compliantkubernetes-apps icon indicating copy to clipboard operation
compliantkubernetes-apps copied to clipboard
verified publisher icon elastisys

Investigate enabling falcoctl for new Falco Helm chart

Open anders-elastisys opened this issue 2 years ago • 1 comments

What should be investigated. The Falco Helm chart uses falcoctl starting from v3.0.0. falcoctl is a tool used for continuously updating Falco plugins and rules, whereas before you had to wait on new releases of the Helm chart to get these updates (or manually add custom rules). This PR looks to upgrades the Falco Helm chart to v3.3.0, but it is configured to always have falcoctl disabled as to not break the old values configurations according to the instructions given here.

Investigate whether or not falcoctl should be enabled in CK8s and what permissions are required to be able to run it.

What artifacts should this produce. Pros and cons for enabling falcoctl in CK8s.

anders-elastisys avatar Jul 07 '23 07:07 anders-elastisys

Follow up: The artifacts part was enabled in ck8s-apps in this PR, however, the follow sidecar container for automatically checking for updates of artifacts should still be investigated.

anders-elastisys avatar Jan 03 '24 07:01 anders-elastisys