Skip to content

Commit

Permalink
fix(Makefile): unify all makefiles in a single one
Browse files Browse the repository at this point in the history 
After the last refactor when porting the CI from CircleCI to GHA
makefiles were broken. This commit fixes them, and instead of having
a makefile for each chart we have a single one.

Signed-off-by: Aldo Lacuku <[email protected]>
  • Loading branch information
@alacuku
alacuku committed Dec 15, 2023
1 parent 4cf8392 commit bd790a1
Show file tree
Hide file tree
Showing 10 changed files with 886 additions and 282 deletions.
34 changes: 34 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
DOCS_IMAGE_VERSION="v1.11.0"

LINT_IMAGE_VERSION="v3.8.0"

# Charts's path relative to the current directory.
CHARTS := $(wildcard ./charts/*)

CHARTS_NAMES := $(notdir $(CHARTS))

.PHONY: lint
lint: helm-repo-update $(addprefix lint-, $(CHARTS_NAMES))

lint-%:
@docker run \
-it \
--workdir=/data \
--volume $$(pwd):/data \
quay.io/helmpack/chart-testing:$(LINT_IMAGE_VERSION) \
ct lint --config ./ct.yaml --charts ./charts/$*

.PHONY: docs
docs: $(addprefix docs-, $(filter-out falco-exporter,$(CHARTS_NAMES)))

docs-%:
@docker run \
--rm \
--workdir=/helm-docs \
--volume "$$(pwd):/helm-docs" \
-u $$(id -u) \
jnorwood/helm-docs:$(DOCS_IMAGE_VERSION) \
helm-docs -c ./charts/$* -t ./README.gotmpl -o ./README.md

helm-repo-update:
helm repo update
25 changes: 0 additions & 25 deletions charts/event-generator/Makefile
View file

This file was deleted.

125 changes: 122 additions & 3 deletions charts/event-generator/README.gotmpl
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,123 @@
{{ template "chart.header" . }}
{{ template "chart.description" . }}
{{ template "chart.valuesSection" . }}
# Event-generator

[event-generator](https://github.com/falcosecurity/event-generator) is a tool designed to generate events for both syscalls and k8s audit. The tool can be used to check if Falco is working properly. It does so by performing a variety of suspects actions which trigger security events. The event-event generator implements a [minimalistic framework](https://github.com/falcosecurity/event-generator/tree/master/events) which makes easy to implement new actions.

## Introduction

This chart helps to deploy the event-generator in a kubernetes cluster in order to test an already deployed Falco instance.

## Adding `falcosecurity` repository

Before installing the chart, add the `falcosecurity` charts repository:

```bash
helm repo add falcosecurity https://falcosecurity.github.io/charts
helm repo update
```

## Installing the Chart

To install the chart with default values and release name `event-generator` run:

```bash
helm install event-generator falcosecurity/event-generator
```

After a few seconds, event-generator should be running in the `default` namespace.

In order to install the event-generator in a custom namespace run:

```bash
# change the name of the namespace to fit your requirements.
kubectl create ns "ns-event-generator"
helm install event-generator falcosecurity/event-generator --namespace "ns-event-generator"
```
When the event-generator is installed using the default values in `values.yaml` file it is deployed using a k8s job, running the `run` command and, generates activity only for the k8s audit.
For more info check the next section.

> **Tip**: List all releases using `helm list`, a release is a name used to track a specific deployment

### Commands, actions and options

The event-generator tool accepts two commands: `run` and `test`. The first just generates activity, the later one, which is more sophisticated, also checks that for each generated activity Falco triggers the expected rule. Both of them accepts an argument that determines the actions to be performed:

```bash
event-generator run/test [regexp]
```

Without arguments, all actions are performed; otherwise, only those actions matching the given regular expression. If we want to `test` just the actions related to k8s the following command does the trick:

```bash
event-generator test ^k8saudit
```
The list of the supported actions can be found [here](https://github.com/falcosecurity/event-generator#list-actions)

Before diving in how this helm chart deploys and manages instances of the event-generator in kubernetes there are two more options that we need to talk about:
+ `--loop` to run actions in a loop
+ `--sleep` to set the length of time to wait before running an action (default to 1s)

### Deployment modes in k8s
Based on commands, actions and options configured the event-generator could be deployed as a k8s `job` or `deployment`. If the `config.loop` value is set a `deployment` is used since it is long running process, otherwise a `job`.
A configuration like the one below, set in the `values.yaml` file, will deploy the even-generator using a `deployment` with the `run` command passed to it and will will generate activity only for the syscalls:
```yaml
config:
# -- The event-generator accepts two commands (run, test):
# run: runs actions.
# test: runs and tests actions.
# For more info see: https://github.com/falcosecurity/event-generator
command: run
# -- Regular expression used to select the actions to be run.
actions: "^syscall"
# -- Runs in a loop the actions.
# If set to "true" the event-generator is deployed using a k8s deployment otherwise a k8s job.
loop: true
# -- The length of time to wait before running an action. Non-zero values should contain
# a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means no sleep. (default 100ms)
sleep: ""

grpc:
# -- Set it to true if you are deploying in "test" mode.
enabled: false
# -- Path to the Falco grpc socket.
bindAddress: "unix:///var/run/falco/falco.sock"
```

The following configuration will use a k8s `job` since we want to perform the k8s activity once and check that Falco reacts properly to those actions:
```yaml
config:
# -- The event-generator accepts two commands (run, test):
# run: runs actions.
# test: runs and tests actions.
# For more info see: https://github.com/falcosecurity/event-generator
command: test
# -- Regular expression used to select the actions to be run.
actions: "^k8saudit"
# -- Runs in a loop the actions.
# If set to "true" the event-generator is deployed using a k8s deployment otherwise a k8s job.
loop: false
# -- The length of time to wait before running an action. Non-zero values should contain
# a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means no sleep. (default 100ms)
sleep: ""

grpc:
# -- Set it to true if you are deploying in "test" mode.
enabled: true
# -- Path to the Falco grpc socket.
bindAddress: "unix:///var/run/falco/falco.sock"
```

Note that **grpc.enabled is set to true when running with the test command. Be sure that Falco exposes the grpc socket and emits output to it**.


## Uninstalling the Chart
To uninstall the `event-generator` release:
```bash
helm uninstall event-generator
```
The command removes all the Kubernetes components associated with the chart and deletes the release.

## Configuration

The following table lists the main configurable parameters of the {{ template "chart.name" . }} chart v{{ template "chart.version" . }} and their default values. See `values.yaml` for full list.

{{ template "chart.valuesSection" . }}
42 changes: 33 additions & 9 deletions charts/event-generator/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ In order to install the event-generator in a custom namespace run:
kubectl create ns "ns-event-generator"
helm install event-generator falcosecurity/event-generator --namespace "ns-event-generator"
```
When the event-generator is installed using the default values in `values.yaml` file it is deployed using a k8s job, running the `run` command and, generates activity only for the k8s audit.
When the event-generator is installed using the default values in `values.yaml` file it is deployed using a k8s job, running the `run` command and, generates activity only for the k8s audit.
For more info check the next section.

> **Tip**: List all releases using `helm list`, a release is a name used to track a specific deployment
Expand Down Expand Up @@ -61,7 +61,7 @@ Based on commands, actions and options configured the event-generator could be d
A configuration like the one below, set in the `values.yaml` file, will deploy the even-generator using a `deployment` with the `run` command passed to it and will will generate activity only for the syscalls:
```yaml
config:
# -- The event-generator accepts two commands (run, test):
# -- The event-generator accepts two commands (run, test):
# run: runs actions.
# test: runs and tests actions.
# For more info see: https://github.com/falcosecurity/event-generator
Expand All @@ -71,10 +71,10 @@ config:
# -- Runs in a loop the actions.
# If set to "true" the event-generator is deployed using a k8s deployment otherwise a k8s job.
loop: true
# -- The length of time to wait before running an action. Non-zero values should contain
# -- The length of time to wait before running an action. Non-zero values should contain
# a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means no sleep. (default 100ms)
sleep: ""

grpc:
# -- Set it to true if you are deploying in "test" mode.
enabled: false
Expand All @@ -85,7 +85,7 @@ config:
The following configuration will use a k8s `job` since we want to perform the k8s activity once and check that Falco reacts properly to those actions:
```yaml
config:
# -- The event-generator accepts two commands (run, test):
# -- The event-generator accepts two commands (run, test):
# run: runs actions.
# test: runs and tests actions.
# For more info see: https://github.com/falcosecurity/event-generator
Expand All @@ -95,10 +95,10 @@ config:
# -- Runs in a loop the actions.
# If set to "true" the event-generator is deployed using a k8s deployment otherwise a k8s job.
loop: false
# -- The length of time to wait before running an action. Non-zero values should contain
# -- The length of time to wait before running an action. Non-zero values should contain
# a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means no sleep. (default 100ms)
sleep: ""
grpc:
# -- Set it to true if you are deploying in "test" mode.
enabled: true
Expand All @@ -108,7 +108,6 @@ config:

Note that **grpc.enabled is set to true when running with the test command. Be sure that Falco exposes the grpc socket and emits output to it**.


## Uninstalling the Chart
To uninstall the `event-generator` release:
```bash
Expand All @@ -118,4 +117,29 @@ The command removes all the Kubernetes components associated with the chart and

## Configuration

All the configurable parameters of the event-generator chart and their default values can be found [here](./generated/helm-values.md).
The following table lists the main configurable parameters of the event-generator chart v0.3.1 and their default values. See `values.yaml` for full list.

## Values

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | Affinity, like the nodeSelector but with more expressive syntax. |
| config.actions | string | `"^syscall"` | Regular expression used to select the actions to be run. |
| config.command | string | `"run"` | The event-generator accepts two commands (run, test): run: runs actions. test: runs and tests actions. For more info see: https://github.com/falcosecurity/event-generator. |
| config.grpc.bindAddress | string | `"unix:///run/falco/falco.sock"` | Path to the Falco grpc socket. |
| config.grpc.enabled | bool | `false` | Set it to true if you are deploying in "test" mode. |
| config.loop | bool | `true` | Runs in a loop the actions. If set to "true" the event-generator is deployed using a k8s deployment otherwise a k8s job. |
| config.sleep | string | `""` | The length of time to wait before running an action. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means no sleep. (default 100ms) |
| fullnameOverride | string | `""` | Used to override the chart full name. |
| image | object | `{"pullPolicy":"IfNotPresent","repository":"falcosecurity/event-generator","tag":"latest"}` | Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) revisionHistoryLimit: 1 |
| image.pullPolicy | string | `"IfNotPresent"` | Pull policy for the event-generator image |
| image.repository | string | `"falcosecurity/event-generator"` | Repository from where the image is pulled. |
| image.tag | string | `"latest"` | Images' tag to select a development/custom version of event-generator instead of a release. Overrides the image tag whose default is the chart appVersion. |
| imagePullSecrets | list | `[]` | Secrets used to pull the image from a private repository. |
| nameOverride | string | `""` | Used to override the chart name. |
| nodeSelector | object | `{}` | Selectors to choose a given node where to run the pods. |
| podAnnotations | object | `{}` | Annotations to be added to the pod. |
| podSecurityContext | object | `{}` | Security context for the pod. |
| replicasCount | int | `1` | Number of replicas of the event-generator (meaningful when installed as a deployment). |
| securityContext | object | `{}` | Security context for the containers. |
| tolerations | list | `[]` | Tolerations to allow the pods to be scheduled on nodes whose taints the pod tolerates. |
27 changes: 0 additions & 27 deletions charts/event-generator/generated/helm-values.md
View file

This file was deleted.

25 changes: 0 additions & 25 deletions charts/falco/Makefile
View file

This file was deleted.

Loading

0 comments on commit bd790a1

Please sign in to comment.