github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 23:57:29 +00:00
Code Issues Projects Releases Wiki Activity
4,513 Commits 121 Branches 172 Tags 104 MiB
f18ea1e8b7
Commit Graph

4513 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrea Terzolo
6bd40f3ea2 cleanup: thrown exceptions and avoid multiple logs 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-13 11:28:40 +02:00
dependabot[bot]
c9a424d75e build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `c6e01fa` to `43580b4`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](c6e01fa7a5...43580b4ceb)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 09:29:39 +02:00
dependabot[bot]
e2b21402ae build(deps): Bump submodules/falcosecurity-testing 
Bumps [submodules/falcosecurity-testing](https://github.com/falcosecurity/testing) from `76d1743` to `30c3643`.
- [Commits](76d1743a0a...30c36439fc)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-testing
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 09:28:40 +02:00
Luca Guerra
7b4264918b update(docs): add driver-loader-legacy to readme and fix bad c&p 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-12 13:33:35 +02:00
Jason Dellaluce
5595212ff9 fix(userspace/falco): clearing full output queue 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-09-12 13:19:35 +02:00
dependabot[bot]
fdd520f163 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `d31dbc2` to `c6e01fa`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](d31dbc26ea...c6e01fa7a5)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-12 09:16:34 +02:00
Leonardo Grasso
b5e3ef95fe docs: add LICENSE file 
This commit creates a copy of https://github.com/falcosecurity/falco/blob/master/COPYING (which is kept for historical reasons) to address the recommendation reported by https://github.com/falcosecurity/evolution/issues/317

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-12 09:15:34 +02:00
Luca Guerra
37ce18f457 fix(docker): prevent variable expansion with FALCO_DRIVER_LOADER_OPTIONS 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-11 14:59:30 +02:00
Luca Guerra
dae36c798a new(docker): allow passing options to falco-driver-loader from the container image 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-11 14:59:30 +02:00
dependabot[bot]
30aa28f2a6 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `b6372d2` to `d31dbc2`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](b6372d2675...d31dbc26ea)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-11 10:59:14 +02:00
Luca Guerra
d5e80fee0b update(docs): add section about the experimental distroless image 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-11 10:03:13 +02:00
Luca Guerra
b3b4f4a431 update(build): build and release falco-distroless 
Signed-off-by: Luca Guerra <luca@guerra.sh>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-11 10:03:13 +02:00
Adrian Mouat
de5eec5285 new(docker): add distroless Dockerfile 
Signed-off-by: Adrian Mouat <adrian@chainguard.dev>
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-11 10:03:13 +02:00
Leonardo Grasso
35cb960917 update(userspace/engine): align %container.info defaults with new rule styles 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-08 19:00:04 +02:00
Andrea Terzolo
e55bedac0b fix(stats): always initialize m_output 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-07 19:13:00 +02:00
Luca Guerra
c2b940f8c4 update(docker): remove packages that are not strictly necessary 
Signed-off-by: Luca Guerra <luca@guerra.sh>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-07 15:55:59 +02:00
Luca Guerra
22bd6f7352 update(build): publish the legacy driver image 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 15:55:59 +02:00
Luca Guerra
1616ac666b update(docker): add the legacy driver loader image 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 15:55:59 +02:00
Luca Guerra
02982e0375 update(docker): upgrade Falco driver loader image 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 15:55:59 +02:00
dependabot[bot]
eb8e4b9a29 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `6ed73fe` to `b6372d2`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](6ed73fee78...b6372d2675)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-07 13:41:59 +02:00
Melissa Kilby
73f15e6c5b cleanup(userspace/falco): adjust outputs_queue_num_drops counter for recovery 'empty' 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
dad2762ed6 fix(userspace/falco): change outputs_queue_num_drops to atomic 
Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
88a5e1bf45 cleanup(config): rename default outputs queue macro 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
0eff98aa8e cleanup: apply more reviewers suggestions 
Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
016fdae93b cleanup: apply reviewers suggestions 
Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
a61f24066f cleanup(userspace/falco): always set queue capacity and use largest long as default for unbounded 
Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
1e94598eca new(metrics): add falco.outputs_queue_num_drops metrics + plus fix rebase leftovers 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
85883b7200 cleanup(outputs): adopt different style for outputs_queue params encodings 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
03a557725b cleanup(outputs): ensure old defaults in queue_capacity_outputs in new config 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Melissa Kilby
b55b209edf fix(outputs): expose queue_capacity_outputs config for memory control 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-07 13:15:59 +02:00
Luca Guerra
d1b932d2e9 update(docker): use debian 12 slim for falco no driver 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 12:49:59 +02:00
Luca Guerra
a22dac6866 update(falco)!: --list-syscall-events is now called --list-events 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 12:47:59 +02:00
Luca Guerra
bfb22527a2 chore(falco): update engine version and checksum 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 12:47:59 +02:00
Luca Guerra
b21bfd6e8d new(falco): print all events (not just syscall) 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-07 12:47:59 +02:00
Leonardo Grasso
79b39b54d0 update(cmake/modules): bump rules to falco-rules-2.0.0-rc1 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-07 12:34:59 +02:00
Leonardo Grasso
7cd299e658 chore(submodule): bump testing framework to 76d1743 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-07 12:34:59 +02:00
Leonardo Grasso
e8e8c6413f fix(ci): make scap file work from within the container 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-07 12:34:59 +02:00
Federico Di Pierro
4d590fa6ee update(cmake): bumped libs to 0.13.0-rc1 and driver to 6.0.0+driver. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-09-06 17:20:00 +02:00
Daniel Wright
513f122aff feat: support parsing of system environment variables in yaml 
In order to allow the user to supply environment variables in standard
ways performed in other applications the get_scalar function has been
extended to support defining an environment variable in the format
`${FOO}`. Environment variables can be escaped via defining as `$${FOO}`.
As this handles some additional complexity, a unit test has been  added
to cover this new functionality

Signed-off-by: Daniel Wright <danielwright@bitgo.com>
 2023-09-06 11:45:00 +02:00
dependabot[bot]
5ffffeeada build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `b42893a` to `6ed73fe`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](b42893a6eb...6ed73fee78)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 09:59:59 +02:00
Vicente J. Jiménez Miras
3dae1cbf91 docs(README.md): correct URL 
Signed-off-by: Vicente J. Jiménez Miras <vjjmiras@gmail.com>
 2023-09-05 17:07:57 +02:00
Andrea Terzolo
12735bdfb1 chore: bump Falco to latest libs 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-05 16:41:57 +02:00
Andrea Terzolo
f7c628f623 ci: disable falco-driver-loader tests on ARM64 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-05 11:15:55 +02:00
Leonardo Grasso
b2374b3c19 fix(userspace/falco): apply suggestions for CLI help messages 
Co-authored-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-04 18:50:52 +02:00
Leonardo Grasso
93e8be1e32 update(userspace/falco): revised CLI help messages 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-04 18:50:52 +02:00
Luca Guerra
b246bcb052 fix(engine): fix werror reorder 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-04 17:26:52 +02:00
Andrea Terzolo
6251af0ab6 new: introduce new stats updated to the latest libs version 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 17:24:52 +02:00
Andrea Terzolo
ce79e01ae8 ci: support tests on amazon-linux 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 15:12:51 +02:00
Leonardo Grasso
9db4c9b2cb build(cmake/modules): upgrade falcoctl to version 0.6.0 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-04 14:18:51 +02:00
Andrea Terzolo
dba685eeda tests: enable e2e falco-driver-loader tests 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 12:19:46 +02:00