apps: upgrade falco helm chart to v4.17.0 with appversion v0.39.2

helmfile.d/upstream/falcosecurity/falco/CHANGELOG.md

@@ -3,6 +3,117 @@
 This file documents all notable changes to Falco Helm Chart. The release
 numbering uses [semantic versioning](http://semver.org).
 
+## v4.17.0
+
+* update(falco): bump k8saudit version to 0.11
+
+## v4.16.2
+
+* fix(falco): set dnsPolicy to ClusterFirstWithHostNet when gvisor driver is enabled to prevent DNS lookup failures for cluster-internal services
+
+## v4.16.1
+
+* fix(falco/serviceMonitor): set service label selector
+* new(falco/tests): add unit tests for serviceMonitor label selector
+
+## v4.16.0
+
+* bump falcosidekick dependency to v0.9.* to match with future versions
+
+## v4.15.1
+
+* fix: change the url for the concurrent queue classes docs
+
+## v4.15.0
+
+* update(falco): bump falco version to 0.39.2 and falcoctl to 0.10.1
+
+## v4.14.2
+
+* fix(falco/readme): use `rules_files` instead of deprecated `rules_file` in README config snippet
+
+## v4.14.1
+
+* fix(falco/dashboard): make pod variable independent of triggered rules. CPU and memory are now visible for each 
+  pod, even when no rules have been triggered for that falco instance.
+
+## v4.14.0
+
+* Bump k8smeta plugin to 0.2.1, see: https://github.com/falcosecurity/plugins/releases/tag/plugins%2Fk8smeta%2Fv0.2.1
+
+## v4.13.0
+
+* Expose new config entries for k8smeta plugin:`verbosity` and `hostProc`.
+
+## v4.12.0
+
+* Set apparmor to `unconfined` (disabled) when `leastPrivileged: true` and (`kind: modern_ebpf` or `kind: ebpf`)
+
+## v4.11.2
+
+* only prints env key if there are env values to be passed on `falcoctl.initContainer` and `falcoctl.sidecar`
+
+## v4.11.1
+
+* add details for the scap drops buffer charts with the dir  and drops labels
+
+## v4.11.0
+
+* new(falco): add grafana dashboard for falco
+
+## v4.10.0
+
+* Bump Falco to v0.39.1
+
+## v4.9.1
+
+* feat(falco): add labels and annotations to the metrics service
+
+## v4.9.0
+
+* Bump Falco to v0.39.0
+* update(falco): add new configuration entries for Falco
+  This commit adds new config keys introduces in Falco 0.39.0.
+  Furthermore, updates the unit tests for the latest changes
+  in the values.yaml.
+* cleanup(falco): remove deprecated falco configuration
+  This commit removes the "output" config key that has
+  been deprecated in falco.
+* update(falco): mount proc filesystem for plugins
+  The following PR in libs https://github.com/falcosecurity/libs/pull/1969
+  introduces a new platform for plugins that requires access to the
+  proc filesystem.
+* fix(falco): update broken link pointing to Falco docs
+  After the changes made by the following PR to the Falco docs https://github.com/falcosecurity/falco-website/pull/1362
+  this commit updates a broken link.
+
+## v4.8.3
+
+* The init container, when driver.kind=auto, automatically generates
+  a new Falco configuration file and selects the appropriate engine
+  kind based on the environment where Falco is deployed.
+
+  With this commit, along with falcoctl PR #630, the Helm charts now 
+  support different driver kinds for Falco instances based on the 
+  specific node they are running on. When driver.kind=auto is set,
+  each Falco instance dynamically selects the most suitable 
+  driver (e.g., ebpf, kmod, modern_ebpf) for the node.
+  +-------------------------------------------------------+
+  | Kubernetes Cluster                                    |
+  |                                                       |
+  |  +-------------------+  +-------------------+        |
+  |  | Node 1             |  | Node 2             |        |
+  |  |                   |  |                   |        |
+  |  | Falco (ebpf) |  | Falco (kmod)       |        |
+  |  +-------------------+  +-------------------+        |
+  |                                                       |
+  |                 +-------------------+                |
+  |                 | Node 3             |                |
+  |                 |                   |                |
+  |                 | Falco (modern_ebpf)|                |
+  |                 +-------------------+                |
+  +-------------------------------------------------------+
+
 ## v4.8.2
 
 * fix(falco): correctly mount host filesystems when driver.kind is auto

helmfile.d/upstream/falcosecurity/falco/Chart.lock

@@ -1,9 +1,9 @@
 dependencies:
 - name: falcosidekick
   repository: https://falcosecurity.github.io/charts
-  version: 0.8.5
+  version: 0.9.1
 - name: k8s-metacollector
   repository: https://falcosecurity.github.io/charts
   version: 0.1.10
-digest: sha256:d73d0fdbe32a9efabcc18d232be2d34bfdb94d11a5226e371fc487abced793c6
-generated: "2024-09-11T11:34:49.177430665Z"
+digest: sha256:c5f0af8564b33aa403b93c9ea7ddaaec78ef7ccdef8cd4db79819a8a04b0a8c9
+generated: "2024-12-12T10:54:08.873839271Z"

helmfile.d/upstream/falcosecurity/falco/Chart.yaml

@@ -1,10 +1,10 @@
 apiVersion: v2
-appVersion: 0.38.2
+appVersion: 0.39.2
 dependencies:
 - condition: falcosidekick.enabled
   name: falcosidekick
   repository: https://falcosecurity.github.io/charts
-  version: 0.8.*
+  version: 0.9.*
 - condition: collectors.kubernetes.enabled
   name: k8s-metacollector
   repository: https://falcosecurity.github.io/charts
@@ -25,4 +25,4 @@ maintainers:
 name: falco
 sources:
 - https://github.com/falcosecurity/falco
-version: 4.8.2
+version: 4.17.0

helmfile.d/upstream/falcosecurity/falco/README.gotmpl

@@ -47,7 +47,7 @@ The cluster in our example has three nodes, one *control-plane* node and two *wo
 ### Falco, Event Sources and Kubernetes
 Starting from Falco 0.31.0 the [new plugin system](https://falco.org/docs/plugins/) is stable and production ready. The **plugin system** can be seen as the next step in the evolution of Falco. Historically, Falco monitored system events from the **kernel** trying to detect malicious behaviors on Linux systems. It also had the capability to process k8s Audit Logs to detect suspicious activities in Kubernetes clusters. Since Falco 0.32.0 all the related code to the k8s Audit Logs in Falco was removed and ported in a [plugin](https://github.com/falcosecurity/plugins/tree/master/plugins/k8saudit). At the time being Falco supports different event sources coming from **plugins** or **drivers** (system events).
 
-Note that **a Falco instance can handle multiple event sources in parallel**. you can deploy Falco leveraging **drivers** for syscall events and at the same time loading **plugins**. A step by step guide on how to deploy Falco with multiple sources can be found [here](https://falco.org/docs/getting-started/third-party/learning/#falco-with-multiple-sources).
+Note that **a Falco instance can handle multiple event sources in parallel**. you can deploy Falco leveraging **drivers** for syscall events and at the same time loading **plugins**. A step by step guide on how to deploy Falco with multiple sources can be found [here](https://falco.org/docs/getting-started/learning-environments/#falco-with-multiple-sources).
 
 #### About Drivers
 
@@ -385,7 +385,7 @@ services:
         protocol: TCP
 
 falco:
-  rules_file:
+  rules_files:
     - /etc/falco/k8s_audit_rules.yaml
     - /etc/falco/rules.d
   plugins:

helmfile.d/upstream/falcosecurity/falco/charts/falcosidekick/CHANGELOG.md

@@ -5,6 +5,30 @@ numbering uses [semantic versioning](http://semver.org).
 
 Before release 0.1.20, the helm chart can be found in `falcosidekick` [repository](https://github.com/falcosecurity/falcosidekick/tree/master/deploy/helm/falcosidekick).
 
+## 0.9.1
+
+- Ugrade to Falcosidekick 2.30.0
+
+## 0.8.9
+
+- Fix customConfig mount path for webui redis
+
+## 0.8.8
+
+- Fix customConfig template for webui redis
+
+## 0.8.7
+
+- Fix securityContext for webui initContainer
+
+## 0.8.6
+
+- Use of `redis-cli` by the initContainer of Falcosidekick-UI to wait til the redis is up and running
+- Add the possibility to override the default redis server settings
+- Allow to set up a password to use with an external redis
+- Fix wrong value used for `OTLP_TRACES_PROTOCOL` env var
+- Used names for the priorities in the prometheus rules
+
 ## 0.8.5
 
 - Fix an issue with the by default missing custom CA cert

helmfile.d/upstream/falcosecurity/falco/charts/falcosidekick/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 2.29.0
+appVersion: 2.30.0
 description: Connect Falco to your ecosystem
 home: https://github.com/falcosecurity/falcosidekick
 icon: https://raw.githubusercontent.com/falcosecurity/falcosidekick/master/imgs/falcosidekick_color.png
@@ -13,4 +13,4 @@ maintainers:
 name: falcosidekick
 sources:
 - https://github.com/falcosecurity/falcosidekick
-version: 0.8.5
+version: 0.9.1