Open jfcmartins opened 1 month ago
Hi @jfcmartins, usually the plugins require two steps to be configured in falco:
In the case of the k8s-metacollector + k8smeta plugin the configuration is done by the chart itself so you're right that it could be misleading.
A better way could be to show the warning only when one of the two steps described above is not performed.
Hey @alacuku 👋 thanks for the help. That's what I thought.
What I still don't understand is why this warning appears in the first place, since falco.load_plugins
is an empty list on values.yaml
https://github.com/falcosecurity/charts/blob/falco-4.4.0/charts/falco/templates/NOTES.txt#L42
When setting collectors.kubernetes.enabled=true
the following helper (https://github.com/falcosecurity/charts/blob/addf0d3cc3dd0b0ffa36fe73992e70d8cbecb1ef/charts/falco/templates/_helpers.tpl#L324-L373) takes care to configure the k8smeta plugin:
falco.laod_plugins
list.To inspect the templates generated at install time, use the helm template
with your values.yaml
file.
Thanks @alacuku! Now it makes sense
Plugin k8smeta warning after creating Falco Helm chart with Kubernetes collector enabled
When I create Falco Helm chart with Kubernetes
k8smeta
collector, it displays the following warning:How to reproduce it
Create Falco Helm chart values file:
values.yaml
Then apply the Helm chart:
Expected behaviour
Helm chart warning shouldn't appear for this use case.
Screenshots
Environment
Am I missing something? I really appreciate any help you can provide.