config

package

v0.4.0 Latest Latest Go to latest Published: Feb 6, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/falcosecurity/falcoctl

Links

Open Source Insights

Documentation ¶

Overview ¶

Package config defines all the configuration variables used across the falcoctl commands.

Index ¶

Constants
Variables
func AddIndexes(indexes []Index, configFile string) error
func ArtifactAllowedTypes() (*oci.ArtifactTypeSlice, error)
func Load(path string) error
func RemoveIndexes(names []string, configFile string) error
func UpdateConfigFile(key string, value interface{}, path string) error
type BasicAuth
- func BasicAuths() ([]BasicAuth, error)
type FalcoVersions
type Follow
- func Follower() (Follow, error)
type Index
- func Indexes() ([]Index, error)
type Install
- func Installer() (Install, error)
type OauthAuth
- func OauthAuths() ([]OauthAuth, error)

Constants ¶

View Source

const (
	// EnvPrefix is the prefix for all the environment variables.
	EnvPrefix = "FALCOCTL"
	// ConfigPath is the path to the default config.
	ConfigPath = "/etc/falcoctl/falcoctl.yaml"
	// PluginsDir default path where plugins are installed.
	PluginsDir = "/usr/share/falco/plugins"
	// RulesfilesDir default path where rulesfiles are installed.
	RulesfilesDir = "/etc/falco"
	// FollowResync time interval how often it checks for newer version of the artifact.
	// Default values is set every 24 hours.
	FollowResync = time.Hour * 24

	// RegistryAuthOauthKey is the Viper key for OAuth authentication configuration.
	RegistryAuthOauthKey = "registry.auth.oauth"
	// RegistryAuthBasicKey is the Viper key for basic authentication configuration.
	RegistryAuthBasicKey = "registry.auth.basic"
	// IndexesKey is the Viper key for indexes configuration.
	IndexesKey = "indexes"
	// ArtifactFollowEveryKey is the Viper key for follower "every" configuration.
	ArtifactFollowEveryKey = "artifact.follow.every"
	// ArtifactFollowCronKey is the Viper key for follower "cron" configuration.
	ArtifactFollowCronKey = "artifact.follow.cron"
	// ArtifactFollowRefsKey is the Viper key for follower "artifacts" configuration.
	ArtifactFollowRefsKey = "artifact.follow.refs"
	// ArtifactFollowFalcoVersionsKey is the Viper key for follower "falcoVersions" configuration.
	ArtifactFollowFalcoVersionsKey = "artifact.follow.falcoversions"
	// ArtifactFollowRulesfilesDirKey is the Viper key for follower "rulesFilesDir" configuration.
	ArtifactFollowRulesfilesDirKey = "artifact.follow.rulesfilesdir"
	// ArtifactFollowPluginsDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactFollowPluginsDirKey = "artifact.follow.pluginsdir"
	// ArtifactFollowTmpDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactFollowTmpDirKey = "artifact.follow.tmpdir"
	// ArtifactInstallArtifactsKey is the Viper key for installer "artifacts" configuration.
	ArtifactInstallArtifactsKey = "artifact.install.refs"
	// ArtifactInstallRulesfilesDirKey is the Viper key for follower "rulesFilesDir" configuration.
	ArtifactInstallRulesfilesDirKey = "artifact.install.rulesfilesdir"
	// ArtifactInstallPluginsDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactInstallPluginsDirKey = "artifact.install.pluginsdir"
	// ArtifactInstallResolveDepsKey is the Viper key for installer "resolveDeps" configuration.
	ArtifactInstallResolveDepsKey = "artifact.install.resolveDeps"
	// ArtifactAllowedTypesKey is the Viper key for the whitelist of artifacts to be installed in the system.
	ArtifactAllowedTypesKey = "artifact.allowedTypes"
)

Variables ¶

View Source

var (
	// ConfigDir configuration directory for falcoctl.
	ConfigDir string
	// FalcoctlPath path inside the configuration directory where the falcoctl stores its config files.
	FalcoctlPath string
	// IndexesFile name of the file where the indexes info is stored. It lives under FalcoctlPath.
	IndexesFile string
	// IndexesDir is where the actual indexes are stored. It is a directory that lives under FalcoctlPath.
	IndexesDir string
	// ClientCredentialsFile name of the file where oauth client credentials are stored. It lives under FalcoctlPath.
	ClientCredentialsFile string
	// DefaultIndex is the default index for the falcosecurity organization.
	DefaultIndex Index

	// SemicolonSeparatedRegexp is a regexp matching semi-colon separated values, without trailing separator.
	SemicolonSeparatedRegexp = regexp.MustCompile(`^([^;]+)(;[^;]+)*$`)
	// CommaSeparatedRegexp is a regexp matching comma separated values, without trailing separator.
	CommaSeparatedRegexp = regexp.MustCompile(`^([^,]+)(,[^,]+)*$`)
)

Functions ¶

func AddIndexes ¶

func AddIndexes(indexes []Index, configFile string) error

AddIndexes appends the provided indexes to a configuration file if not present.

func ArtifactAllowedTypes ¶ added in v0.4.0

func ArtifactAllowedTypes() (*oci.ArtifactTypeSlice, error)

ArtifactAllowedTypes retrieves the allowed types section of the config file.

func RemoveIndexes ¶

func RemoveIndexes(names []string, configFile string) error

RemoveIndexes removes the index entries from a configuration file if any is found.

func UpdateConfigFile ¶

func UpdateConfigFile(key string, value interface{}, path string) error

UpdateConfigFile is used to update a section of the config file. We create a brand new viper instance for doing it so that we are sure that modifications are scoped to the passed key with no side effects (e.g user forgot to unset one env variable for another config setting, avoid to mistakenly update it).

Types ¶

type BasicAuth ¶

type BasicAuth struct {
	Registry string `mapstructure:"registry"`
	User     string `mapstructure:"user"`
	Password string `mapstructure:"password"`
}

BasicAuth represents a Basic credential.

func BasicAuths ¶

func BasicAuths() ([]BasicAuth, error)

BasicAuths retrieves the basicAuths section of the config file.

type FalcoVersions ¶

type FalcoVersions map[string]string

FalcoVersions represent the map for Falco requirements In general, it should be a map[string]semver.Version, but given that we have fields like engine_version that are only numbers, we shoud be as muche generic as possible.

type Follow ¶

type Follow struct {
	Every         time.Duration `mapstructure:"every"`
	Artifacts     []string      `mapstructure:"artifacts"`
	FalcoVersions string        `mapstructure:"falcoVersions"`
	RulesfilesDir string        `mapstructure:"rulesFilesDir"`
	PluginsDir    string        `mapstructure:"pluginsDir"`
	TmpDir        string        `mapstructure:"pluginsDir"`
}

Follow represents the follower configuration.

func Follower ¶

func Follower() (Follow, error)

Follower retrieves the follower section of the config file.

type Index ¶

type Index struct {
	Name string `mapstructure:"name"`
	URL  string `mapstructure:"url"`
}

Index represents a configured index.

func Indexes ¶

func Indexes() ([]Index, error)

Indexes retrieves the indexes section of the config file.

type Install ¶

type Install struct {
	Artifacts     []string `mapstructure:"artifacts"`
	RulesfilesDir string   `mapstructure:"rulesFilesDir"`
	PluginsDir    string   `mapstructure:"pluginsDir"`
	ResolveDeps   bool     `mapstructure:"resolveDeps"`
}

Install represents the installer configuration.

func Installer ¶

func Installer() (Install, error)

Installer retrieves the installer section of the config file.

type OauthAuth ¶

type OauthAuth struct {
	Registry     string `mapstructure:"registry"`
	ClientSecret string `mapstructure:"clientSecret"`
	ClientID     string `mapstructure:"clientID"`
	TokenURL     string `mapstructure:"tokenURL"`
}

OauthAuth represents an OAuth credential.

func OauthAuths ¶

func OauthAuths() ([]OauthAuth, error)

OauthAuths retrieves the oauthAuths section of the config file.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL