github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-10-21 19:44:57 +00:00
Code Issues Projects Releases Wiki Activity
1,900 Commits 123 Branches 176 Tags
2848eceb03b265aafaa2e159b6ab08dfa7149fb2
Commit Graph

148 Commits

Author SHA1 Message Date
Leonardo Grasso
ad960a9485 chore(docker): rename SKIP_MODULE_LOAD to SKIP_DRIVER_LOADER 
As per https://github.com/falcosecurity/falco/blob/master/proposals/20200506-artifacts-scope-part-2.md#action-items

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-07-07 12:17:20 +02:00
Leonardo Grasso
4af769f84c new(test): add gRPC unix socket support 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-06-30 13:04:03 +02:00
Leonardo Di Donato
c06ccf8378 update(docker/tester): grpcurl 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-30 13:04:03 +02:00
Leonardo Di Donato
3bfd94fefd docs(test): run locally handling python deps with venv 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-26 15:01:48 +02:00
Leonardo Grasso
3d3d537d85 update(docker/falco-driver-loader): propagate all args 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-18 15:16:59 +02:00
Leonardo Grasso
368817a95d fix(docker/no-driver): correct config value substitution 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-15 11:20:56 +02:00
Leonardo Grasso
c42cb1858c update(docker/falco): rename folder for naminig consistency 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 18:59:29 +02:00
Leonardo Grasso
935d9f5378 fix(docker/no-driver): enable time_format_iso_8601 by default 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 18:59:29 +02:00
Leonardo Grasso
2345ea2770 new(docker): add falco-no-driver image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 18:59:29 +02:00
Leonardo Grasso
901239c3c8 docs(docker): add falcosecurity/falco-no-driver image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 18:59:29 +02:00
Leonardo Grasso
0f23a9477f update(docker/OWNERS): add myself to approvers 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 14:09:46 +02:00
Leonardo Grasso
0c4074b7a9 update(docker): remove minimal image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-13 10:39:07 +02:00
Leonardo Grasso
05c684d68c test: add bin package (tar.gz) to integration test 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 19:22:49 +02:00
Leonardo Grasso
900a3b5860 refactor(docker): driverloader to falco-driver-loader 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-08 18:08:03 +02:00
Leonardo Grasso
2e703f0565 refactor(docker/driverloader): rename build arg 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 15:05:53 +02:00
Leonardo Grasso
24c0e80bd8 chore(docker): clean up unused set -e 
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
5e421c9ac4 docs(docker): add driverloader into supported images 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
63259f3885 new(docker/driverloader): docker image to load the driver 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
9915b9077c update(docker/event-generator): remove the event-generator from the Falco repo 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-24 15:40:50 +02:00
Leonardo Grasso
35691b0e05 update(docker): update README.md 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Grasso
ea0f78c2c2 chore(docker): remove kernel/linuxkit and kernel/probeloader images 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Grasso
61e859745d chore(docker): remove RHEL-base image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-04-01 11:49:59 +02:00
Leonardo Di Donato
fbcdb57cea update(docker): entrypoints to call falco-driver-loader now 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-23 18:50:06 +01:00
Leonardo Di Donato
c1d840d471 update(test): account only for falco version in tests, not driver version 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-23 18:50:06 +01:00
Lorenzo Fontana
9db36822e7 update(docker/tester): python 3 support for regression tests 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-17 21:24:31 +01:00
Leonardo Di Donato
87e8457ce7 docs: bump versions to 0.21.0 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-17 15:34:20 +01:00
Mark Stemm
2126616529 Fix image for event generator deployment yaml 
I had a bug in https://github.com/falcosecurity/falco/pull/1088 where
the image name for the event generator was pointing to a temporary tag
instead of latest. This switches the image name back to latest.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 21:32:24 +01:00
Mark Stemm
6488ea8456 (WIP) K8s Deployment to run event generator w k8s_audit 
Add a deployment yaml that allows running the event generator in a k8s
cluster:

 - Change the event generator to create/delete objects in a namespace
   "falco-eg-sandbox" instead of "falco-event-generator". That way you
   separate the generator from the resources it modifies (mostly, the
   exception being the rolebinding).
 - Create a serviceaccount, clusterrole, and rolebinding that allows the
   event generator to create/list/delete objects in the falco-eg-sandbox
   namespace. The list of permissions is fairly broad mostly so the
   event generator can delete all resources without explicitly naming
   them. The binding does limit permissions to the falco-eg-sandbox
   namespace, though.

A one-line way to run this would be:

kubectl create namespace falco-event-generator && \
  kubectl create namespace falco-eg-sandbox && \
  kubectl apply -f event-generator-role-rolebinding-serviceaccount.yaml && \
  kubectl apply -f event-generator-k8saudit-deployment.yaml

I haven't actually pushed a new docker image to replace the current
event generator yet--the deployment yaml refers to a placeholder
falcosecurity/falco-event-generator:eg-sandbox image. Once the review is
done I'll rebase this to change the image to latest before merging.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 13:12:40 +01:00
Mark Stemm
3fd67aa5c3 K8s Daemonset to run event generator w/ syscalls 
Add a Daemonset yaml that allows running the falco event generator on
syscalls. It will run on any non-master node.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-03-12 13:12:40 +01:00
Leonardo Di Donato
de5cd1ce6f update(docker): latest or explicit FALCO_VERSION for docker images via docker build argument 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-10 20:46:52 +01:00
Lorenzo Fontana
941313b1f1 fix(docker/minimal): untar of downloaded falco package 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-06 11:53:28 +01:00
Leonardo Di Donato
272bb59df4 update(docker): reorganize docker images with build arguments 
Using the VERSION_BUCKET build arguments at docker build time users can now choose from which Falco version to build them.

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
e9b5b815da new(docker/dev): update local dockerfile to use our own repositories 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
4e3a279e47 new(docker): update local to use our own repositories 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Lorenzo Fontana
9d6c714bdf update(docker/stable): use the new debian packages infrastructure 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
d6ed1ca39a fix(docker): falcosecurity sources list 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
5cdca39ae6 update(docker/stable): use the falcosecurity deb repo 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
1ec2f2cea3 update(docker/minimal): download falco binary 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
dfdd9693fc update(docker): slim images to use falcosecurity new repo and new GPG key 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
8415576097 update(docker/rhel): using the new falcosecurity repo and falcosecurity GPG key 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
b59e4b6072 chore(docker,cmake,scripts): correct maintainers email 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
2a739364d6 fix(docker): fix symbolic linking for /usrc/src inside docker images entrypoint 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-26 10:02:24 +01:00
Adrián Arroyo Calle
bcfc1fc9ff fix: indentation 
Signed-off-by: Adrián Arroyo Calle <adrian.arroyocalle@gmail.com>
 2020-02-26 10:02:24 +01:00
Adrián Arroyo Calle
3eb634d49f fix: entrypoint now uses base path 
Signed-off-by: Adrián Arroyo Calle <adrian.arroyocalle@gmail.com>
 2020-02-26 10:02:24 +01:00
Kris Nova
9eeed5912b Updating falco:local 
- Using `debian:stable` for the local image as well

Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-02-25 13:21:23 +01:00
Kris Nova
5c294bacc7 Fixing falco:stable image 
- Updating stable image to pull from `debian:stable`
 - Updating maintainer label in all Dockerfiles to include `LABEL maintainer="cncf-falco-dev@lists.cncf.io"`

Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-02-25 13:21:23 +01:00
rajibmitra
d77080a8c2 update: changelog 0.20.0 
Signed-off-by: rajibmitra <fiorm.github@gmail.com>
 2020-02-24 11:05:15 +01:00
Leonardo Di Donato
a1d6a4762e fix(docker/minimal): libyaml 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-24 11:53:02 +01:00
Leonardo Di Donato
24549e163a update(docker): switch to 0.19.0 
Co-authored-by: Lorenzo Fontana <fontanalorenzo@me.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:32:47 +01:00
Leonardo Di Donato
f3dcacea5b fix(docker/tester): share rules and trace files with docker test runners 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-01-23 15:04:39 +01:00