-
Notifications
You must be signed in to change notification settings - Fork 898
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cleanup(config): improve falco.yaml
config
#2571
Conversation
* add an index for logical categories * move configs around without changing description content, solely add a uniform header to each config * indicate "Stable" or "Experimental" for most configs to indicate current stability or maturity Signed-off-by: Melissa Kilby <[email protected]>
…ions Signed-off-by: Melissa Kilby <[email protected]>
/milestone 0.35.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I really like this! 🤩 Thank you! 🙏
I agree it's needed since we added a lot of options but never reorganized this file.
I've left some suggestions, mainly regarding the placement of the options. Apart from that, it seems already good for me!
* incorporate reviewers suggestions re ordering and phrasing * minor additional cleanups Co-authored-by: Leonardo Grasso <[email protected]> Signed-off-by: Melissa Kilby <[email protected]>
@leogr thanks for the amazing suggestions, incorporated them all. Please let me know if we first want to stop here now and move further language adjustments and improvements to a new PR? Would recommend not overloading this PR as we have been moving around things a lot. Loaded the yaml and printed all primary keys to ensure we didn't lose one and the ordering is correct, please also verify. |
…d more information * rephrase descriptions for numerous config options without changing the original content, meaning changes reflect language improvements and minor extensions (such as adding justifications or what it is) only * add Falco environment variables section * add Guidance for Kubernetes container engine command-line args settings * general rewrap formatting w/ IDE * minor additional re-ordering of configs * minor general language adjustments Signed-off-by: Melissa Kilby <[email protected]>
@leogr as discussed added all planned changes in this PR. From my perspective this PR can be considered complete. Looking forward to the next round of feedback in order to polish everything. |
Love it Melissa! My only suggestion is to move the plugin configs up in the file, right below the loaded rules files. Alongside rules, plugins are the biggest customization point for Falco's behavior and use cases, and I think this will be come even more true now that we can develop plugins that work with the syscall event stream. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just left a comment for metadata_download
. Otherwise, SGTM.
And Melissa, thank you again for this PR 🙏
* place falco plugins after falco rules config * change metadata_download description * minor formatting Co-authored-by: Jason Dellaluce <[email protected]> Co-authored-by: Leonardo Grasso <[email protected]> Signed-off-by: Melissa Kilby <[email protected]>
Addressed feedback, thank you! |
LGTM label has been added. Git tree hash: 4ae5b547efe51529b677854a985d21bcf3921e45
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: incertum, jasondellaluce, leogr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind cleanup
Any specific area of the project related to this PR?
/area engine
What this PR does / why we need it:
Make it easier for adopters to understand and navigate Falco configs to achieve optimal deployment settings.
solely add a uniform header to each config
to indicate current stability or maturity
Was planning to touch up the remaining configs, but perhaps in a follow up PR depending on your preferences.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: