falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-07-02 17:42:18 +00:00

Author	SHA1	Message	Date
kaizhe	e2bf87d207	macro(trusted_pod): add new list k8s_image_list Signed-off-by: kaizhe <derek0405@gmail.com>	2020-07-31 10:40:48 +02:00
Antoine Deschênes	0a600253ac	falco-driver-loader: fix conflicting $1 argument usage Signed-off-by: Antoine Deschênes <antoine@antoinedeschenes.com>	2020-07-28 09:58:39 +02:00
kaizhe	571f8a28e7	add macro user_read_sensitive_file_containers Signed-off-by: kaizhe <derek0405@gmail.com>	2020-07-25 08:53:06 +02:00
kaizhe	6bb0bba68a	rules update(Read sensitive file untrusted): add trusted images into whitelist Signed-off-by: kaizhe <derek0405@gmail.com>	2020-07-25 08:53:06 +02:00
Leonardo Grasso	f1a42cf259	rule(list allowed_k8s_users): add "kubernetes-admin" user Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-25 08:51:13 +02:00
Nicolas Vanheuverzwijn	427c15f257	rule(macro falco_privileged_images): add 'docker.io/falcosecurity/falco' Add 'docker.io/falcosecurity/falco' image to 'falco_privileged_images' macro. This preven messages like this when booting up falco : ``` Warning Pod started with privileged container (user=system:serviceaccount:kube-system:daemon-set-controller pod=falco-42brw ns=monitoring images=docker.io/falcosecurity/falco:0.24.0) ``` Signed-off-by: Nicolas Vanheuverzwijn <nicolas.vanheu@gmail.com>	2020-07-23 20:49:57 +02:00
kaizhe	a9b4e6c73e	add sysdig/agent-slim to the user_trusted_images macro Signed-off-by: kaizhe <derek0405@gmail.com>	2020-07-20 23:41:47 +02:00
kaizhe	b32853798f	rule update (macro: user_trusted_containers): add sysdig/node-image-analyzer to macro user_trusted_containers Signed-off-by: kaizhe <derek0405@gmail.com>	2020-07-20 23:41:47 +02:00
Shane Lawrence	b86bc4a857	Use ISO 8601 format for changelog dates. Signed-off-by: Shane Lawrence <shane@lawrence.dev>	2020-07-20 23:25:30 +02:00
Leo Di Donato	23224355a5	docs(test): integration tests intended to be run against a release build of Falco Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com> Co-authored-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-20 22:48:00 +02:00
Leo Di Donato	84fbac0863	chore(.circleci): switch back to falcosecurity/falco-tester:latest runner for integration tests Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	3814b2e81b	docs(test): run all the test suites at once Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	a83b91fc53	new(test): run_regression_tests.sh -h Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	e618f005b6	update(docker/tester): use the new run_regression_tests.sh CLI flags Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	d8faa95702	fix(test): run_regression_tests.sh must generate falco_traces test suite in a non-interactive way Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	ef5e71598a	docs(test): instruction to run falco_tests_package integration test suite locally Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	bb1282c7be	update(test): make run_regression_tests.sh script accept different options The following options have been added: * -v (verbose) * -p (prepare falco_traces test suite) * -b (specify custom branch for downloading trace files) * -d (specify the build directory) Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	8f07189ede	docs(test): instructions for executing falco_traces integration test suite Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	dec2ff7d72	docs(test): prepare the local environment for running integration test suites Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	f3022e0abf	build(test): target test-traces files This make target calls the `trace-files-psp`, `trace-files-k8s-audit`, `trace-files-base-scap` targets to place all the integration test fixtures in the proper position. Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	9b42b20e1c	build(test/trace_files): target trace-files-base-scap Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	850a49989f	build(test/trace_files/psp): target trace-files-psp Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Di Donato	0dc2a6abd3	build(test/traces_file/k8s_audit): target trace-files-k8s-audit Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-20 22:48:00 +02:00
Leonardo Grasso	4346e98f20	feat(userspace/falco): print version at startup Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-16 22:35:56 +02:00
Lorenzo Fontana	38009f23b4	build: remove libyaml from cpack rpm Signed-off-by: Lorenzo Fontana <lo@linux.com>	2020-07-16 19:34:39 +02:00
Lorenzo Fontana	324a3b88e7	build: remove libyaml-0-2 as dependency in packages and dockerfiles Signed-off-by: Lorenzo Fontana <lo@linux.com>	2020-07-16 19:34:39 +02:00
Lorenzo Fontana	c03f563450	build: libyaml in bundled deps Signed-off-by: Lorenzo Fontana <lo@linux.com>	2020-07-16 19:34:39 +02:00
Leonardo Di Donato	c4b7f17271	docs: refinements to the release process docs Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-16 16:38:15 +02:00
Leonardo Di Donato	ebb0c47524	docs: 0.24.0 changelog entries Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-16 16:38:15 +02:00
Lorenzo Fontana	a447b6996e	fix(userspace): rethrow inspector open exceptions Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com> Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>	2020-07-15 18:33:50 +02:00
Leonardo Di Donato	596e7ee303	fix(userspace/falco): try to insert kernel module driver conditionally Do it only when not running with userspace instrumentation enabled and the syscall input source is enabled (!disable_syscall) Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-15 18:33:50 +02:00
Leonardo Di Donato	8ae6aa51b9	chore: onetbb dependency is back Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-15 18:33:50 +02:00
Leo Di Donato	1343fd7e92	update(userspace/falco): userspace instrumentation help line Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-15 18:33:50 +02:00
Kris Nova	1954cf3af3	update(userspace/falco): edits to the falco CLI Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com> Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-15 18:33:50 +02:00
Kris Nova	bc8f9a5692	feat(cli): adding -u to the usage text Signed-off-by: Kris Nova <kris@nivenly.com>	2020-07-15 18:33:50 +02:00
Kris Nova	1af1226566	feat(build): fixing MD5 of tpp for udig/pdig build Signed-off-by: Kris Nova <kris@nivenly.com>	2020-07-15 18:33:50 +02:00
Loris Degioanni	c743f1eb68	feat(cli): adding -u to flip inspector method calls udig support through the -u command line flag Signed-off-by: Kris Nóva <kris@nivenly.com> Co-authored-by: Kris Nóva <kris@nivenly.com>	2020-07-15 18:33:50 +02:00
Leonardo Grasso	bca98e0419	update(rules): disable drift detection rules by default Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-15 18:01:57 +02:00
Nicolas Marier	32bae35de2	rule(list package_mgmt_binaries): add snapd to list Snap is a package manager by Canonical which was not in the `package_mgmt_binaries` list. Signed-off-by: Nicolas Marier <nmarier@coveo.com>	2020-07-10 10:04:26 +02:00
Leonardo Grasso	de147447ed	update(userspace/falco): rename --stats_interval to --stats-interval Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-08 17:55:16 +02:00
Leonardo Di Donato	825e249294	update(userspace/falco): rename --stats_interval to --stats-interval To match the style of other long flags of the Falco CLI. Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-08 17:55:16 +02:00
Leonardo Di Donato	00689a5d97	fix(userspace/falco): allow stats interval greather than 999 milliseconds Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-08 17:55:16 +02:00
Leonardo Grasso	4d31784a83	fix(docker): correct syntax error in the entrypoint script Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2020-07-08 12:11:33 +02:00
Leonardo Di Donato	2848eceb03	build(cmake/modules): update driver version to 85c889 Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 21:19:08 +02:00
Leonardo Di Donato	c7ac1ef61b	update(userspace/engine): const correctness for json_event class Co-authored-by: Nathan Baker <nathan.baker@sysdig.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 21:19:08 +02:00
Leonardo Di Donato	5fd3c38422	build(cmake/modules): update driver version to 33c00f This driver version, among other things (like userspace instrumentation support) includes a fix for building the eBPF driver on CentOS 8 machines too. Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 18:41:01 +02:00
Leo Di Donato	3bad1d2a56	docs: auto threadiness comment into Falco config Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 13:42:09 +02:00
Leonardo Di Donato	8ad5c4f834	update: default grpc server threadiness is 0 now ("auto") Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 13:42:09 +02:00
Leonardo Di Donato	553856ad68	chore(userspace): log the gRPC threadiness Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 13:42:09 +02:00
Leonardo Di Donato	2d52be603d	update(userspace/falco): gRPC server threadiness 0 by default (which means "auto") The 0 ("auto") value sets the threadiness to the number of online cores automatically. Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>	2020-07-07 13:42:09 +02:00

1 2 3 4 5 ...

1943 Commits