jonnymcgow7
commented
5 years ago Open jonnymcgow7 opened 5 years ago
jonnymcgow7
commented
5 years ago 
eihwaz-kob
commented
4 years ago I fix this adding ^:^ and : in the --set-env-vars in the gcloud functions command. --set-env-vars=^:^"$(join : ${environment[@]})"
I hope it helps
poiana
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
poiana
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Due to the join method being used in the deploy_playbook_gke script, it is not possible to deploy a function with multiple subscriptions.
The current implementation uses commas as delimiters for both the dictionary containing environment variables, and the subscribed_alerts themselves. This results in an incorrect split happening between the multiple subscriptions, which causes the script to crash.
To replicate just use multiple -s tags, ie:
$ ./deploy_playbook_gke -p delete -t falco-alerts -s falco.notice.terminal_shell_in_container -s falco.info.* -k <cluster_name> -z <gcloud_zone> -n <gcloud_project>To fix this issue I suggest changing the join function to
And then you can use multiple characters for each delimiter, which will allow you to use two commas to separate env variables, and one comma to separate subscriptions.
I'll submit a PR with this functionality and link it below.