-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom artifact repository path ignored #524
Comments
Hi @bobbled, |
Hi @alacuku , thanks for the response. If What falcoctl is trying is |
I'll have a look at it in the coming days. |
Hi @bobbled, index.yaml: ...
- name: falco-rules
type: rulesfile
registry: localhost:5000
repository: ghcr/falcosecurity/rules/falco-rules
description: Falco rules that are loaded by default
home: https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
keywords:
- falco-rules
license: apache-2.0
maintainers:
- email: [email protected]
name: The Falco Authors
sources:
- https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
... ❯ falcoctl artifact list
INDEX ARTIFACT TYPE REGISTRY REPOSITORY
falcosecurity application-rules rulesfile ghcr.io falcosecurity/rules/application-rules
falcosecurity cloudtrail plugin ghcr.io falcosecurity/plugins/plugin/cloudtrail
falcosecurity cloudtrail-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/cloudtrail
falcosecurity dummy plugin ghcr.io falcosecurity/plugins/plugin/dummy
falcosecurity dummy_c plugin ghcr.io falcosecurity/plugins/plugin/dummy_c
falcosecurity falco-incubating-rules rulesfile ghcr.io falcosecurity/rules/falco-incubating-rules
falcosecurity falco-rules rulesfile localhost:5000 ghcr/falcosecurity/rules/falco-rules
falcosecurity falco-sandbox-rules rulesfile ghcr.io falcosecurity/rules/falco-sandbox-rules
falcosecurity gcpaudit plugin ghcr.io falcosecurity/plugins/plugin/gcpaudit
falcosecurity gcpaudit-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/gcpaudit
falcosecurity github plugin ghcr.io falcosecurity/plugins/plugin/github
falcosecurity github-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/github
falcosecurity json plugin ghcr.io falcosecurity/plugins/plugin/json
falcosecurity k8saudit plugin ghcr.io falcosecurity/plugins/plugin/k8saudit
falcosecurity k8saudit-eks plugin ghcr.io falcosecurity/plugins/plugin/k8saudit-eks
falcosecurity k8saudit-gke plugin ghcr.io falcosecurity/plugins/plugin/k8saudit-gke
falcosecurity k8saudit-gke-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/k8saudit-gke
falcosecurity k8saudit-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/k8saudit
falcosecurity k8smeta plugin ghcr.io falcosecurity/plugins/plugin/k8smeta
falcosecurity okta plugin ghcr.io falcosecurity/plugins/plugin/okta
falcosecurity okta-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/okta ❯ falcoctl artifact install falco-rules --plain-http
2024-05-06 09:28:28 INFO Resolving dependencies ...
2024-05-06 09:28:28 INFO Installing artifacts refs: [localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest]
2024-05-06 09:28:28 INFO Preparing to pull artifact ref: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
2024-05-06 09:28:28 INFO Pulling layer b1cdd273595d
2024-05-06 09:28:28 INFO Pulling layer 2e91799fee49
2024-05-06 09:28:28 INFO Pulling layer 4939911ad901
2024-05-06 09:28:28 INFO Extracting and installing artifact type: rulesfile file: falco_rules.tar.gz
2024-05-06 09:28:28 INFO Artifact successfully installed
├ name: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
├ type: rulesfile
├ digest: sha256:4939911ad90194e2fc3aaa66f0bd90cbd3979fead9058a7bbc09b4abe9225eb7
└ directory: /etc/falco |
Hey @bobbled, is this still an issue? |
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh with Rotten issues close after an additional 30d of inactivity. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle rotten |
What happened: Overriding the repository for falco-rules in the index doesn't appear to have any effect. Falcoctl uses an overridden registry, but continues to use the default repository path.
What you expected to happen: Falcoctl would use the custom registry and repository path to find the artifact.
How to reproduce it (as minimally and precisely as possible):
falcoctl container errors:
I assumed the above should have tried accessing
registry.example.com/ghcr/falcosecurity/rules/falco-rules
instead ofregistry.example.com/falcosecurity/rules/falco-rules
Anything else we need to know?: registry.example.com is a harbor registry. Using falcoctl:0.7.2.
The text was updated successfully, but these errors were encountered: