From f62c38e9e8ea8d03e5340d4aaf47e29d62e59b9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=20M=C3=BCller?=
 <60851960+toamto94@users.noreply.github.com>
Date: Wed, 7 Feb 2024 20:15:45 +0100
Subject: [PATCH] added option for insecure http download
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added option for insecure http driver download in the docker-entrypoint.sh script. By passing --http-insecure to the container via an argument, the flag is forwarded to the falcoctl driver install command.

Signed-off-by: Tom Müller <60851960+toamto94@users.noreply.github.com>
---
 docker/driver-loader/docker-entrypoint.sh | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/docker/driver-loader/docker-entrypoint.sh b/docker/driver-loader/docker-entrypoint.sh
index 104af563..0e574bbc 100755
--- a/docker/driver-loader/docker-entrypoint.sh
+++ b/docker/driver-loader/docker-entrypoint.sh
@@ -28,11 +28,12 @@ print_usage() {
 	echo "  ebpf           eBPF probe"
 	echo ""
 	echo "Options:"
-	echo "  --help         show this help message"
-	echo "  --clean        try to remove an already present driver installation"
-	echo "  --compile      try to compile the driver locally (default true)"
-	echo "  --download     try to download a prebuilt driver (default true)"
-	echo "  --print-env    skip execution and print env variables for other tools to consume"
+	echo "  --help           show this help message"
+	echo "  --clean          try to remove an already present driver installation"
+	echo "  --compile        try to compile the driver locally (default true)"
+	echo "  --download       try to download a prebuilt driver (default true)"
+ 	echo "  --http-insecure	 enable insecure downloads"
+	echo "  --print-env      skip execution and print env variables for other tools to consume"
 	echo ""
 	echo "Environment variables:"
 	echo "  FALCOCTL_DRIVER_REPOS             specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
@@ -50,6 +51,7 @@ done
 
 ENABLE_COMPILE="false"
 ENABLE_DOWNLOAD="false"
+HTTP_INSECURE="false"
 has_driver=
 has_opts=
 while test $# -gt 0; do
@@ -80,6 +82,9 @@ while test $# -gt 0; do
 			ENABLE_DOWNLOAD="true"
 			has_opts="true"
 			;;
+		--http-insecure)
+			HTTP_INSECURE="true"
+			;;   
 		--source-only)
 		    >&2 echo "Support dropped in Falco 0.37.0."
 			print_usage
@@ -108,4 +113,4 @@ if [ -z "$has_opts" ]; then
 	ENABLE_DOWNLOAD="true"
 fi
 
-/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD
+/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE