diff --git a/Makefile b/Makefile index 88d19de..883c5d5 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ SHELL := /bin/bash PROTOS := protos/schema.proto protos/outputs.proto protos/version.proto PROTO_URLS := https://raw.githubusercontent.com/falcosecurity/falco/master/userspace/falco/schema.proto https://raw.githubusercontent.com/falcosecurity/falco/master/userspace/falco/outputs.proto https://raw.githubusercontent.com/falcosecurity/falco/master/userspace/falco/version.proto -PROTO_SHAS := ad4e9d62717e82b9fb9ec30625d392fd66ced3e53eb73faea739c63063650ac3 18fa7f7a4870ae0e0703c775fda41362aa654445893546d9b2d49f59dd487026 c57a8a3f37a14ca8f33ce6d26156c9348e716029bca87bf9143807a68b1f31f5 +PROTO_SHAS := c2dc18811ca0d2d2cece539bdee02a3f79239ca8fa0c0aa279a56277605084b7 8fdd0a921d87908df2731b8b8b40ac9a51d2369bad4351db4a3ad79584deaa61 c57a8a3f37a14ca8f33ce6d26156c9348e716029bca87bf9143807a68b1f31f5 PROTO_DIRS := $(dir ${PROTOS}) PROTO_DIRS_INCLUDES := $(patsubst %/, -I %, ${PROTO_DIRS}) @@ -40,9 +40,9 @@ clean: ${PROTO_DIRS} @rm -rf $^ lint: - flake8 - isort -rc . + isort . black . + flake8 test: python -m tests.mock & diff --git a/falco/__version__.py b/falco/__version__.py index a186d88..c6350bc 100644 --- a/falco/__version__.py +++ b/falco/__version__.py @@ -1,7 +1,7 @@ __title__ = "falco" __description__ = "Python client and SDK for Falco." __url__ = "https://github.com/falcosecurity/client-py" -__version__ = "0.4.0" +__version__ = "0.5.0" __author__ = "The Falco Authors" __author_email__ = "cncf-falco-dev@lists.cncf.io" __license__ = "Apache 2.0" diff --git a/falco/client.py b/falco/client.py index bfc2387..0cb7155 100644 --- a/falco/client.py +++ b/falco/client.py @@ -10,7 +10,10 @@ class Client: def __init__(self, endpoint, client_crt=None, client_key=None, ca_root=None, output_format=None, *args, **kw): if endpoint.startswith("unix:///"): - channel = grpc.insecure_channel(endpoint, options=[("grpc.max_receive_message_length", 1024 * 1024 * 512)],) + channel = grpc.insecure_channel( + endpoint, + options=[("grpc.max_receive_message_length", 1024 * 1024 * 512)], + ) else: if None in [client_crt, client_key, ca_root]: diff --git a/falco/client_credentials.py b/falco/client_credentials.py index 37403c0..76e01a8 100644 --- a/falco/client_credentials.py +++ b/falco/client_credentials.py @@ -17,5 +17,7 @@ def get_grpc_channel_credentials(client_crt, client_key, ca_root): certificate_chain = load_file(client_crt) return grpc.ssl_channel_credentials( - root_certificates=root_certificates, private_key=private_key, certificate_chain=certificate_chain, + root_certificates=root_certificates, + private_key=private_key, + certificate_chain=certificate_chain, ) diff --git a/falco/domain/outputs.py b/falco/domain/outputs.py index b98bae1..0cdb356 100644 --- a/falco/domain/outputs.py +++ b/falco/domain/outputs.py @@ -8,7 +8,7 @@ from falco.domain.common import pb_timestamp_from_datetime from falco.schema.outputs_pb2 import request, response -from falco.schema.schema_pb2 import priority, source +from falco.schema.schema_pb2 import priority class OutputsRequest: @@ -38,7 +38,7 @@ class OutputsResponse: __slots__ = ( "time", "_priority", - "_source", + "source", "rule", "output", "output_fields", @@ -67,17 +67,6 @@ class Priority(Enum): 7: Priority.DEBUG, } - class Source(Enum): - SYSCALL = "syscall" - K8S_AUDIT = "k8s_audit" - INTERNAL = "internal" - - PB_SOURCE_TO_SOURCE_MAP = { - 0: Source.SYSCALL, - 1: Source.K8S_AUDIT, - 2: Source.INTERNAL, - } - SERIALIZERS = {"json": "to_json"} def __init__( @@ -93,7 +82,7 @@ def __init__( ): self.time: datetime = time.astimezone(tz.tzutc()) self.priority: OutputsResponse.Priority = priority - self.source: OutputsResponse.Source = source + self.source: str = source self.rule: str = rule self.output: str = output self.output_fields: Dict = output_fields @@ -113,16 +102,6 @@ def priority(self, p): if p and isinstance(p, OutputsResponse.Priority): self._priority = p - @property - def source(self): - return self._source - - @source.setter - def source(self, s): - self._source = None - if s and isinstance(s, OutputsResponse.Source): - self._source = s - @classmethod def from_proto(cls, pb_response): timestamp_dt = datetime.fromtimestamp(pb_response.time.seconds + pb_response.time.nanos / 1e9) @@ -130,7 +109,7 @@ def from_proto(cls, pb_response): return cls( time=timestamp_dt, priority=OutputsResponse.PB_PRIORITY_TO_PRIORITY_MAP[pb_response.priority], - source=OutputsResponse.PB_SOURCE_TO_SOURCE_MAP[pb_response.source], + source=pb_response.source, rule=pb_response.rule, output=pb_response.output, output_fields=dict(pb_response.output_fields), @@ -142,7 +121,7 @@ def to_proto(self): return response( time=pb_timestamp_from_datetime(self.time), priority=priority.Value(self.priority.value), - source=source.Value(self.source.value), + source=self.source, rule=self.rule, output=self.output, output_fields=self.output_fields, @@ -155,7 +134,7 @@ def to_json(self): { "time": self.time.isoformat(), "priority": self.priority.value, - "source": self.source.value, + "source": self.source, "rule": self.rule, "output": self.output, "output_fields": self.output_fields, diff --git a/falco/schema/outputs_pb2.py b/falco/schema/outputs_pb2.py index 02610b1..93d0f81 100644 --- a/falco/schema/outputs_pb2.py +++ b/falco/schema/outputs_pb2.py @@ -1,9 +1,7 @@ # -*- coding: utf-8 -*- # Generated by the protocol buffer compiler. DO NOT EDIT! # source: outputs.proto - -import sys -_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1')) +"""Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import message as _message from google.protobuf import reflection as _reflection @@ -22,7 +20,8 @@ package='falco.outputs', syntax='proto3', serialized_options=None, - serialized_pb=_b('\n\routputs.proto\x12\rfalco.outputs\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0cschema.proto\"\t\n\x07request\"\xb9\x02\n\x08response\x12(\n\x04time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12(\n\x08priority\x18\x02 \x01(\x0e\x32\x16.falco.schema.priority\x12$\n\x06source\x18\x03 \x01(\x0e\x32\x14.falco.schema.source\x12\x0c\n\x04rule\x18\x04 \x01(\t\x12\x0e\n\x06output\x18\x05 \x01(\t\x12@\n\routput_fields\x18\x06 \x03(\x0b\x32).falco.outputs.response.OutputFieldsEntry\x12\x10\n\x08hostname\x18\x07 \x01(\t\x12\x0c\n\x04tags\x18\x08 \x03(\t\x1a\x33\n\x11OutputFieldsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x32\x7f\n\x07service\x12:\n\x03sub\x12\x16.falco.outputs.request\x1a\x17.falco.outputs.response(\x01\x30\x01\x12\x38\n\x03get\x12\x16.falco.outputs.request\x1a\x17.falco.outputs.response0\x01\x62\x06proto3') + create_key=_descriptor._internal_create_key, + serialized_pb=b'\n\routputs.proto\x12\rfalco.outputs\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0cschema.proto\"\t\n\x07request\"\xd8\x02\n\x08response\x12(\n\x04time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12(\n\x08priority\x18\x02 \x01(\x0e\x32\x16.falco.schema.priority\x12\x33\n\x11source_deprecated\x18\x03 \x01(\x0e\x32\x14.falco.schema.sourceB\x02\x18\x01\x12\x0c\n\x04rule\x18\x04 \x01(\t\x12\x0e\n\x06output\x18\x05 \x01(\t\x12@\n\routput_fields\x18\x06 \x03(\x0b\x32).falco.outputs.response.OutputFieldsEntry\x12\x10\n\x08hostname\x18\x07 \x01(\t\x12\x0c\n\x04tags\x18\x08 \x03(\t\x12\x0e\n\x06source\x18\t \x01(\t\x1a\x33\n\x11OutputFieldsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x32\x7f\n\x07service\x12:\n\x03sub\x12\x16.falco.outputs.request\x1a\x17.falco.outputs.response(\x01\x30\x01\x12\x38\n\x03get\x12\x16.falco.outputs.request\x1a\x17.falco.outputs.response0\x01\x62\x06proto3' , dependencies=[google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR,schema__pb2.DESCRIPTOR,]) @@ -35,6 +34,7 @@ filename=None, file=DESCRIPTOR, containing_type=None, + create_key=_descriptor._internal_create_key, fields=[ ], extensions=[ @@ -59,35 +59,36 @@ filename=None, file=DESCRIPTOR, containing_type=None, + create_key=_descriptor._internal_create_key, fields=[ _descriptor.FieldDescriptor( name='key', full_name='falco.outputs.response.OutputFieldsEntry.key', index=0, number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='value', full_name='falco.outputs.response.OutputFieldsEntry.value', index=1, number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), ], extensions=[ ], nested_types=[], enum_types=[ ], - serialized_options=_b('8\001'), + serialized_options=b'8\001', is_extendable=False, syntax='proto3', extension_ranges=[], oneofs=[ ], - serialized_start=353, - serialized_end=404, + serialized_start=384, + serialized_end=435, ) _RESPONSE = _descriptor.Descriptor( @@ -96,6 +97,7 @@ filename=None, file=DESCRIPTOR, containing_type=None, + create_key=_descriptor._internal_create_key, fields=[ _descriptor.FieldDescriptor( name='time', full_name='falco.outputs.response.time', index=0, @@ -103,56 +105,63 @@ has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='priority', full_name='falco.outputs.response.priority', index=1, number=2, type=14, cpp_type=8, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( - name='source', full_name='falco.outputs.response.source', index=2, + name='source_deprecated', full_name='falco.outputs.response.source_deprecated', index=2, number=3, type=14, cpp_type=8, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=b'\030\001', file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='rule', full_name='falco.outputs.response.rule', index=3, number=4, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='output', full_name='falco.outputs.response.output', index=4, number=5, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='output_fields', full_name='falco.outputs.response.output_fields', index=5, number=6, type=11, cpp_type=10, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='hostname', full_name='falco.outputs.response.hostname', index=6, number=7, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='tags', full_name='falco.outputs.response.tags', index=7, number=8, type=9, cpp_type=9, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), + _descriptor.FieldDescriptor( + name='source', full_name='falco.outputs.response.source', index=8, + number=9, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=b"".decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), ], extensions=[ ], @@ -166,13 +175,13 @@ oneofs=[ ], serialized_start=91, - serialized_end=404, + serialized_end=435, ) _RESPONSE_OUTPUTFIELDSENTRY.containing_type = _RESPONSE _RESPONSE.fields_by_name['time'].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP _RESPONSE.fields_by_name['priority'].enum_type = schema__pb2._PRIORITY -_RESPONSE.fields_by_name['source'].enum_type = schema__pb2._SOURCE +_RESPONSE.fields_by_name['source_deprecated'].enum_type = schema__pb2._SOURCE _RESPONSE.fields_by_name['output_fields'].message_type = _RESPONSE_OUTPUTFIELDSENTRY DESCRIPTOR.message_types_by_name['request'] = _REQUEST DESCRIPTOR.message_types_by_name['response'] = _RESPONSE @@ -202,6 +211,7 @@ _RESPONSE_OUTPUTFIELDSENTRY._options = None +_RESPONSE.fields_by_name['source_deprecated']._options = None _SERVICE = _descriptor.ServiceDescriptor( name='service', @@ -209,8 +219,9 @@ file=DESCRIPTOR, index=0, serialized_options=None, - serialized_start=406, - serialized_end=533, + create_key=_descriptor._internal_create_key, + serialized_start=437, + serialized_end=564, methods=[ _descriptor.MethodDescriptor( name='sub', @@ -220,6 +231,7 @@ input_type=_REQUEST, output_type=_RESPONSE, serialized_options=None, + create_key=_descriptor._internal_create_key, ), _descriptor.MethodDescriptor( name='get', @@ -229,6 +241,7 @@ input_type=_REQUEST, output_type=_RESPONSE, serialized_options=None, + create_key=_descriptor._internal_create_key, ), ]) _sym_db.RegisterServiceDescriptor(_SERVICE) diff --git a/falco/schema/schema_pb2.py b/falco/schema/schema_pb2.py index 4975e61..1f1311b 100644 --- a/falco/schema/schema_pb2.py +++ b/falco/schema/schema_pb2.py @@ -1,9 +1,7 @@ # -*- coding: utf-8 -*- # Generated by the protocol buffer compiler. DO NOT EDIT! # source: schema.proto - -import sys -_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1')) +"""Generated protocol buffer code.""" from google.protobuf.internal import enum_type_wrapper from google.protobuf import descriptor as _descriptor from google.protobuf import message as _message @@ -21,7 +19,8 @@ package='falco.schema', syntax='proto3', serialized_options=None, - serialized_pb=_b('\n\x0cschema.proto\x12\x0c\x66\x61lco.schema*\xcc\x02\n\x08priority\x12\r\n\tEMERGENCY\x10\x00\x12\r\n\temergency\x10\x00\x12\r\n\tEmergency\x10\x00\x12\t\n\x05\x41LERT\x10\x01\x12\t\n\x05\x61lert\x10\x01\x12\t\n\x05\x41lert\x10\x01\x12\x0c\n\x08\x43RITICAL\x10\x02\x12\x0c\n\x08\x63ritical\x10\x02\x12\x0c\n\x08\x43ritical\x10\x02\x12\t\n\x05\x45RROR\x10\x03\x12\t\n\x05\x65rror\x10\x03\x12\t\n\x05\x45rror\x10\x03\x12\x0b\n\x07WARNING\x10\x04\x12\x0b\n\x07warning\x10\x04\x12\x0b\n\x07Warning\x10\x04\x12\n\n\x06NOTICE\x10\x05\x12\n\n\x06notice\x10\x05\x12\n\n\x06Notice\x10\x05\x12\x11\n\rINFORMATIONAL\x10\x06\x12\x11\n\rinformational\x10\x06\x12\x11\n\rInformational\x10\x06\x12\t\n\x05\x44\x45\x42UG\x10\x07\x12\t\n\x05\x64\x65\x62ug\x10\x07\x12\t\n\x05\x44\x65\x62ug\x10\x07\x1a\x02\x10\x01*\x99\x01\n\x06source\x12\x0b\n\x07SYSCALL\x10\x00\x12\x0b\n\x07syscall\x10\x00\x12\x0b\n\x07Syscall\x10\x00\x12\r\n\tK8S_AUDIT\x10\x01\x12\r\n\tk8s_audit\x10\x01\x12\r\n\tK8s_audit\x10\x01\x12\r\n\tK8S_audit\x10\x01\x12\x0c\n\x08INTERNAL\x10\x02\x12\x0c\n\x08internal\x10\x02\x12\x0c\n\x08Internal\x10\x02\x1a\x02\x10\x01\x62\x06proto3') + create_key=_descriptor._internal_create_key, + serialized_pb=b'\n\x0cschema.proto\x12\x0c\x66\x61lco.schema*\xcc\x02\n\x08priority\x12\r\n\tEMERGENCY\x10\x00\x12\r\n\temergency\x10\x00\x12\r\n\tEmergency\x10\x00\x12\t\n\x05\x41LERT\x10\x01\x12\t\n\x05\x61lert\x10\x01\x12\t\n\x05\x41lert\x10\x01\x12\x0c\n\x08\x43RITICAL\x10\x02\x12\x0c\n\x08\x63ritical\x10\x02\x12\x0c\n\x08\x43ritical\x10\x02\x12\t\n\x05\x45RROR\x10\x03\x12\t\n\x05\x65rror\x10\x03\x12\t\n\x05\x45rror\x10\x03\x12\x0b\n\x07WARNING\x10\x04\x12\x0b\n\x07warning\x10\x04\x12\x0b\n\x07Warning\x10\x04\x12\n\n\x06NOTICE\x10\x05\x12\n\n\x06notice\x10\x05\x12\n\n\x06Notice\x10\x05\x12\x11\n\rINFORMATIONAL\x10\x06\x12\x11\n\rinformational\x10\x06\x12\x11\n\rInformational\x10\x06\x12\t\n\x05\x44\x45\x42UG\x10\x07\x12\t\n\x05\x64\x65\x62ug\x10\x07\x12\t\n\x05\x44\x65\x62ug\x10\x07\x1a\x02\x10\x01*\xbd\x01\n\x06source\x12\x0b\n\x07SYSCALL\x10\x00\x12\x0b\n\x07syscall\x10\x00\x12\x0b\n\x07Syscall\x10\x00\x12\r\n\tK8S_AUDIT\x10\x01\x12\r\n\tk8s_audit\x10\x01\x12\r\n\tK8s_audit\x10\x01\x12\r\n\tK8S_audit\x10\x01\x12\x0c\n\x08INTERNAL\x10\x02\x12\x0c\n\x08internal\x10\x02\x12\x0c\n\x08Internal\x10\x02\x12\n\n\x06PLUGIN\x10\x03\x12\n\n\x06plugin\x10\x03\x12\n\n\x06Plugin\x10\x03\x1a\x02\x10\x01\x62\x06proto3' ) _PRIORITY = _descriptor.EnumDescriptor( @@ -29,106 +28,131 @@ full_name='falco.schema.priority', filename=None, file=DESCRIPTOR, + create_key=_descriptor._internal_create_key, values=[ _descriptor.EnumValueDescriptor( name='EMERGENCY', index=0, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='emergency', index=1, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Emergency', index=2, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='ALERT', index=3, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='alert', index=4, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Alert', index=5, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='CRITICAL', index=6, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='critical', index=7, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Critical', index=8, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='ERROR', index=9, number=3, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='error', index=10, number=3, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Error', index=11, number=3, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='WARNING', index=12, number=4, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='warning', index=13, number=4, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Warning', index=14, number=4, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='NOTICE', index=15, number=5, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='notice', index=16, number=5, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Notice', index=17, number=5, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='INFORMATIONAL', index=18, number=6, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='informational', index=19, number=6, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Informational', index=20, number=6, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='DEBUG', index=21, number=7, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='debug', index=22, number=7, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Debug', index=23, number=7, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), ], containing_type=None, - serialized_options=_b('\020\001'), + serialized_options=b'\020\001', serialized_start=31, serialized_end=363, ) @@ -140,52 +164,78 @@ full_name='falco.schema.source', filename=None, file=DESCRIPTOR, + create_key=_descriptor._internal_create_key, values=[ _descriptor.EnumValueDescriptor( name='SYSCALL', index=0, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='syscall', index=1, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Syscall', index=2, number=0, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='K8S_AUDIT', index=3, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='k8s_audit', index=4, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='K8s_audit', index=5, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='K8S_audit', index=6, number=1, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='INTERNAL', index=7, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='internal', index=8, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), _descriptor.EnumValueDescriptor( name='Internal', index=9, number=2, serialized_options=None, - type=None), + type=None, + create_key=_descriptor._internal_create_key), + _descriptor.EnumValueDescriptor( + name='PLUGIN', index=10, number=3, + serialized_options=None, + type=None, + create_key=_descriptor._internal_create_key), + _descriptor.EnumValueDescriptor( + name='plugin', index=11, number=3, + serialized_options=None, + type=None, + create_key=_descriptor._internal_create_key), + _descriptor.EnumValueDescriptor( + name='Plugin', index=12, number=3, + serialized_options=None, + type=None, + create_key=_descriptor._internal_create_key), ], containing_type=None, - serialized_options=_b('\020\001'), + serialized_options=b'\020\001', serialized_start=366, - serialized_end=519, + serialized_end=555, ) _sym_db.RegisterEnumDescriptor(_SOURCE) @@ -224,6 +274,9 @@ INTERNAL = 2 internal = 2 Internal = 2 +PLUGIN = 3 +plugin = 3 +Plugin = 3 DESCRIPTOR.enum_types_by_name['priority'] = _PRIORITY diff --git a/falco/schema/version_pb2.py b/falco/schema/version_pb2.py index 4562323..3c44ba2 100644 --- a/falco/schema/version_pb2.py +++ b/falco/schema/version_pb2.py @@ -1,9 +1,7 @@ # -*- coding: utf-8 -*- # Generated by the protocol buffer compiler. DO NOT EDIT! # source: version.proto - -import sys -_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1')) +"""Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import message as _message from google.protobuf import reflection as _reflection @@ -20,7 +18,8 @@ package='falco.version', syntax='proto3', serialized_options=None, - serialized_pb=_b('\n\rversion.proto\x12\rfalco.version\"\t\n\x07request\"\xa3\x01\n\x08response\x12\x0f\n\x07version\x18\x01 \x01(\t\x12\r\n\x05major\x18\x02 \x01(\r\x12\r\n\x05minor\x18\x03 \x01(\r\x12\r\n\x05patch\x18\x04 \x01(\r\x12\x12\n\nprerelease\x18\x05 \x01(\t\x12\r\n\x05\x62uild\x18\x06 \x01(\t\x12\x16\n\x0e\x65ngine_version\x18\x07 \x01(\r\x12\x1e\n\x16\x65ngine_fields_checksum\x18\x08 \x01(\t2E\n\x07service\x12:\n\x07version\x12\x16.falco.version.request\x1a\x17.falco.version.responseb\x06proto3') + create_key=_descriptor._internal_create_key, + serialized_pb=b'\n\rversion.proto\x12\rfalco.version\"\t\n\x07request\"\xa3\x01\n\x08response\x12\x0f\n\x07version\x18\x01 \x01(\t\x12\r\n\x05major\x18\x02 \x01(\r\x12\r\n\x05minor\x18\x03 \x01(\r\x12\r\n\x05patch\x18\x04 \x01(\r\x12\x12\n\nprerelease\x18\x05 \x01(\t\x12\r\n\x05\x62uild\x18\x06 \x01(\t\x12\x16\n\x0e\x65ngine_version\x18\x07 \x01(\r\x12\x1e\n\x16\x65ngine_fields_checksum\x18\x08 \x01(\t2E\n\x07service\x12:\n\x07version\x12\x16.falco.version.request\x1a\x17.falco.version.responseb\x06proto3' ) @@ -32,6 +31,7 @@ filename=None, file=DESCRIPTOR, containing_type=None, + create_key=_descriptor._internal_create_key, fields=[ ], extensions=[ @@ -56,63 +56,64 @@ filename=None, file=DESCRIPTOR, containing_type=None, + create_key=_descriptor._internal_create_key, fields=[ _descriptor.FieldDescriptor( name='version', full_name='falco.version.response.version', index=0, number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='major', full_name='falco.version.response.major', index=1, number=2, type=13, cpp_type=3, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='minor', full_name='falco.version.response.minor', index=2, number=3, type=13, cpp_type=3, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='patch', full_name='falco.version.response.patch', index=3, number=4, type=13, cpp_type=3, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='prerelease', full_name='falco.version.response.prerelease', index=4, number=5, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='build', full_name='falco.version.response.build', index=5, number=6, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='engine_version', full_name='falco.version.response.engine_version', index=6, number=7, type=13, cpp_type=3, label=1, has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), _descriptor.FieldDescriptor( name='engine_fields_checksum', full_name='falco.version.response.engine_fields_checksum', index=7, number=8, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + has_default_value=False, default_value=b"".decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR), + serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), ], extensions=[ ], @@ -155,6 +156,7 @@ file=DESCRIPTOR, index=0, serialized_options=None, + create_key=_descriptor._internal_create_key, serialized_start=209, serialized_end=278, methods=[ @@ -166,6 +168,7 @@ input_type=_REQUEST, output_type=_RESPONSE, serialized_options=None, + create_key=_descriptor._internal_create_key, ), ]) _sym_db.RegisterServiceDescriptor(_SERVICE) diff --git a/falco/svc/outputs_pb2_grpc.py b/falco/svc/outputs_pb2_grpc.py index aea2474..e9591c8 100644 --- a/falco/svc/outputs_pb2_grpc.py +++ b/falco/svc/outputs_pb2_grpc.py @@ -1,65 +1,107 @@ # Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" import grpc import outputs_pb2 as outputs__pb2 class serviceStub(object): - """This service defines the RPC methods - to `request` a stream of output `response`s. - """ + """This service defines the RPC methods + to `request` a stream of output `response`s. + """ - def __init__(self, channel): - """Constructor. + def __init__(self, channel): + """Constructor. - Args: - channel: A grpc.Channel. - """ - self.sub = channel.stream_stream( - '/falco.outputs.service/sub', - request_serializer=outputs__pb2.request.SerializeToString, - response_deserializer=outputs__pb2.response.FromString, - ) - self.get = channel.unary_stream( - '/falco.outputs.service/get', - request_serializer=outputs__pb2.request.SerializeToString, - response_deserializer=outputs__pb2.response.FromString, - ) + Args: + channel: A grpc.Channel. + """ + self.sub = channel.stream_stream( + '/falco.outputs.service/sub', + request_serializer=outputs__pb2.request.SerializeToString, + response_deserializer=outputs__pb2.response.FromString, + ) + self.get = channel.unary_stream( + '/falco.outputs.service/get', + request_serializer=outputs__pb2.request.SerializeToString, + response_deserializer=outputs__pb2.response.FromString, + ) class serviceServicer(object): - """This service defines the RPC methods - to `request` a stream of output `response`s. - """ - - def sub(self, request_iterator, context): - """Subscribe to a stream of Falco outputs by sending a stream of requests. + """This service defines the RPC methods + to `request` a stream of output `response`s. """ - context.set_code(grpc.StatusCode.UNIMPLEMENTED) - context.set_details('Method not implemented!') - raise NotImplementedError('Method not implemented!') - def get(self, request, context): - """Get all the Falco outputs present in the system up to this call. - """ - context.set_code(grpc.StatusCode.UNIMPLEMENTED) - context.set_details('Method not implemented!') - raise NotImplementedError('Method not implemented!') + def sub(self, request_iterator, context): + """Subscribe to a stream of Falco outputs by sending a stream of requests. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def get(self, request, context): + """Get all the Falco outputs present in the system up to this call. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') def add_serviceServicer_to_server(servicer, server): - rpc_method_handlers = { - 'sub': grpc.stream_stream_rpc_method_handler( - servicer.sub, - request_deserializer=outputs__pb2.request.FromString, - response_serializer=outputs__pb2.response.SerializeToString, - ), - 'get': grpc.unary_stream_rpc_method_handler( - servicer.get, - request_deserializer=outputs__pb2.request.FromString, - response_serializer=outputs__pb2.response.SerializeToString, - ), - } - generic_handler = grpc.method_handlers_generic_handler( - 'falco.outputs.service', rpc_method_handlers) - server.add_generic_rpc_handlers((generic_handler,)) + rpc_method_handlers = { + 'sub': grpc.stream_stream_rpc_method_handler( + servicer.sub, + request_deserializer=outputs__pb2.request.FromString, + response_serializer=outputs__pb2.response.SerializeToString, + ), + 'get': grpc.unary_stream_rpc_method_handler( + servicer.get, + request_deserializer=outputs__pb2.request.FromString, + response_serializer=outputs__pb2.response.SerializeToString, + ), + } + generic_handler = grpc.method_handlers_generic_handler( + 'falco.outputs.service', rpc_method_handlers) + server.add_generic_rpc_handlers((generic_handler,)) + + + # This class is part of an EXPERIMENTAL API. +class service(object): + """This service defines the RPC methods + to `request` a stream of output `response`s. + """ + + @staticmethod + def sub(request_iterator, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.stream_stream(request_iterator, target, '/falco.outputs.service/sub', + outputs__pb2.request.SerializeToString, + outputs__pb2.response.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def get(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_stream(request, target, '/falco.outputs.service/get', + outputs__pb2.request.SerializeToString, + outputs__pb2.response.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) diff --git a/falco/svc/schema_pb2_grpc.py b/falco/svc/schema_pb2_grpc.py index a894352..2daafff 100644 --- a/falco/svc/schema_pb2_grpc.py +++ b/falco/svc/schema_pb2_grpc.py @@ -1,3 +1,4 @@ # Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" import grpc diff --git a/falco/svc/version_pb2_grpc.py b/falco/svc/version_pb2_grpc.py index efaff94..2fa0ae4 100644 --- a/falco/svc/version_pb2_grpc.py +++ b/falco/svc/version_pb2_grpc.py @@ -1,48 +1,72 @@ # Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" import grpc import version_pb2 as version__pb2 class serviceStub(object): - """This service defines a RPC call - to request the Falco version. - """ + """This service defines a RPC call + to request the Falco version. + """ - def __init__(self, channel): - """Constructor. + def __init__(self, channel): + """Constructor. - Args: - channel: A grpc.Channel. - """ - self.version = channel.unary_unary( - '/falco.version.service/version', - request_serializer=version__pb2.request.SerializeToString, - response_deserializer=version__pb2.response.FromString, - ) + Args: + channel: A grpc.Channel. + """ + self.version = channel.unary_unary( + '/falco.version.service/version', + request_serializer=version__pb2.request.SerializeToString, + response_deserializer=version__pb2.response.FromString, + ) class serviceServicer(object): - """This service defines a RPC call - to request the Falco version. - """ + """This service defines a RPC call + to request the Falco version. + """ - def version(self, request, context): - # missing associated documentation comment in .proto file - pass - context.set_code(grpc.StatusCode.UNIMPLEMENTED) - context.set_details('Method not implemented!') - raise NotImplementedError('Method not implemented!') + def version(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') def add_serviceServicer_to_server(servicer, server): - rpc_method_handlers = { - 'version': grpc.unary_unary_rpc_method_handler( - servicer.version, - request_deserializer=version__pb2.request.FromString, - response_serializer=version__pb2.response.SerializeToString, - ), - } - generic_handler = grpc.method_handlers_generic_handler( - 'falco.version.service', rpc_method_handlers) - server.add_generic_rpc_handlers((generic_handler,)) + rpc_method_handlers = { + 'version': grpc.unary_unary_rpc_method_handler( + servicer.version, + request_deserializer=version__pb2.request.FromString, + response_serializer=version__pb2.response.SerializeToString, + ), + } + generic_handler = grpc.method_handlers_generic_handler( + 'falco.version.service', rpc_method_handlers) + server.add_generic_rpc_handlers((generic_handler,)) + + + # This class is part of an EXPERIMENTAL API. +class service(object): + """This service defines a RPC call + to request the Falco version. + """ + + @staticmethod + def version(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/falco.version.service/version', + version__pb2.request.SerializeToString, + version__pb2.response.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) diff --git a/protos/outputs.proto b/protos/outputs.proto index e851e1d..e95af83 100644 --- a/protos/outputs.proto +++ b/protos/outputs.proto @@ -44,10 +44,11 @@ message request { message response { google.protobuf.Timestamp time = 1; falco.schema.priority priority = 2; - falco.schema.source source = 3; + falco.schema.source source_deprecated = 3 [deprecated=true]; string rule = 4; string output = 5; map output_fields = 6; string hostname = 7; repeated string tags = 8; + string source = 9; } \ No newline at end of file diff --git a/protos/schema.proto b/protos/schema.proto index 881d182..88dd155 100644 --- a/protos/schema.proto +++ b/protos/schema.proto @@ -59,4 +59,7 @@ enum source { INTERNAL = 2; internal = 2; Internal = 2; + PLUGIN = 3; + plugin = 3; + Plugin = 3; } diff --git a/requirements-dev.txt b/requirements-dev.txt index 572d02f..b6e0692 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,7 +1,7 @@ -r requirements.txt -pytest==5.3.5 -black==19.10b0 -isort==4.3.21 -grpcio-tools==1.26.0 -flake8==3.7.9 +pytest==6.2.5 +black==22.1.0 +isort==5.10.1 +grpcio-tools==1.43.0 +flake8==4.0.1 diff --git a/requirements.txt b/requirements.txt index 79688dd..aefa55e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ -grpcio==1.26.0 -python-dateutil==2.8.1 -protobuf==3.12.2 +grpcio==1.43.0 +python-dateutil==2.8.2 +protobuf==3.19.4 diff --git a/tests/conftest.py b/tests/conftest.py index 22046aa..a7a9282 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -16,7 +16,7 @@ def outputs_response(): return OutputsResponse( time=datetime(2020, 1, 1, 22, 55, 59, 300000, tz.UTC), priority=OutputsResponse.Priority.CRITICAL, - source=OutputsResponse.Source.K8S_AUDIT, + source="k8s_audit", rule="rule", output="output", output_fields={"a": "b"}, diff --git a/tests/mock.py b/tests/mock.py index d7c41a2..6e2c217 100644 --- a/tests/mock.py +++ b/tests/mock.py @@ -18,7 +18,7 @@ def __init__(self): OutputsResponse( time=datetime(2020, 1, 1, 22, 55, 59, 300000, tz.UTC), priority=OutputsResponse.Priority.CRITICAL, - source=OutputsResponse.Source.K8S_AUDIT, + source="k8s_audit", rule="rule", output="1", output_fields={"a": "b"}, @@ -28,7 +28,7 @@ def __init__(self): OutputsResponse( time=datetime(2020, 1, 1, 22, 55, 59, 300000, tz.UTC), priority=OutputsResponse.Priority.CRITICAL, - source=OutputsResponse.Source.K8S_AUDIT, + source="k8s_audit", rule="rule", output="2", output_fields={"a": "b"}, @@ -38,7 +38,7 @@ def __init__(self): OutputsResponse( time=datetime(2020, 1, 1, 22, 55, 59, 300000, tz.UTC), priority=OutputsResponse.Priority.CRITICAL, - source=OutputsResponse.Source.K8S_AUDIT, + source="k8s_audit", rule="rule", output="3", output_fields={"a": "b"},