collector icon indicating copy to clipboard operation
collector copied to clipboard

Published 20 hours ago verified publisher icon stackrox

Update Falco libs to 0.21.0

Open Molter73 opened this issue 5 months ago • 1 comments

Description

The latest version of Falco has a number of changes that are incompatible with collector, biggest ones are:

  • Removal of the container manager code in favor of a plugin.
  • Major refactoring of sinsp.

In order to make collector compatible again, we had to drop the ContainerEngine that we implemented in favor of a method in the event extractor that will get the container id from the cgroups when it is called. The ContainerMetadata is also essentially dead in the water, since we can't get container metadata without the container plugin.

Filtering of events that used to happen in the inspector itself has been moved into collector, since we can't filter events by container id without the container engine.

Checklist

  • [ ] Investigated and inspected CI test results
  • [ ] Updated documentation accordingly

Automated testing

  • [ ] Added unit tests
  • [ ] Added integration tests
  • [ ] Added regression tests

If any of these don't apply, please comment below.

Testing Performed

TODO(replace-me) Use this space to explain how you tested your PR, or, if you didn't test it, why you did not do so. (Valid reasons include "CI is sufficient" or "No testable changes") In addition to reviewing your code, reviewers must also review your testing instructions, and make sure they are sufficient.

For more details, ref the Confluence page about this section.

Molter73 avatar Jun 25 '25 09:06 Molter73

Codecov Report

Attention: Patch coverage is 22.22222% with 28 lines in your changes missing coverage. Please review.

Project coverage is 28.94%. Comparing base (7c8779f) to head (13dfea9). Report is 3 commits behind head on master.

:white_check_mark: All tests successful. No failed tests found.

Files with missing lines Patch % Lines
collector/lib/ProcessSignalFormatter.cpp 9.09% 6 Missing and 4 partials :warning:
collector/lib/system-inspector/EventExtractor.h 50.00% 1 Missing and 5 partials :warning:
collector/lib/system-inspector/Service.cpp 0.00% 4 Missing and 1 partial :warning:
collector/lib/Process.cpp 0.00% 3 Missing :warning:
collector/lib/ContainerMetadata.cpp 0.00% 2 Missing :warning:
collector/lib/NetworkConnection.h 50.00% 0 Missing and 1 partial :warning:
collector/lib/NetworkSignalHandler.cpp 0.00% 1 Missing :warning:
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2196      +/-   ##
==========================================
+ Coverage   28.83%   28.94%   +0.11%     
==========================================
  Files          96       95       -1     
  Lines        5799     5776      -23     
  Branches     2551     2540      -11     
==========================================
  Hits         1672     1672              
+ Misses       3408     3387      -21     
+ Partials      719      717       -2
Flag Coverage Δ
collector-unit-tests 28.94% <22.22%> (+0.11%) :arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Jun 25 '25 10:06 codecov-commenter