github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-31 06:10:45 +00:00
Code Issues Projects Releases Wiki Activity
4,220 Commits 118 Branches 173 Tags
fix_CI_4
Commit Graph

231 Commits

Author SHA1 Message Date
Leonardo Grasso
63259f3885 new(docker/driverloader): docker image to load the driver 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
9915b9077c update(docker/event-generator): remove the event-generator from the Falco repo 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-24 15:40:50 +02:00
Leonardo Grasso
35691b0e05 update(docker): update README.md 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Grasso
ea0f78c2c2 chore(docker): remove kernel/linuxkit and kernel/probeloader images 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Grasso
61e859745d chore(docker): remove RHEL-base image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Di Donato
fbcdb57cea update(docker): entrypoints to call falco-driver-loader now 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-23 18:50:06 +01:00
Leonardo Di Donato
c1d840d471 update(test): account only for falco version in tests, not driver version 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-23 18:50:06 +01:00
Lorenzo Fontana
9db36822e7 update(docker/tester): python 3 support for regression tests 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-17 21:24:31 +01:00
Leonardo Di Donato
87e8457ce7 docs: bump versions to 0.21.0 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-17 15:34:20 +01:00
Mark Stemm
2126616529 Fix image for event generator deployment yaml 
I had a bug in https://github.com/falcosecurity/falco/pull/1088 where
the image name for the event generator was pointing to a temporary tag
instead of latest. This switches the image name back to latest.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 21:32:24 +01:00
Mark Stemm
6488ea8456 (WIP) K8s Deployment to run event generator w k8s_audit 
Add a deployment yaml that allows running the event generator in a k8s
cluster:

 - Change the event generator to create/delete objects in a namespace
   "falco-eg-sandbox" instead of "falco-event-generator". That way you
   separate the generator from the resources it modifies (mostly, the
   exception being the rolebinding).
 - Create a serviceaccount, clusterrole, and rolebinding that allows the
   event generator to create/list/delete objects in the falco-eg-sandbox
   namespace. The list of permissions is fairly broad mostly so the
   event generator can delete all resources without explicitly naming
   them. The binding does limit permissions to the falco-eg-sandbox
   namespace, though.

A one-line way to run this would be:

kubectl create namespace falco-event-generator && \
  kubectl create namespace falco-eg-sandbox && \
  kubectl apply -f event-generator-role-rolebinding-serviceaccount.yaml && \
  kubectl apply -f event-generator-k8saudit-deployment.yaml

I haven't actually pushed a new docker image to replace the current
event generator yet--the deployment yaml refers to a placeholder
falcosecurity/falco-event-generator:eg-sandbox image. Once the review is
done I'll rebase this to change the image to latest before merging.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 13:12:40 +01:00
Mark Stemm
3fd67aa5c3 K8s Daemonset to run event generator w/ syscalls 
Add a Daemonset yaml that allows running the falco event generator on
syscalls. It will run on any non-master node.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 13:12:40 +01:00
Leonardo Di Donato
de5cd1ce6f update(docker): latest or explicit FALCO_VERSION for docker images via docker build argument 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-10 20:46:52 +01:00
Lorenzo Fontana
941313b1f1 fix(docker/minimal): untar of downloaded falco package 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-06 11:53:28 +01:00
Leonardo Di Donato
272bb59df4 update(docker): reorganize docker images with build arguments 
Using the VERSION_BUCKET build arguments at docker build time users can now choose from which Falco version to build them.

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
e9b5b815da new(docker/dev): update local dockerfile to use our own repositories 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
4e3a279e47 new(docker): update local to use our own repositories 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
9d6c714bdf update(docker/stable): use the new debian packages infrastructure 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
d6ed1ca39a fix(docker): falcosecurity sources list 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
5cdca39ae6 update(docker/stable): use the falcosecurity deb repo 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
1ec2f2cea3 update(docker/minimal): download falco binary 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
dfdd9693fc update(docker): slim images to use falcosecurity new repo and new GPG key 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
8415576097 update(docker/rhel): using the new falcosecurity repo and falcosecurity GPG key 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
b59e4b6072 chore(docker,cmake,scripts): correct maintainers email 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
2a739364d6 fix(docker): fix symbolic linking for /usrc/src inside docker images entrypoint 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-26 10:02:24 +01:00
Adrián Arroyo Calle
bcfc1fc9ff fix: indentation 
Signed-off-by: Adrián Arroyo Calle <adrian.arroyocalle@gmail.com>
 2020-02-26 10:02:24 +01:00
Adrián Arroyo Calle
3eb634d49f fix: entrypoint now uses base path 
Signed-off-by: Adrián Arroyo Calle <adrian.arroyocalle@gmail.com>
 2020-02-26 10:02:24 +01:00
Kris Nova
9eeed5912b Updating falco:local 
- Using `debian:stable` for the local image as well

Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-02-25 13:21:23 +01:00
Kris Nova
5c294bacc7 Fixing falco:stable image 
- Updating stable image to pull from `debian:stable`
 - Updating maintainer label in all Dockerfiles to include `LABEL maintainer="cncf-falco-dev@lists.cncf.io"`

Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-02-25 13:21:23 +01:00
rajibmitra
d77080a8c2 update: changelog 0.20.0 
Signed-off-by: rajibmitra <fiorm.github@gmail.com>
 2020-02-24 11:05:15 +01:00
Leonardo Di Donato
a1d6a4762e fix(docker/minimal): libyaml 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-24 11:53:02 +01:00
Leonardo Di Donato
24549e163a update(docker): switch to 0.19.0 
Co-authored-by: Lorenzo Fontana <fontanalorenzo@me.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:32:47 +01:00
Leonardo Di Donato
f3dcacea5b fix(docker/tester): share rules and trace files with docker test runners 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:04:39 +01:00
Leonardo Di Donato
cf803759ef fix(docker/tester): falco-tester does not have to check for docker/local anymore 
Co-Authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:04:39 +01:00
Leonardo Di Donato
347b581d95 chore: cleanup docker test runners 
Co-Authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:04:39 +01:00
Lorenzo Fontana
c96248e4fc chore(integration): libyaml in tester docker file for deb packages 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-23 15:04:39 +01:00
Lorenzo Fontana
c7b8d6123a chore(integration): add dkms to docker test deb runner 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-23 15:04:39 +01:00
Lorenzo Fontana
46181a7336 update(integration): rpm tester docker image 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-23 15:04:39 +01:00
Lorenzo Fontana
6bd4c3a041 update(integration): falco tester entrypoint 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-23 15:04:39 +01:00
Lorenzo Fontana
6d737c1def new(integration): docker deb runner 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-23 15:04:39 +01:00
Leonardo Di Donato
12a86d33ef fix(docker/builder): add llvm toolset back to falco-builder 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-21 12:51:50 +01:00
Leonardo Di Donato
55364405aa chore(docker/builder): remove unneded layer 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-21 12:51:50 +01:00
Leonardo Di Donato
077fbea0a7 update(docker/builder): back to centos:7 as base image 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-21 12:51:50 +01:00
Leonardo Di Donato
182c07a31f update: force deps to always use the system openssl 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-20 13:59:24 +01:00
Leonardo Di Donato
77d23d2cc6 update(docker/tester): switch to fedora:31 
Co-Authored-By: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-17 19:09:31 +01:00
Lorenzo Fontana
521c3198bd build(docker/builder): vanilla CentOS 8 for the builder 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-17 19:09:31 +01:00
Lorenzo Fontana
56885f8810 build(docker/tester): remove openssl compat libraries 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-17 19:09:31 +01:00
Leonardo Di Donato
9a3c98d93b fix(docker/local): adding libyaml 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-17 19:09:31 +01:00
Lorenzo Fontana
d8c21ef837 build(docker/tester): rename prepare artifacts step 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-17 19:09:31 +01:00
Lorenzo Fontana
b8335b510d build: falco tester automatic version 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-01-17 19:09:31 +01:00