falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-06-25 22:32:07 +00:00

Author	SHA1	Message	Date
Luca Guerra	728c8d7d0e	fix(engine): clarify error message for invalid append Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	04dd06b2c6	new(tests): add error testing for rule overrides Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	4c023b0d93	update(engine): temporary replace for error messages Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	8a7ef687b1	update(engine): throw an error if an unexpected top level key is found in an override Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	21c629dc4d	chore(engine): bump engine version Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	2db29af0e8	update(engine): clarify override error messages Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Luca Guerra	bc072502cc	new(engine): add selective overrides Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-22 21:49:21 +01:00
Melissa Kilby	3976e777a5	update(config): clarify deprecation notices + list all env vars Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>	2023-12-22 09:55:19 +01:00
Melissa Kilby	9131261ff3	chore: fix some characters in deprecation notices Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>	2023-12-22 09:55:19 +01:00
Luca Guerra	e5034323fd	cleanup(engine): clarify deprecation notice for engines Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-21 17:40:15 +01:00
Federico Di Pierro	213fa392e8	update(cmake): bumped falcoctl to v0.7.0-rc1. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-21 09:35:15 +01:00
Federico Di Pierro	a2c128e934	chore(ci): revert #2961 . Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-20 12:09:12 +01:00
dependabot[bot]	f2d0c42911	build(deps): Bump submodules/falcosecurity-testing Bumps [submodules/falcosecurity-testing](https://github.com/falcosecurity/testing) from `930170b` to `9b9630e`. - [Commits](`930170bb0b...9b9630e2d8`) --- updated-dependencies: - dependency-name: submodules/falcosecurity-testing dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-19 18:46:08 +01:00
Andrea Terzolo	8ff1ef752d	chore: bump falco engine version Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>	2023-12-18 19:01:01 +01:00
Andrea Terzolo	454882f518	chore: bump Falco to latest libs Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>	2023-12-18 19:01:01 +01:00
dependabot[bot]	3c31c05450	build(deps): Bump submodules/falcosecurity-rules Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `262f569` to `cd33bc3`. - [Release notes](https://github.com/falcosecurity/rules/releases) - [Commits](`262f56986e...cd33bc34af`) --- updated-dependencies: - dependency-name: submodules/falcosecurity-rules dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-18 18:26:01 +01:00
Samuel Gaist	d99c137b09	feat(outputs_http): implement keep alive Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>	2023-12-18 17:41:02 +01:00
Samuel Gaist	691bc8b04d	feat(outputs_http): implement support for compressed upload Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>	2023-12-18 17:41:02 +01:00
Mark Stemm	ab0133d1dd	Add unit tests for enabling/disabling rules Add unit tests for enabling/disabling rules, covering: - matching names by substring - using "" to match all rules - matching names exactly - using ruleset ids in addition to ruleset names Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2023-12-18 15:58:04 +01:00
Mark Stemm	334302e525	Allow enabling rules by ruleset id in addition to name Add alternate enable_* methods that allow enabling rulesets by ruleset id in addition to name. This might be used by some filter_rulesets to enable/disable rules on the fly via the falco engine. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2023-12-18 15:58:04 +01:00
Federico Di Pierro	1ab4e9e0fc	chore(ci): enable aarch64 falco driver loader tests. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-18 15:26:02 +01:00
Federico Di Pierro	9e1e68f64b	chore(unit_tests): added more tests for yaml env vars expansion. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-14 12:44:47 +01:00
Federico Di Pierro	752e8bf16c	chore(falco.yaml): use HOME env var for ebpf probe path. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-13 17:45:45 +01:00
Federico Di Pierro	cbbcb61153	new(unit_tests,userspace): properly support env var expansions in all scalar values of yaml file. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-13 17:03:46 +01:00
Federico Di Pierro	3b095a5eda	chore(unit_tests): added tests around empty config value resolving to default. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-13 17:03:46 +01:00
Federico Di Pierro	7805bf5ad5	fix(userspace,unit_tests): fixed bool parsing. Moreover, added some more tests around env vars. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-13 17:03:46 +01:00
Federico Di Pierro	0c0fb63008	chore(unit_test,userspace): allow env var to get expanded in yaml even when part of a string. Moreover, support env variable embedding another env variable. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-13 17:03:46 +01:00
Andrea Terzolo	ed346e90cd	update(falco): bump engine version and checksum Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>	2023-12-13 16:59:46 +01:00
Andrea Terzolo	b190a60da7	chore: bump to latest libs commit Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>	2023-12-13 16:59:46 +01:00
Andrea Terzolo	34a896f3a5	new(.gitignore): ignore local `CMakeUserPresets.json` Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>	2023-12-13 16:59:46 +01:00
dependabot[bot]	1a338e1a39	build(deps): Bump submodules/falcosecurity-rules Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `dd38952` to `262f569`. - [Release notes](https://github.com/falcosecurity/rules/releases) - [Commits](`dd38952168...262f56986e`) --- updated-dependencies: - dependency-name: submodules/falcosecurity-rules dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 16:01:46 +01:00
Luca Guerra	e3f54a14a6	update(readme): add actuated.dev badge Signed-off-by: Luca Guerra <luca@guerra.sh>	2023-12-12 18:56:44 +01:00
Nitro Cao	4bfc42eb7d	feat(falco): monitor events with more types for rules directory Signed-off-by: Nitro Cao <jaycecao520@gmail.com>	2023-12-12 18:49:44 +01:00
Federico Di Pierro	47959abfed	chore(docker): improve usage helper message. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-12 18:23:44 +01:00
Federico Di Pierro	8db79da647	chore(cmake,docker): bumped falcoctl to v0.7.0-beta5. Moreover, small fix in docker images entrypoints regarding the name printed in usage. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-12 18:23:44 +01:00
dependabot[bot]	9c01f3518a	build(deps): Bump submodules/falcosecurity-rules Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `64e2adb` to `dd38952`. - [Release notes](https://github.com/falcosecurity/rules/releases) - [Commits](`64e2adb309...dd38952168`) --- updated-dependencies: - dependency-name: submodules/falcosecurity-rules dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-12 14:37:43 +01:00
Federico Di Pierro	f2ebdfaf8e	fix(docker): small fixes in docker entrypoints for new driver loader. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-12 09:56:42 +01:00
Federico Aponte	e427c800f3	chore(build): fix error using find_package with ExternalProject_Add Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>	2023-12-11 16:52:39 +01:00
Federico Aponte	5e17ba6c23	chore(build): allow usage of non-bundled nlohmann-json Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>	2023-12-11 16:52:39 +01:00
Federico Di Pierro	e177898d2b	update(cmake): bumped falcoctl to v0.7.0-beta4. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	2dfd687912	update(submodules): bumped falcosecurity/testing to latest master. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	b7538429b8	update(cmake): bumped falcoctl to v0.7.0-beta3. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	1de6f10ad6	update(cmake): bump falcoctl to 0.7.0-beta2. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	5f59fee54f	update(submodules): bumped falcosecurity-testing to latest dev. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	4d566b2c71	chore(cmake): bumped falcoctl to v0.7.0-beta1. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	96f50ddac5	chore(scripts): integrate back master changes `FALCO_DRIVER_CHOICE` and `FALCOCTL_ENABLED` . Also, env variables always have precedence over dialog (ie: if they are set, we always skip dialog). Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	ade27c2546	chore(scripts): use new default value for falcoctl driver.host-root config key. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	2244cc6f71	update(cmake): bump falcoctl to v0.7.0-alpha2. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	1dd47668dd	chore(scripts): only configure falcoctl driver type when a driver is selected. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00
Federico Di Pierro	5eb2ae8d76	chore(cmake/modules): bumped falcoctl to latest alpha. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2023-12-11 16:37:39 +01:00

1 2 3 4 5 ...

4285 Commits