0.23.0
版本发布时间: 2020-05-19 00:44:07
falcosecurity/falco最新发布版本:0.39.1(2024-10-09 16:56:32)
Released on 2020-18-05
Major Changes
- BREAKING CHANGE: the falco-driver-loader script now references
falco-probe.oandfalco-probe.koasfalco.oandfalco.ko[#1158] - BREAKING CHANGE: the
falco-driver-loaderscript environment variable to use a custom repository to download drivers now uses theDRIVERS_REPOenvironment variable instead ofDRIVER_LOOKUP_URL. This variable must contain the parent URI containing the following directory structure/$driver_version$/falco_$target$_$kernelrelease$_$kernelversion$.[ko|o]. e.g: [#1160] - new(scripts): options and command-line usage for
falco-driver-loader[#1200] - new: ability to specify exact matches when adding rules to Falco engine (only API) [#1185]
- new(docker): add an image that wraps the
falco-driver-loaderwith the toolchain [#1192] - new(docker): add
falcosecurity/falco-no-driverimage [#1205]
Minor Changes
- update(scripts): improve
falco-driver-loaderoutput messages [#1200] - update: containers look for prebuilt drivers on the Drivers Build Grid [#1158]
- update: driver version bump to 96bd9bc560f67742738eb7255aeb4d03046b8045 [#1190]
- update(docker): now
falcosecurity/falco:slim-*alias tofalcosecurity/falco-no-driver:*[#1205] - docs: instructions to run unit tests [#1199]
- docs(examples): move
/examplestocontribrepo [#1191] - update(docker): remove
minimalimage [#1196] - update(integration): move
/integrationstocontribrepo [#1157] - https://dl.bintray.com/driver/$driver_version$/falco_$target$_$kernelrelease$_$kernelversion$.[ko|o]` [#1160]
- update(docker/event-generator): remove the event-generator from Falco repository [#1156]
- docs(examples): set audit level to metadata for object secrets [#1153]
Bug Fixes
- fix(scripts): upstream files (prebuilt drivers) for the generic Ubuntu kernel contains "ubuntu-generic" [#1212]
- fix: support Falco driver on Linux kernels 5.6.y [#1174]
Rule Changes
- rule(Redirect STDOUT/STDIN to Network Connection in Container): correct rule name as per rules naming convention [#1164]
- rule(Redirect STDOUT/STDIN to Network Connection in Container): new rule to detect Redirect stdout/stdin to network connection in container [#1152]
- rule(K8s Secret Created): new rule to track the creation of Kubernetes secrets (excluding kube-system and service account secrets) [#1151]
- rule(K8s Secret Deleted): new rule to track the deletion of Kubernetes secrets (excluding kube-system and service account secrets) [#1151]
Statistics
| Merged PRs | Number |
|---|---|
| Not user-facing | 17 |
| Release note | 18 |
| Total | 35 |