Open bobbled opened 2 months ago
Hi @bobbled,
falcoctl uses the registry
+ repository
to build the reference for the artifact. In your case, falcoctl does not find an artifact with reference registry.example.com/falcosecurity/rules/falco-rules:3
.
Make sure that a repository named:falcosecurity/rules/falco-rules:3
exists in your registry.
Hi @bobbled, falcoctl uses the
registry
+repository
to build the reference for the artifact. In your case, falcoctl does not find an artifact with referenceregistry.example.com/falcosecurity/rules/falco-rules:3
. Make sure that a repository named:falcosecurity/rules/falco-rules:3
exists in your registry.
Hi @alacuku , thanks for the response.
If registry
is registry.example.com
and repository
is ghcr/falcosecurity/rules/falco-rules
, then shouldn't registry
+ repository
= registry.example.com/ghcr/falcosecurity/rules/falco-rules
?
What falcoctl is trying is registry.example.com/falcosecurity/rules/falco-rules
.
I'll have a look at it in the coming days.
Hi @bobbled, i'm trying to reproduce your issue but no luck so far. It works correctly for me. The following snippets show my env:
index.yaml:
...
- name: falco-rules
type: rulesfile
registry: localhost:5000
repository: ghcr/falcosecurity/rules/falco-rules
description: Falco rules that are loaded by default
home: https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
keywords:
- falco-rules
license: apache-2.0
maintainers:
- email: cncf-falco-dev@lists.cncf.io
name: The Falco Authors
sources:
- https://github.com/falcosecurity/rules/blob/main/rules/falco_rules.yaml
...
❯ falcoctl artifact list
INDEX ARTIFACT TYPE REGISTRY REPOSITORY
falcosecurity application-rules rulesfile ghcr.io falcosecurity/rules/application-rules
falcosecurity cloudtrail plugin ghcr.io falcosecurity/plugins/plugin/cloudtrail
falcosecurity cloudtrail-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/cloudtrail
falcosecurity dummy plugin ghcr.io falcosecurity/plugins/plugin/dummy
falcosecurity dummy_c plugin ghcr.io falcosecurity/plugins/plugin/dummy_c
falcosecurity falco-incubating-rules rulesfile ghcr.io falcosecurity/rules/falco-incubating-rules
falcosecurity falco-rules rulesfile localhost:5000 ghcr/falcosecurity/rules/falco-rules
falcosecurity falco-sandbox-rules rulesfile ghcr.io falcosecurity/rules/falco-sandbox-rules
falcosecurity gcpaudit plugin ghcr.io falcosecurity/plugins/plugin/gcpaudit
falcosecurity gcpaudit-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/gcpaudit
falcosecurity github plugin ghcr.io falcosecurity/plugins/plugin/github
falcosecurity github-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/github
falcosecurity json plugin ghcr.io falcosecurity/plugins/plugin/json
falcosecurity k8saudit plugin ghcr.io falcosecurity/plugins/plugin/k8saudit
falcosecurity k8saudit-eks plugin ghcr.io falcosecurity/plugins/plugin/k8saudit-eks
falcosecurity k8saudit-gke plugin ghcr.io falcosecurity/plugins/plugin/k8saudit-gke
falcosecurity k8saudit-gke-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/k8saudit-gke
falcosecurity k8saudit-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/k8saudit
falcosecurity k8smeta plugin ghcr.io falcosecurity/plugins/plugin/k8smeta
falcosecurity okta plugin ghcr.io falcosecurity/plugins/plugin/okta
falcosecurity okta-rules rulesfile ghcr.io falcosecurity/plugins/ruleset/okta
❯ falcoctl artifact install falco-rules --plain-http
2024-05-06 09:28:28 INFO Resolving dependencies ...
2024-05-06 09:28:28 INFO Installing artifacts refs: [localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest]
2024-05-06 09:28:28 INFO Preparing to pull artifact ref: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
2024-05-06 09:28:28 INFO Pulling layer b1cdd273595d
2024-05-06 09:28:28 INFO Pulling layer 2e91799fee49
2024-05-06 09:28:28 INFO Pulling layer 4939911ad901
2024-05-06 09:28:28 INFO Extracting and installing artifact type: rulesfile file: falco_rules.tar.gz
2024-05-06 09:28:28 INFO Artifact successfully installed
├ name: localhost:5000/ghcr/falcosecurity/rules/falco-rules:latest
├ type: rulesfile
├ digest: sha256:4939911ad90194e2fc3aaa66f0bd90cbd3979fead9058a7bbc09b4abe9225eb7
└ directory: /etc/falco
Hey @bobbled, is this still an issue?
What happened: Overriding the repository for falco-rules in the index doesn't appear to have any effect. Falcoctl uses an overridden registry, but continues to use the default repository path.
What you expected to happen: Falcoctl would use the custom registry and repository path to find the artifact.
How to reproduce it (as minimally and precisely as possible):
falcoctl container errors:
I assumed the above should have tried accessing
registry.example.com/ghcr/falcosecurity/rules/falco-rules
instead ofregistry.example.com/falcosecurity/rules/falco-rules
Anything else we need to know?: registry.example.com is a harbor registry. Using falcoctl:0.7.2.