Merge pull request #92 from draios/dev

Merging for 0.2.0
falcosecurity · Jun 9, 2016 · 8d181e9 · 8d181e9
2 parents 0ed09d7 + 674e63e
commit 8d181e9
Show file tree

Hide file tree

Showing 16 changed files with 558 additions and 387 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,11 @@
 /build*
+*~
+test/falco_test.pyc
+test/falco_tests.yaml
+test/traces-negative
+test/traces-positive
+test/traces-info
+test/job-results
 
 userspace/falco/lua/re.lua
 userspace/falco/lua/lpeg.so
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,46 @@
+language: c
+env:
+    - BUILD_TYPE=Debug
+    - BUILD_TYPE=Release
+before_install:
+    - sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test
+    - sudo apt-get update
+install:
+    - sudo apt-get --force-yes install g++-4.8
+    - sudo apt-get install rpm linux-headers-$(uname -r)
+    - git clone https://github.com/draios/sysdig.git ../sysdig
+    - sudo apt-get install -y python-pip libvirt-dev jq
+    - cd ..
+    - curl -Lo avocado-36.0-tar.gz https://github.com/avocado-framework/avocado/archive/36.0lts.tar.gz
+    - tar -zxvf avocado-36.0-tar.gz
+    - cd avocado-36.0lts
+    - sudo pip install -r requirements-travis.txt
+    - sudo python setup.py install
+    - cd ../falco
+before_script:
+    - export KERNELDIR=/lib/modules/$(ls /lib/modules | sort | head -1)/build
+script:
+    - set -e
+    - export CC="gcc-4.8"
+    - export CXX="g++-4.8"
+    - wget https://s3.amazonaws.com/download.draios.com/dependencies/cmake-3.3.2.tar.gz
+    - tar -xzf cmake-3.3.2.tar.gz
+    - cd cmake-3.3.2
+    - ./bootstrap --prefix=/usr
+    - make
+    - sudo make install
+    - cd ..
+    - mkdir build
+    - cd build
+    - cmake .. -DCMAKE_BUILD_TYPE=$BUILD_TYPE
+    - make VERBOSE=1
+    - make package
+    - cd ..
+    - sudo test/run_regression_tests.sh
+notifications:
+  webhooks:
+    urls:
+#      - https://webhooks.gitter.im/e/fdbc2356fb0ea2f15033
+    on_success: change
+    on_failure: always
+    on_start: never
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,27 @@
 
 This file documents all notable changes to Falco. The release numbering uses [semantic versioning](http://semver.org).
 
+## v0.2.0
+
+Released 2016-06-09
+
+For full handling of setsid system calls and session id tracking using `proc.sname`, falco requires a sysdig version >= 0.10.0.
+
+### Major Changes
+
+- Add TravisCI regression tests. Testing involves a variety of positive, negative, and informational trace files with both plain and json output. [[#76](https://github.com/draios/falco/pull/76)] [[#83](https://github.com/draios/falco/pull/83)]
+- Fairly big rework of ruleset to improve coverage, reduce false positives, and handle installation environments effectively [[#83](https://github.com/draios/falco/pull/83)] [[#87](https://github.com/draios/falco/pull/87)]
+- Not directly a code change, but mentioning it here--the Wiki has now been populated with an initial set of articles, migrating content from the README and adding detail when necessary. [[#90](https://github.com/draios/falco/pull/90)]
+
+### Minor Changes
+
+- Improve JSON output to include the rule name, full output string, time, and severity [[#89](https://github.com/draios/falco/pull/89)]
+
+### Bug Fixes
+
+- Improve CMake quote handling [[#84](https://github.com/draios/falco/pull/84)]
+- Remove unnecessary NULL check of a delete [[#85](https://github.com/draios/falco/pull/85)]
+
 ## v0.1.0
 
 Released 2016-05-17

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -42,7 +42,7 @@ set(PROBE_DEVICE_NAME "sysdig")
 
 set(CMD_MAKE make)
 
-set(SYSDIG_DIR ${PROJECT_SOURCE_DIR}/../sysdig)
+set(SYSDIG_DIR "${PROJECT_SOURCE_DIR}/../sysdig")
 
 include(ExternalProject)
 
@@ -151,7 +151,7 @@ ExternalProject_Add(lpeg
                     DEPENDS luajit
 		    URL "http://s3.amazonaws.com/download.draios.com/dependencies/lpeg-1.0.0.tar.gz"
                     URL_MD5 "0aec64ccd13996202ad0c099e2877ece"
-                    BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} ${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh
+                    BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} "${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh"
                     BUILD_IN_SOURCE 1
 		    CONFIGURE_COMMAND ""
                     INSTALL_COMMAND "")
@@ -180,9 +180,9 @@ ExternalProject_Add(lyaml
 install(FILES falco.yaml
 	DESTINATION "${DIR_ETC}")
 
-add_subdirectory(${SYSDIG_DIR}/driver ${PROJECT_BINARY_DIR}/driver)
-add_subdirectory(${SYSDIG_DIR}/userspace/libscap ${PROJECT_BINARY_DIR}/userspace/libscap)
-add_subdirectory(${SYSDIG_DIR}/userspace/libsinsp ${PROJECT_BINARY_DIR}/userspace/libsinsp)
+add_subdirectory("${SYSDIG_DIR}/driver" "${PROJECT_BINARY_DIR}/driver")
+add_subdirectory("${SYSDIG_DIR}/userspace/libscap" "${PROJECT_BINARY_DIR}/userspace/libscap")
+add_subdirectory("${SYSDIG_DIR}/userspace/libsinsp" "${PROJECT_BINARY_DIR}/userspace/libsinsp")
 
 add_subdirectory(rules)
 add_subdirectory(scripts)