update(userspace/engine): introduce new check_plugin_requirements API

[Andreagit97]

Signed-off-by: Andrea Terzolo andrea.terzolo@polito.it

What type of PR is this?

/kind cleanup

/kind feature

Any specific area of the project related to this PR?

/area engine

What this PR does / why we need it:

This PR introduces a new check_plugin_requirements API instead of the old is_plugin_compatible to check if a list of plugins satisfies all the version requirements.

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

NONE

[jasondellaluce]

This is great! Just left a minor indentation suggestion.

[jasondellaluce]

I think this fix deserves some additional context. The current plugin/rules loading works as follows:

• The Falco Engine loads ruleset files and collects plugin version requirements (e.g. required_plugin_versions)
• Falco loads all the plugins depending on its configuration
• For each loaded plugin, Falco checks if it is compatible with the version requirements in the engine

This logic has the simple flow that Falco is not able to find out if the loaded rules require a certain plugin/version that has not been configured to be loaded. For instance, this would cause the aws_cloudtrail default ruleset to throw an unknown field json.value error at loading time if the json plugin is not configured to be loaded. This is an implicit and non-expressive way of failing.

This PR proposes a fix for this by letting the Engine perform all the check, and ensures that all rules-plugins dependencies are satisfied at loading time.

[Andreagit97]

I think this fix deserves some additional context. The current plugin/rules loading works as follows:

* The Falco Engine loads ruleset files and collects plugin version requirements (e.g. `required_plugin_versions`)

* Falco loads all the plugins depending on its configuration

* For each loaded plugin, Falco checks if it is compatible with the version requirements in the engine

This logic has the simple flow that Falco is not able to find out if the loaded rules require a certain plugin/version that has not been configured to be loaded. For instance, this would cause the aws_cloudtrail default ruleset to throw an unknown field json.value error at loading time if the json plugin is not configured to be loaded. This is an implicit and non-expressive way of failing.

This PR proposes a fix for this by letting the Engine perform all the check, and ensures that all rules-plugins dependencies are satisfied at loading time.

Thank you @jasondellaluce for the additional context, I forgot to add it 😄

[jasondellaluce]

/approve

[poiana]

LGTM label has been added.

Git tree hash: 4764457a0efe76b4bde24ae98a675c08352e342e

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Andreagit97, jasondellaluce

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [jasondellaluce]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[leogr]

LGTM