Skip to content

new(pkg,tests): support Falco running with container plugin. #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 13, 2025
Merged

new(pkg,tests): support Falco running with container plugin. #69

merged 1 commit into from
Feb 13, 2025

Conversation

FedeDP
Copy link
Contributor

@FedeDP FedeDP commented Feb 13, 2025

No description provided.

@FedeDP
new(pkg,tests): support Falco running with container plugin.
037b1af 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
@poiana poiana added the size/M label Feb 13, 2025
@FedeDP FedeDP mentioned this pull request Feb 12, 2025
Closed
@FedeDP
Copy link
Contributor Author

FedeDP commented Feb 13, 2025

/hold

FedeDP
FedeDP commented Feb 13, 2025
View reviewed changes
tests/tests.go
@@ -67,21 +67,6 @@ func NewFalcoctlExecutableRunner(t *testing.T) run.Runner {
return runner
}

// IsRootUser returns true if the program is run as root.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused methods.

FedeDP
FedeDP commented Feb 13, 2025
View reviewed changes
tests/tests.go
@@ -42,6 +41,7 @@ func init() {
flag.StringVar(&falcoBinary, "falco-binary", falcoBinary, "Falco executable binary path")
flag.StringVar(&falcoctlBinary, "falcoctl-binary", falcoctlBinary, "falcoctl executable binary path")
flag.StringVar(&falco.FalcoConfig, "falco-config", falco.FalcoConfig, "Falco config file path")
flag.StringVar(&falco.FalcoContainerPluginLibrary, "falco-container-plugin", falco.FalcoContainerPluginLibrary, "Path to the Falco container plugin shared object.")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought it could be helpful being able to run the testing framework pointing to a local libcontainer.so, to eventually test container plugin changes against the testing framework.
By default, it expects to find the shared object under /usr/share/falco/plugins/libcontainer.so.

FedeDP
FedeDP commented Feb 13, 2025
View reviewed changes
pkg/falco/helpers.go
// If we are running a newer Falco version with
// the container plugin, enforce it to the
if _, err := os.Stat(FalcoContainerPluginLibrary); err == nil {
plugins = append(plugins, &PluginConfigInfo{
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the container plugin is present, append it when generating the plugin config.

@FedeDP
Copy link
Contributor Author

FedeDP commented Feb 13, 2025

falcosecurity/falco#3482 test-dev-packages-arm64 is now down to only 6 failures! And this PR passes tests against latest dev Falco thus:

  • no breaking change for existing Falco master
  • improvement (from 71 failures to 6) for Falco with container plugin PR

Remaining failures are most probably due to other issues that will try to track after this one.
Let's go!
/unhold

@FedeDP
Copy link
Contributor Author

FedeDP commented Feb 13, 2025

/cc @leogr

@poiana poiana requested a review from leogr February 13, 2025 14:22
@FedeDP FedeDP mentioned this pull request Feb 13, 2025
Merged
5 tasks
@poiana poiana added the lgtm label Feb 13, 2025
@poiana
Copy link

poiana commented Feb 13, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, leogr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit d52591b into falcosecurity:main Feb 13, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leogr leogr leogr approved these changes

@jasondellaluce jasondellaluce Awaiting requested review from jasondellaluce

@LucaGuerra LucaGuerra Awaiting requested review from LucaGuerra

Assignees

@leogr leogr

Labels
approved dco-signoff: yes lgtm size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@FedeDP @poiana @leogr