Custom artifact repository path ignored

[bobbled]

What happened: Overriding the repository for falco-rules in the index doesn't appear to have any effect. Falcoctl uses an overridden registry, but continues to use the default repository path.

What you expected to happen: Falcoctl would use the custom registry and repository path to find the artifact.

How to reproduce it (as minimally and precisely as possible):

- name: falco-rules
  type: rulesfile
  registry: registry.example.com
  repository: ghcr/falcosecurity/rules/falco-rules
  description: Falco rules that are loaded by default
  home: https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
  keywords:
    - falco-rules
  license: apache-2.0
  maintainers:
    - email: [email protected]
      name: The Falco Authors
  sources:
    - https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml

falcoctl container errors:

falcoctl-artifact-install {"level":"INFO","msg":"Resolving dependencies ...","timestamp":"2024-04-21 22:15:26"}
falcoctl-artifact-install {"level":"ERROR","msg":"unable to get manifest: unable to fetch reference \"registry.example.com/falcosecurity/rules/falco-rules:3\": GET \"https://registry.example.com/v2/falcosecurity/rules/falco-rules/manifests/3\": response status code 401: unauthorized: project falcosecurity not found: project falcosecurity not found","timestamp":"2024-04-21 22:15:26"}

I assumed the above should have tried accessing registry.example.com/ghcr/falcosecurity/rules/falco-rules instead of registry.example.com/falcosecurity/rules/falco-rules

Anything else we need to know?: registry.example.com is a harbor registry. Using falcoctl:0.7.2.

[alacuku]

Hi @bobbled,
falcoctl uses the registry + repository to build the reference for the artifact. In your case, falcoctl does not find an artifact with reference registry.example.com/falcosecurity/rules/falco-rules:3.
Make sure that a repository named:falcosecurity/rules/falco-rules:3 exists in your registry.

[bobbled]

Hi @bobbled, falcoctl uses the registry + repository to build the reference for the artifact. In your case, falcoctl does not find an artifact with reference registry.example.com/falcosecurity/rules/falco-rules:3. Make sure that a repository named:falcosecurity/rules/falco-rules:3 exists in your registry.

Hi @alacuku , thanks for the response.

If registry is registry.example.com and repository is ghcr/falcosecurity/rules/falco-rules, then shouldn't registry + repository = registry.example.com/ghcr/falcosecurity/rules/falco-rules?

What falcoctl is trying is registry.example.com/falcosecurity/rules/falco-rules.

[alacuku]

I'll have a look at it in the coming days.

[alacuku]

Hi @bobbled,
i'm trying to reproduce your issue but no luck so far. It works correctly for me. The following snippets show my env:

index.yaml:

...
- name: falco-rules
  type: rulesfile
  registry: localhost:5000
  repository: ghcr/falcosecurity/rules/falco-rules
  description: Falco rules that are loaded by default
  home: https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
  keywords:
    - falco-rules
  license: apache-2.0
  maintainers:
    - email: [email protected]
      name: The Falco Authors
  sources:
    - https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
...

❯ falcoctl artifact list
INDEX        	ARTIFACT              	TYPE     	REGISTRY      	REPOSITORY
falcosecurity	application-rules     	rulesfile	ghcr.io       	falcosecurity/rules/application-rules
falcosecurity	cloudtrail            	plugin   	ghcr.io       	falcosecurity/plugins/plugin/cloudtrail
falcosecurity	cloudtrail-rules      	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/cloudtrail
falcosecurity	dummy                 	plugin   	ghcr.io       	falcosecurity/plugins/plugin/dummy
falcosecurity	dummy_c               	plugin   	ghcr.io       	falcosecurity/plugins/plugin/dummy_c
falcosecurity	falco-incubating-rules	rulesfile	ghcr.io       	falcosecurity/rules/falco-incubating-rules
falcosecurity	falco-rules           	rulesfile	localhost:5000	ghcr/falcosecurity/rules/falco-rules
falcosecurity	falco-sandbox-rules   	rulesfile	ghcr.io       	falcosecurity/rules/falco-sandbox-rules
falcosecurity	gcpaudit              	plugin   	ghcr.io       	falcosecurity/plugins/plugin/gcpaudit
falcosecurity	gcpaudit-rules        	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/gcpaudit
falcosecurity	github                	plugin   	ghcr.io       	falcosecurity/plugins/plugin/github
falcosecurity	github-rules          	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/github
falcosecurity	json                  	plugin   	ghcr.io       	falcosecurity/plugins/plugin/json
falcosecurity	k8saudit              	plugin   	ghcr.io       	falcosecurity/plugins/plugin/k8saudit
falcosecurity	k8saudit-eks          	plugin   	ghcr.io       	falcosecurity/plugins/plugin/k8saudit-eks
falcosecurity	k8saudit-gke          	plugin   	ghcr.io       	falcosecurity/plugins/plugin/k8saudit-gke
falcosecurity	k8saudit-gke-rules    	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/k8saudit-gke
falcosecurity	k8saudit-rules        	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/k8saudit
falcosecurity	k8smeta               	plugin   	ghcr.io       	falcosecurity/plugins/plugin/k8smeta
falcosecurity	okta                  	plugin   	ghcr.io       	falcosecurity/plugins/plugin/okta
falcosecurity	okta-rules            	rulesfile	ghcr.io       	falcosecurity/plugins/ruleset/okta

❯ falcoctl artifact install falco-rules --plain-http
2024-05-06 09:28:28 INFO  Resolving dependencies ... 
2024-05-06 09:28:28 INFO  Installing artifacts refs: [localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest]
2024-05-06 09:28:28 INFO  Preparing to pull artifact ref: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
2024-05-06 09:28:28 INFO  Pulling layer b1cdd273595d 
2024-05-06 09:28:28 INFO  Pulling layer 2e91799fee49                                                                 
2024-05-06 09:28:28 INFO  Pulling layer 4939911ad901                                                                 
2024-05-06 09:28:28 INFO  Extracting and installing artifact type: rulesfile file: falco_rules.tar.gz                
2024-05-06 09:28:28 INFO  Artifact successfully installed                                                            
                      ├ name: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
                      ├ type: rulesfile
                      ├ digest: sha256:4939911ad90194e2fc3aaa66f0bd90cbd3979fead9058a7bbc09b4abe9225eb7
                      └ directory: /etc/falco

[alacuku]

Hey @bobbled, is this still an issue?

[poiana]

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

[poiana]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh with /remove-lifecycle rotten.

Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle rotten