tetragon
eBPF-based Security Observability and Runtime Enforcement
APACHE-2.0 License
Ecosystems:
Kubernetes,
eBPF
Bot releases are hidden (Show)
tetragon
- v1.0.1
Published by kkourt 10 months ago
Release info
OSS PRs
Bugfixes:
- Fix a regression related to field filters that could cause top-level information to be missing from events.
- Fix a number of segmentation Add mappings for sock and skb types (bug fix).
- Fix a few bugs related to field filter configuration and significantly improve performance of field filters.
- backports/v1.0: helm: Fix templating securityContext and tolerations
Minor Changes:
- backports/v1.0: Add a metric to provide per-event missed events
Dependency updates:
- chore(deps): update docker.io/library/golang docker tag to v1.21.5 (v1.0)
- chore(deps): update go (v1.0)
- chore(deps): update docker.io/library/alpine docker tag to v3.18.5 (v1.0)
- chore(deps): update docker.io/library/golang:1.21.4 docker digest to 9baee0e (v1.0)
- chore(deps): update go to v1.21.4 (v1.0) (patch)
- chore(deps): update docker.io/library/golang docker tag to v1.21.4 (v1.0)
- chore(deps): update docker.io/library/alpine docker tag to v3.19.0 (v1.0)
- chore(deps): update docker.io/library/golang:1.21.4-alpine docker digest to 70afe55 (v1.0)
What's Changed
- backports/v1.0: Add a metric to provide per-event missed events by @tpapagian in https://github.com/cilium/tetragon/pull/1702
- filters/fields: do a deep copy before filtering by @willfindlay in https://github.com/cilium/tetragon/pull/1726
- chore(deps): update go to v1.21.4 (v1.0) (patch) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1747
- chore(deps): update docker.io/library/golang docker tag to v1.21.4 (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1757
- Backports/v1.0/1762 by @willfindlay in https://github.com/cilium/tetragon/pull/1763
- chore(deps): update docker.io/library/golang:1.21.4 docker digest to 9baee0e (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1746
- chore(deps): update docker.io/library/alpine docker tag to v3.18.5 (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1826
- chore(deps): update docker.io/library/golang:1.21.4-alpine docker digest to 70afe55 (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1825
- Backports/v1.0/string match fixes by @kevsecurity in https://github.com/cilium/tetragon/pull/1819
- backports/v1.0: helm: Fix templating securityContext and tolerations by @lambdanis in https://github.com/cilium/tetragon/pull/1841
- chore(deps): update docker.io/library/golang docker tag to v1.21.5 (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1851
- chore(deps): update docker.io/library/alpine docker tag to v3.19.0 (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1864
- chore(deps): update go (v1.0) by @cilium-renovate in https://github.com/cilium/tetragon/pull/1869
- backports/v1.0: fieldfilters: fix regression with missing top-level info and add test by @willfindlay in https://github.com/cilium/tetragon/pull/1883
- Prepare for v1.0.1 release by @kkourt in https://github.com/cilium/tetragon/pull/1885
Full Changelog: https://github.com/cilium/tetragon/compare/v1.0.0...v1.0.1
tetragon
- Release v0.8.4
Published by kkourt over 1 year ago
What's Changed
- Update README.md by @michi-covalent in https://github.com/cilium/tetragon/pull/489
- tetragon: Add --rb-size/--rb-size-total options to setup perf ring buffer size by @olsajiri in https://github.com/cilium/tetragon/pull/480
- pkg:sensors: log loading BPF programs by @tixxdz in https://github.com/cilium/tetragon/pull/474
- mention LOCAL_CLANG in contributor's dev docs by @dmitris in https://github.com/cilium/tetragon/pull/503
- build(deps): bump golang from 1.16 to 1.19.2 by @dependabot in https://github.com/cilium/tetragon/pull/502
- program/loader: properly log verifier errors by @willfindlay in https://github.com/cilium/tetragon/pull/504
- build(deps): bump actions/download-artifact from 3 to 3.0.1 by @dependabot in https://github.com/cilium/tetragon/pull/501
- chore: remove binary accidentally checked in by @willfindlay in https://github.com/cilium/tetragon/pull/508
- Fix a deadlock in eventcache by @tpapagian in https://github.com/cilium/tetragon/pull/510
- minor README updates by @dmitris in https://github.com/cilium/tetragon/pull/512
- correct a sentence in 'Deploy Tetragon' by @dmitris in https://github.com/cilium/tetragon/pull/509
- server: drop events if listener channel is full by @kkourt in https://github.com/cilium/tetragon/pull/511
- Remove pidMap by @tpapagian in https://github.com/cilium/tetragon/pull/497
- build: sign Tetragon container images by @sandipanpanda in https://github.com/cilium/tetragon/pull/517
- Chore: registered probe types by @zhiyu0729 in https://github.com/cilium/tetragon/pull/519
- chore: sample memfd_create rule by @krol3 in https://github.com/cilium/tetragon/pull/484
- tetragon: fix graceful shutdown and exit code by @tixxdz in https://github.com/cilium/tetragon/pull/520
- ci/e2e: fix test failure file exports by @willfindlay in https://github.com/cilium/tetragon/pull/518
- add kubebuilder validation GetUrl;DnsLookup , it can't get "The Traci… by @sunnoy in https://github.com/cilium/tetragon/pull/525
- Update automatically generated files by @kevsecurity in https://github.com/cilium/tetragon/pull/528
- tetragon: Add bpf_printk helper from libbpf by @olsajiri in https://github.com/cilium/tetragon/pull/514
- vendor: update cilium/ebpf by @willfindlay in https://github.com/cilium/tetragon/pull/522
- cli: add field filters to the CLI and tetragon configmap by @willfindlay in https://github.com/cilium/tetragon/pull/513
- tetragon: improve how we read process info during startup by @tixxdz in https://github.com/cilium/tetragon/pull/523
- tetragon: Switch to clang-14 by @olsajiri in https://github.com/cilium/tetragon/pull/397
- various fixes motivated by a failure of the raw syscall test by @kkourt in https://github.com/cilium/tetragon/pull/531
- Fix for execve events that come after clone by @tpapagian in https://github.com/cilium/tetragon/pull/532
- tetragon: Add ReleasedPinnedBPF option to remove any old progs/maps by @jrfastab in https://github.com/cilium/tetragon/pull/544
- [backport] unix socket for gRPC by @kkourt in https://github.com/cilium/tetragon/pull/585
- backports/v0.8: tests/e2e: make cilium version configurable by @willfindlay in https://github.com/cilium/tetragon/pull/605
- vmtests: use large github runner by @kevsecurity in https://github.com/cilium/tetragon/pull/621
- Make size of event queue configurable by @kevsecurity in https://github.com/cilium/tetragon/pull/620
- Backports/v0.8: tetragon: Allow full exec path/args retrieval on 4.19 kernels by @tixxdz in https://github.com/cilium/tetragon/pull/626
- Backports/v0.8: cgroups: add basic cgroups tracking and make it part of the testing framework by @tixxdz in https://github.com/cilium/tetragon/pull/627
- backports/v0.8: tests/e2e: remove GKE auth plugin, it's deprecated by @willfindlay in https://github.com/cilium/tetragon/pull/633
- Backports/v0.8: cgroups fixes and tests backport by @tixxdz in https://github.com/cilium/tetragon/pull/629
- Backports/v0.8: tetragon: main agent and logging fixes by @tixxdz in https://github.com/cilium/tetragon/pull/631
- Backports/v0.8: backport generic tracepoint fix and better configuration handling by @tixxdz in https://github.com/cilium/tetragon/pull/657
- Backports/v0.8: backport tarball deployment, print bpf events and CRD fixes by @tixxdz in https://github.com/cilium/tetragon/pull/658
- backports/v0.8: ci: pin docker buildx version to v0.9.1 by @willfindlay in https://github.com/cilium/tetragon/pull/660
- backports/v0.8: e2e-framework: force update when adding helm repo by @willfindlay in https://github.com/cilium/tetragon/pull/645
- tetragon: Switch exit tracepoint to __put_task_struct kprobe by @olsajiri in https://github.com/cilium/tetragon/pull/672
- Backport:v0.8 Add start time to event cache object by @kevsecurity in https://github.com/cilium/tetragon/pull/725
- Backport:v0.8 Handle multiple URL and DNS selectors correctly by @kevsecurity in https://github.com/cilium/tetragon/pull/726
- Backport:v0.8 Fix multiple file match bugs by @kevsecurity in https://github.com/cilium/tetragon/pull/727
New Contributors
- @zhiyu0729 made their first contribution in https://github.com/cilium/tetragon/pull/519
- @krol3 made their first contribution in https://github.com/cilium/tetragon/pull/484
- @sunnoy made their first contribution in https://github.com/cilium/tetragon/pull/525
Full Changelog: https://github.com/cilium/tetragon/compare/v0.8.3...v0.8.4
tetragon
- v0.8.2
Published by willfindlay about 2 years ago
What's Changed
- tetragon: Add bench application by @olsajiri in https://github.com/cilium/tetragon/pull/261
- build(deps): bump github/codeql-action from 2.1.18 to 2.1.24 by @dependabot in https://github.com/cilium/tetragon/pull/418
- Add an issue template for the release process by @michi-covalent in https://github.com/cilium/tetragon/pull/425
- Prepare for v0.8.2 release by @willfindlay in https://github.com/cilium/tetragon/pull/427
Full Changelog: https://github.com/cilium/tetragon/compare/v0.8.1...v0.8.2
tetragon
- v0.8.1
Published by kkourt about 2 years ago
What's Changed
- readme: fix minor issues in quickstart by @willfindlay in https://github.com/cilium/tetragon/pull/20
- Use quay.io/cilium/hubble-export-stdout by @michi-covalent in https://github.com/cilium/tetragon/pull/22
- workflow: add scripts to make local development with kind easier by @willfindlay in https://github.com/cilium/tetragon/pull/21
- selectors: fix missing bounds check on int conversion by @willfindlay in https://github.com/cilium/tetragon/pull/25
- encoder: Update TCP event format by @michi-covalent in https://github.com/cilium/tetragon/pull/23
- Vagrantfile: install libcap-dev for Makefile by @dmitris in https://github.com/cilium/tetragon/pull/28
- metrics: add a per-exec-id counter for missing parents by @willfindlay in https://github.com/cilium/tetragon/pull/24
- DEVELOP.md: list requirements by @kkourt in https://github.com/cilium/tetragon/pull/27
- codegen: clean up codegen package by @willfindlay in https://github.com/cilium/tetragon/pull/30
- static-check: Run checkpatch.pl by @michi-covalent in https://github.com/cilium/tetragon/pull/31
- Fixed README command example by @ekoops in https://github.com/cilium/tetragon/pull/32
- doc: add first development guide by @tixxdz in https://github.com/cilium/tetragon/pull/29
- README: Add GKE support by @michi-covalent in https://github.com/cilium/tetragon/pull/34
- Added note for logging multiple tetragon pods by @MarwanNour in https://github.com/cilium/tetragon/pull/38
- use CONTAINER_ENGINE variable instead of literal 'docker' by @dmitris in https://github.com/cilium/tetragon/pull/42
- fix default DOCKER_DEV_ACCOUNT by @dmitris in https://github.com/cilium/tetragon/pull/43
- kprobe/process: silence verbose warnings + add metrics by @willfindlay in https://github.com/cilium/tetragon/pull/37
- Remove -static flag by @dmitris in https://github.com/cilium/tetragon/pull/44
- improved fork handling by @kkourt in https://github.com/cilium/tetragon/pull/35
- helm: make gRPC and metrics address/port configurable by @willfindlay in https://github.com/cilium/tetragon/pull/41
- Add LICENSE by @dgkncelik in https://github.com/cilium/tetragon/pull/48
- README: fix tetragon-cli installation instructions by @tklauser in https://github.com/cilium/tetragon/pull/49
- Setup CI to build multi-arch images with arm64 support by @chancez in https://github.com/cilium/tetragon/pull/50
- Revert "Setup CI to build multi-arch images with arm64 support" by @kkourt in https://github.com/cilium/tetragon/pull/55
- metrics: split metrics into separate packages by @willfindlay in https://github.com/cilium/tetragon/pull/51
- docs(README): add dark logo option by @raphink in https://github.com/cilium/tetragon/pull/58
- remove last \ in gcloud container clusters create by @leewalter in https://github.com/cilium/tetragon/pull/54
- Changed the download URL for tetragon-cli in README.md by @tnorlin in https://github.com/cilium/tetragon/pull/52
- ci: move checkpatch to its own job and add some exceptions by @willfindlay in https://github.com/cilium/tetragon/pull/61
- README updates by @tgraf in https://github.com/cilium/tetragon/pull/62
- Abstract bpf_exit by @kevsecurity in https://github.com/cilium/tetragon/pull/60
- metrics: export raw metric maps by @willfindlay in https://github.com/cilium/tetragon/pull/65
- go.mod, vendor: switch back to upstream cilium/ebpf by @tklauser in https://github.com/cilium/tetragon/pull/63
- .github: add dependabot configuration by @tklauser in https://github.com/cilium/tetragon/pull/64
- README.md: Install using Helm chart from helm.cilium.io by @michi-covalent in https://github.com/cilium/tetragon/pull/66
- chore: add CODEOWNERS by @willfindlay in https://github.com/cilium/tetragon/pull/72
- build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.12.2 by @dependabot in https://github.com/cilium/tetragon/pull/70
- build(deps): bump docker/login-action from 1.10.0 to 2 by @dependabot in https://github.com/cilium/tetragon/pull/69
- Fix for NotIn operator in matchCapabilities selector by @tpapagian in https://github.com/cilium/tetragon/pull/77
- Fix for NotIn operator in matchCapabilityChanges selector by @tpapagian in https://github.com/cilium/tetragon/pull/78
- vendor: Pick up cilium v1.9.16 by @michi-covalent in https://github.com/cilium/tetragon/pull/83
- makefile: make LOCAL_CLANG=0 the default by @willfindlay in https://github.com/cilium/tetragon/pull/81
- Add Additional Resources to README by @sharlns in https://github.com/cilium/tetragon/pull/84
- build(deps): bump actions/download-artifact from 2.0.10 to 3 by @dependabot in https://github.com/cilium/tetragon/pull/75
- build(deps): bump actions/checkout from 2 to 3.0.2 by @dependabot in https://github.com/cilium/tetragon/pull/85
- vendor: upgrade yaml.v3 to v3.0.0 by @willfindlay in https://github.com/cilium/tetragon/pull/86
- Format README: add missing
process_kprobeJSON event by @sharlns in https://github.com/cilium/tetragon/pull/87 - build(deps): bump github.com/fatih/color from 1.7.0 to 1.13.0 by @dependabot in https://github.com/cilium/tetragon/pull/76
- tests/eventchecker: code generate eventchecker library by @willfindlay in https://github.com/cilium/tetragon/pull/80
- build(deps): bump github/codeql-action from 2.1.9 to 2.1.11 by @dependabot in https://github.com/cilium/tetragon/pull/89
- checker fixes by @kkourt in https://github.com/cilium/tetragon/pull/93
- testing fixes. by @kkourt in https://github.com/cilium/tetragon/pull/94
- tetragon declutter sensors and decouple spec from core by @jrfastab in https://github.com/cilium/tetragon/pull/88
- build(deps): bump golangci/golangci-lint-action from 2.5.2 to 3.2.0 by @dependabot in https://github.com/cilium/tetragon/pull/98
- Fix runtime panic when config file is empty by @Furisto in https://github.com/cilium/tetragon/pull/99
- tetragon: Remove extra Program and Map structs after split by @olsajiri in https://github.com/cilium/tetragon/pull/100
- build(deps): bump google.golang.org/grpc from 1.44.0 to 1.46.2 by @dependabot in https://github.com/cilium/tetragon/pull/97
- build(deps): bump actions/upload-artifact from 2 to 3.1.0 by @dependabot in https://github.com/cilium/tetragon/pull/107
- bpf: use 'tetragon' as prefix for maps and progs on the bpffs by @tixxdz in https://github.com/cilium/tetragon/pull/95
- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 by @dependabot in https://github.com/cilium/tetragon/pull/106
- fix: (helm) service template now respects defined port and is only templated if prometheus is enabled by @rafaribe in https://github.com/cilium/tetragon/pull/101
- codegen: remove invalid generics by @willfindlay in https://github.com/cilium/tetragon/pull/112
- Update description of CRD parameters by @Furisto in https://github.com/cilium/tetragon/pull/109
- test improvements, and avoiding retries in event tests by @kkourt in https://github.com/cilium/tetragon/pull/103
- build(deps): bump docker/build-push-action from 2.5.0 to 3 by @dependabot in https://github.com/cilium/tetragon/pull/115
- codegen: use new cilium-builder image by @rolinh in https://github.com/cilium/tetragon/pull/111
- tests: split json checker out of observer by @willfindlay in https://github.com/cilium/tetragon/pull/105
- tetragon: Pull Default loader out of observer by @jrfastab in https://github.com/cilium/tetragon/pull/119
- tetragon: extract protobuf from the dns cache by @jrfastab in https://github.com/cilium/tetragon/pull/120
- tetragon: Add event config map by @olsajiri in https://github.com/cilium/tetragon/pull/53
- eventchecker: simplify yaml spec for eventchecker by @willfindlay in https://github.com/cilium/tetragon/pull/123
- Fix typo by @Taction in https://github.com/cilium/tetragon/pull/125
- Path resolution improvements by @tpapagian in https://github.com/cilium/tetragon/pull/90
- add test for namespaces and fix bug on 5.4 and below by @willfindlay in https://github.com/cilium/tetragon/pull/110
- fix(helm): Support command override in exporter container #118 by @mrtc0 in https://github.com/cilium/tetragon/pull/121
- ci: various improvements by @willfindlay in https://github.com/cilium/tetragon/pull/122
- build(deps): bump github/codeql-action from 2.1.11 to 2.1.12 by @dependabot in https://github.com/cilium/tetragon/pull/117
- operator: fix tool name in log output by @tklauser in https://github.com/cilium/tetragon/pull/128
- dockerignore: fixes + add doc comments by @willfindlay in https://github.com/cilium/tetragon/pull/131
- build(deps): bump github.com/google/go-cmp from 0.5.6 to 0.5.8 by @dependabot in https://github.com/cilium/tetragon/pull/114
- chore: remove accidentally checked in file by @willfindlay in https://github.com/cilium/tetragon/pull/135
- checkpatch: ignore OPEN_ENDED_LINE and PREFER_KERNEL_TYPES by @willfindlay in https://github.com/cilium/tetragon/pull/134
- build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in https://github.com/cilium/tetragon/pull/132
- Don't truncate Ktime to milliseconds by @sharlns in https://github.com/cilium/tetragon/pull/136
- codegen/helpers: fix name inference for oneof codegen by @willfindlay in https://github.com/cilium/tetragon/pull/140
- pkg:option: include ReadDirConfig() and remove cilium pkg option import by @tixxdz in https://github.com/cilium/tetragon/pull/96
- tetragon: Adding support to store full binary path and arguments by @olsajiri in https://github.com/cilium/tetragon/pull/116
- contrib/localdev: improvements and bug fixes by @willfindlay in https://github.com/cilium/tetragon/pull/130
- build(deps): bump github.com/spf13/cobra from 1.1.3 to 1.4.0 by @dependabot in https://github.com/cilium/tetragon/pull/139
- tests/exec: bump longpath version check to 5.16 by @willfindlay in https://github.com/cilium/tetragon/pull/149
- build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in https://github.com/cilium/tetragon/pull/148
- contrib/verify: touch verify.sh by @willfindlay in https://github.com/cilium/tetragon/pull/144
- Update Chapter 4 Prevention Policies by @sharlns in https://github.com/cilium/tetragon/pull/126
- codegen: codegen generic event and response interfaces + usability improvements for helpers.pb.go by @willfindlay in https://github.com/cilium/tetragon/pull/129
- tetragon: Disable long path/args retrieval for 4.19 kernels by @olsajiri in https://github.com/cilium/tetragon/pull/150
- tetragon: Fix retkprobe loading on 4.19 by @olsajiri in https://github.com/cilium/tetragon/pull/151
- btf, kernels: use unix.ByteSliceToString to simplify []byte -> string conversion by @tklauser in https://github.com/cilium/tetragon/pull/157
- support raw_syscalls tracepoint by @kkourt in https://github.com/cilium/tetragon/pull/160
- build: use upstream clang instead of forked version for BPF programs by @willfindlay in https://github.com/cilium/tetragon/pull/146
- Revert "build: use upstream clang instead of forked version for BPF programs" by @willfindlay in https://github.com/cilium/tetragon/pull/165
- Remove dup() test from TestCopyFd by @tpapagian in https://github.com/cilium/tetragon/pull/161
- Fix CopyFD test by @tpapagian in https://github.com/cilium/tetragon/pull/168
- tetragon: cilium ebpf update by @olsajiri in https://github.com/cilium/tetragon/pull/166
- build(deps): bump github.com/spf13/viper from 1.7.0 to 1.12.0 by @dependabot in https://github.com/cilium/tetragon/pull/153
- Docs: Use URLs for kubectl apply demo commands instead of relative paths by @dnsmichi in https://github.com/cilium/tetragon/pull/163
- Fixes to pass VSCode Intellisence checks by @kevsecurity in https://github.com/cilium/tetragon/pull/175
- chore: fix vendoring by @willfindlay in https://github.com/cilium/tetragon/pull/176
- build(deps): bump github.com/google/gops from 0.3.14 to 0.3.23 by @dependabot in https://github.com/cilium/tetragon/pull/173
- add overview diagram to Tetragon README by @xmulligan in https://github.com/cilium/tetragon/pull/180
- build(deps): bump github/codeql-action from 2.1.12 to 2.1.14 by @dependabot in https://github.com/cilium/tetragon/pull/186
- codegen misc by @kkourt in https://github.com/cilium/tetragon/pull/162
- Update Tetragon Clusterrole by @sharlns in https://github.com/cilium/tetragon/pull/192
- clusterrole: add get and list verbs by @willfindlay in https://github.com/cilium/tetragon/pull/197
- tetragon: Teach file writer to exit gracefully by @jrfastab in https://github.com/cilium/tetragon/pull/185
- tetragon: Remove unused variables by @olsajiri in https://github.com/cilium/tetragon/pull/183
- tetragon: Replace cgo loader with cilium/ebpf library by @olsajiri in https://github.com/cilium/tetragon/pull/141
- Update typo in README by @ChaosInTheCRD in https://github.com/cilium/tetragon/pull/196
- Document better path resolution code introduced in PR #90 by @tpapagian in https://github.com/cilium/tetragon/pull/188
- helm/rbac: split crd create permissions by @willfindlay in https://github.com/cilium/tetragon/pull/201
- build/docs: simplify build process and add documentation by @willfindlay in https://github.com/cilium/tetragon/pull/177
- Update the current clusterrole by @sharlns in https://github.com/cilium/tetragon/pull/195
- chore: add event_config alignment check by @Forsworns in https://github.com/cilium/tetragon/pull/200
- fix: misalignment in execve_map by @Forsworns in https://github.com/cilium/tetragon/pull/206
- [docs] Correct name to Tetragon by @lizrice in https://github.com/cilium/tetragon/pull/212
- tetragon: Check the returned data length for exec arguments by @olsajiri in https://github.com/cilium/tetragon/pull/211
- create symlinks for libbpf.so for podman by @dmitris in https://github.com/cilium/tetragon/pull/217
- doc: remove invalid whitespaces in proto file by @Forsworns in https://github.com/cilium/tetragon/pull/210
- Call go test only for directories that contain at least one test by @tpapagian in https://github.com/cilium/tetragon/pull/215
- Run alignchecker as part of unit tests by @tpapagian in https://github.com/cilium/tetragon/pull/216
- map: expose inner map by @willfindlay in https://github.com/cilium/tetragon/pull/222
- tetragon: Force libbpf link creation by @olsajiri in https://github.com/cilium/tetragon/pull/224
- Export HandleData from pkg/data/data.go by @tpapagian in https://github.com/cilium/tetragon/pull/227
- Vagrantfile: bump Go version to 1.17 by @mtardy in https://github.com/cilium/tetragon/pull/228
- tetragon: improve protobuf usage to remove monolithic proto definitions by @jrfastab in https://github.com/cilium/tetragon/pull/213
- Tetra: fix a typo in tracingpolicy command short description by @mtardy in https://github.com/cilium/tetragon/pull/232
- build(deps): bump github/codeql-action from 2.1.14 to 2.1.16 by @dependabot in https://github.com/cilium/tetragon/pull/234
- tetragon: create api go module for tooling by @jrfastab in https://github.com/cilium/tetragon/pull/231
- tetragon: Process Manager args cleanup by @jrfastab in https://github.com/cilium/tetragon/pull/236
- updated command and args override for stdout-export by @michaelhyatt in https://github.com/cilium/tetragon/pull/155
- tetragon: Add Get() execCache and allow only single cache by @jrfastab in https://github.com/cilium/tetragon/pull/241
- tetragon: avoid segfault of eventcache is disabled by @jrfastab in https://github.com/cilium/tetragon/pull/243
- tetragon: Avoid passing dir options around and add them to option by @jrfastab in https://github.com/cilium/tetragon/pull/242
- tetragon: Add K8s API go.mod for tooling by @jrfastab in https://github.com/cilium/tetragon/pull/248
- sensors tests improvements by @kkourt in https://github.com/cilium/tetragon/pull/237
- eventchecker: fix broken codegen for map checker by @michi-covalent in https://github.com/cilium/tetragon/pull/257
- eventchecker: fix type mismatch bug in argument checkers by @willfindlay in https://github.com/cilium/tetragon/pull/240
- kprobes: matchArgs improvements (for fd/file) by @tpapagian in https://github.com/cilium/tetragon/pull/235
- README: Remove --release-channel GKE flag by @michi-covalent in https://github.com/cilium/tetragon/pull/251
- filters: Add arguments_regex filter by @michi-covalent in https://github.com/cilium/tetragon/pull/249
- ci/checkpatch: remove SPDX warning by @willfindlay in https://github.com/cilium/tetragon/pull/258
- tetragon: libbpf removal by @olsajiri in https://github.com/cilium/tetragon/pull/199
- Implement pod label filter by @michi-covalent in https://github.com/cilium/tetragon/pull/254
- eventchecker: add support for checking map[string]string by @willfindlay in https://github.com/cilium/tetragon/pull/260
- chore: fix vendor target and run make vendor by @willfindlay in https://github.com/cilium/tetragon/pull/263
- exec: fix cache for pod info by @willfindlay in https://github.com/cilium/tetragon/pull/264
- pkg:sensors: simplify GetRunningProcs() when we read running processes by @tixxdz in https://github.com/cilium/tetragon/pull/233
- bpf: replace arch-specific pt_regs assumptions with bpf co-re macros by @Forsworns in https://github.com/cilium/tetragon/pull/209
- tests: introduce end-to-end test framework by @willfindlay in https://github.com/cilium/tetragon/pull/226
- tests/e2e: add an end-to-end tests for pod labels by @willfindlay in https://github.com/cilium/tetragon/pull/265
- tests/e2e: only install cilium if it is missing by @willfindlay in https://github.com/cilium/tetragon/pull/269
- Create temp directories for all tests in kprobes by @tpapagian in https://github.com/cilium/tetragon/pull/255
- tests/kprobe: remove unused const by @willfindlay in https://github.com/cilium/tetragon/pull/271
- filters: implement pod regex filter + misc fixes by @willfindlay in https://github.com/cilium/tetragon/pull/270
- Fix for verifier issue in 5.4 with clang-13 by @tpapagian in https://github.com/cilium/tetragon/pull/221
- tetragon: unify eventcache and execcache by @willfindlay in https://github.com/cilium/tetragon/pull/266
- tetragon: Add -cpuprofile option by @olsajiri in https://github.com/cilium/tetragon/pull/267
- tetragon: Rename entry point of retkprobe function by @olsajiri in https://github.com/cilium/tetragon/pull/268
- tests: use
T.TempDirto create temporary test directory by @Juneezee in https://github.com/cilium/tetragon/pull/272 - add support for bpf_attr type by @jrfastab in https://github.com/cilium/tetragon/pull/275
- Add tests for pkg/grpc/exec by @tpapagian in https://github.com/cilium/tetragon/pull/218
- Remove 'packed' attribute where possible by @kevsecurity in https://github.com/cilium/tetragon/pull/279
- Make relax_verifier() into one instruction by @kevsecurity in https://github.com/cilium/tetragon/pull/280
- tetragon: Update eventcache on New() call and cleanup old state by @jrfastab in https://github.com/cilium/tetragon/pull/282
- e2e-framework: fix panic and bump event limit on demo app test by @willfindlay in https://github.com/cilium/tetragon/pull/284
- Fix bugtool upload by @tpapagian in https://github.com/cilium/tetragon/pull/289
- refactor: eliminate variables by BPF_CORE_READ_INTO by @Forsworns in https://github.com/cilium/tetragon/pull/214
- make: add makefile targets to .PHONY targets by @tixxdz in https://github.com/cilium/tetragon/pull/294
- Add a unit test for missing exec event in the eventcache by @tpapagian in https://github.com/cilium/tetragon/pull/283
- metrics: add watcher metrics by @willfindlay in https://github.com/cilium/tetragon/pull/287
- contrib: introduce mapdups.sh by @willfindlay in https://github.com/cilium/tetragon/pull/290
- Cleanup path resolution code by @tpapagian in https://github.com/cilium/tetragon/pull/293
- Add unit-tests for clone events by @tpapagian in https://github.com/cilium/tetragon/pull/295
- eventcachemetrics: fix eventcache and add error metrics by @willfindlay in https://github.com/cilium/tetragon/pull/291
- Add test for tracing bpf_check by @sarahfujimori in https://github.com/cilium/tetragon/pull/281
- eventcache: remove event.internal nil check for exec events by @willfindlay in https://github.com/cilium/tetragon/pull/297
- build: use clang-13 to build bpf programs by @willfindlay in https://github.com/cilium/tetragon/pull/171
- Add unit-test for parent and child process refcounts by @tpapagian in https://github.com/cilium/tetragon/pull/298
- tetragon: Fix cache usage of logger by @jrfastab in https://github.com/cilium/tetragon/pull/300
- tetragon: Update development docs about tools by @olsajiri in https://github.com/cilium/tetragon/pull/302
- Add unit-tests for missing pod info events by @tpapagian in https://github.com/cilium/tetragon/pull/299
- use go 1.18 by @kkourt in https://github.com/cilium/tetragon/pull/301
- VM multi-kernel testing using little-vm-helper by @kkourt in https://github.com/cilium/tetragon/pull/256
- ci/vmtest: add concurrency groups by @willfindlay in https://github.com/cilium/tetragon/pull/308
- Dockerfille(s): use cilium-builder with go 1.18 by @kkourt in https://github.com/cilium/tetragon/pull/305
- chore: use proper sha256 values for go images by @kkourt in https://github.com/cilium/tetragon/pull/312
- tetragon: refactor eventCache retry logic by @jrfastab in https://github.com/cilium/tetragon/pull/310
- devel README.md: add podman instructions by @dmitris in https://github.com/cilium/tetragon/pull/306
- vmtests: increase groups to 5 by @kkourt in https://github.com/cilium/tetragon/pull/307
- add volume mounting ':Z' label by @dmitris in https://github.com/cilium/tetragon/pull/309
- Add more unit-tests with OOO events and missing pod info by @tpapagian in https://github.com/cilium/tetragon/pull/313
- ci/vmtest: disable fail-fast on test matrix by @willfindlay in https://github.com/cilium/tetragon/pull/316
- vmtests: address RCU stalls by @kkourt in https://github.com/cilium/tetragon/pull/317
- chore: fix capitalization TETRAGON -> Tetragon by @willfindlay in https://github.com/cilium/tetragon/pull/320
- vmtests fixes and improvements by @kkourt in https://github.com/cilium/tetragon/pull/323
- Make events with missing parents go through eventcache by @tpapagian in https://github.com/cilium/tetragon/pull/318
- tetragon: before parsing environment vars replace "-" with "_" by @tixxdz in https://github.com/cilium/tetragon/pull/319
- btf: improve logging around BTF files lookup by @tixxdz in https://github.com/cilium/tetragon/pull/314
- exec: log results of docker or container ID lookup during execve events by @tixxdz in https://github.com/cilium/tetragon/pull/321
- build(deps): bump docker/build-push-action from 3.0.0 to 3.1.1 by @dependabot in https://github.com/cilium/tetragon/pull/292
- api/codegen: code generate tetragon_ext types and helpers by @willfindlay in https://github.com/cilium/tetragon/pull/326
- tetragon: Add bpf program loader tests by @olsajiri in https://github.com/cilium/tetragon/pull/244
- tests/e2e: dump extra checker info by @willfindlay in https://github.com/cilium/tetragon/pull/315
- build(deps): bump github/codeql-action from 2.1.16 to 2.1.18 by @dependabot in https://github.com/cilium/tetragon/pull/327
- Dockerfile: incude tetragon version in the image by @kkourt in https://github.com/cilium/tetragon/pull/329
- tetragon: handling clone events and exec events more correctly by @jrfastab in https://github.com/cilium/tetragon/pull/325
- tetragon: Do not fail because of the empty map ids by @olsajiri in https://github.com/cilium/tetragon/pull/330
- tests/e2e: dump checker type along with event body by @willfindlay in https://github.com/cilium/tetragon/pull/333
- change Vagrant image to ubuntu/jammy64 by @dmitris in https://github.com/cilium/tetragon/pull/331
- tetra cli: add more filters and a timestamps flag by @willfindlay in https://github.com/cilium/tetragon/pull/336
- encoder: improve api to make it more generic by @willfindlay in https://github.com/cilium/tetragon/pull/337
- gitignore .vagrant directory by @dmitris in https://github.com/cilium/tetragon/pull/338
- Podman-friendly CONTAINER_ENGINE setting by @dmitris in https://github.com/cilium/tetragon/pull/341
- chore: move multiplexer into its own package by @willfindlay in https://github.com/cilium/tetragon/pull/335
- ci/codeql: change runner version by @willfindlay in https://github.com/cilium/tetragon/pull/346
- Add UnloadHook to Sensors by @kevsecurity in https://github.com/cilium/tetragon/pull/332
- color: make ProcessInfo public by @willfindlay in https://github.com/cilium/tetragon/pull/347
- tetragon: cgroup rework preparation by @tixxdz in https://github.com/cilium/tetragon/pull/343
- dependabot: Monitor Dockerfiles by @michi-covalent in https://github.com/cilium/tetragon/pull/351
- tetragon: Add memprofile option by @olsajiri in https://github.com/cilium/tetragon/pull/349
- remove time.After calls in for loops by @willfindlay in https://github.com/cilium/tetragon/pull/358
- tests/e2e: more debug info on dumps by @willfindlay in https://github.com/cilium/tetragon/pull/357
- Do not increase open file descriptors limit by @tpapagian in https://github.com/cilium/tetragon/pull/354
- trace perf event alloc by @sarahfujimori in https://github.com/cilium/tetragon/pull/350
- Re-enable copyfd test in vmtests by @tpapagian in https://github.com/cilium/tetragon/pull/355
- tetragon: Debug output fixes by @olsajiri in https://github.com/cilium/tetragon/pull/334
- chore: fix image-clang build issues by @willfindlay in https://github.com/cilium/tetragon/pull/363
- Remove pkg.grpc.exec from vmtests by @tpapagian in https://github.com/cilium/tetragon/pull/356
- tetragon: Allow retry logic for clone events by @olsajiri in https://github.com/cilium/tetragon/pull/362
- tetragon: execve map related fixes by @olsajiri in https://github.com/cilium/tetragon/pull/370
- tetragon: make gops address configurable by @willfindlay in https://github.com/cilium/tetragon/pull/371
- metrics: add missing process info error metric by @willfindlay in https://github.com/cilium/tetragon/pull/372
- Dockerfile.golangci-lint: remove hubble-libbpf use by @kkourt in https://github.com/cilium/tetragon/pull/366
- build(deps): bump library/alpine from 3.15.4 to 3.16.2 by @dependabot in https://github.com/cilium/tetragon/pull/373
- Remove hubble-libbpf repository by @michi-covalent in https://github.com/cilium/tetragon/pull/375
- tetragon: execve_map fixes by @olsajiri in https://github.com/cilium/tetragon/pull/377
- Cleanup in selectors/kernel.go by @tpapagian in https://github.com/cilium/tetragon/pull/379
- tests/e2e: dump gops information at the end of failed tests by @willfindlay in https://github.com/cilium/tetragon/pull/380
- build(deps): bump golangci/golangci-lint from v1.45.2 to v1.49.0 by @dependabot in https://github.com/cilium/tetragon/pull/376
- Add Exec Test For Docker/Container ID by @kevsecurity in https://github.com/cilium/tetragon/pull/387
- tests/e2e: improvements to testing workflow by @willfindlay in https://github.com/cilium/tetragon/pull/385
- tests: remove deprecated verbosity-level and add trace flag by @willfindlay in https://github.com/cilium/tetragon/pull/388
- Push to tetragon-ci:latest on push to main by @michi-covalent in https://github.com/cilium/tetragon/pull/386
- build-images-ci: Remove comments from tags section by @michi-covalent in https://github.com/cilium/tetragon/pull/389
- tetragon: Switch to BTF defined maps by @olsajiri in https://github.com/cilium/tetragon/pull/367
- cgroups: select which cgroup hierarchy and subsystem state to use by @tixxdz in https://github.com/cilium/tetragon/pull/369
- sensor cleanups by @kkourt in https://github.com/cilium/tetragon/pull/381
- tetragon: Update cilium/ebpf to 0.9.1 version by @olsajiri in https://github.com/cilium/tetragon/pull/392
- tetragon: Revert "observer_test_helper: do not pass the base sensor" by @jrfastab in https://github.com/cilium/tetragon/pull/400
- docs: add pure container and docker deployment steps by @tixxdz in https://github.com/cilium/tetragon/pull/384
- refactor: move from io/ioutil to io and os packages by @Juneezee in https://github.com/cilium/tetragon/pull/402
- sandbox: add crds to sandbox unprivileged user namespace by @tixxdz in https://github.com/cilium/tetragon/pull/399
- logging: slight improvement to observer logging by @willfindlay in https://github.com/cilium/tetragon/pull/407
- tests:cgroups: tests for cgroups package by @tixxdz in https://github.com/cilium/tetragon/pull/401
- Make pfilter.h more generic by @tpapagian in https://github.com/cilium/tetragon/pull/403
- testutils: fix export file when test name contains path separator by @willfindlay in https://github.com/cilium/tetragon/pull/412
- filters: fix event type filters by @willfindlay in https://github.com/cilium/tetragon/pull/404
- build(deps): bump docker/build-push-action from 3.0.0 to 3.1.1 by @dependabot in https://github.com/cilium/tetragon/pull/340
- sensor pinning fixes (and misc updates) by @kkourt in https://github.com/cilium/tetragon/pull/409
- Add a function to load (but not attach) an eBPF program by @tpapagian in https://github.com/cilium/tetragon/pull/405
- ci/dependabot: add release blocker label on dependabot PRs by @willfindlay in https://github.com/cilium/tetragon/pull/390
- tests/e2e: move cilium-e2e packages into Tetragon by @willfindlay in https://github.com/cilium/tetragon/pull/361
- tetragon: Remove wrong error message by @olsajiri in https://github.com/cilium/tetragon/pull/416
New Contributors
- @dmitris made their first contribution in https://github.com/cilium/tetragon/pull/28
- @ekoops made their first contribution in https://github.com/cilium/tetragon/pull/32
- @tixxdz made their first contribution in https://github.com/cilium/tetragon/pull/29
- @MarwanNour made their first contribution in https://github.com/cilium/tetragon/pull/38
- @dgkncelik made their first contribution in https://github.com/cilium/tetragon/pull/48
- @tklauser made their first contribution in https://github.com/cilium/tetragon/pull/49
- @chancez made their first contribution in https://github.com/cilium/tetragon/pull/50
- @raphink made their first contribution in https://github.com/cilium/tetragon/pull/58
- @leewalter made their first contribution in https://github.com/cilium/tetragon/pull/54
- @tnorlin made their first contribution in https://github.com/cilium/tetragon/pull/52
- @tgraf made their first contribution in https://github.com/cilium/tetragon/pull/62
- @kevsecurity made their first contribution in https://github.com/cilium/tetragon/pull/60
- @dependabot made their first contribution in https://github.com/cilium/tetragon/pull/70
- @jrfastab made their first contribution in https://github.com/cilium/tetragon/pull/88
- @Furisto made their first contribution in https://github.com/cilium/tetragon/pull/99
- @olsajiri made their first contribution in https://github.com/cilium/tetragon/pull/100
- @rafaribe made their first contribution in https://github.com/cilium/tetragon/pull/101
- @rolinh made their first contribution in https://github.com/cilium/tetragon/pull/111
- @Taction made their first contribution in https://github.com/cilium/tetragon/pull/125
- @mrtc0 made their first contribution in https://github.com/cilium/tetragon/pull/121
- @dnsmichi made their first contribution in https://github.com/cilium/tetragon/pull/163
- @ChaosInTheCRD made their first contribution in https://github.com/cilium/tetragon/pull/196
- @Forsworns made their first contribution in https://github.com/cilium/tetragon/pull/200
- @mtardy made their first contribution in https://github.com/cilium/tetragon/pull/228
- @michaelhyatt made their first contribution in https://github.com/cilium/tetragon/pull/155
- @Juneezee made their first contribution in https://github.com/cilium/tetragon/pull/272
- @sarahfujimori made their first contribution in https://github.com/cilium/tetragon/pull/281
Full Changelog: https://github.com/cilium/tetragon/compare/v0.8.0...v0.8.1
tetragon
- Tetragon v0.8.0
Published by jrfastab over 2 years ago
Cilium developers are happy to contribute Tetragon, Cilium's new component
enabling powerful, eBPF-based Security Observability and Runtime
Enforcement.
Tetragon detects and is able to respond in real time to security-significant
events, such as
* Process execution events
* Changes to privileges and capabilities
* I/O activity including network & file access
When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that
is, it understands Kubernetes identities such as namespaces, pods and
so-on - so that security event detection can be configured in relation
to individual workloads.
For more details and examples please see README.
tetragon
- Tetragon CLI
Published by michi-covalent over 2 years ago
Package Rankings
Top 2.05% on Proxy.golang.org
Top 7.08% on Alpine-edge
Top 26.58% on Formulae.brew.sh
Badges
Extracted from project README
