From ab4d552a34f6f1c75fa0ba03fb6f946a7f1126b8 Mon Sep 17 00:00:00 2001 From: Mark Stemm Date: Wed, 13 Feb 2019 10:45:29 -0800 Subject: [PATCH] Use ISO 8601 output by default in containers Now that we have an option that controls iso 8601 output, use it by default in containers. We do this by changing the value of time_format_iso_8601 in falco.yaml in the container. --- docker/dev/Dockerfile | 7 ++++++- docker/local/Dockerfile | 5 +++++ docker/stable/Dockerfile | 5 +++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index b8218873fca..c5aa61567c2 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -82,6 +82,11 @@ RUN curl -s https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public | && apt-get clean \ && rm -rf /var/lib/apt/lists/* +# Change the falco config within the container to enable ISO 8601 +# output. +RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ + && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml + # Some base images have an empty /lib/modules by default # If it's not empty, docker build will fail instead of # silently overwriting the existing directory @@ -101,4 +106,4 @@ COPY ./docker-entrypoint.sh / ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["/usr/bin/falco"] +CMD ["/usr/bin/falco", "-o", "time_format_iso_8601=true"] diff --git a/docker/local/Dockerfile b/docker/local/Dockerfile index 4f6d91c1444..ac48e8450d8 100644 --- a/docker/local/Dockerfile +++ b/docker/local/Dockerfile @@ -83,6 +83,11 @@ RUN rm -df /lib/modules \ ADD falco-${FALCO_VERSION}-x86_64.deb / RUN dpkg -i /falco-${FALCO_VERSION}-x86_64.deb +# Change the falco config within the container to enable ISO 8601 +# output. +RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ + && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml + # debian:unstable head contains binutils 2.31, which generates # binaries that are incompatible with kernels < 4.16. So manually # forcibly install binutils 2.30-22 instead. diff --git a/docker/stable/Dockerfile b/docker/stable/Dockerfile index 70836d88b62..bf15c909c49 100644 --- a/docker/stable/Dockerfile +++ b/docker/stable/Dockerfile @@ -81,6 +81,11 @@ RUN curl -s https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public | && apt-get clean \ && rm -rf /var/lib/apt/lists/* +# Change the falco config within the container to enable ISO 8601 +# output. +RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ + && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml + # Some base images have an empty /lib/modules by default # If it's not empty, docker build will fail instead of # silently overwriting the existing directory