github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-01 00:52:16 +00:00
Code Issues Projects Releases Wiki Activity
4,632 Commits 119 Branches 172 Tags 104 MiB
dabfe0e154
Commit Graph

4632 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Federico Di Pierro
dabfe0e154 cleanup(userspace/falco): drop deprecated -t,-T,-D options. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-06 09:26:10 +02:00
Luca Guerra
36d6951e77 new(falco): add test for object cli configuration, minor test fix 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-06 09:25:11 +02:00
Luca Guerra
5b6810a51e new(falco): enable -o key={object} configuration 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-06 09:25:11 +02:00
harshitasao
24a70da976 made required changes 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-09-04 22:00:06 +02:00
harshitasao
9f180b989a fixed the token-permission and pinned-dependencies issue 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-09-04 22:00:06 +02:00
Bill Vandenberk
4053c6e1cc Apply suggestions from code review 
Formatting and case, adds links

Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
8030c03334 fix spelling 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
32550dad26 add newline to end of config file 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
c587d8efc7 add missing changes 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
123d5ba244 add config file, update readme, config mount, remove command override 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
48442be91e adds docker-compose config 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Melissa Kilby
8a3cb7608a chore: updat config schema w/ container_engines 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 12:13:26 +02:00
Melissa Kilby
898e060544 chore: update desc in falco.yaml 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 12:13:26 +02:00
Melissa Kilby
08d5ac92ad update(engine): move some contaienr engines debug message to init inspector 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 12:13:26 +02:00
Melissa Kilby
e8afcc55cc update(engine): address reviewers comments wrt container_engines config 
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 12:13:26 +02:00
Melissa Kilby
f6ffa75d74 new(config): add container_engines config to falco.yaml 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 12:13:26 +02:00
Melissa Kilby
f8398213ba update(metrics): always refresh ifinfo 
Because libs constantly refreshes them, it's fine to re-create the JSON
each time

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 10:18:26 +02:00
Melissa Kilby
1caece2cf9 update(metrics): use new libs addr_to_string methods for host_ifinfo_json 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 10:18:26 +02:00
Melissa Kilby
23b412ea3c new(metrics): add host_ifinfo metric 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-27 10:18:26 +02:00
Fede Barcelona
7a684fdf13 feat(cmake): add conditional builds for falcoctl and rules 
There are systems, like Nix derivations where the build process
does not have network access in order to enforce reproducibility.
This patch allows people building Falco to optionally skip the build
of falcoctl with `-DADD_FALCOCTL_DEPENDENCY=OFF` and point to their own
self-backed, or pre-fetched rules files with
`-DFALCOSECURITY_RULES_FALCO_PATH=<some-path>` and
`-DFALCOSECURITY_RULES_LOCAL_PATH=<some-path>`.

For context, I needed to apply these patches while building the
project with Nix in https://github.com/tembleking/falco-nix but I think
that would be benefitial for the community to have also these options
open, and that would also make Falco feasible to be added to the
nixpkgs repository at https://github.com/nixos/nixpkgs

Signed-off-by: Fede Barcelona <fede_rico_94@hotmail.com>
 2024-08-27 10:15:26 +02:00
dependabot[bot]
8920701385 chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `baecf18` to `b6ad373`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](baecf181ea...b6ad373719)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 18:27:25 +02:00
Federico Di Pierro
db52442b3f fix(userspace/falco): fixed windows build by enforcing NOMINMAX compile definition. 
Also, minified config schema, since the big schema string leads to an MSVC compiler error.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
3fff994b19 chore(userspace/falco): include numeric header for std::accumulate. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
05bbe74d69 fix(unit_tests): skip Configuration.schema_validate_config test if Falco config is not present. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
d1c715e7a8 chore(unit_tests,userspace): use nlhomann json instead of jsoncpp. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
be927edfe8 new(userspace/falco,unit_tests): added new tests around schema validation feature. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
94dc7da986 cleanup(unit_tests,userspace/falco): moved all config validation logic to be more testable. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
6dfdfdd649 chore(unit_tests): moved config_files and env vars config tests to their own source file. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
c807727475 chore(userspace/falco): use minProperties where needed. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
5c551df116 new(userspace/falco): validate loaded configuration files against config schema. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 18:06:25 +02:00
Federico Di Pierro
4e45152521 fix(cmake,userspace/falco): bumped libs to latest master. 
Also, fixes some newly introduced API breaks.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-08-26 15:51:25 +02:00
Luca Guerra
1886aca8b5 update(falco): update metrics interface 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-08-26 15:51:25 +02:00
Luca Guerra
d93c51c929 update(build): update libs to latest master 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-08-26 15:51:25 +02:00
Luca Guerra
784d2d27cb update(cmake): bump libs and drivers to fix compilation issue 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-08-26 15:51:25 +02:00
Jason Dellaluce
6783cc7055 fix(unit_tests): adapt tests to new engine warning formats 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-08-26 15:51:25 +02:00
Jason Dellaluce
4ae942f1c6 update(cmake): bump libs and driver to latest master 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-08-26 15:51:25 +02:00
dependabot[bot]
d3191bdf15 chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `342b20d` to `baecf18`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](342b20dc7d...baecf181ea)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-20 10:46:43 +02:00
Luca Guerra
6824bdb660 update(docs): update changelog for 0.38.2 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-08-19 16:34:41 +02:00
Bill Vandenberk
1755527ad7 Add Tulip Retail to adopters list 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-08 15:00:54 +02:00
Melissa Kilby
33a0d9c6ab fix(metrics/prometheus): adopt best prometheus practices for rules counters and sha256 file metrics 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-08-05 11:39:40 +02:00
dependabot[bot]
7a9048125f chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `068f0f2` to `342b20d`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](068f0f2dc9...342b20dc7d)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-02 19:55:30 +02:00
dependabot[bot]
d12b0ce290 chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `28b98b6` to `068f0f2`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](28b98b6f5f...068f0f2dc9)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-23 14:03:45 +02:00
Samuel Gaist
0e0428c5f7 vote: request to join maintainers 
Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-07-08 16:45:35 +02:00
Federico Di Pierro
1f2943da1e chore(ci): add ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION:true env to enforce the usage of node16. 
Centos:7 does not support node20 (glibc required mismatch).

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-07-08 07:03:33 +02:00
Federico Di Pierro
a9f3d98a00 chore(ci): use correct vault repo path for arm64. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-07-08 07:03:33 +02:00
Federico Di Pierro
aa42e380e0 fix(ci): use vault.centos.org for centos:7 CI build. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-07-08 07:03:33 +02:00
dependabot[bot]
5283dca335 chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `c0a9bf1` to `28b98b6`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](c0a9bf17d5...28b98b6f5f)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-03 11:27:18 +02:00
harshitasao
c25ded8f39 made some required changes 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-07-02 11:16:12 +02:00
harshitasao
a9ef7f9f97 added the openssf scorecard badge 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-07-02 11:16:12 +02:00
dependabot[bot]
62a448f805 chore(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `ea57e78` to `c0a9bf1`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](ea57e78ea1...c0a9bf17d5)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-27 14:45:50 +02:00