-
Notifications
You must be signed in to change notification settings - Fork 913
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update(userspace/falco): introduce new engine_version_semver key in v… #2899
Conversation
…ersions endpoint Signed-off-by: Lorenzo Susini <[email protected]>
cc @alacuku, @LucaGuerra for visibility |
Hey @loresuso, thanks for the PR! I think we should write some integrations tests in falcoctl to cover all the cases described above. To make sure that we are not going to break running instances of falco when upgrading them. I wuold be happy to help writing those tests. |
@alacuku Agreed, we should somehow mock the version endpoint for the falcoctl test and try out the function that checks the requirments. Happy to review if you are up for doing it! |
/milestone 0.37.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
LGTM label has been added. Git tree hash: 17f09781c489476f8b20c1c9b60fdfe4cc109bb8
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP, incertum, leogr, loresuso The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
…ersions endpoint
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area engine
What this PR does / why we need it:
With this PR we introduce a new key in the Falco
/versions
endpoint. This key will be used byfalcoctl
to match new artifact configs containing a full semver string for representing the required engine version.The rationale for this change is the following:
engine_version
both as numeric valuer or semver stringrequired_engine_version
(already did it for Falco rules, will need this also for plugin rules). This will require a major bump for each artifactengine_version_semver
keyfalcoctl
is already "keys agnostic". It just starts processing and matching keys starting from the config layer, and as long as it finds the same key in the/versions
endpoint, we are fine.With this being said, we end up in this situation (example for falco rules, will be the same for plugin rules):
PRs for updating the config layers are coming soon!
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: