From ab758344f2ec018ee7723cbf3dea5dc7e405ea92 Mon Sep 17 00:00:00 2001 From: Kris Nova Date: Mon, 4 May 2020 11:59:45 -0700 Subject: [PATCH 01/11] feat(proposal): Adding artifacts scope and proposal - Highlights scope of Falco - Highlights subprojects and groups evolution - Defines build artifacts - Defines artifact naming convention - Dictates that we take action to make these changes happen Signed-off-by: Kris Nova --- proposals/20200504-falco-artifacts-scope.md | 188 ++++++++++++++++++++ 1 file changed, 188 insertions(+) create mode 100644 proposals/20200504-falco-artifacts-scope.md diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md new file mode 100644 index 00000000000..1b1d544a3fd --- /dev/null +++ b/proposals/20200504-falco-artifacts-scope.md @@ -0,0 +1,188 @@ +# Falco Scope + +As a project we would like to support the following artifacts. + +Everything else will be moved to [contrib](https://github.com/falcosecurity/contrib). + +As a project we will build, change, rename, and move files, documents, scripts, configurations according to this new state of the world. + +## Terms + +**falco** + +*Standalone Falco binary* + +**driver** + +*System call provider from the Linux kernel. Either (`bpf`, `module`, or `ptrace`)* + +**falco-driver-loader-script** + + +*The bash script found [here](https://github.com/falcosecurity/falco/blob/master/scripts/falco-driver-loader) that tries to compile else download the kernel module.* + +**package** + +*An installable artifact that is operating system specific. All packages MUST be hosted on bintray for X86_64.* + +**image** + +*OCI compliant container image hosted on dockerhub with tags for every release.* + + +# Packages + +Official packages for X86_64 only. + +The following convention MUST be used for all packages. + +_If a package installs Falco as a daemon (systemd, init) it MUST contain `daemon`._ + +_If a package installs the Falco kernel module it MUST contain `module`._ + +_If a package installs the Falco BPF probe it MUST contain `bpf`._ + +_If a package installs the Falco kernel module it MUST contain `module`._ + +--- + +### .deb + + Falco running in debian like systems that will default to the kernel module. + +- falco-x86.deb + - `falco` only (default depends on `falco-module`) + - falco-daemon-x86.deb + - `falco` and script to configure as daemon (default depends on `falco-module`) + - falco-module-x86.deb + - `module` only + - falco-bpf-x86.deb + - `bpf` only + - falco-ptrace-x86.deb + - `ptrace` only + +### .rpm + + Falco running in rpm like systems that will default to the kernel module. + +- falco-x86.deb + - `falco` only (default depends on `falco-module`) + - falco-daemon-x86.deb + - `falco` and script to configure as daemon (default depends on `falco-module`) + - falco-module-x86.deb + - `module` only + - falco-bpf-x86.deb + - `bpf` only + - falco-ptrace-x86.deb + - `ptrace` only + + +### .tar.gz + + - falco-src-x86.tar.gz + - No binaries + - + - falco-driver-src-x86.tar.gz + - `falco` and `/driver` with `Makefile` + - `INSTALL` file + - falco-driver-download-x86.tar.gz + - `falco` and script to download or fail + - falco-driver-full-x86.tar.gz + - `falco` and script to first try to download then `make install` or fail + + +# Images + +The following convention MUST be used for all container images. + +_If a container image requires `--privileged` the name MUST have the `priviliged-` prefix._ + +_If a container image is for development purproses it MUST have the `dev-` prefix._ + +_If a container image is used to install something, then exit it MUST have the `-install` suffix.*_ + +--- + + - falcosecurity/falco:TAG + - Runs `falco` userspace only + - falcosecurity/privileged-driver-install:TAG + - Runs `falco-driver-loader` and exit + - falcosecurity/priviliged-driver-install-falco + - first runs `privileged-driver-install` then runs `falco` + - falcosecurity/priviliged-host-systemd-driver-falco:TAG + - Detects arch and runs new bash script: + - Installs Falco with packages (deb, rpm, src) + - Configures with systemd and Unix Domain Socket [#858](https://github.com/falcosecurity/falco/issues/858) + - falcosecurity/dev-tester:TAG + - Runs the falco test suite + - falcosecurity/dev-builder:TAG + - Contains falco tool chain + + +# Falco Project Evolution + +We will modeling a loosely defined adoption of the Kubernetes and CNCF incubator efforts. + +The criteria will remain loose, and tighten as needed at the discretion of the Falco open source community. + +### contrib + +Sandbox level + +This new [contrib](https://github.com/falcosecurity/contrib) repository will be equivalent to the `Falco Sandbox` and serves as a place for the community to `test-drive` ideas/projects/code. + +### repository + +Incubating level projects such as [falco-exporter](https://github.com/falco-exporter) can be promoted from `contrib` to their own repository. + +This is done as needed, and can best be measured by the need to cut a release and use the github release features. Again, this is at the discretion of the Falco open source community. + +### official support + +As the need for a project grows, it can ultimately achieve the highest and most coveted status. Offical support. + +These artifacts will be ammended to the ones listed above, and will become a part of the official Falco release process. + +# Action + +For each item, ask if this already exists. If so we need to rename, and update it to match this new convention. + + +### Action Items + +Here are SOME of the items that would need to be done for example: + + - Rename `stable` image to `privileged-driver-falco` + - Rename `bin` package to `bin-driver-loader` + - Rename `slim` image to `falco` + - Documentation in `bin-driver-loader` package as INSTALL + - Documentation in `src` package as INSTALL + - Move everything else to contrib + - Move [/integrations](https://github.com/falcosecurity/falco/tree/master/integrations) to contrib + - Move [/examples](https://github.com/falcosecurity/falco/tree/master/examples) to contrib + +### Documentation + +Update documentation in [falco-website#184](https://github.com/falcosecurity/falco-website/pull/184) + +### Adjusting projects + + - Helm chart documentation to be moved to `contrib` + - YAML manifest documentation to be moved to `contrib` + - Minkube, Kind, Puppet, Ansible, etc documentation to be moved to `contrib` + +#### Note: + +This could break the current helm chart, and maybe other dependencies. + +We owe existing users of the Falco project some courtesy if we will break their usage of how Falco has traditionally been advertised. + +Some things we owe the community. + + - Announcement on Falco mailing list + - Issues/Pull Request to Helm chart + - Note: At the very least open an issue and document how to make the existing helm chart work with the new changes if needed. [Nova Volunteers] + - We should at least open a PR and update the helm chart with these new expectations if needed. [Nova Volunteers] + - We should revisit the helm chart OWNERS + - Twitter + - Documentation From caf174652791941b1c290e6a391aae62eb99d489 Mon Sep 17 00:00:00 2001 From: Kris Nova Date: Mon, 4 May 2020 13:11:46 -0700 Subject: [PATCH 02/11] feat(docs): Updating proposal with new vernacular Signed-off-by: Kris Nova --- proposals/20200504-falco-artifacts-scope.md | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md index 1b1d544a3fd..aa89a1ae201 100644 --- a/proposals/20200504-falco-artifacts-scope.md +++ b/proposals/20200504-falco-artifacts-scope.md @@ -6,6 +6,8 @@ Everything else will be moved to [contrib](https://github.com/falcosecurity/cont As a project we will build, change, rename, and move files, documents, scripts, configurations according to this new state of the world. +Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and many of the weekly community calls. + ## Terms **falco** @@ -32,7 +34,7 @@ As a project we will build, change, rename, and move files, documents, scripts, # Packages -Official packages for X86_64 only. +Official packages for X86_64 only. All package names should contain a version which is not specified below. The following convention MUST be used for all packages. @@ -81,14 +83,14 @@ _If a package installs the Falco kernel module it MUST contain `module`._ - falco-src-x86.tar.gz - No binaries - - + - `INSTALL` file - falco-driver-src-x86.tar.gz - `falco` and `/driver` with `Makefile` - `INSTALL` file - falco-driver-download-x86.tar.gz - - `falco` and script to download or fail + - `falco` and `falco-driver-loader` download only - falco-driver-full-x86.tar.gz - - `falco` and script to first try to download then `make install` or fail + - `falco` and `falco-driver-loader` download else compile # Images @@ -137,7 +139,7 @@ Incubating level projects such as [falco-exporter](https://github.com/falco-expo This is done as needed, and can best be measured by the need to cut a release and use the github release features. Again, this is at the discretion of the Falco open source community. -### official support +### Official support As the need for a project grows, it can ultimately achieve the highest and most coveted status. Offical support. @@ -152,14 +154,15 @@ For each item, ask if this already exists. If so we need to rename, and update i Here are SOME of the items that would need to be done for example: - - Rename `stable` image to `privileged-driver-falco` - - Rename `bin` package to `bin-driver-loader` + - Rename `stable` image to `privileged-driver-install-falco` + - Rename `bin` package to `falco-driver-full-x86.tar.gz` - Rename `slim` image to `falco` - - Documentation in `bin-driver-loader` package as INSTALL - - Documentation in `src` package as INSTALL + - Documentation in all packages with `INSTALL` file. - Move everything else to contrib - Move [/integrations](https://github.com/falcosecurity/falco/tree/master/integrations) to contrib - Move [/examples](https://github.com/falcosecurity/falco/tree/master/examples) to contrib + - Old docker files + - Old documentation ### Documentation From 1297b4fecab0b2cd22408defc9992b585c9eef9c Mon Sep 17 00:00:00 2001 From: Kris Nova Date: Mon, 4 May 2020 13:15:07 -0700 Subject: [PATCH 03/11] feat(docs): "Official Support" is the highest and most coveted status. Signed-off-by: Kris Nova --- proposals/20200504-falco-artifacts-scope.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md index aa89a1ae201..194f148486d 100644 --- a/proposals/20200504-falco-artifacts-scope.md +++ b/proposals/20200504-falco-artifacts-scope.md @@ -129,19 +129,19 @@ The criteria will remain loose, and tighten as needed at the discretion of the F ### contrib -Sandbox level +"_Sandbox level_" This new [contrib](https://github.com/falcosecurity/contrib) repository will be equivalent to the `Falco Sandbox` and serves as a place for the community to `test-drive` ideas/projects/code. ### repository -Incubating level projects such as [falco-exporter](https://github.com/falco-exporter) can be promoted from `contrib` to their own repository. +"_Incubating level_" projects such as [falco-exporter](https://github.com/falco-exporter) can be promoted from `contrib` to their own repository. This is done as needed, and can best be measured by the need to cut a release and use the github release features. Again, this is at the discretion of the Falco open source community. -### Official support +### official support -As the need for a project grows, it can ultimately achieve the highest and most coveted status. Offical support. +As the need for a project grows, it can ultimately achieve the highest and most coveted status within The Falco Project. "_Offical support_." These artifacts will be ammended to the ones listed above, and will become a part of the official Falco release process. From 3fde5b098b77db96d147fc5fc0574b43cb66eb81 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 6 May 2020 09:22:39 +0200 Subject: [PATCH 04/11] fix(proposals/20200504-falco-artifacts-scope.md): minor fixes Co-Authored-By: Leonardo Di Donato Signed-off-by: Leonardo Grasso --- proposals/20200504-falco-artifacts-scope.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md index 194f148486d..0aaf41c4553 100644 --- a/proposals/20200504-falco-artifacts-scope.md +++ b/proposals/20200504-falco-artifacts-scope.md @@ -18,10 +18,10 @@ Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and ma *System call provider from the Linux kernel. Either (`bpf`, `module`, or `ptrace`)* -**falco-driver-loader-script** +**falco-driver-loader** -*The bash script found [here](https://github.com/falcosecurity/falco/blob/master/scripts/falco-driver-loader) that tries to compile else download the kernel module.* +*The bash script found [here](https://github.com/falcosecurity/falco/blob/master/scripts/falco-driver-loader) that tries to compile else download the driver (kernel module or eBPF probe).* **package** @@ -44,7 +44,6 @@ _If a package installs the Falco kernel module it MUST contain `module`._ _If a package installs the Falco BPF probe it MUST contain `bpf`._ -_If a package installs the Falco kernel module it MUST contain `module`._ --- @@ -110,13 +109,13 @@ _If a container image is used to install something, then exit it MUST have the ` - falcosecurity/privileged-driver-install:TAG - Runs `falco-driver-loader` and exit - falcosecurity/priviliged-driver-install-falco - - first runs `privileged-driver-install` then runs `falco` + - first runs `falco-driver-loader` then runs `falco` - falcosecurity/priviliged-host-systemd-driver-falco:TAG - Detects arch and runs new bash script: - Installs Falco with packages (deb, rpm, src) - Configures with systemd and Unix Domain Socket [#858](https://github.com/falcosecurity/falco/issues/858) - falcosecurity/dev-tester:TAG - - Runs the falco test suite + - Runs the Falco integration test suite - falcosecurity/dev-builder:TAG - Contains falco tool chain From 3d8b6017b6e56ec01d2f7a57f5bf4ec24419bc29 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 6 May 2020 09:30:58 +0200 Subject: [PATCH 05/11] docs(proposals/20200504-falco-artifacts-scope.md): update from review Signed-off-by: Leonardo Grasso --- proposals/20200504-falco-artifacts-scope.md | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md index 0aaf41c4553..e1eca0606e7 100644 --- a/proposals/20200504-falco-artifacts-scope.md +++ b/proposals/20200504-falco-artifacts-scope.md @@ -38,7 +38,6 @@ Official packages for X86_64 only. All package names should contain a version wh The following convention MUST be used for all packages. -_If a package installs Falco as a daemon (systemd, init) it MUST contain `daemon`._ _If a package installs the Falco kernel module it MUST contain `module`._ @@ -53,8 +52,6 @@ _If a package installs the Falco BPF probe it MUST contain `bpf`._ - falco-x86.deb - `falco` only (default depends on `falco-module`) - - falco-daemon-x86.deb - - `falco` and script to configure as daemon (default depends on `falco-module`) - falco-module-x86.deb - `module` only - falco-bpf-x86.deb @@ -68,8 +65,6 @@ _If a package installs the Falco BPF probe it MUST contain `bpf`._ - falco-x86.deb - `falco` only (default depends on `falco-module`) - - falco-daemon-x86.deb - - `falco` and script to configure as daemon (default depends on `falco-module`) - falco-module-x86.deb - `module` only - falco-bpf-x86.deb @@ -96,7 +91,6 @@ _If a package installs the Falco BPF probe it MUST contain `bpf`._ The following convention MUST be used for all container images. -_If a container image requires `--privileged` the name MUST have the `priviliged-` prefix._ _If a container image is for development purproses it MUST have the `dev-` prefix._ @@ -106,14 +100,10 @@ _If a container image is used to install something, then exit it MUST have the ` - falcosecurity/falco:TAG - Runs `falco` userspace only - - falcosecurity/privileged-driver-install:TAG + - falcosecurity/falco-driver-loader:TAG - Runs `falco-driver-loader` and exit - falcosecurity/priviliged-driver-install-falco - first runs `falco-driver-loader` then runs `falco` - - falcosecurity/priviliged-host-systemd-driver-falco:TAG - - Detects arch and runs new bash script: - - Installs Falco with packages (deb, rpm, src) - - Configures with systemd and Unix Domain Socket [#858](https://github.com/falcosecurity/falco/issues/858) - falcosecurity/dev-tester:TAG - Runs the Falco integration test suite - falcosecurity/dev-builder:TAG From 815cd7fa8cc2eecafcd17cad7a4d7fff5bcedbfe Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 6 May 2020 12:20:46 +0200 Subject: [PATCH 06/11] docs(proposal): split artifacts scope proposal in 2 parts Still some TODOs Signed-off-by: Leonardo Grasso --- proposals/20200504-falco-artifacts-scope.md | 180 ------------------- proposals/20200506-artifacts-scope-part-1.md | 114 ++++++++++++ proposals/20200506-artifacts-scope-part-2.md | 135 ++++++++++++++ 3 files changed, 249 insertions(+), 180 deletions(-) delete mode 100644 proposals/20200504-falco-artifacts-scope.md create mode 100644 proposals/20200506-artifacts-scope-part-1.md create mode 100644 proposals/20200506-artifacts-scope-part-2.md diff --git a/proposals/20200504-falco-artifacts-scope.md b/proposals/20200504-falco-artifacts-scope.md deleted file mode 100644 index e1eca0606e7..00000000000 --- a/proposals/20200504-falco-artifacts-scope.md +++ /dev/null @@ -1,180 +0,0 @@ -# Falco Scope - -As a project we would like to support the following artifacts. - -Everything else will be moved to [contrib](https://github.com/falcosecurity/contrib). - -As a project we will build, change, rename, and move files, documents, scripts, configurations according to this new state of the world. - -Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and many of the weekly community calls. - -## Terms - -**falco** - -*Standalone Falco binary* - -**driver** - -*System call provider from the Linux kernel. Either (`bpf`, `module`, or `ptrace`)* - -**falco-driver-loader** - - -*The bash script found [here](https://github.com/falcosecurity/falco/blob/master/scripts/falco-driver-loader) that tries to compile else download the driver (kernel module or eBPF probe).* - -**package** - -*An installable artifact that is operating system specific. All packages MUST be hosted on bintray for X86_64.* - -**image** - -*OCI compliant container image hosted on dockerhub with tags for every release.* - - -# Packages - -Official packages for X86_64 only. All package names should contain a version which is not specified below. - -The following convention MUST be used for all packages. - - -_If a package installs the Falco kernel module it MUST contain `module`._ - -_If a package installs the Falco BPF probe it MUST contain `bpf`._ - - ---- - -### .deb - - Falco running in debian like systems that will default to the kernel module. - -- falco-x86.deb - - `falco` only (default depends on `falco-module`) - - falco-module-x86.deb - - `module` only - - falco-bpf-x86.deb - - `bpf` only - - falco-ptrace-x86.deb - - `ptrace` only - -### .rpm - - Falco running in rpm like systems that will default to the kernel module. - -- falco-x86.deb - - `falco` only (default depends on `falco-module`) - - falco-module-x86.deb - - `module` only - - falco-bpf-x86.deb - - `bpf` only - - falco-ptrace-x86.deb - - `ptrace` only - - -### .tar.gz - - - falco-src-x86.tar.gz - - No binaries - - `INSTALL` file - - falco-driver-src-x86.tar.gz - - `falco` and `/driver` with `Makefile` - - `INSTALL` file - - falco-driver-download-x86.tar.gz - - `falco` and `falco-driver-loader` download only - - falco-driver-full-x86.tar.gz - - `falco` and `falco-driver-loader` download else compile - - -# Images - -The following convention MUST be used for all container images. - - -_If a container image is for development purproses it MUST have the `dev-` prefix._ - -_If a container image is used to install something, then exit it MUST have the `-install` suffix.*_ - ---- - - - falcosecurity/falco:TAG - - Runs `falco` userspace only - - falcosecurity/falco-driver-loader:TAG - - Runs `falco-driver-loader` and exit - - falcosecurity/priviliged-driver-install-falco - - first runs `falco-driver-loader` then runs `falco` - - falcosecurity/dev-tester:TAG - - Runs the Falco integration test suite - - falcosecurity/dev-builder:TAG - - Contains falco tool chain - - -# Falco Project Evolution - -We will modeling a loosely defined adoption of the Kubernetes and CNCF incubator efforts. - -The criteria will remain loose, and tighten as needed at the discretion of the Falco open source community. - -### contrib - -"_Sandbox level_" - -This new [contrib](https://github.com/falcosecurity/contrib) repository will be equivalent to the `Falco Sandbox` and serves as a place for the community to `test-drive` ideas/projects/code. - -### repository - -"_Incubating level_" projects such as [falco-exporter](https://github.com/falco-exporter) can be promoted from `contrib` to their own repository. - -This is done as needed, and can best be measured by the need to cut a release and use the github release features. Again, this is at the discretion of the Falco open source community. - -### official support - -As the need for a project grows, it can ultimately achieve the highest and most coveted status within The Falco Project. "_Offical support_." - -These artifacts will be ammended to the ones listed above, and will become a part of the official Falco release process. - -# Action - -For each item, ask if this already exists. If so we need to rename, and update it to match this new convention. - - -### Action Items - -Here are SOME of the items that would need to be done for example: - - - Rename `stable` image to `privileged-driver-install-falco` - - Rename `bin` package to `falco-driver-full-x86.tar.gz` - - Rename `slim` image to `falco` - - Documentation in all packages with `INSTALL` file. - - Move everything else to contrib - - Move [/integrations](https://github.com/falcosecurity/falco/tree/master/integrations) to contrib - - Move [/examples](https://github.com/falcosecurity/falco/tree/master/examples) to contrib - - Old docker files - - Old documentation - -### Documentation - -Update documentation in [falco-website#184](https://github.com/falcosecurity/falco-website/pull/184) - -### Adjusting projects - - - Helm chart documentation to be moved to `contrib` - - YAML manifest documentation to be moved to `contrib` - - Minkube, Kind, Puppet, Ansible, etc documentation to be moved to `contrib` - -#### Note: - -This could break the current helm chart, and maybe other dependencies. - -We owe existing users of the Falco project some courtesy if we will break their usage of how Falco has traditionally been advertised. - -Some things we owe the community. - - - Announcement on Falco mailing list - - Issues/Pull Request to Helm chart - - Note: At the very least open an issue and document how to make the existing helm chart work with the new changes if needed. [Nova Volunteers] - - We should at least open a PR and update the helm chart with these new expectations if needed. [Nova Volunteers] - - We should revisit the helm chart OWNERS - - Twitter - - Documentation diff --git a/proposals/20200506-artifacts-scope-part-1.md b/proposals/20200506-artifacts-scope-part-1.md new file mode 100644 index 00000000000..51140872a15 --- /dev/null +++ b/proposals/20200506-artifacts-scope-part-1.md @@ -0,0 +1,114 @@ +# Falco Artifacts Scope - Part 1 + +The **Falco Artifact Scope** proposal is divided in two parts: +1. the Part 1 - *this document*: to “capture” the state of recent changes +2. the [Part 2](./20200506-artifacts-scope-part-2.md): the intended state moving forward + +## Summary + +As a project we would like to support the following artifacts. + +Everything else will be moved to [contrib](https://github.com/falcosecurity/contrib). + +As a project we will build, change, rename, and move files, documents, scripts, configurations according to this new state of the world. + +Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and many of the weekly community calls. + +## Terms + +**falco** + +*Standalone Falco binary* + +**driver** + +*System call provider from the Linux kernel. Either (`bpf`, `module`, or `ptrace`)* + +**falco-driver-loader** + +*The bash script found [here](https://github.com/falcosecurity/falco/blob/master/scripts/falco-driver-loader) that tries to compile else download the driver (kernel module or eBPF probe).* + +**package** + +*An installable artifact that is operating system specific. All packages MUST be hosted on bintray.* + +**image** + +*OCI compliant container image hosted on dockerhub with tags for every release.* + + +# Packages + +List of currently official packages (for x86 64bits only): + +- `falco-x.y.z-x86_64.deb` for debian like systems, it installs the kernel module by default +- `falco-x.y.z-x86_64.rpm` for rpm like systems, it installs the kernel module by default +- `falco-x.y.z-x86_64.tar.gz` for binary installation, it contains `falco` binary, `falco-driver-loader` script and related dependencies + + +# Images + +List of currently official container images (for X86 64bits only): + +| Name | Directory | Description | +|---|---|---| +| [falcosecurity/falco:latest](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:master](https://hub.docker.com/repository/docker/falcosecurity/falco) | docker/stable | Falco (DEB built from git tag or from the master) with all the building toolchain. | +| [falcosecurity/falco:latest-slim](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:_tag_-slim](https://hub.docker.com/repository/docker/falcosecurity/falco),[falcosecurity/falco:master-slim](https://hub.docker.com/repository/docker/falcosecurity/falco) | docker/slim | Falco (DEB build from git tag or from the master) without the building toolchain. | +| [falcosecurity/falco-driver-loader:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:master](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader) | docker/falco-driver-loader | `falco-driver-loader` as entrypoint with the building toolchain. | +| [falcosecurity/falco-builder:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-builder) | docker/builder | The complete build tool chain for compiling Falco from source. See [the documentation](https://falco.org/docs/source/) for more details on building from source. Used to build Falco (CI). | +| [falcosecurity/falco-tester:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-tester) | docker/tester | Container image for running the Falco test suite. Used to run Falco integration tests (CI). | +| _to not be published_ | docker/local | Built on-the-fly and used by falco-tester. | + +**Note**: `falco-builder`, `falco-tester` (and the `docker/local` image that it's built on the fly) are not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated. + + +# Falco Project Evolution + +We will modeling a loosely defined adoption of the Kubernetes and CNCF incubator efforts. + +The criteria will remain loose, and tighten as needed at the discretion of the Falco open source community. + +### contrib + +"_Sandbox level_" + +This new [contrib](https://github.com/falcosecurity/contrib) repository will be equivalent to the `Falco Sandbox` and serves as a place for the community to `test-drive` ideas/projects/code. + +### repository + +"_Incubating level_" projects such as [falco-exporter](https://github.com/falco-exporter) can be promoted from `contrib` to their own repository. + +This is done as needed, and can best be measured by the need to cut a release and use the GitHub release features. Again, this is at the discretion of the Falco open source community. + +### official support + +As the need for a project grows, it can ultimately achieve the highest and most coveted status within The Falco Project. "_Offical support_." + +The artifacts listed above are part of the official Falco release process. These artifact will be refined and amended by the [Part 2](./20200506-artifacts-scope-part-2.md). + +# Action + +The *Part 1* is mainly intended as a cleanup process. +For each item not listed above, ask if it needs to be moved or deleted. +After the cleanup process, all items will match the *Part 1* of this proposal. + + +### Action Items + +Here are SOME of the items that would need to be done, for example: + + - Remove `minimal` from `falco` repository (it's almost similar to `slime`, we don't need two images for the same purpose) + - Rename `driverloader` image to `falco-driver-loader` (since it has not been release yet, we can rename it without breaking things) + - Move everything else to contrib + - Move [/integrations](https://github.com/falcosecurity/falco/tree/master/integrations) to contrib + - Move [/examples](https://github.com/falcosecurity/falco/tree/master/examples) to contrib + - Old documentation + +### Documentation + +Update documentation in [falco-website#184](https://github.com/falcosecurity/falco-website/pull/184). + +### Adjusting projects + + - YAML manifest documentation to be moved to `contrib` + - Minkube, Kind, Puppet, Ansible, etc documentation to be moved to `contrib` \ No newline at end of file diff --git a/proposals/20200506-artifacts-scope-part-2.md b/proposals/20200506-artifacts-scope-part-2.md new file mode 100644 index 00000000000..233b01beab2 --- /dev/null +++ b/proposals/20200506-artifacts-scope-part-2.md @@ -0,0 +1,135 @@ +# Falco Artifacts Scope - Part 2 + +The **Falco Artifact Scope** proposal is divided in two parts: +1. the [Part 1](./20200506-artifacts-scope-part-1.md): to “capture” the state of recent changes +2. the Part 2 - *this document*: the intended state moving forward + +## Summary + +See [Part 1](./20200506-artifacts-scope-part-1.md). + +## Terms + +See [Part 1](./20200506-artifacts-scope-part-1.md). + +## Packages + +Official packages for x86 64bits only. + +The following convention MUST be used for all packages. + +_All package names MUST contain a version._ + +_If a package installs the Falco kernel module it MUST contain `module`._ + +_If a package installs the Falco BPF probe it MUST contain `bpf`._ + +_In general, if a package install a Falco driver it MUST contain the driver name._ + + +### .deb + + Falco running in debian like systems that will default to the kernel module. + +- falco-*x.y.z*-x86.deb + - `falco` only (default depends on `falco-module`) + - falco-*x.y.z*-module-x86.deb + - `module` only + - falco-*x.y.z*-bpf-x86.deb + - `bpf` only + - falco-*x.y.z*-ptrace-x86.deb + - `ptrace` only + +N.B.: + +### .rpm + + Falco running in rpm like systems that will default to the kernel module. + +- falco-*x.y.z*-x86.deb + - `falco` only (default depends on `falco-module`) +- falco-*x.y.z*-module-x86.deb + - `module` only +- falco-*x.y.z*-bpf-x86.deb + - `bpf` only +- falco-*x.y.z*-ptrace-x86.deb + - `ptrace` only + + +### .tar.gz + +- falco-bin-x86.tar.gz + - `falco` binary, `falco-loader-script`, and related dependecies + - `INSTALL` file + - `Makefile` file +- falco-src-x86.tar.gz + - No binaries + - `INSTALL` file +- falco-module-src-x86.tar.gz + - `module` sources with `Makefile` + - `INSTALL` file +- falco-bpf-src-x86.tar.gz + - `bpf` sources with `Makefile` + - `INSTALL` file +- falco-ptrace-src-x86.tar.gz + - `ptrace` sources with `Makefile` + - `INSTALL` file + +## Images + +The following convention MUST be used for all container images. + +*TODO* image name conventions + + - falcosecurity/falco:TAG + - Runs `falco` userspace only + - falcosecurity/falco-driver-loader:TAG + - Runs `falco-driver-loader` and exit + - falcosecurity/*TBD** + - First runs `falco-driver-loader` then runs `falco` + - falcosecurity/tester:TAG + - Runs the Falco integration test suite + - falcosecurity/builder:TAG + - Contains falco tool chain + +The image usage MUST be documented in the Dockerfile and in the [website](https://falco.org/docs/). +If an image does not take any action by default, a command usage MUST printed out. + +## Official support + +These artifacts will be amended to the ones listed above, and will become a part of the official Falco release process. + +## Action + +For each item, ask if this already exists. If so we need to rename, and update it to match this new convention. If does not exist, add it. + + +### Action Items + +Here are SOME of the items that would need to be done for example: + + - Rename package accordingly + - Rename docker images accordingly + - Documentation in all packages with `INSTALL` file + - Add `Makefile` where needed + - Implement missing packages + +### Documentation + +Update documentation in [falco-website](https://github.com/falcosecurity/falco-website/) + +#### Note: + +This could break the current helm chart, and maybe other dependencies. + +We owe existing users of the Falco project some courtesy if we will break their usage of how Falco has traditionally been advertised. + +Some things we owe the community. + + - Announcement on Falco mailing list + - Issues/Pull Request to Helm chart + - Note: At the very least open an issue and document how to make the existing helm chart work with the new changes if needed. [Nova Volunteers] + - We should at least open a PR and update the helm chart with these new expectations if needed. [Nova Volunteers] + - We should revisit the helm chart OWNERS + - Twitter + - Documentation \ No newline at end of file From 64f095de5a38ed139c8b747c0a135991d3f824c6 Mon Sep 17 00:00:00 2001 From: Leo Di Donato Date: Wed, 6 May 2020 13:16:50 +0200 Subject: [PATCH 07/11] update(proposals/20200506-artifacts-scope-part-1): improvements to SoA of Falco artifacts and images Co-authored-by: Lorenzo Fontana Signed-off-by: Leonardo Di Donato Co-authored-by: Lorenzo Fontana --- proposals/20200506-artifacts-scope-part-1.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/proposals/20200506-artifacts-scope-part-1.md b/proposals/20200506-artifacts-scope-part-1.md index 51140872a15..1cfdc84951a 100644 --- a/proposals/20200506-artifacts-scope-part-1.md +++ b/proposals/20200506-artifacts-scope-part-1.md @@ -1,7 +1,7 @@ # Falco Artifacts Scope - Part 1 The **Falco Artifact Scope** proposal is divided in two parts: -1. the Part 1 - *this document*: to “capture” the state of recent changes +1. the Part 1 - *this document*: the State of Art of Falco artifacts 2. the [Part 2](./20200506-artifacts-scope-part-2.md): the intended state moving forward ## Summary @@ -10,15 +10,15 @@ As a project we would like to support the following artifacts. Everything else will be moved to [contrib](https://github.com/falcosecurity/contrib). -As a project we will build, change, rename, and move files, documents, scripts, configurations according to this new state of the world. +As a project we will build, change, rename, and move files, documents, scripts, configurations according to the new state of the art described into [Part 2](./20200506-artifacts-scope-part-2.md). -Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and many of the weekly community calls. +Inspired by many previous issues and many of the weekly community calls. ## Terms **falco** -*Standalone Falco binary* +*The Falco binary* **driver** @@ -34,7 +34,7 @@ Inspired from [#1114](https://github.com/falcosecurity/falco/issues/1114) and ma **image** -*OCI compliant container image hosted on dockerhub with tags for every release.* +*OCI compliant container image hosted on dockerhub with tags for every release and the current master branch.* # Packages @@ -43,7 +43,7 @@ List of currently official packages (for x86 64bits only): - `falco-x.y.z-x86_64.deb` for debian like systems, it installs the kernel module by default - `falco-x.y.z-x86_64.rpm` for rpm like systems, it installs the kernel module by default -- `falco-x.y.z-x86_64.tar.gz` for binary installation, it contains `falco` binary, `falco-driver-loader` script and related dependencies +- `falco-x.y.z-x86_64.tar.gz` for binary installation, it contains `falco` binary, `falco-driver-loader` script, drivers source, and related dependencies # Images @@ -59,7 +59,7 @@ List of currently official container images (for X86 64bits only): | [falcosecurity/falco-tester:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-tester) | docker/tester | Container image for running the Falco test suite. Used to run Falco integration tests (CI). | | _to not be published_ | docker/local | Built on-the-fly and used by falco-tester. | -**Note**: `falco-builder`, `falco-tester` (and the `docker/local` image that it's built on the fly) are not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated. +**Note**: `falco-builder`, `falco-tester` (and the `docker/local` image which it's built on the fly by the `falco-tester` one) are not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated. # Falco Project Evolution @@ -97,7 +97,7 @@ After the cleanup process, all items will match the *Part 1* of this proposal. Here are SOME of the items that would need to be done, for example: - - Remove `minimal` from `falco` repository (it's almost similar to `slime`, we don't need two images for the same purpose) + - Remove `minimal` from `falco` repository (it's almost similar to `slim`, we don't need two images for the same purpose) - Rename `driverloader` image to `falco-driver-loader` (since it has not been release yet, we can rename it without breaking things) - Move everything else to contrib - Move [/integrations](https://github.com/falcosecurity/falco/tree/master/integrations) to contrib @@ -111,4 +111,4 @@ Update documentation in [falco-website#184](https://github.com/falcosecurity/fal ### Adjusting projects - YAML manifest documentation to be moved to `contrib` - - Minkube, Kind, Puppet, Ansible, etc documentation to be moved to `contrib` \ No newline at end of file + - Minkube, Kind, Puppet, Ansible, etc documentation to be moved to `contrib` From 08b8e227486b87182656e2fc6ead0fc3cef298b6 Mon Sep 17 00:00:00 2001 From: Leo Di Donato Date: Wed, 6 May 2020 13:20:58 +0200 Subject: [PATCH 08/11] update(proposals/20200506-artifacts-scope-part-2): refinements to the future SoA of Falco artifacts and images Signed-off-by: Leonardo Di Donato --- proposals/20200506-artifacts-scope-part-2.md | 48 ++++++++++++-------- 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/proposals/20200506-artifacts-scope-part-2.md b/proposals/20200506-artifacts-scope-part-2.md index 233b01beab2..c7cde5af984 100644 --- a/proposals/20200506-artifacts-scope-part-2.md +++ b/proposals/20200506-artifacts-scope-part-2.md @@ -1,7 +1,7 @@ # Falco Artifacts Scope - Part 2 The **Falco Artifact Scope** proposal is divided in two parts: -1. the [Part 1](./20200506-artifacts-scope-part-1.md): to “capture” the state of recent changes +1. the [Part 1](./20200506-artifacts-scope-part-1.md): the State of Art of Falco artifacts 2. the Part 2 - *this document*: the intended state moving forward ## Summary @@ -31,35 +31,37 @@ _In general, if a package install a Falco driver it MUST contain the driver name Falco running in debian like systems that will default to the kernel module. -- falco-*x.y.z*-x86.deb +- falco-*x.y.z*-amd64.deb - `falco` only (default depends on `falco-module`) - - falco-*x.y.z*-module-x86.deb + - falco-*x.y.z*-module-amd64.deb - `module` only - - falco-*x.y.z*-bpf-x86.deb + - falco-*x.y.z*-bpf-amd64.deb - `bpf` only - - falco-*x.y.z*-ptrace-x86.deb + - falco-*x.y.z*-ptrace-amd64.deb - `ptrace` only -N.B.: + +We reserve the right to change the naming convention of deb packages accordingly to deb conventions. ### .rpm Falco running in rpm like systems that will default to the kernel module. -- falco-*x.y.z*-x86.deb +- falco-*x.y.z*-x86_64.rpm - `falco` only (default depends on `falco-module`) -- falco-*x.y.z*-module-x86.deb +- falco-*x.y.z*-module-x86_64.rpm - `module` only -- falco-*x.y.z*-bpf-x86.deb +- falco-*x.y.z*-bpf-x86_64.rpm - `bpf` only -- falco-*x.y.z*-ptrace-x86.deb +- falco-*x.y.z*-ptrace-x86_64.rpm - `ptrace` only +We reserve the right to change the naming convention of rpm packages accordingly to rpm conventions. ### .tar.gz - falco-bin-x86.tar.gz - - `falco` binary, `falco-loader-script`, and related dependecies + - `falco` binary, `falco-loader-script`, drivers source, and related dependencies - `INSTALL` file - `Makefile` file - falco-src-x86.tar.gz @@ -79,18 +81,23 @@ N.B.: The following convention MUST be used for all container images. -*TODO* image name conventions - falcosecurity/falco:TAG - - Runs `falco` userspace only + - First runs `falco-driver-loader` and then runs `falco` + - Can be run with `--privileged` + - Can be run with `-e SKIP_DRIVER_LOAD=true` to skip the execution of `falco-driver-loader` + - TAG can be `latest` to refer to the latest release + - TAG can be `master` to refer to the latest master + - TAG can be `x.y.z` to refer to a specific release - falcosecurity/falco-driver-loader:TAG - Runs `falco-driver-loader` and exit + - Needs to be run with `--privileged` - falcosecurity/*TBD** - - First runs `falco-driver-loader` then runs `falco` - - falcosecurity/tester:TAG + - Runs `falco` (only userspace) + - falcosecurity/falco-tester:TAG - Runs the Falco integration test suite - - falcosecurity/builder:TAG - - Contains falco tool chain + - falcosecurity/falco-builder:TAG + - Contains the Falco tool chain for development The image usage MUST be documented in the Dockerfile and in the [website](https://falco.org/docs/). If an image does not take any action by default, a command usage MUST printed out. @@ -110,10 +117,13 @@ Here are SOME of the items that would need to be done for example: - Rename package accordingly - Rename docker images accordingly + - Evaluate how to call what's currently called `falcosecurity/falco:latest-slim` - Documentation in all packages with `INSTALL` file - Add `Makefile` where needed - Implement missing packages - + - Rename `SKIP_MODULE_LOAD` environment variable of docker images to `SKIP_DRIVER_LOADER` + - Create `usage` commands for every docker image + ### Documentation Update documentation in [falco-website](https://github.com/falcosecurity/falco-website/) @@ -132,4 +142,4 @@ Some things we owe the community. - We should at least open a PR and update the helm chart with these new expectations if needed. [Nova Volunteers] - We should revisit the helm chart OWNERS - Twitter - - Documentation \ No newline at end of file + - Documentation From 7fceec5f8f1037c847fedc72b4936f3a1671bc92 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 6 May 2020 18:33:58 +0200 Subject: [PATCH 09/11] update(proposals/20200506-artifacts-scope): refinements Signed-off-by: Leonardo Grasso As per https://github.com/falcosecurity/falco/pull/1184/files#r420856406 --- proposals/20200506-artifacts-scope-part-1.md | 2 +- proposals/20200506-artifacts-scope-part-2.md | 25 +++++++------------- 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/proposals/20200506-artifacts-scope-part-1.md b/proposals/20200506-artifacts-scope-part-1.md index 1cfdc84951a..84b83b642e2 100644 --- a/proposals/20200506-artifacts-scope-part-1.md +++ b/proposals/20200506-artifacts-scope-part-1.md @@ -22,7 +22,7 @@ Inspired by many previous issues and many of the weekly community calls. **driver** -*System call provider from the Linux kernel. Either (`bpf`, `module`, or `ptrace`)* +*System call provider from the Linux kernel. Either (`bpf`, `module`)* **falco-driver-loader** diff --git a/proposals/20200506-artifacts-scope-part-2.md b/proposals/20200506-artifacts-scope-part-2.md index c7cde5af984..9013533b912 100644 --- a/proposals/20200506-artifacts-scope-part-2.md +++ b/proposals/20200506-artifacts-scope-part-2.md @@ -24,7 +24,7 @@ _If a package installs the Falco kernel module it MUST contain `module`._ _If a package installs the Falco BPF probe it MUST contain `bpf`._ -_In general, if a package install a Falco driver it MUST contain the driver name._ +_In general, if a package installs a Falco driver it MUST contain the driver name._ ### .deb @@ -32,13 +32,11 @@ _In general, if a package install a Falco driver it MUST contain the driver name Falco running in debian like systems that will default to the kernel module. - falco-*x.y.z*-amd64.deb - - `falco` only (default depends on `falco-module`) + - alias to ` falco-*x.y.z*-module-amd64.deb` - falco-*x.y.z*-module-amd64.deb - - `module` only + - `falco` and `module` - falco-*x.y.z*-bpf-amd64.deb - - `bpf` only - - falco-*x.y.z*-ptrace-amd64.deb - - `ptrace` only + - `falco` and `bpf` We reserve the right to change the naming convention of deb packages accordingly to deb conventions. @@ -48,13 +46,11 @@ We reserve the right to change the naming convention of deb packages accordingly Falco running in rpm like systems that will default to the kernel module. - falco-*x.y.z*-x86_64.rpm - - `falco` only (default depends on `falco-module`) -- falco-*x.y.z*-module-x86_64.rpm - - `module` only -- falco-*x.y.z*-bpf-x86_64.rpm - - `bpf` only -- falco-*x.y.z*-ptrace-x86_64.rpm - - `ptrace` only + - alias to ` falco-*x.y.z*-module-x86_64.rpm` + - falco-*x.y.z*-module-x86_64.rpm + - `falco` and `module` + - falco-*x.y.z*-bpf-x86_64.rpm + - `falco` and `bpf` We reserve the right to change the naming convention of rpm packages accordingly to rpm conventions. @@ -73,9 +69,6 @@ We reserve the right to change the naming convention of rpm packages accordingly - falco-bpf-src-x86.tar.gz - `bpf` sources with `Makefile` - `INSTALL` file -- falco-ptrace-src-x86.tar.gz - - `ptrace` sources with `Makefile` - - `INSTALL` file ## Images From 528d5235b3967a150e7262bdc75c103d141112ce Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 7 May 2020 10:45:34 +0200 Subject: [PATCH 10/11] fix(proposals/20200506-artifacts-scope): typos Signed-off-by: Leonardo Grasso --- proposals/20200506-artifacts-scope-part-1.md | 2 +- proposals/20200506-artifacts-scope-part-2.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/proposals/20200506-artifacts-scope-part-1.md b/proposals/20200506-artifacts-scope-part-1.md index 84b83b642e2..dee04956160 100644 --- a/proposals/20200506-artifacts-scope-part-1.md +++ b/proposals/20200506-artifacts-scope-part-1.md @@ -54,7 +54,7 @@ List of currently official container images (for X86 64bits only): |---|---|---| | [falcosecurity/falco:latest](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:master](https://hub.docker.com/repository/docker/falcosecurity/falco) | docker/stable | Falco (DEB built from git tag or from the master) with all the building toolchain. | | [falcosecurity/falco:latest-slim](https://hub.docker.com/repository/docker/falcosecurity/falco), [falcosecurity/falco:_tag_-slim](https://hub.docker.com/repository/docker/falcosecurity/falco),[falcosecurity/falco:master-slim](https://hub.docker.com/repository/docker/falcosecurity/falco) | docker/slim | Falco (DEB build from git tag or from the master) without the building toolchain. | -| [falcosecurity/falco-driver-loader:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:master](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader) | docker/falco-driver-loader | `falco-driver-loader` as entrypoint with the building toolchain. | +| [falcosecurity/falco-driver-loader:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:master](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader) | docker/driver-loader | `falco-driver-loader` as entrypoint with the building toolchain. | | [falcosecurity/falco-builder:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-builder) | docker/builder | The complete build tool chain for compiling Falco from source. See [the documentation](https://falco.org/docs/source/) for more details on building from source. Used to build Falco (CI). | | [falcosecurity/falco-tester:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-tester) | docker/tester | Container image for running the Falco test suite. Used to run Falco integration tests (CI). | | _to not be published_ | docker/local | Built on-the-fly and used by falco-tester. | diff --git a/proposals/20200506-artifacts-scope-part-2.md b/proposals/20200506-artifacts-scope-part-2.md index 9013533b912..62d7c64b5c9 100644 --- a/proposals/20200506-artifacts-scope-part-2.md +++ b/proposals/20200506-artifacts-scope-part-2.md @@ -78,7 +78,7 @@ The following convention MUST be used for all container images. - falcosecurity/falco:TAG - First runs `falco-driver-loader` and then runs `falco` - Can be run with `--privileged` - - Can be run with `-e SKIP_DRIVER_LOAD=true` to skip the execution of `falco-driver-loader` + - Can be run with `-e SKIP_DRIVER_LOADER=true` to skip the execution of `falco-driver-loader` - TAG can be `latest` to refer to the latest release - TAG can be `master` to refer to the latest master - TAG can be `x.y.z` to refer to a specific release From 7e29494db1cdab06ba48a4f3ac7f885c4d072631 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Mon, 11 May 2020 15:24:00 +0200 Subject: [PATCH 11/11] update(proposals/20200506-artifacts-scope-part-2.md): resolution about image naming Signed-off-by: Leonardo Grasso --- proposals/20200506-artifacts-scope-part-2.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/proposals/20200506-artifacts-scope-part-2.md b/proposals/20200506-artifacts-scope-part-2.md index 62d7c64b5c9..7d16c40e350 100644 --- a/proposals/20200506-artifacts-scope-part-2.md +++ b/proposals/20200506-artifacts-scope-part-2.md @@ -85,7 +85,7 @@ The following convention MUST be used for all container images. - falcosecurity/falco-driver-loader:TAG - Runs `falco-driver-loader` and exit - Needs to be run with `--privileged` - - falcosecurity/*TBD** + - falcosecurity/falco-no-driver - Runs `falco` (only userspace) - falcosecurity/falco-tester:TAG - Runs the Falco integration test suite @@ -94,6 +94,7 @@ The following convention MUST be used for all container images. The image usage MUST be documented in the Dockerfile and in the [website](https://falco.org/docs/). If an image does not take any action by default, a command usage MUST printed out. +We reserve the right to add image aliases if it was needed. ## Official support