This PR adds a //cmd/build-falco-ebpf-probe go_binary which can be run via plz run //cmd/build-falco-ebpf-probe -- <flags> <operating-system> <kernel-package-name>, e.g.
$ plz run //cmd/build-falco-ebpf-probe -- --verbose --falco_version=0.29.1 amazonlinux2 4.14.200-155.322.amzn2
$ plz run //cmd/build-falco-ebpf-probe -- --verbose --falco_version=0.29.1 amazonlinux2 4.14.200-155.322.amzn2
will output built eBPF probes to dist/<falco driver version>/<probe name>.
In order to do this, this PR:
Adds internal/cmd and internal/log packages in an attempt to standardise cmd and logging functionality.
Adds docker build support to the pkg/docker library.
Refactored docker pull and image management into functions in pkg/docker/image.go
Add support for arbitrary io.Writers to container logging in pkg/docker/logs.go so that we can add docker/container output as debug logs.
Change docker run (pkg/docker/run.go) to stream container logs in real-time instead of collecting them all when the container stops.
Add container exit-code handling to docker run. An error is now returned when a container exits with a non-zero exit code.
Add support for environment variables to docker run.
Add WriteFileToVolume and GetFileFromVolume functions to put and retrieve files from docker volumes.
pkg/operatingsystem/amazonlinux2 uses GetFileFromVolume to extract the contents of /etc/os-release now too as cat and reading the container stdout was a bit garbled because of the quotes.
Add pkg/falcodriverbuilder w/ functions related to building the falco-driver-builder image and usage of its output.
There's a lot of room for improvement in the things that this PR adds: e.g. logging should probably only be used for logging as opposed to application output as we're using log.Info for regular application output at the moment. I'd be keen to see these sorts of changes in future, much smaller PRs. The main goal of this PR is to add //cmd/build-falco-ebpf-probe where adding all of this other stuff has been necessary to get off the ground.
This PR adds a
//cmd/build-falco-ebpf-probego_binary which can be run viaplz run //cmd/build-falco-ebpf-probe -- <flags> <operating-system> <kernel-package-name>, e.g.will output built eBPF probes to
dist/<falco driver version>/<probe name>.In order to do this, this PR:
internal/cmdandinternal/logpackages in an attempt to standardise cmd and logging functionality.internal/loguses https://github.com/rs/zerolog.docker buildsupport to thepkg/dockerlibrary.docker pulland image management into functions inpkg/docker/image.goio.Writers to container logging inpkg/docker/logs.goso that we can add docker/container output as debug logs.docker run(pkg/docker/run.go) to stream container logs in real-time instead of collecting them all when the container stops.docker run. An error is now returned when a container exits with a non-zero exit code.docker run.WriteFileToVolumeandGetFileFromVolumefunctions to put and retrieve files from docker volumes.pkg/operatingsystem/amazonlinux2uses GetFileFromVolume to extract the contents of/etc/os-releasenow too ascatand reading the container stdout was a bit garbled because of the quotes.pkg/falcodriverbuilderw/ functions related to building the falco-driver-builder image and usage of its output.There's a lot of room for improvement in the things that this PR adds: e.g. logging should probably only be used for logging as opposed to application output as we're using log.Info for regular application output at the moment. I'd be keen to see these sorts of changes in future, much smaller PRs. The main goal of this PR is to add
//cmd/build-falco-ebpf-probewhere adding all of this other stuff has been necessary to get off the ground.