From 451f94b046b3c5c2f10ac76fc681f9e0689d3881 Mon Sep 17 00:00:00 2001 From: Iacopo Rozzo Date: Thu, 16 Oct 2025 18:49:51 +0200 Subject: [PATCH] chore(k8smeta): simplify cmake scripts and use VCPKG for dependencies Simplify the cmake scripts by using `find_package` and VCPKG. Also generate the gRPC files using `protobuf_generate` instead of using a custom command. Signed-off-by: Iacopo Rozzo --- .github/actions/install-vcpkg/action.yml | 42 ++++++++++++ .github/workflows/k8smeta-ci.yaml | 23 ++++--- .../workflows/reusable_build_packages.yaml | 8 ++- .gitignore | 1 + plugins/k8smeta/CMakeLists.txt | 64 +++++++++++-------- plugins/k8smeta/CMakePresets.json | 25 ++++++++ plugins/k8smeta/Makefile | 3 +- plugins/k8smeta/README.md | 18 +++++- plugins/k8smeta/cmake/modules/grpc.cmake | 35 ---------- plugins/k8smeta/cmake/modules/spdlog.cmake | 11 ---- plugins/k8smeta/vcpkg.json | 16 +++++ 11 files changed, 160 insertions(+), 86 deletions(-) create mode 100644 .github/actions/install-vcpkg/action.yml create mode 100644 plugins/k8smeta/CMakePresets.json delete mode 100644 plugins/k8smeta/cmake/modules/grpc.cmake delete mode 100644 plugins/k8smeta/cmake/modules/spdlog.cmake create mode 100644 plugins/k8smeta/vcpkg.json diff --git a/.github/actions/install-vcpkg/action.yml b/.github/actions/install-vcpkg/action.yml new file mode 100644 index 000000000..e3d080c0b --- /dev/null +++ b/.github/actions/install-vcpkg/action.yml @@ -0,0 +1,42 @@ +name: 'install-vcpkg' +description: 'Install vcpkg and make it available in PATH.' + +outputs: + vcpkg_root: + description: "VCPKG_ROOT" + value: ${{ steps.vcpkg.outputs.vcpkg_root }} + +runs: + using: "composite" + steps: + - name: Store vcpkg version as local output + shell: bash + id: store + env: + VCPKG_VERSION: '2025.09.17' + run: | + echo "vcpkg_version=${VCPKG_VERSION}" >> "$GITHUB_OUTPUT" + + - name: Download vcpkg + shell: bash + run: | + git clone https://github.com/microsoft/vcpkg.git --branch ${{ steps.store.outputs.vcpkg_version }} --single-branch + + - name: Setup vcpkg + shell: bash + id: vcpkg + run: | + # Note, this is a workaround to avoid building debug versions that are not used in the build process + # TODO: Find a cleaner way to do this + find "$(pwd)/vcpkg/triplets/" -name "*.cmake" -type f -exec sh -c "echo \"set(VCPKG_BUILD_TYPE release)\" >> {}" \; + VCPKG_MAX_CONCURRENCY=6 ./vcpkg/bootstrap-vcpkg.sh + echo "$(pwd)/vcpkg" >> $GITHUB_PATH + echo "VCPKG_ROOT=$(pwd)/vcpkg" >> $GITHUB_ENV + # Set the maximum concurrency to 6 to avoid overwhelming the CI system + echo "VCPKG_MAX_CONCURRENCY=6" >> $GITHUB_ENV + + - name: Set Outputs + id: store-outputs + shell: bash + run: | + echo "vcpkg_root=${VCPKG_ROOT}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/k8smeta-ci.yaml b/.github/workflows/k8smeta-ci.yaml index f530532b9..adcff03f2 100644 --- a/.github/workflows/k8smeta-ci.yaml +++ b/.github/workflows/k8smeta-ci.yaml @@ -34,7 +34,13 @@ jobs: - name: Install deps ⛓️ run: | sudo apt update -y - sudo apt install -y --no-install-recommends cmake build-essential autoconf libtool pkg-config + sudo apt install -y --no-install-recommends cmake build-essential autoconf libtool pkg-config zip unzip tar git wget + + - name: Install vcpkg 📦 + uses: ./.github/actions/install-vcpkg + with: + # Using a specific commit to avoid unexpected issues + vcpkg_version: 2025.09.17 - name: Initialize CodeQL uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 @@ -44,20 +50,19 @@ jobs: - name: Build k8s meta plugin 🏗️ run: | cd plugins/k8smeta - mkdir build - cd build && cmake -DCMAKE_BUILD_TYPE=Release ../ - make k8smeta -j6 + cmake --preset vcpkg-release + cmake --build --preset vcpkg-release --target k8smeta -j$(nproc) - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 - name: Build and run tests 🏎️ run: | - cd plugins/k8smeta/build - make build-server - make build-tests - make run-server & - make run-tests + cd plugins/k8smeta + cmake --build --preset vcpkg-release --target build-server -j$(nproc) + cmake --build --preset vcpkg-release --target build-tests -j$(nproc) + cmake --build --preset vcpkg-release --target run-server & + cmake --build --preset vcpkg-release --target run-tests formatting-check: runs-on: ubuntu-22.04 diff --git a/.github/workflows/reusable_build_packages.yaml b/.github/workflows/reusable_build_packages.yaml index 641ee23f5..a8f6c2835 100644 --- a/.github/workflows/reusable_build_packages.yaml +++ b/.github/workflows/reusable_build_packages.yaml @@ -26,7 +26,7 @@ jobs: run: | apt update apt install -y --no-install-recommends awscli build-essential autoconf libelf-dev libtool autotools-dev \ - automake zip unzip ninja-build wget lsb-release software-properties-common gnupg + automake zip unzip tar git ninja-build wget lsb-release software-properties-common gnupg - name: Install updated clang version ⛓️ run: | @@ -61,6 +61,12 @@ jobs: fetch-depth: 0 submodules: "recursive" + - name: Install vcpkg 📦 + uses: ./.github/actions/install-vcpkg + with: + # Using a specific commit to avoid unexpected issues + vcpkg_version: 2025.09.17 + - name: Safe directory run: git config --global --add safe.directory $GITHUB_WORKSPACE diff --git a/.gitignore b/.gitignore index a34b27c09..237ba4e36 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ .vscode .DS_Store .idea +.cache output/ plugins/*/*.so plugins/*/lib*.h diff --git a/plugins/k8smeta/CMakeLists.txt b/plugins/k8smeta/CMakeLists.txt index 8c9440ac2..b873f26df 100644 --- a/plugins/k8smeta/CMakeLists.txt +++ b/plugins/k8smeta/CMakeLists.txt @@ -13,39 +13,49 @@ project( # dependencies include(FetchContent) -include(grpc) -include(spdlog) include(plugin-sdk-cpp) include(k8s-metacollector) -set(PROTO_PATH "${K8S_METACOLLECTOR_DIR}/metadata/metadata.proto") +find_package(protobuf CONFIG REQUIRED) +find_package(gRPC REQUIRED) +find_package(spdlog REQUIRED) +set(PROTO_PATH "${K8S_METACOLLECTOR_DIR}/metadata/metadata.proto") get_filename_component(meta_proto "${PROTO_PATH}" ABSOLUTE) get_filename_component(meta_proto_path "${meta_proto}" PATH) -# Generated sources -set(PROTO_GENERATED_INCLUDE "${CMAKE_BINARY_DIR}/generated") -if(NOT EXISTS "${PROTO_GENERATED_INCLUDE}") - file(MAKE_DIRECTORY "${PROTO_GENERATED_INCLUDE}") -endif() +set(PROTO_OUTPUT_DIR "${CMAKE_BINARY_DIR}/generated") -set(meta_proto_srcs "${PROTO_GENERATED_INCLUDE}/metadata.pb.cc") -set(meta_proto_hdrs "${PROTO_GENERATED_INCLUDE}/metadata.pb.h") -set(meta_grpc_srcs "${PROTO_GENERATED_INCLUDE}/metadata.grpc.pb.cc") -set(meta_grpc_hdrs "${PROTO_GENERATED_INCLUDE}/metadata.grpc.pb.h") -add_custom_command( - OUTPUT "${meta_proto_srcs}" "${meta_proto_hdrs}" "${meta_grpc_srcs}" - "${meta_grpc_hdrs}" - COMMAND - ${_PROTOBUF_PROTOC} ARGS --grpc_out "${PROTO_GENERATED_INCLUDE}" --cpp_out - "${PROTO_GENERATED_INCLUDE}" -I "${meta_proto_path}" - --plugin=protoc-gen-grpc="${_GRPC_CPP_PLUGIN_EXECUTABLE}" "${meta_proto}" - DEPENDS "${meta_proto}") +# generate the protobuf output directory +file(MAKE_DIRECTORY "${PROTO_OUTPUT_DIR}") +message(STATUS "Protobuf files will be generated in: ${PROTO_OUTPUT_DIR}") # project target -file(GLOB_RECURSE K8S_SOURCES "${CMAKE_CURRENT_SOURCE_DIR}/src/*.cpp") -add_library(k8smeta SHARED ${K8S_SOURCES} ${meta_grpc_srcs} ${meta_grpc_hdrs} - ${meta_proto_srcs} ${meta_proto_hdrs}) +add_library(k8smeta SHARED + src/plugin.cpp + src/grpc_client.cpp +) + +# Set the output directory for protobuf generation +set_target_properties(k8smeta PROPERTIES + PROTOC_OUT_DIR "${PROTO_OUTPUT_DIR}") + +# Generate protobuf files +protobuf_generate( + TARGET k8smeta + PROTOS "${meta_proto}" + IMPORT_DIRS "${meta_proto_path}" + PROTOC_OUT_DIR "${PROTO_OUTPUT_DIR}") + +# Generate gRPC files +protobuf_generate( + TARGET k8smeta + LANGUAGE grpc + GENERATE_EXTENSIONS .grpc.pb.h .grpc.pb.cc + PLUGIN "protoc-gen-grpc=$" + PROTOS "${meta_proto}" + IMPORT_DIRS "${meta_proto_path}" + PROTOC_OUT_DIR "${PROTO_OUTPUT_DIR}") set_target_properties(k8smeta PROPERTIES CXX_EXTENSIONS OFF) # project compilation options @@ -59,12 +69,12 @@ target_compile_features(k8smeta PUBLIC cxx_std_17) # project includes target_include_directories( - k8smeta PRIVATE "${PLUGIN_SDK_INLCUDE}" "${PROTO_GENERATED_INCLUDE}" - "${SPDLOG_INLCUDE}") + k8smeta PRIVATE "${PLUGIN_SDK_INLCUDE}" "${PROTO_OUTPUT_DIR}") # project linked libraries -target_link_libraries(k8smeta ${_REFLECTION} ${_GRPC_GRPCPP} - ${_PROTOBUF_LIBPROTOBUF} re2::re2) +target_link_libraries(k8smeta + spdlog::spdlog + gRPC::grpc++) # Testing if(BUILD_TESTS) diff --git a/plugins/k8smeta/CMakePresets.json b/plugins/k8smeta/CMakePresets.json new file mode 100644 index 000000000..e2ff2cd3e --- /dev/null +++ b/plugins/k8smeta/CMakePresets.json @@ -0,0 +1,25 @@ +{ + "version": 3, + "configurePresets": [ + { + "name": "vcpkg-release", + "displayName": "VCPKG Release Configuration", + "description": "VCPKG release build configuration", + "generator": "Unix Makefiles", + "binaryDir": "${sourceDir}/build", + "cacheVariables": { + "CMAKE_BUILD_TYPE": "Release", + "CMAKE_EXPORT_COMPILE_COMMANDS": "ON", + "CMAKE_TOOLCHAIN_FILE": "$env{VCPKG_ROOT}/scripts/buildsystems/vcpkg.cmake" + } + } + ], + "buildPresets": [ + { + "name": "vcpkg-release", + "configurePreset": "vcpkg-release", + "displayName": "VCPKG Release Build", + "description": "Build with VCPKG release configuration" + } + ] +} diff --git a/plugins/k8smeta/Makefile b/plugins/k8smeta/Makefile index e0668883f..c4e389a36 100644 --- a/plugins/k8smeta/Makefile +++ b/plugins/k8smeta/Makefile @@ -22,8 +22,9 @@ clean: rm -rf build $(OUTPUT) # This Makefile requies CMake installed on the system +.PHONY: $(OUTPUT) $(OUTPUT): - mkdir build && cd build && cmake -DCMAKE_BUILD_TYPE=Release ../ && make k8smeta -j6 && cp ./$(OUTPUT) ../$(OUTPUT) + cmake --preset vcpkg-release && cmake --build --preset vcpkg-release --target k8smeta -j$(nproc) && cp ./build/$(OUTPUT) ./$(OUTPUT) readme: @$(READMETOOL) -p ./$(OUTPUT) -f README.md diff --git a/plugins/k8smeta/README.md b/plugins/k8smeta/README.md index e55378a1f..d22b67594 100644 --- a/plugins/k8smeta/README.md +++ b/plugins/k8smeta/README.md @@ -116,16 +116,30 @@ falco -c falco.yaml -r falco_rules.yaml ## Local development +### Prerequisites + +#### Dependency management + +The easiest way to install the required dependencies is to use [vcpkg](https://learn.microsoft.com/en-us/vcpkg/get_started/get-started?pivots=shell-bash). + +```bash +git clone https://github.com/microsoft/vcpkg.git +cd vcpkg +./bootstrap-vcpkg.sh +export VCPKG_ROOT="$(pwd)" +export PATH=$VCPKG_ROOT:$PATH +``` + ### Build and test -Build the plugin on a fresh `Ubuntu 22.04` machine: +Build the plugin on a `Ubuntu 22.04` machine: ```bash sudo apt update -y sudo apt install -y cmake build-essential autoconf libtool pkg-config git clone https://github.com/falcosecurity/plugins.git cd plugins/k8smeta -cmake -S . -B build +cmake -S . -B build --preset vcpkg-release cmake --build build --target k8smeta -j $(nproc) ``` diff --git a/plugins/k8smeta/cmake/modules/grpc.cmake b/plugins/k8smeta/cmake/modules/grpc.cmake deleted file mode 100644 index c94dd56f1..000000000 --- a/plugins/k8smeta/cmake/modules/grpc.cmake +++ /dev/null @@ -1,35 +0,0 @@ -# This cmake module is adapted from the grpc repo: -# `examples/cpp/cmake/common.cmake` - -message(STATUS "Fetching grpc at 'https://github.com/grpc/grpc'") - -find_package(Threads REQUIRED) - -# See: -# https://github.com/protocolbuffers/protobuf/issues/12185#issuecomment-1594685860 -set(ABSL_ENABLE_INSTALL ON) - -# To solve: -# -# CMake Warning at build/_deps/grpc-src/third_party/abseil-cpp/CMakeLists.txt:77 -# (message): A future Abseil release will default ABSL_PROPAGATE_CXX_STD to ON -# for CMake 3.8 and up. We recommend enabling this option to ensure your -# project still builds correctly -set(ABSL_PROPAGATE_CXX_STD ON) - -FetchContent_Declare( - gRPC - GIT_REPOSITORY https://github.com/grpc/grpc - GIT_TAG v1.44.0 - GIT_PROGRESS TRUE) - -set(FETCHCONTENT_QUIET OFF) -FetchContent_MakeAvailable(gRPC) - -set(_PROTOBUF_LIBPROTOBUF libprotobuf) -set(_REFLECTION grpc++_reflection) -set(_PROTOBUF_PROTOC $) -set(_GRPC_GRPCPP grpc++) -set(_GRPC_CPP_PLUGIN_EXECUTABLE $) - -message(STATUS "Using grpc at '${gRPC_SOURCE_DIR}'") diff --git a/plugins/k8smeta/cmake/modules/spdlog.cmake b/plugins/k8smeta/cmake/modules/spdlog.cmake deleted file mode 100644 index 941f05618..000000000 --- a/plugins/k8smeta/cmake/modules/spdlog.cmake +++ /dev/null @@ -1,11 +0,0 @@ -message(STATUS "Fetching spdlog at at 'https://github.com/gabime/spdlog'") - -# Header only library -FetchContent_Declare( - spdlog - GIT_REPOSITORY "https://github.com/gabime/spdlog.git" - GIT_TAG v1.12.0) - -FetchContent_MakeAvailable(spdlog) -set(SPDLOG_INLCUDE "${spdlog_SOURCE_DIR}/include") -message(STATUS "Using spdlog include at '${SPDLOG_INLCUDE}'") diff --git a/plugins/k8smeta/vcpkg.json b/plugins/k8smeta/vcpkg.json new file mode 100644 index 000000000..ddc8b13f1 --- /dev/null +++ b/plugins/k8smeta/vcpkg.json @@ -0,0 +1,16 @@ +{ + "name": "k8smeta", + "version": "0.1.0", + "description": "Falco Kubernetes enrichment Plugin", + "dependencies": [ + { + "name": "grpc", + "version>=": "1.44.0" + }, + { + "name": "spdlog", + "version>=": "1.12.0" + } + ], + "builtin-baseline": "4334d8b4c8916018600212ab4dd4bbdc343065d1" +}