config

package

v0.7.3 Latest Latest Go to latest Published: Feb 22, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/falcosecurity/falcoctl

Links

Open Source Insights

Documentation ¶

Overview ¶

Package config defines all the configuration variables used across the falcoctl commands.

Index ¶

Constants
Variables
func AddGcp(gcps []GcpAuth, configFile string) error
func AddIndexes(indexes []Index, configFile string) error
func ArtifactAllowedTypes() (*oci.ArtifactTypeSlice, error)
func ClientCredentials(reg string) (*clientcredentials.Config, error)
func DriverRepos() ([]string, error)
func Load(path string) error
func RegistryCredentialConfPath() string
func RemoveIndexes(names []string, configFile string) error
func StoreDriver(driverCfg *Driver, configFile string) error
func UpdateConfigFile(key string, value interface{}, path string) error
func WriteClientCredentials(registry string, cred *clientcredentials.Config) error
type BasicAuth
- func BasicAuths() ([]BasicAuth, error)
type Driver
type FalcoVersions
type Follow
- func Follower() (Follow, error)
type GcpAuth
- func Gcps() ([]GcpAuth, error)
type Index
- func Indexes() ([]Index, error)
type Install
- func Installer() (Install, error)
type OauthAuth
- func OauthAuths() ([]OauthAuth, error)
type RegistryClientCredentials

Constants ¶

View Source

const (
	// EnvPrefix is the prefix for all the environment variables.
	EnvPrefix = "FALCOCTL"
	// ConfigPath is the path to the default config.
	ConfigPath = "/etc/falcoctl/falcoctl.yaml"
	// PluginsDir default path where plugins are installed.
	PluginsDir = "/usr/share/falco/plugins"
	// RulesfilesDir default path where rulesfiles are installed.
	RulesfilesDir = "/etc/falco"
	// AssetsDir default path where assets are installed.
	AssetsDir = "/etc/falco/assets"
	// FollowResync time interval how often it checks for newer version of the artifact.
	// Default values is set every 24 hours.
	FollowResync = time.Hour * 24

	// RegistryCredentialConfigKey is the Viper key for the credentials store path configuration.
	//#nosec G101 -- false positive
	RegistryCredentialConfigKey = "registry.creds.config"
	// RegistryAuthOauthKey is the Viper key for OAuth authentication configuration.
	RegistryAuthOauthKey = "registry.auth.oauth"
	// RegistryAuthBasicKey is the Viper key for basic authentication configuration.
	RegistryAuthBasicKey = "registry.auth.basic"
	// RegistryAuthGcpKey is the Viper key for gcp authentication configuration.
	RegistryAuthGcpKey = "registry.auth.gcp"

	// IndexesKey is the Viper key for indexes configuration.
	IndexesKey = "indexes"

	// ArtifactFollowEveryKey is the Viper key for follower "every" configuration.
	ArtifactFollowEveryKey = "artifact.follow.every"
	// ArtifactFollowCronKey is the Viper key for follower "cron" configuration.
	ArtifactFollowCronKey = "artifact.follow.cron"
	// ArtifactFollowRefsKey is the Viper key for follower "artifacts" configuration.
	ArtifactFollowRefsKey = "artifact.follow.refs"
	// ArtifactFollowFalcoVersionsKey is the Viper key for follower "falcoVersions" configuration.
	ArtifactFollowFalcoVersionsKey = "artifact.follow.falcoversions"
	// ArtifactFollowRulesfilesDirKey is the Viper key for follower "rulesFilesDir" configuration.
	ArtifactFollowRulesfilesDirKey = "artifact.follow.rulesfilesdir"
	// ArtifactFollowPluginsDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactFollowPluginsDirKey = "artifact.follow.pluginsdir"
	// ArtifactFollowAssetsDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactFollowAssetsDirKey = "artifact.follow.assetsdir"
	// ArtifactFollowTmpDirKey is the Viper key for follower "pluginsDir" configuration.
	ArtifactFollowTmpDirKey = "artifact.follow.tmpdir"

	// ArtifactInstallArtifactsKey is the Viper key for installer "artifacts" configuration.
	ArtifactInstallArtifactsKey = "artifact.install.refs"
	// ArtifactInstallRulesfilesDirKey is the Viper key for installer "rulesFilesDir" configuration.
	ArtifactInstallRulesfilesDirKey = "artifact.install.rulesfilesdir"
	// ArtifactInstallPluginsDirKey is the Viper key for installer "pluginsDir" configuration.
	ArtifactInstallPluginsDirKey = "artifact.install.pluginsdir"
	// ArtifactInstallAssetsDirKey is the Viper key for installer "pluginsDir" configuration.
	ArtifactInstallAssetsDirKey = "artifact.install.assetsdir"
	// ArtifactInstallResolveDepsKey is the Viper key for installer "resolveDeps" configuration.
	ArtifactInstallResolveDepsKey = "artifact.install.resolveDeps"

	// ArtifactAllowedTypesKey is the Viper key for the whitelist of artifacts to be installed in the system.
	ArtifactAllowedTypesKey = "artifact.allowedTypes"
	// ArtifactNoVerifyKey is the Viper key for skipping signature verification.
	ArtifactNoVerifyKey = "artifact.noVerify"

	// DriverKey is the Viper key for driver structure.
	DriverKey = "driver"
	// DriverTypeKey is the Viper key for the driver type.
	DriverTypeKey = "driver.type"
	// DriverVersionKey is the Viper key for the driver version.
	DriverVersionKey = "driver.version"
	// DriverReposKey is the Viper key for the driver repositories.
	DriverReposKey = "driver.repos"
	// DriverNameKey is the Viper key for the driver name.
	DriverNameKey = "driver.name"
	// DriverHostRootKey is the Viper key for the driver host root.
	DriverHostRootKey = "driver.hostRoot"
)

Variables ¶

View Source

var (
	// ConfigDir configuration directory for falcoctl.
	ConfigDir string
	// FalcoctlPath path inside the configuration directory where the falcoctl stores its config files.
	FalcoctlPath string
	// IndexesFile name of the file where the indexes info is stored. It lives under FalcoctlPath.
	IndexesFile string
	// IndexesDir is where the actual indexes are stored. It is a directory that lives under FalcoctlPath.
	IndexesDir string
	// ClientCredentialsFile name of the file where oauth client credentials are stored. It lives under FalcoctlPath.
	ClientCredentialsFile string
	// DefaultIndex is the default index for the falcosecurity organization.
	DefaultIndex Index
	// DefaultRegistryCredentialConfPath is the default path for the credential store configuration file.
	DefaultRegistryCredentialConfPath = filepath.Join(config.Dir(), "config.json")
	// DefaultDriver is the default config for the falcosecurity organization.
	DefaultDriver Driver

	// SemicolonSeparatedRegexp is a regexp matching semi-colon separated values, without trailing separator.
	SemicolonSeparatedRegexp = regexp.MustCompile(`^([^;]+)(;[^;]+)*$`)
	// CommaSeparatedRegexp is a regexp matching comma separated values, without trailing separator.
	CommaSeparatedRegexp = regexp.MustCompile(`^([^,]+)(,[^,]+)*$`)
)

Functions ¶

func AddGcp ¶ added in v0.6.0

func AddGcp(gcps []GcpAuth, configFile string) error

AddGcp appends the provided gcps to a configuration file if not present.

func AddIndexes ¶

func AddIndexes(indexes []Index, configFile string) error

AddIndexes appends the provided indexes to a configuration file if not present.

func ArtifactAllowedTypes ¶ added in v0.4.0

func ArtifactAllowedTypes() (*oci.ArtifactTypeSlice, error)

ArtifactAllowedTypes retrieves the allowed types section of the config file.

func ClientCredentials ¶ added in v0.6.0

func ClientCredentials(reg string) (*clientcredentials.Config, error)

ClientCredentials retrieves the client credentials for a specific registry.

func DriverRepos ¶ added in v0.7.0

func DriverRepos() ([]string, error)

DriverRepos retrieves the driver section of the config file.

func RegistryCredentialConfPath ¶ added in v0.6.0

func RegistryCredentialConfPath() string

RegistryCredentialConfPath retrieves the path to the credential store configuration.

func RemoveIndexes ¶

func RemoveIndexes(names []string, configFile string) error

RemoveIndexes removes the index entries from a configuration file if any is found.

func StoreDriver ¶ added in v0.7.0

func StoreDriver(driverCfg *Driver, configFile string) error

StoreDriver stores a driver conf in config file.

func UpdateConfigFile ¶

func UpdateConfigFile(key string, value interface{}, path string) error

UpdateConfigFile is used to update a section of the config file. We create a brand new viper instance for doing it so that we are sure that modifications are scoped to the passed key with no side effects (e.g user forgot to unset one env variable for another config setting, avoid to mistakenly update it).

func WriteClientCredentials ¶ added in v0.6.0

func WriteClientCredentials(registry string, cred *clientcredentials.Config) error

WriteClientCredentials writes client credentials to config file.

Types ¶

type BasicAuth ¶

type BasicAuth struct {
	Registry string `mapstructure:"registry"`
	User     string `mapstructure:"user"`
	Password string `mapstructure:"password"`
}

BasicAuth represents a Basic credential.

func BasicAuths ¶

func BasicAuths() ([]BasicAuth, error)

BasicAuths retrieves the basicAuths section of the config file.

type Driver ¶ added in v0.7.0

type Driver struct {
	Type     string   `mapstructure:"type"`
	Name     string   `mapstructure:"name"`
	Repos    []string `mapstructure:"repos"`
	Version  string   `mapstructure:"version"`
	HostRoot string   `mapstructure:"hostRoot"`
}

Driver represents the internal driver configuration (with Type string).

type FalcoVersions ¶

type FalcoVersions map[string]string

FalcoVersions represent the map for Falco requirements In general, it should be a map[string]semver.Version, but given that we have fields like engine_version that are only numbers, we shoud be as muche generic as possible.

type Follow ¶

type Follow struct {
	Every         time.Duration `mapstructure:"every"`
	Artifacts     []string      `mapstructure:"artifacts"`
	FalcoVersions string        `mapstructure:"falcoVersions"`
	RulesfilesDir string        `mapstructure:"rulesFilesDir"`
	PluginsDir    string        `mapstructure:"pluginsDir"`
	TmpDir        string        `mapstructure:"pluginsDir"`
	NoVerify      bool          `mapstructure:"noVerify"`
}

Follow represents the follower configuration.

func Follower ¶

func Follower() (Follow, error)

Follower retrieves the follower section of the config file.

type GcpAuth ¶ added in v0.6.0

type GcpAuth struct {
	Registry string `mapstructure:"registry"`
}

GcpAuth represents a Gcp activation setting.

func Gcps ¶ added in v0.6.0

func Gcps() ([]GcpAuth, error)

Gcps retrieves the gcp auth section of the config file.

type Index ¶

type Index struct {
	Name    string `mapstructure:"name"`
	URL     string `mapstructure:"url"`
	Backend string `mapstructure:"backend"`
}

Index represents a configured index.

func Indexes ¶

func Indexes() ([]Index, error)

Indexes retrieves the indexes section of the config file.

type Install ¶

type Install struct {
	Artifacts     []string `mapstructure:"artifacts"`
	RulesfilesDir string   `mapstructure:"rulesFilesDir"`
	PluginsDir    string   `mapstructure:"pluginsDir"`
	ResolveDeps   bool     `mapstructure:"resolveDeps"`
	NoVerify      bool     `mapstructure:"noVerify"`
}

Install represents the installer configuration.

func Installer ¶

func Installer() (Install, error)

Installer retrieves the installer section of the config file.

type OauthAuth ¶

type OauthAuth struct {
	Registry     string `mapstructure:"registry"`
	ClientSecret string `mapstructure:"clientSecret"`
	ClientID     string `mapstructure:"clientID"`
	TokenURL     string `mapstructure:"tokenURL"`
}

OauthAuth represents an OAuth credential.

func OauthAuths ¶

func OauthAuths() ([]OauthAuth, error)

OauthAuths retrieves the oauthAuths section of the config file.

type RegistryClientCredentials ¶ added in v0.6.0

type RegistryClientCredentials map[string]clientcredentials.Config

RegistryClientCredentials is used to store registry:clientCrendetials key value. This is done to be in accordance with the way Docker stores credentials, so that users will be able to store only one credential per registry.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL