Giles Hutton
Giles Hutton
There was a significant amount of friction and lost time when updating the Falco fork. To combat this, it should be reorganized in such a way as to make updates...
The kernel module patches are no longer needed and largely unsuitable for upstreaming. They should be removed from the falco fork to ease maintenance and reduce friction during fork updates....
Following removal of kernel modules, collector will be running with all capabilities (as a privileged container.) To harden the collector process, we should drop all capabilities that we don't require....
The kernel version on SLES-12 is deemed too old for eBPF so the heuristics fail over to kernel module collection. https://github.com/stackrox/collector/actions/runs/4805861889/jobs/8557085684
## Description A detailed explanation of the changes in your PR. Feel free to remove this section if it is overkill for your PR, and the title of your PR...
## Description As with GCP, we need to failover to a different zone if VM creation fails. This also handles the clean up of failed VSI creation. The root cause...
### Description change me! ### User-facing documentation (*must be* 2 items and both *must be* checked) - [ ] CHANGELOG is updated - [ ] CHANGELOG update is not needed...
### Description change me! ### User-facing documentation - [ ] CHANGELOG is updated **OR** update is not needed - [ ] [documentation PR](https://spaces.redhat.com/display/StackRox/Submitting+a+User+Documentation+Pull+Request) is created and is linked above **OR**...
Script for interacting with external IPs, based on network graph API changes in stackrox/stackrox#12689
## Description Includes support for enabling/disabling external IPs based on runtime config, deferring to existing feature flag if none is provided In subsequent PRs, the runtime configuration will be populated....