp app/actions/validate_rules_files.cpp
app/actions/create_requested_paths.cpp app/actions/create_requested_paths.cpp
app/actions/close_inspectors.cpp app/actions/close_inspectors.cpp
app/actions/print_config_schema.cpp
configuration.cpp configuration.cpp
falco_outputs.cpp falco_outputs.cpp
outputs_file.cpp outputs_file.cpp

1
userspace/falco/app/actions/actions.h
View File

@ -38,6 +38,7 @@ falco::app::run_result list_plugins(const falco::app::state& s);
falco::app::run_result load_config(const falco::app::state& s); falco::app::run_result load_config(const falco::app::state& s);
falco::app::run_result load_plugins(falco::app::state& s); falco::app::run_result load_plugins(falco::app::state& s);
falco::app::run_result load_rules_files(falco::app::state& s); falco::app::run_result load_rules_files(falco::app::state& s);
falco::app::run_result print_config_schema(falco::app::state& s);
falco::app::run_result print_generated_gvisor_config(falco::app::state& s); falco::app::run_result print_generated_gvisor_config(falco::app::state& s);
falco::app::run_result print_help(falco::app::state& s); falco::app::run_result print_help(falco::app::state& s);
falco::app::run_result print_ignored_events(const falco::app::state& s); falco::app::run_result print_ignored_events(const falco::app::state& s);

31
userspace/falco/app/actions/print_config_schema.cpp Normal file
View File

@ -0,0 +1,31 @@
// SPDX-License-Identifier: Apache-2.0
/*
Copyright (C) 2024 The Falco Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "actions.h"
using namespace falco::app;
using namespace falco::app::actions;
falco::app::run_result falco::app::actions::print_config_schema(falco::app::state &s)
{
if(s.options.print_config_schema)
{
printf("%s", s.config->m_config_schema.dump(2).c_str());
return run_result::exit();
}
return run_result::ok();
}

1
userspace/falco/app/app.cpp
View File

@ -60,6 +60,7 @@ bool falco::app::run(falco::app::state& s, bool& restart, std::string& errstr)
// dependencies are honored (e.g. don't process events before // dependencies are honored (e.g. don't process events before
// loading plugins, opening inspector, etc.). // loading plugins, opening inspector, etc.).
std::list<app_action> run_steps = { std::list<app_action> run_steps = {
falco::app::actions::print_config_schema,
falco::app::actions::load_config, falco::app::actions::load_config,
falco::app::actions::print_help, falco::app::actions::print_help,
falco::app::actions::print_kernel_version, falco::app::actions::print_kernel_version,

3
userspace/falco/app/options.cpp
View File

@ -110,10 +110,11 @@ void options::define(cxxopts::Options& opts)
opts.add_options() opts.add_options()
("h,help", "Print this help list and exit.", cxxopts::value(help)->default_value("false")) ("h,help", "Print this help list and exit.", cxxopts::value(help)->default_value("false"))
#ifdef BUILD_TYPE_RELEASE #ifdef BUILD_TYPE_RELEASE
("c", "Configuration file. If not specified uses " FALCO_INSTALL_CONF_FILE ".", cxxopts::value(conf_filename), "<path>") ("c", "Configuration file. If not specified uses " FALCO_INSTALL_CONF_FILE ".", cxxopts::value(conf_filename), "<path>")
#else #else
("c", "Configuration file. If not specified tries " FALCO_SOURCE_CONF_FILE ", " FALCO_INSTALL_CONF_FILE ".", cxxopts::value(conf_filename), "<path>") ("c", "Configuration file. If not specified tries " FALCO_SOURCE_CONF_FILE ", " FALCO_INSTALL_CONF_FILE ".", cxxopts::value(conf_filename), "<path>")
#endif #endif
("config-schema", "Print the config json schema and exit.", cxxopts::value(print_config_schema)->default_value("false"))
("A", "Monitor all events supported by Falco and defined in rules and configs. Some events are ignored by default when -A is not specified (the -i option lists these events ignored). Using -A can impact performance. This option has no effect when reproducing events from a capture file.", cxxopts::value(all_events)->default_value("false")) ("A", "Monitor all events supported by Falco and defined in rules and configs. Some events are ignored by default when -A is not specified (the -i option lists these events ignored). Using -A can impact performance. This option has no effect when reproducing events from a capture file.", cxxopts::value(all_events)->default_value("false"))
("b,print-base64", "Print data buffers in base64. This is useful for encoding binary data that needs to be used over media designed to consume this format.") ("b,print-base64", "Print data buffers in base64. This is useful for encoding binary data that needs to be used over media designed to consume this format.")
#if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD) #if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD)

1
userspace/falco/app/options.h
View File

@ -40,6 +40,7 @@ public:
// Each of these maps directly to a command line option. // Each of these maps directly to a command line option.
bool help = false; bool help = false;
bool print_config_schema = false;
std::string conf_filename; std::string conf_filename;
bool all_events = false; bool all_events = false;
sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL; sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL;