github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-15 07:22:05 +00:00
Code Issues Projects Releases Wiki Activity

added option for insecure http download

Browse Source 
Added option for insecure http driver download in the docker-entrypoint.sh script. By passing --http-insecure to the container via an argument, the flag is forwarded to the falcoctl driver install command.

Signed-off-by: Tom Müller <60851960+toamto94@users.noreply.github.com>
This commit is contained in:
Tom Müller 2024-02-07 20:15:45 +01:00 committed by poiana
parent b091522398
commit f62c38e9e8
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docker/driver-loader/docker-entrypoint.sh
View File

@ -28,11 +28,12 @@ print_usage() {
echo " ebpf eBPF probe" echo " ebpf eBPF probe"
echo "" echo ""
echo "Options:" echo "Options:"
echo " --help show this help message" echo " --help show this help message"
echo " --clean try to remove an already present driver installation" echo " --clean try to remove an already present driver installation"
echo " --compile try to compile the driver locally (default true)" echo " --compile try to compile the driver locally (default true)"
echo " --download try to download a prebuilt driver (default true)" echo " --download try to download a prebuilt driver (default true)"
echo " --print-env skip execution and print env variables for other tools to consume" echo " --http-insecure enable insecure downloads"
echo " --print-env skip execution and print env variables for other tools to consume"
echo "" echo ""
echo "Environment variables:" echo "Environment variables:"
echo " FALCOCTL_DRIVER_REPOS specify different URL(s) where to look for prebuilt Falco drivers (comma separated)" echo " FALCOCTL_DRIVER_REPOS specify different URL(s) where to look for prebuilt Falco drivers (comma separated)"
@ -50,6 +51,7 @@ done
ENABLE_COMPILE="false" ENABLE_COMPILE="false"
ENABLE_DOWNLOAD="false" ENABLE_DOWNLOAD="false"
HTTP_INSECURE="false"
has_driver= has_driver=
has_opts= has_opts=
while test $# -gt 0; do while test $# -gt 0; do
@ -80,6 +82,9 @@ while test $# -gt 0; do
ENABLE_DOWNLOAD="true" ENABLE_DOWNLOAD="true"
has_opts="true" has_opts="true"
;; ;;
--http-insecure)
HTTP_INSECURE="true"
;;
--source-only) --source-only)
>&2 echo "Support dropped in Falco 0.37.0." >&2 echo "Support dropped in Falco 0.37.0."
print_usage print_usage
@ -108,4 +113,4 @@ if [ -z "$has_opts" ]; then
ENABLE_DOWNLOAD="true" ENABLE_DOWNLOAD="true"
fi fi
/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE