Skip to content

Commit

Permalink
fix(docker): default to auto for driver to be configured.
Browse files Browse the repository at this point in the history 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
  • Loading branch information
@FedeDP @poiana
FedeDP authored and poiana committed Apr 16, 2024
1 parent fc7a451 commit 80a99b6
Show file tree
Hide file tree
Showing 3 changed files with 58 additions and 46 deletions.
34 changes: 18 additions & 16 deletions docker/driver-loader-legacy/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,23 +55,17 @@ done
ENABLE_COMPILE="false"
ENABLE_DOWNLOAD="false"
HTTP_INSECURE="false"
has_driver=
driver=
has_opts=
while test $# -gt 0; do
case "$1" in
auto|kmod|ebpf|modern_ebpf)
if [ -n "$has_driver" ]; then
if [ -n "$driver" ]; then
>&2 echo "Only one driver per invocation"
print_usage
exit 1
else
if [ "$opt" != "auto" ]; then
/usr/bin/falcoctl driver config --type $opt
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi
has_driver="true"
driver=$1
fi
;;
-h|--help)
Expand All @@ -92,11 +86,6 @@ while test $# -gt 0; do
;;
--http-insecure)
HTTP_INSECURE="true"
;;
--source-only)
>&2 echo "Support dropped in Falco 0.37.0."
print_usage
exit 1
;;
--print-env)
/usr/bin/falcoctl driver printenv
Expand All @@ -116,9 +105,22 @@ while test $# -gt 0; do
shift
done

# No opts passed, enable both compile and download
if [ -z "$has_opts" ]; then
ENABLE_COMPILE="true"
ENABLE_DOWNLOAD="true"
ENABLE_COMPILE="true"
ENABLE_DOWNLOAD="true"
fi

# Default value: auto
if [ -z "$driver" ]; then
driver="auto"
fi

if [ "$driver" != "auto" ]; then
/usr/bin/falcoctl driver config --type $driver
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi

/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS"
29 changes: 18 additions & 11 deletions docker/driver-loader/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,25 +57,19 @@ done
ENABLE_COMPILE="false"
ENABLE_DOWNLOAD="false"
HTTP_INSECURE="false"
has_driver=
driver=
has_opts=
extra_args=

while test $# -gt 0; do
case "$1" in
auto|kmod|ebpf|modern_ebpf)
if [ -n "$has_driver" ]; then
if [ -n "$driver" ]; then
>&2 echo "Only one driver per invocation"
print_usage
exit 1
else
if [ "$opt" != "auto" ]; then
/usr/bin/falcoctl driver config --type $opt
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi
has_driver="true"
driver=$1
fi
;;
-h|--help)
Expand Down Expand Up @@ -123,9 +117,22 @@ while test $# -gt 0; do
shift
done

# No opts passed, enable both compile and download
if [ -z "$has_opts" ]; then
ENABLE_COMPILE="true"
ENABLE_DOWNLOAD="true"
ENABLE_COMPILE="true"
ENABLE_DOWNLOAD="true"
fi

# Default value: auto
if [ -z "$driver" ]; then
driver="auto"
fi

if [ "$driver" != "auto" ]; then
/usr/bin/falcoctl driver config --type $driver
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi

/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS" $extra_args
41 changes: 22 additions & 19 deletions docker/falco/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,24 +62,18 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
ENABLE_COMPILE="false"
ENABLE_DOWNLOAD="false"
HTTP_INSECURE="false"
has_driver=
driver=
has_opts=
for opt in "${falco_driver_loader_option_arr[@]}"
do
case "$opt" in
auto|kmod|ebpf|modern_ebpf)
if [ -n "$has_driver" ]; then
if [ -n "$driver" ]; then
>&2 echo "Only one driver per invocation"
print_usage
exit 1
else
if [ "$opt" != "auto" ]; then
/usr/bin/falcoctl driver config --type $opt
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi
has_driver="true"
driver=$opt
fi
;;
-h|--help)
Expand All @@ -98,34 +92,43 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
ENABLE_DOWNLOAD="true"
has_opts="true"
;;
--http-insecure)
HTTP_INSECURE="true"
;;
--source-only)
>&2 echo "Support dropped in Falco 0.37.0."
print_usage
exit 1
;;
--http-insecure)
HTTP_INSECURE="true"
;;
--print-env)
/usr/bin/falcoctl driver printenv
exit 0
;;
--*)
>&2 echo "Unknown option: $1"
>&2 echo "Unknown option: $opt"
print_usage
exit 1
;;
*)
>&2 echo "Unknown driver: $1"
>&2 echo "Unknown driver: $opt"
print_usage
exit 1
;;
esac
done

# No opts passed, enable both compile and download
if [ -z "$has_opts" ]; then
ENABLE_COMPILE="true"
ENABLE_DOWNLOAD="true"
fi

# Default value: auto
if [ -z "$driver" ]; then
driver="auto"
fi

if [ "$driver" != "auto" ]; then
/usr/bin/falcoctl driver config --type $driver
else
# Needed because we need to configure Falco to start with correct driver
/usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod
fi
/usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS"

fi
Expand Down

0 comments on commit 80a99b6

Please sign in to comment.