Commit Graph

153 Commits

Author SHA1 Message Date
Luca Guerra
8cf9b35b0e new(ci): run CI jobs on ARM64
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-12-07 18:26:28 +01:00
Luca Guerra
6e4ccb0007 update(ci): enable actuated.dev
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-12-07 18:26:28 +01:00
Federico Aponte
e558c4f5a5 chore(build): remove outdated development libs
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
2023-12-06 05:46:25 +01:00
Luca Guerra
22cc2e5add fix(gha): disable branch protection rule trigger for scorecard
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-11-14 15:19:13 +01:00
Roberto Scolaro
6d4006a1ec feat(ci): create win32 and macos installer
Signed-off-by: Roberto Scolaro <roberto.scolaro21@gmail.com>
2023-11-13 10:59:47 +01:00
Roberto Scolaro
29d3173ae3 feat(ci): add experimental other platforms support
Signed-off-by: Roberto Scolaro <roberto.scolaro21@gmail.com>

wip

Signed-off-by: Roberto Scolaro <roberto.scolaro21@gmail.com>
2023-11-13 10:59:47 +01:00
Luca Guerra
3e95faac44 chore(gha): set cosign-installer to v3.1.2
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-11-05 06:06:14 +01:00
Massimiliano Giovagnoli
1609ee8559 ci(.github): add ossf scorecard pipeline
Open Source Security Foundation Scorecard [1] is an automated tool
that assesses a number of important checks associated with
software security and assigns each check a score of 0-10.

Also, the OSSF Scorecard is one of the metrics monitored by
the CNCF CLO Monitor [2].

1. https://github.com/ossf/scorecard
2. https://github.com/cncf/clomonitor

Signed-off-by: Massimiliano Giovagnoli <me@maxgio.it>
2023-10-26 19:00:45 +02:00
Luca Guerra
39aa8fe05f new(ci): add semgrep to check for banned functions
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-19 17:41:22 +02:00
Luca Guerra
fec8a825cd update(ci): update setup-go action
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-17 16:20:16 +02:00
Luca Guerra
fc35c02015 update(ci): update aws pipeline jobs
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-17 16:20:16 +02:00
Luca Guerra
e68bb3be7d update(ci): upgrade docker pipeline jobs
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-17 16:20:16 +02:00
Luca Guerra
e6d71d2e8e fix(gha): update rpmsign
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-05 18:39:00 +02:00
Luca Guerra
a77e2dec10 fix(gha): use fedora instead of centos 7 for package publishing
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-05 11:27:58 +02:00
Luca Guerra
f1dec8f444 chore(gha): pin actions with hash, add TODO for upgrades
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-03 15:11:54 +02:00
Luca Guerra
27ad4c3aec update(gha): update checkout action to v4
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-10-03 15:11:54 +02:00
Federico Di Pierro
3c93249efb new(ci): properly link libs and driver releases linked to a Falco release.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-29 19:01:22 +02:00
Lorenzo Susini
1326ca356e update(userspace/engine): address jasondellaluce comments for maintainability
Signed-off-by: Lorenzo Susini <susinilorenzo1@gmail.com>
2023-09-28 20:05:21 +02:00
Federico Di Pierro
7c7ec800a6 chore(ci): bumped rn2md to latest master.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-27 11:20:12 +02:00
Luca Guerra
260f189028 update(gha): add version for rn2md
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-09-22 14:34:49 +02:00
Federico Di Pierro
0884ca4c6f chore: automatically attach release author to release body.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-22 12:18:49 +02:00
Federico Di Pierro
e836157771 chore(ci): added permissions to release-body job.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-21 21:04:47 +02:00
Federico Di Pierro
086deb9c6d chore(ci): only run release-body for latest releases, and properly override release name.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-21 21:04:47 +02:00
Federico Di Pierro
49adbf6d08 new(ci): autogenerate release body.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-09-21 21:04:47 +02:00
Luca Guerra
60a64ac647 fix(docker): get the driver loader legacy from the right directory
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-09-13 15:19:40 +02:00
Luca Guerra
e5e7a4761d fix(build): set the right bucket and version for driver legacy
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-09-13 15:19:40 +02:00
Luca Guerra
b3b4f4a431 update(build): build and release falco-distroless
Signed-off-by: Luca Guerra <luca@guerra.sh>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
2023-09-11 10:03:13 +02:00
Luca Guerra
22bd6f7352 update(build): publish the legacy driver image
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-09-07 15:55:59 +02:00
Luca Guerra
a22dac6866 update(falco)!: --list-syscall-events is now called --list-events
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-09-07 12:47:59 +02:00
Leonardo Grasso
e8e8c6413f fix(ci): make scap file work from within the container
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2023-09-07 12:34:59 +02:00
Andrea Terzolo
f7c628f623 ci: disable falco-driver-loader tests on ARM64
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
2023-09-05 11:15:55 +02:00
Andrea Terzolo
ce79e01ae8 ci: support tests on amazon-linux
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
2023-09-04 15:12:51 +02:00
Andrea Terzolo
dba685eeda tests: enable e2e falco-driver-loader tests
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
2023-09-04 12:19:46 +02:00
Jason Dellaluce
600318aaae update(ci): minimize retention days for build-only CI artifacts
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-29 09:33:21 +02:00
Jason Dellaluce
a439d5b556 refactor(ci): build and upload WASM packages
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
Co-authored-by: Rohith Raju <rohithraju488@gmail.com>
2023-08-24 10:30:40 +02:00
Andrea Terzolo
7125492704 ci: fix build after openssl bump in falcosecurity libs
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
2023-08-08 14:10:36 +02:00
Jason Dellaluce
23a0005b25 fix(ci): solve malformed worflow issues
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 16:03:22 +02:00
Jason Dellaluce
5790f0ff64 update: refine engine checksum docs and scoping
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 16:03:22 +02:00
Jason Dellaluce
16a1e9734b new(ci): add message warning for engine version
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 16:03:22 +02:00
Jason Dellaluce
3782c4bfd6 update(ci): add engine version checks in PR jobs
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 16:03:22 +02:00
Jason Dellaluce
b3e05173f4 cleanup(.github): remove builder bumper job
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 10:32:21 +02:00
Jason Dellaluce
b546a3932a cleanup: remove tester and local images
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-08-04 10:32:21 +02:00
Jason Dellaluce
0881aea663 update(ci): integrate tests and ci workflow for release branch and tags
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-07-27 19:35:41 +02:00
Federico Di Pierro
aa6b8c97c0 chore(ci): only install awscli from repo.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-06-16 12:42:23 +02:00
Federico Di Pierro
6025e4bcf0 fix(ci): fixed publish deb packages with new debian bookwork.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2023-06-16 12:42:23 +02:00
Jason Dellaluce
58a29cd359 fix(.github): skip some regression tests in static build
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-06-15 15:03:20 +02:00
Jason Dellaluce
20042c3dd4 fix(ci): skip plugins and falcoctl tests for static build
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-06-13 16:55:11 +02:00
Jason Dellaluce
78eac4e2cb update(ci): run GHA regression tests on static falco builds
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-06-13 10:50:10 +02:00
Jason Dellaluce
598f34ca01 wip: include regression tests in master's CI
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2023-06-13 10:50:10 +02:00
Luca Guerra
582bb327eb fix(ci): use /tmp/falco-build-* as a temp directory
Signed-off-by: Luca Guerra <luca@guerra.sh>
2023-06-07 15:28:43 +02:00