0.23.0
版本发布时间: 2020-05-19 00:44:07
falcosecurity/falco最新发布版本:0.39.1(2024-10-09 16:56:32)
Released on 2020-18-05
Major Changes
- BREAKING CHANGE: the falco-driver-loader script now references
falco-probe.o
andfalco-probe.ko
asfalco.o
andfalco.ko
[#1158] - BREAKING CHANGE: the
falco-driver-loader
script environment variable to use a custom repository to download drivers now uses theDRIVERS_REPO
environment variable instead ofDRIVER_LOOKUP_URL
. This variable must contain the parent URI containing the following directory structure/$driver_version$/falco_$target$_$kernelrelease$_$kernelversion$.[ko|o]
. e.g: [#1160] - new(scripts): options and command-line usage for
falco-driver-loader
[#1200] - new: ability to specify exact matches when adding rules to Falco engine (only API) [#1185]
- new(docker): add an image that wraps the
falco-driver-loader
with the toolchain [#1192] - new(docker): add
falcosecurity/falco-no-driver
image [#1205]
Minor Changes
- update(scripts): improve
falco-driver-loader
output messages [#1200] - update: containers look for prebuilt drivers on the Drivers Build Grid [#1158]
- update: driver version bump to 96bd9bc560f67742738eb7255aeb4d03046b8045 [#1190]
- update(docker): now
falcosecurity/falco:slim-*
alias tofalcosecurity/falco-no-driver:*
[#1205] - docs: instructions to run unit tests [#1199]
- docs(examples): move
/examples
tocontrib
repo [#1191] - update(docker): remove
minimal
image [#1196] - update(integration): move
/integrations
tocontrib
repo [#1157] - https://dl.bintray.com/driver/$driver_version$/falco_$target$_$kernelrelease$_$kernelversion$.[ko|o]` [#1160]
- update(docker/event-generator): remove the event-generator from Falco repository [#1156]
- docs(examples): set audit level to metadata for object secrets [#1153]
Bug Fixes
- fix(scripts): upstream files (prebuilt drivers) for the generic Ubuntu kernel contains "ubuntu-generic" [#1212]
- fix: support Falco driver on Linux kernels 5.6.y [#1174]
Rule Changes
- rule(Redirect STDOUT/STDIN to Network Connection in Container): correct rule name as per rules naming convention [#1164]
- rule(Redirect STDOUT/STDIN to Network Connection in Container): new rule to detect Redirect stdout/stdin to network connection in container [#1152]
- rule(K8s Secret Created): new rule to track the creation of Kubernetes secrets (excluding kube-system and service account secrets) [#1151]
- rule(K8s Secret Deleted): new rule to track the deletion of Kubernetes secrets (excluding kube-system and service account secrets) [#1151]
Statistics
Merged PRs | Number |
---|---|
Not user-facing | 17 |
Release note | 18 |
Total | 35 |