github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-26 14:52:20 +00:00
Code Issues Projects Releases Wiki Activity
3,411 Commits 121 Branches 172 Tags 104 MiB
9f4573a26a
Commit Graph

3411 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Dellaluce
9f4573a26a update(scripts): add option for updating all signatures in publish-rpm 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-20 16:56:06 +01:00
Jason Dellaluce
ac2555ca3c update(scripts): add option for updating all signatures in publish-deb 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-20 16:56:06 +01:00
Jason Dellaluce
cfc96e899b fix(docker/falco): trust latest GPG key 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-19 12:33:46 +01:00
Federico Di Pierro
306f9ba468 fix(userspace/falco): fixed build. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-01-17 16:00:23 +01:00
Federico Di Pierro
a8377d544a update(cmake): updated libs to latest 0.10.1 tag. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-01-17 16:00:23 +01:00
Jason Dellaluce
41a5de670a docs(falco.yaml): update webserver config docs 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-16 17:24:54 +01:00
Jason Dellaluce
55a6436ee8 new(userspace/falco): add webserver endpoint for retrieving internal versions 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-16 17:24:54 +01:00
Jason Dellaluce
ea48ec70be refactor(userspace/falco): use new utility for printing versions and support 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-16 17:24:54 +01:00
Jason Dellaluce
7724ad940a new(userspace/falco): standaline utility for retrieving internal version numbers 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-16 17:24:54 +01:00
Thomas Labarussias
bb9edea666 install ca-certificates in falco:no-driver image 
Signed-off-by: Thomas Labarussias <issif+github@gadz.org>
 2023-01-16 10:35:18 +01:00
Jason Dellaluce
c69b198777 chore(userspace/falco): cleanup error message when no output is configured 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
db2f5d5e9c fix(userspace/falco): solve tests issues 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
4aefb7fd7d fix(userspace/falco): require config file only when needed 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
149c95c3fb fix(userspace/falco): load config before every other action 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
46f15facfe fix(userspace/falco): adapt tests 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
78312c8c15 update(userspace/falco): clean up configuration and allow re-initialization 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
d6bbf5d442 refactor(userspace/falco): isolate yaml helpers (2) 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
2eac8f88cb refactor(userspace/falco): isolate yaml helpers (1) 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
bc3ec30f3e chore(userspace/falco) remove unused var 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
42ef8db26f refactor(userspace/falco): deprecate version-json option and rely on json_output 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
09d9ae135b update(userspace/falco): load default config at app initialization 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
57cafcb65a refator(userspace/falco): allow loading default config with no file 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-15 18:30:15 +01:00
Jason Dellaluce
c1985a7c99 fix(userspace/engine): absolute rule condition position in validation context 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-10 12:55:43 +01:00
Jason Dellaluce
d79d7112a0 fix(userspace/engine): catch YAML parsing and validation errors with right context 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-01-10 12:55:43 +01:00
Luca Guerra
1b2c7ef7d9 new(falco): add --version-json to print version information in json format 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-01-10 12:35:43 +01:00
Leonardo Grasso
280fcfe5d3 update: deprecate Mesos support, --mesos-api, and -pm command-line flags 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-01-09 14:04:55 +01:00
Furkan
8381d58f2c chore(scripts/falco-driver-loader): improve curl resiliency 
Fixes #2334

Signed-off-by: Furkan <furkan.turkal@trendyol.com>
 2023-01-09 10:12:55 +01:00
Andrea Terzolo
19d5430f5d update: modern falco builder 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-01-09 09:04:54 +01:00
Andrea Terzolo
609171fe14 doc: reword 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
 2022-12-21 14:56:02 +01:00
Andrea Terzolo
de6292ce09 doc(userspace): fix a warning message 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 14:56:02 +01:00
Andrea Terzolo
decabbc519 update(ci): bump also musl job 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 11:26:02 +01:00
Andrea Terzolo
647c085041 ci: bump resource class 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 11:26:02 +01:00
Andrea Terzolo
e1ff4db67a update(ci): support modern bpf with musl build 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 11:26:02 +01:00
Andrea Terzolo
c861f0b02a update(ci): update ci jobs to generate Falco images with modern probe 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 11:26:02 +01:00
Andrea Terzolo
e5ed3284db chore: bump libs/driver version 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-21 11:26:02 +01:00
Federico Di Pierro
9d2f1e0729 new(scripts): add bottlerocket support in falco-driver-loader. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2022-12-19 17:33:09 +01:00
Andrea Terzolo
100e92a6fb fix: job step name 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
 2022-12-19 11:48:00 +01:00
Andrea Terzolo
9b41b77d53 cleanup(ci): move static analysis from circle CI to GHA 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2022-12-19 11:48:00 +01:00
Oscar Utbult
b17d513251 rules: use list of Falco containers instead of repeating them 
Signed-off-by: Oscar Utbult <oscar.utbult@gmail.com>
 2022-12-16 12:56:23 +01:00
Luca Guerra
6ea233dd75 new(falco): add engine version to --version 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-12-16 12:09:24 +01:00
Luca Guerra
dde2fdd67c new(falco): add driver_api_version, driver_schema_version, default_driver_version, libs_version to support 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-12-16 12:09:24 +01:00
Luca Guerra
a4ff604021 update(falco): update cpp-httplib to 0.11.3 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-12-16 11:53:23 +01:00
Alberto Pellitteri
d9a9fdf577 Rule: detecting executions from /dev/shm 
Signed-off-by: Alberto Pellitteri <albertopellitteri96@gmail.com>
 2022-12-16 11:33:23 +01:00
Alberto Pellitteri
68b87a6f13 Rule: detecting executions looking for AWS credentials 
Signed-off-by: Alberto Pellitteri <albertopellitteri96@gmail.com>
Co-authored-by: Alessandro Brucato <alessandro.brucato@sysdig.com>
 2022-12-16 10:42:23 +01:00
Melissa Kilby
e5f3b724a5 update(docs): reference Falco default rules overview markdown document 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2022-12-15 16:46:20 +01:00
Melissa Kilby
f04ff10bd7 new(rules): init rules_inventory/ 
* add ad-hoc python script to generate Falco default rules overview markdown document
* init rules_inventory/rules_overview.md doc

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2022-12-15 16:46:20 +01:00
Melissa Kilby
6afe9d9200 update(rules): ehanced rules tagging for inventory / threat modeling 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2022-12-15 16:46:20 +01:00
cappellinsamuele
cec135b4b6 fix(ci): fix rpm sign job dependencies 
Signed-off-by: cappellinsamuele <cappellinsamuele@gmail.com>
 2022-12-15 16:32:20 +01:00
Leonardo Grasso
73b9273472 chore(scripts): rename env var 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2022-12-15 16:19:20 +01:00
Andrea Bonanno
7e52db2b42 update(script): makes user able to pass additional custom option to driver-loader curl command 
Signed-off-by: Andrea Bonanno <andrea@bonanno.cloud>
 2022-12-15 16:19:20 +01:00