diff --git a/unit_tests/falco/test_configuration_rule_selection.cpp b/unit_tests/falco/test_configuration_rule_selection.cpp index 725793fdf96..01f944439ef 100644 --- a/unit_tests/falco/test_configuration_rule_selection.cpp +++ b/unit_tests/falco/test_configuration_rule_selection.cpp @@ -21,7 +21,7 @@ limitations under the License. TEST(ConfigurationRuleSelection, parse_yaml) { falco_configuration falco_config; - EXPECT_NO_THROW(falco_config.init_from_content(R"( + ASSERT_NO_THROW(falco_config.init_from_content(R"( rules: - enable: rule: 'Terminal Shell in Container' @@ -33,28 +33,42 @@ TEST(ConfigurationRuleSelection, parse_yaml) rule: 'hello*' )", {})); - ASSERT_EQ(falco_config.m_rules_selection.size(), 3); + EXPECT_EQ(falco_config.m_rules_selection.size(), 3); - ASSERT_EQ(falco_config.m_rules_selection[0].m_op, falco_configuration::rule_selection_operation::enable); - ASSERT_EQ(falco_config.m_rules_selection[0].m_rule, "Terminal Shell in Container"); + EXPECT_EQ(falco_config.m_rules_selection[0].m_op, falco_configuration::rule_selection_operation::enable); + EXPECT_EQ(falco_config.m_rules_selection[0].m_rule, "Terminal Shell in Container"); - ASSERT_EQ(falco_config.m_rules_selection[1].m_op, falco_configuration::rule_selection_operation::disable); - ASSERT_EQ(falco_config.m_rules_selection[1].m_tag, "experimental"); + EXPECT_EQ(falco_config.m_rules_selection[1].m_op, falco_configuration::rule_selection_operation::disable); + EXPECT_EQ(falco_config.m_rules_selection[1].m_tag, "experimental"); - ASSERT_EQ(falco_config.m_rules_selection[2].m_op, falco_configuration::rule_selection_operation::enable); - ASSERT_EQ(falco_config.m_rules_selection[2].m_rule, "hello*"); + EXPECT_EQ(falco_config.m_rules_selection[2].m_op, falco_configuration::rule_selection_operation::enable); + EXPECT_EQ(falco_config.m_rules_selection[2].m_rule, "hello*"); } TEST(ConfigurationRuleSelection, cli_options) { falco_configuration falco_config; - EXPECT_NO_THROW(falco_config.init_from_content("", std::vector{"rules[].disable.tag=maturity_incubating", "rules[].enable.rule=Adding ssh keys to authorized_keys"})); + ASSERT_NO_THROW(falco_config.init_from_content("", std::vector{"rules[].disable.tag=maturity_incubating", "rules[].enable.rule=Adding ssh keys to authorized_keys"})); - ASSERT_EQ(falco_config.m_rules_selection.size(), 2); + EXPECT_EQ(falco_config.m_rules_selection.size(), 2); - ASSERT_EQ(falco_config.m_rules_selection[0].m_op, falco_configuration::rule_selection_operation::disable); - ASSERT_EQ(falco_config.m_rules_selection[0].m_tag, "maturity_incubating"); + EXPECT_EQ(falco_config.m_rules_selection[0].m_op, falco_configuration::rule_selection_operation::disable); + EXPECT_EQ(falco_config.m_rules_selection[0].m_tag, "maturity_incubating"); - ASSERT_EQ(falco_config.m_rules_selection[1].m_op, falco_configuration::rule_selection_operation::enable); - ASSERT_EQ(falco_config.m_rules_selection[1].m_rule, "Adding ssh keys to authorized_keys"); + EXPECT_EQ(falco_config.m_rules_selection[1].m_op, falco_configuration::rule_selection_operation::enable); + EXPECT_EQ(falco_config.m_rules_selection[1].m_rule, "Adding ssh keys to authorized_keys"); +} + +TEST(ConfigurationRuleSelection, cli_options_object) +{ + falco_configuration falco_config; + ASSERT_NO_THROW(falco_config.init_from_content("", std::vector{R"(rules[]={"disable": {"tag": "maturity_incubating"}})", R"(rules[]={"enable": {"rule": "Adding ssh keys to authorized_keys"}})"})); + + EXPECT_EQ(falco_config.m_rules_selection.size(), 2); + + EXPECT_EQ(falco_config.m_rules_selection[0].m_op, falco_configuration::rule_selection_operation::disable); + EXPECT_EQ(falco_config.m_rules_selection[0].m_tag, "maturity_incubating"); + + EXPECT_EQ(falco_config.m_rules_selection[1].m_op, falco_configuration::rule_selection_operation::enable); + EXPECT_EQ(falco_config.m_rules_selection[1].m_rule, "Adding ssh keys to authorized_keys"); } diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index 2748f62f1a9..a179fa2737a 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -84,8 +84,8 @@ falco_configuration::falco_configuration(): m_metrics_convert_memory_to_mb(true), m_metrics_include_empty_values(false), m_container_engines_mask(0), - m_container_engines_cri_socket_paths({"/run/containerd/containerd.sock", "/run/crio/crio.sock","/run/k3s/containerd/containerd.sock"}), - m_container_engines_disable_cri_async(false) + m_container_engines_disable_cri_async(false), + m_container_engines_cri_socket_paths({"/run/containerd/containerd.sock", "/run/crio/crio.sock","/run/k3s/containerd/containerd.sock"}) { m_config_schema = nlohmann::json::parse(schema_json_string); } @@ -749,5 +749,12 @@ void falco_configuration::set_cmdline_option(const std::string &opt) throw std::logic_error("Error parsing config option \"" + opt + "\". Must be of the form key=val or key.subkey=val"); } - m_config.set_scalar(keyval.first, keyval.second); + if (keyval.second[0] == '{' && keyval.second[keyval.second.size() - 1] == '}') + { + YAML::Node node = YAML::Load(keyval.second); + m_config.set_object(keyval.first, node); + } else + { + m_config.set_scalar(keyval.first, keyval.second); + } } diff --git a/userspace/falco/yaml_helper.h b/userspace/falco/yaml_helper.h index af38b1942e5..d1134873fa6 100644 --- a/userspace/falco/yaml_helper.h +++ b/userspace/falco/yaml_helper.h @@ -177,6 +177,16 @@ class yaml_helper node = value; } + /** + * Set the node identified by key to an object value + */ + void set_object(const std::string& key, const YAML::Node& value) + { + YAML::Node node; + get_node(node, key, true); + node = value; + } + /** * Get the sequence value from the node identified by key. */ @@ -482,5 +492,6 @@ namespace YAML { return true; } + // The "encode" function is not needed here, in fact you can simply YAML::load any json string. }; }