diff --git a/collector/clangd.yaml b/collector/clangd.yaml index 21ce036..d453972 100644 --- a/collector/clangd.yaml +++ b/collector/clangd.yaml @@ -21,6 +21,8 @@ Diagnostics: readability-identifier-naming.FunctionCase: CamelCase readability-identifier-naming.VariableCase: lower_case readability-identifier-naming.GlobalConstantCase: UPPER_CASE +InlayHints: + Enabled: Yes --- If: PathMatch: .*Test\.cpp diff --git a/falco-libs/clangd.tpl.yaml b/falco-libs/clangd.tpl.yaml index 82e93c5..71db60e 100644 --- a/falco-libs/clangd.tpl.yaml +++ b/falco-libs/clangd.tpl.yaml @@ -1,3 +1,5 @@ +If: + PathMatch: $GOPATH/src/github.com/falcosecurity/libs/.* CompileFlags: CompilationDatabase: $GOPATH/src/github.com/falcosecurity/libs/build/ Diagnostics: @@ -13,6 +15,23 @@ Diagnostics: - modernize-use-nodiscard - modernize-use-trailing-return-type --- +If: + PathMatch: $GOPATH/src/github.com/falcosecurity/falco/.* +CompileFlags: + CompilationDatabase: $GOPATH/src/github.com/falcosecurity/falco/build/ +Diagnostics: + ClangTidy: + Add: + - bugprone* + - cppcoreguidelines* + - modernize* + - performance* + - readability* + Remove: + - readability-identifier-length + - modernize-use-nodiscard + - modernize-use-trailing-return-type +--- If: PathMatch: .*Test\.cpp Diagnostics: diff --git a/falco-libs/compile-falco.sh b/falco-libs/compile-falco.sh index 81a336e..4b6a62e 100755 --- a/falco-libs/compile-falco.sh +++ b/falco-libs/compile-falco.sh @@ -3,88 +3,47 @@ set -euo pipefail function clean () { - rm -f "${FALCO_DIR}/driver/bpf/probe.{o,ll}" make -C "${FALCO_DIR}/build" clean || true rm -rf "${FALCO_DIR}/build" } -function configure_host () { +function configure() { # sanitizers="-fsanitize=address -fsanitize=undefined" - use_bundled_libbpf="OFF" - build_shared_libs="OFF" - - if [[ "${FALCO_BUILDER_FLAVOR:-fedora}" != "fedora" ]] ; then - # Platform dependent adjustments - use_bundled_libbpf="ON" - else - build_shared_libs="ON" - fi mkdir -p "${FALCO_DIR}/build" +cmake -DUSE_BUNDLED_DEPS=OFF cmake \ -DBUILD_BPF=ON \ -DUSE_BUNDLED_DEPS=OFF \ - -DUSE_BUNDLED_VALIJSON=ON \ - -DCMAKE_BUILD_TYPE=Release \ - -DBUILD_LIBSCAP_MODERN_BPF=ON \ - -DUSE_BUNDLED_LIBBPF="${use_bundled_libbpf}" \ - -DUSE_BUNDLED_ZLIB=ON \ - -DUSE_BUNDLED_UTHASH=ON \ - -DUSE_BUNDLED_TINYDIR=ON \ - -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \ + -DUSE_BUNDLED_NLOHMANN_JSON=ON \ + -DUSE_BUNDLED_YAMLCPP=ON \ + -DUSE_BUNDLED_CPPHTTPLIB=ON \ + -DUSE_BUNDLED_CXXOPTS=ON \ + -DFALCOSECURITY_LIBS_SOURCE_DIR="${LIBS_DIR}" \ + -DDRIVER_SOURCE_DIR="${LIBS_DIR}" \ + -DBUILD_DRIVER=ON \ + -DBUILD_FALCO_MODERN_BPF=ON \ -DCREATE_TEST_TARGETS=ON \ - -DBUILD_SHARED_LIBS="${build_shared_libs}" \ - -S "${FALCO_DIR}" \ - -B "${FALCO_DIR}/build" -} - -function configure_emscripten () { - emcmake cmake -DUSE_BUNDLED_DEPS=ON \ + -DBUILD_FALCO_UNIT_TESTS=ON \ -S "${FALCO_DIR}" \ -B "${FALCO_DIR}/build" } -function configure () { - emscripten="${1:-0}" - if ((emscripten)); then - configure_emscripten - else - configure_host - fi -} - function build () { local target - local emscripten="${2:-0}" if [[ ! -d "${FALCO_DIR}/build" ]] || find "${FALCO_DIR}/build" -type d -empty | read -r ; then - configure "$emscripten" + configure fi target="$1" - EMMAKE="" - if ((emscripten)); then - EMMAKE="emmake" - fi - "$EMMAKE" make -j"$(nproc)" -C "${FALCO_DIR}/build" "$target" + make -j"$(nproc)" -C "${FALCO_DIR}/build" "$target" } [[ -z "${FALCO_DIR}" ]] && FALCO_DIR="$(pwd)" # We will be removing some directories, so go somewhere stable cd "${FALCO_DIR}" -EMSCRIPTEN=0 - -while getopts "e" opt; do - case "${opt}" in - e) - EMSCRIPTEN=1 - ;; - ??) - echo >&2 "Unknown option $OPTARG" - esac -done - shift $(($OPTIND - 1)) ACTION="${1:-build}" @@ -97,14 +56,14 @@ case "$ACTION" in clean ;; "configure") - configure "$EMSCRIPTEN" + configure ;; "build") - build "$TARGET" "$EMSCRIPTEN" + build "$TARGET" ;; "rebuild") clean - build "$TARGET" "$EMSCRIPTEN" + build "$TARGET" ;; *) echo >&2 "Unknown option '$ACTION'" diff --git a/falco-libs/compile-libs.sh b/falco-libs/compile-libs.sh new file mode 100755 index 0000000..c29e3ea --- /dev/null +++ b/falco-libs/compile-libs.sh @@ -0,0 +1,111 @@ +#!/usr/bin/env bash + +set -euo pipefail + +function clean () { + rm -f "${LIBS_DIR}/driver/bpf/probe.{o,ll}" + make -C "${LIBS_DIR}/build" clean || true + rm -rf "${LIBS_DIR}/build" +} + +function configure_host () { + # sanitizers="-fsanitize=address -fsanitize=undefined" + use_bundled_libbpf="OFF" + + if [[ "${LIBS_BUILDER_FLAVOR:-fedora}" != "fedora" ]] ; then + # Platform dependent adjustments + use_bundled_libbpf="ON" + else + use_shared_libelf="ON" + fi + + mkdir -p "${LIBS_DIR}/build" + cmake \ + -DBUILD_BPF=ON \ + -DUSE_BUNDLED_DEPS=OFF \ + -DUSE_BUNDLED_VALIJSON=ON \ + -DCMAKE_BUILD_TYPE=Release \ + -DBUILD_LIBSCAP_MODERN_BPF=ON \ + -DUSE_BUNDLED_LIBBPF="${use_bundled_libbpf}" \ + -DUSE_BUNDLED_ZLIB=ON \ + -DUSE_BUNDLED_UTHASH=ON \ + -DUSE_BUNDLED_TINYDIR=ON \ + -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \ + -DCREATE_TEST_TARGETS=ON \ + -DUSE_SHARED_LIBELF="${use_shared_libelf}" \ + -S "${LIBS_DIR}" \ + -B "${LIBS_DIR}/build" +} + +function configure_emscripten () { + emcmake cmake -DUSE_BUNDLED_DEPS=ON \ + -S "${LIBS_DIR}" \ + -B "${LIBS_DIR}/build" +} + +function configure () { + emscripten="${1:-0}" + if ((emscripten)); then + configure_emscripten + else + configure_host + fi +} + +function build () { + local target + local emscripten="${2:-0}" + + if [[ ! -d "${LIBS_DIR}/build" ]] || find "${LIBS_DIR}/build" -type d -empty | read -r ; then + configure "$emscripten" + fi + + target="$1" + EMMAKE="" + if ((emscripten)); then + EMMAKE="emmake" + fi + eval "$EMMAKE" make -j"$(nproc)" -C "${LIBS_DIR}/build" "$target" +} + +[[ -z "${LIBS_DIR}" ]] && LIBS_DIR="$(pwd)" +# We will be removing some directories, so go somewhere stable +cd "${LIBS_DIR}" + +EMSCRIPTEN=0 + +while getopts "e" opt; do + case "${opt}" in + e) + EMSCRIPTEN=1 + ;; + ??) + echo >&2 "Unknown option $OPTARG" + esac +done + +shift $(($OPTIND - 1)) + +ACTION="${1:-build}" +ACTION="${ACTION,,}" + +TARGET="${2:-all}" + +case "$ACTION" in +"clean") + clean + ;; +"configure") + configure "$EMSCRIPTEN" + ;; +"build") + build "$TARGET" "$EMSCRIPTEN" + ;; +"rebuild") + clean + build "$TARGET" "$EMSCRIPTEN" + ;; +*) + echo >&2 "Unknown option '$ACTION'" + ;; +esac diff --git a/falco-libs/fedora.Dockerfile b/falco-libs/fedora.Dockerfile index 4c9cad9..48591df 100644 --- a/falco-libs/fedora.Dockerfile +++ b/falco-libs/fedora.Dockerfile @@ -70,4 +70,5 @@ ENV CC=/usr/local/bin/gcc ENV CXX=/usr/local/bin/g++ COPY clangd.yaml /root/.config/clangd/config.yaml -COPY compile-falco.sh /usr/bin/ +COPY compile-falco.sh /usr/local/bin/ +COPY compile-libs.sh /usr/local/bin/ diff --git a/lua/falco.lua b/lua/falco.lua index fe04f29..ecba52e 100644 --- a/lua/falco.lua +++ b/lua/falco.lua @@ -1,4 +1,4 @@ -local name = 'libs-builder' +local name = 'falco-builder' local M = {} @@ -12,6 +12,7 @@ M.setup = function(opts) env = { { name = 'CMAKE_EXPORT_COMPILE_COMMANDS', value = 'ON' }, { name = 'FALCO_DIR', value = repo_path }, + { name = 'LIBS_DIR', value = repo_path .. '/../libs' }, { name = 'HOST_ROOT', value = '/host' }, }, volumeMounts = opts.volumes or {}, diff --git a/lua/init.lua b/lua/init.lua index 1336bfb..c52f993 100644 --- a/lua/init.lua +++ b/lua/init.lua @@ -1,5 +1,6 @@ local collector_repo = os.getenv('GOPATH') .. '/src/github.com/stackrox/collector' -local falco_repo = os.getenv('GOPATH') .. '/src/github.com/falcosecurity/libs' +local falco_libs_repo = os.getenv('GOPATH') .. '/src/github.com/falcosecurity/libs' +local falco_repo = os.getenv('GOPATH') .. '/src/github.com/falcosecurity/falco' local movies_repo = os.getenv('GOPATH') .. '/src/github.com/molter73/movies' local collector = require('collector') @@ -17,6 +18,7 @@ local volumes = { { name = 'modules-fs', hostPath = { path = '/lib/modules', } }, { name = 'docker-sock', hostPath = { path = '/var/run/docker.sock', } }, { name = 'collector-repo', hostPath = { path = collector_repo, } }, + { name = 'falco-libs-repo', hostPath = { path = falco_libs_repo, } }, { name = 'falco-repo', hostPath = { path = falco_repo, } }, { name = 'movies-repo', hostPath = { path = movies_repo, } }, { name = 'collector-ccache', persistentVolumeClaim = { claimName = collector_claim.metadata.name } }, @@ -38,15 +40,16 @@ local collector_opts = { local falco_opts = { repo_path = falco_repo, volumes = { - { mountPath = '/host/dev', name = 'dev-fs', readOnly = true, }, - { mountPath = '/host/proc', name = 'proc-fs', readOnly = true, }, - { mountPath = '/host/sys', name = 'sys-fs', readOnly = true, }, - { mountPath = '/host/etc', name = 'etc-fs', readOnly = true, }, - { mountPath = '/host/usr/lib', name = 'usr-lib-fs', readOnly = true, }, + { mountPath = '/host/dev', name = 'dev-fs', readOnly = true, }, + { mountPath = '/host/proc', name = 'proc-fs', readOnly = true, }, + { mountPath = '/host/sys', name = 'sys-fs', readOnly = true, }, + { mountPath = '/host/etc', name = 'etc-fs', readOnly = true, }, + { mountPath = '/host/usr/lib', name = 'usr-lib-fs', readOnly = true, }, { mountPath = '/usr/src', name = 'usr-src-fs', }, { mountPath = '/lib/modules', name = 'modules-fs', }, { mountPath = '/var/run/docker.sock', name = 'docker-sock', }, { mountPath = '/root/.cache/ccache', name = 'falco-ccache', }, + { mountPath = falco_libs_repo, name = 'falco-libs-repo', }, { mountPath = falco_repo, name = 'falco-repo', }, } }