search

falcosecurity / falco

Cloud Native Runtime Security
https://falco.org
Apache License 2.0
7.16k stars 884 forks source link

Cut 0.32.0 Release #1993

Closed FedeDP closed 2 years ago

FedeDP commented 2 years ago

Scheduled to happen: ~2022-05-31

Release Steps

Process is described in this document.

Release Blocking PRs

Nice-to-have PRs

Driverkit

Action Items

Open Questions

/milestone 0.32.0

/assign @fededp

/kind documentation

poiana commented 2 years ago

@FedeDP: You must be a member of the falcosecurity/maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your Falco maintainers and have them propose you as an additional delegate for this responsibility.

In response to [this](https://github.com/falcosecurity/falco/issues/1993): >## Scheduled to happen: ~2022-05-31 > >## Release Steps > >Process is described in [this document](https://github.com/falcosecurity/falco/blob/master/RELEASE.md). > >## Release Blocking PRs > >- [ ] [[part 1/n] Introduce vtable-based dispatch](https://github.com/falcosecurity/libs/pull/213) >- [ ] [wip: new(libscap): add parsers for gVisor seccheck messages](https://github.com/falcosecurity/libs/pull/318) >- [ ] [new(userspace/falco): added an option to listen to changes on the config file and rules files, and trigger a Falco reload](https://github.com/falcosecurity/falco/pull/1991) >- [ ] [Include origin host in output json](https://github.com/falcosecurity/falco/pull/1989) >- [ ] [Falco Rules/Conditions update](https://github.com/falcosecurity/falco/pull/1981) >- [ ] [New Rule Detect Linux Cgroup Container Escape Vulnerability (CVE-2022-0492)](https://github.com/falcosecurity/falco/pull/1969) > >**Moreover, a new release of Driverkit is needed, because latest release (0.7.0) has a bug that prevents amazonlinux drivers builds.** > >## Nice-to-have PRs > >- [ ] [ wip: refactor(userspace/libsinsp)!: introducing plugin manager](https://github.com/falcosecurity/libs/pull/313) >- [ ] [update(libsinsp): drop also untracked syscalls in kernel-side simple consumer mode](https://github.com/falcosecurity/libs/pull/211) >- [ ] [new(docker,scripts): port all docker images to be multiarch ready](https://github.com/falcosecurity/falco/pull/1990) >- [ ] [Add job to generate configs from crawled kernels](https://github.com/falcosecurity/test-infra/pull/684) > >### Driverkit >- [ ] [new(driverkit): allow configurable builder images](https://github.com/falcosecurity/driverkit/pull/113) >- [ ] [new: arm64 support](https://github.com/falcosecurity/driverkit/pull/143) > >## Action Items > >- [ ] **Pre-Release** > - [ ] Pick a final driver version in Falco > - [ ] Release and publish plugins > - [ ] Prebuilt drivers publish > - [ ] Milestones: https://github.com/falcosecurity/falco/milestone/22 > - [ ] Changelog >- [ ] **Release** > - [ ] Tag > - [ ] Github Release >- [ ] **Docs** >- [ ] **Website** >- [ ] **Announcements** >- [ ] **Post-Release** > >## Open Questions > >/milestone 0.32.0 > >/assign @fededp > >/kind documentation Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
FedeDP commented 2 years ago

/cc @leogr @jasondellaluce

leogr commented 2 years ago

Hey @FedeDP

Could you include https://github.com/falcosecurity/falco/issues/1994 too, please? :pray:

FedeDP commented 2 years ago

Of course!

jasondellaluce commented 2 years ago

Hey @FedeDP, I just opened a PR in falco-website to update the plugins documentation with the newest plugin API changes (https://github.com/falcosecurity/falco-website/pull/581). Would you add it to the list of post-release actions? This is also tracked in https://github.com/falcosecurity/falco/issues/1948 as a backup.

jasondellaluce commented 2 years ago

@FedeDP, would you add https://github.com/falcosecurity/falco-website/pull/584 to the list? This is the docs migration from the legacy k8s audit implementation to the plugin-based one. This would fit in the post-release actions.

FedeDP commented 2 years ago

Yay!

leogr commented 2 years ago

Hey @FedeDP

Since the upcoming release is very close, we don't have enough time to test the ARM support. Should we move it to the next release?

FedeDP commented 2 years ago

It's very sad to hear that :(
But i agree with you, we have no time to thoroughly test this! It would be great to have a patch release for this though, perhaps as soon as we are confident with the changes.

Providing arm64 artifacts for Falco has a huge value!

leogr commented 2 years ago

It would be great to have a patch release for this though, perhaps as soon as we are confident with the changes.

I totally agree. We are very close to achieving official support for ARM64, but we have some stuff to fix and try. I'm ok with releasing a patch release once we fix the pending issues.

leogr commented 2 years ago

This release looks very nice :sunglasses:

FedeDP commented 2 years ago

It's because of the release manager sir :crown:

FedeDP commented 2 years ago

We have to bump driverversion unfortunately as during our tests we spotted some issues.

leogr commented 2 years ago

We have to bump driverversion unfortunately as during our tests we spotted some issues.

Just testing the fix :point_right: https://github.com/falcosecurity/libs/pull/361 :sunglasses:

FedeDP commented 2 years ago

We will need to bump driverversion once more given that we found a couple of bugs during our tests :(

leogr commented 2 years ago

Quick update regarding plugins.

We performed some manual tests on plugins and found some issues. Because of that, we need to release a new version of the go SDK. Then we will have to release and bump all plugins again.

However, we are confident that we will complete those tasks today. I'll keep you posted.

FedeDP commented 2 years ago

New plugins are released and the PR to upgrade them in Falco is opened: https://github.com/falcosecurity/falco/pull/2033

FedeDP commented 2 years ago

The changelog PR is opened: https://github.com/falcosecurity/falco/pull/2035

FedeDP commented 2 years ago

Falco 0.32 is out! https://github.com/falcosecurity/falco/releases/tag/0.32.0

/close

poiana commented 2 years ago

@FedeDP: Closing this issue.

In response to [this](https://github.com/falcosecurity/falco/issues/1993#issuecomment-1147226776): >Falco 0.32 is out! https://github.com/falcosecurity/falco/releases/tag/0.32.0 > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.