falcosecurity
Falco driver loader init container fails to download artifacts behind proxy
Describe the bug
The Falco driver loader init container, which uses the falcosecurity/falco-driver-loader image, fails to download the required artifacts when running behind a proxy. It seems that the init container does not properly use the provided proxy settings, resulting in an error:
{"level":"ERROR","msg":"unable to fetch index \"falcosecurity\" with URL \"https://falcosecurity.github.io/falcoctl/index.yaml\": unable to fetch index: Stream closed EOF for cybersec/falco-zq8dq (falcoctl-artifact-install)
How to reproduce it
- Set up a Kubernetes cluster behind a proxy.
- Configure the proxy settings in the Falco Helm chart values file:
initContainers:
- args:
- auto
env:
- name: https_proxy
value: http://proxy:3128
- name: http_proxy
value: http://proxy:3128
- name: no_proxy
value: localhost,127.0.0.1,.local
image: docker.io/falcosecurity/falco-driver-loader:0.38.2
- Install Falco using the Helm chart with the configured proxy settings.
Expected behavior
The Falco driver loader init container (falcosecurity/falco-driver-loader) should respect the provided proxy settings and successfully download the required artifacts.
Actual behavior
The falcosecurity/falco-driver-loader init container fails to download the artifacts, and there is no traffic observed on the configured proxy, indicating that the init container is not using the proxy settings.
Environment
- Falco version: 0.38.2
- Installation method: Helm chart
- Affected image:
falcosecurity/falco-driver-loader:0.38.2
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Provide feedback via https://github.com/falcosecurity/community. /close
@poiana: Closing this issue.
In response to this:
Rotten issues close after 30d of inactivity.
Reopen the issue with
/reopen.Mark the issue as fresh with
/remove-lifecycle rotten.Provide feedback via https://github.com/falcosecurity/community. /close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.