falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-07-05 10:56:47 +00:00

Author	SHA1	Message	Date
Leonardo Di Donato	b369de3801	fix(docker/builder): enforce DRAIOS_DEBUG_FLAGS to DNDEBUG when BUILD_TYPE=debug This is a temporary fix for Travis CI (which is where we use falco-builder docker image). Was already done in the past (see: `9285aa59c1 (diff-354f30a63fb0907d4ad57269548329e3)`). Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	95a7cf3ea8	fix(build): ignore unused variables warnings Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	dc03dbee18	fix(build): draios debug flags before checking build type Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	8156c9214c	fix(docker/tester): regression tests' scripts need xargs (findutils) Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	d11ad9a005	fix(docker/tester): switch to fedora 28 and avocado 69 Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	c71703b566	update(test): better handling of build type Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	8400066ac8	update(test): ignore for generated traces Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	f18fc46a1c	build: update cpack variables Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	e598606505	build: force falco version to always start with a digit Falco version respects the following rules: If the current commit matches (exactly) a git tag then the FALCO_VERSION equals it (with the initial "v" stripped out). Otherwise FALCO_VERSION is 0.<commit hash>[.-dirty]. Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	7b2b0b14a5	chore(docker): falco-builder docker image refinements Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	e422337ed7	fix(hack): strip ^M from current falco version and call test command of falco-tester Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	c4cd9e326a	docs(docker): usage and labels for falco-tester docker image Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	533e8247fd	fix(docker/local): make falco version build argument mandatory Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	736aa92b5e	chore: remove travis notifications Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	3e1ab78536	build: set sysdig directory to its realpath Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	38cf3c6f29	fix(docker): falco builder does not need docker Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	50f04897e5	update(docker): falco tester image Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	62be14dde6	new(docker): default usage command for falco tester image Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	c5e296576d	update(docker): falco tester entrypoint performs checks in order to be more robust Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	a5b063f5fa	update: detect current falco version during travis testing Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	c61c0e7020	build: always check the BUILD_TYPE within the entrypoint Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	ebcb133f00	build: docker builder's BUILD_TYPE variable is "release" by default, otherwise it can only be "debug" Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	88503a1ea9	build: CMAKE_BUILD_TYPE is "release" by default, otherwise it can only be "debug" Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	e1c2cac9c9	fix(travis): source directory Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	44f0633f47	update: falco builder image has FALCO_VERSION build arg and env var again Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	9d4ed8e33e	build: falco version from git when cmake variable exists but empty Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	0d4fc4bdad	update: falco version from cmake variable Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	85a94d67d3	build: falco version from git index when not defined Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	f3c3cda879	new: cmake modules for git revision description Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	e02318db7c	update: centos 7 falco builder Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	9f7e3bdfcd	update: usage examples for falco builder Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	2cda10caeb	new: default (usage) command for falco builder image Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	7efec602e8	new: script to enable toolset 7 in falco builder containers Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	8fb4c7f2f6	update: entrypoint checks for sysdig and falco dirs Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	6e313742e7	build: attempt to be consistent when downloading things Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	e92a721521	build: install cmake at docker build phase rather than at runtime Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	d5aae4aff5	update: make travis use the hack script Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
Leonardo Di Donato	2aff2d00a3	update: move build and test commands into a separate script Co-authored-By: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2019-07-26 03:23:01 +02:00
ntimo	d7956a2a09	add docker.io/prom/node-exporter to falco_sensitive_mount_images Signed-off-by: Timo Nowitzki <git@nowitzki.me>	2019-07-24 16:25:47 +02:00
ntimo	9308c1ee55	add docker.io/google/cadvisor to falco_sensitive_mount_images Signed-off-by: Timo Nowitzki <git@nowitzki.me>	2019-07-24 16:25:47 +02:00
Mark Stemm	40e3e21391	Allow all lowercase priorities Just being tolerant given that the comparison used to be entirely case-insensitive. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-24 13:05:17 +02:00
kaizhe	d6c089c917	add netdata/netdata to falco_sensitive_mount_images Signed-off-by: kaizhe <derek0405@gmail.com>	2019-07-23 18:50:23 +02:00
kaizhe	9ab718c100	rules update: Add trusted_logging_images macro for rule Clear Log Hisotry as exception Signed-off-by: kaizhe <derek0405@gmail.com>	2019-07-23 18:50:23 +02:00
Lorenzo Fontana	4b2ea32eac	fix: do the inspector after forking for daemon mode Signed-off-by: Lorenzo Fontana <lo@linux.com>	2019-07-23 01:13:05 +02:00
Spencer Krum	5acdb16e89	Fix shell_procs macro Extra parentheses broke the Terminal check Co-Authored-By: Michael Ducy <michael@ducy.org> Signed-off-by: Spencer Krum <skrum@us.ibm.com>	2019-07-22 04:43:26 -07:00
Mark Stemm	a084f8c4ed	CHANGELOG/README changes for 0.16.0 Bumping version, noting changes since last release. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-12 12:18:42 -07:00
Mark Stemm	01f65e3bae	Add new tests for validating rules files Add a bunch of additional test cases for validating rules files. Each has a specific kind of parse failure and checks for the appropriate error info on stdout. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-11 11:24:22 -07:00
Mark Stemm	1711ed0a2e	Pass back explicit errors in load_rules() Instead of relying on lua errors to pass back parse errors, pass back an explicit true + required engine version or false + error message. Also clean up the error message to display info + context on the error. When the error related to yaml parsing, use the row number passed back in lyaml's error string to print the specific line with the error. When parsing rules/macros/lists, print the object being parsed alongside the error. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-11 11:24:22 -07:00
Mark Stemm	839d76a760	Send validate output to stdout When parsing rules files with -V (validate), print info on the result of loading the rules file to stdout. That way a caller can capture stdout to pass along any rules parsing error. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-11 11:24:22 -07:00
Mark Stemm	dc7bff127f	New flags to compare stdout/stderr, validate rules New test options stdout_is/stderr_is do a direct comparison between stdout/stderr and the provided value. Test option validate_rules_file maps to -V arguments, which validate rules and exits. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2019-07-11 11:24:22 -07:00

... 4 5 6 7 8 ...

1440 Commits