Release highlights and discussion
Changelog
521b52b add build in docker to tracee-rules
24daa0e small typo fixed
8db13ca Fix minimum requirements link
d606972 fix: add check for empty bytes being written by file write channel fileWrChannel (#696)
2317a86 fix: trace-ebpf flag output (#632)
feb1677 feat: add testing envrionment matrix that includes self hosted runner (#692)
c3da07d Merge pull request #688 from grantseltzer/upgrade-libbpfgo-fix
e25ba71 Merge pull request #687 from yanivagman/fix_build
71d4c83 Fix build with libbpfgo
510aae7 integrate and document gotemplate
7b3c71b Merge pull request #682 from krol3/issue-681-dockerignore
ff03f7b Merge pull request #649 from eyakubovich/fix-chan-map-race
5052cb8 Merge pull request #678 from grantseltzer/upgrade-libbpf-v0.3
f37f3d3 feat: docker ignore for tracee
29b216c Merge pull request #672 from yanivagman/fix_type_mismatch
8d26642 Merge pull request #679 from yanivagman/fix_docs_link
4ef3eba fix documentation link in readme
96bdca8 improve docs
f11eced fix error handling
103ddbd tracee-ebpf: Fix type mismatch of event arguments
d1a0c00 fix: update libbpfgo go module to fix build for tracee-ebpf
c67295f fix: upgrade libbpfgo dependency to latest
3970f7f fix: upgrade libbpf dependency to v0.3 release
095336c Merge pull request #656 from eyakubovich/add-map-setters
7ace63b Add Resize() and GetMaxEntries() to BPFMap
7862e0e Merge pull request #645 from grantseltzer/feature-check-package
4f5af96 fix json output template
5c76627 add a quick video intro (#660)
2d62a69 fix: add some tests, fix error string
69b576e Merge pull request #657 from aquasecurity/docs-small-fixes
23597a0 Fix eventsChannels race
1092871 fix: broken links
8482773 fix: match document headers with navigation links
56ede7f fix: clarify local rules directory, add libbpf to dependencies
f68cea7 fix: move architecture diagram and images into docs directory, update usage accordingly
2e288fd fix: small typos and table formatting
50a6940 refactor: Remove falcosidekick specific code and reuse templating (#653)
e868978 feat: Add high level overview to Readme (#650)
6acdf8c feat: add constants to use for kernel configuration options
996cbd2 revamp documentation
7ce5943 feat: add tests for proc gz config
cf01331 fix: libbpfgo module files
6474790 Merge pull request #638 from eyakubovich/fix-perf-buffer-stop
5e8cd40 feat: add functions to helper package for checking the kernel config options
ba273ac types.Finding interface update (#646)
e1263ed fix mkdocs generation (#644)
96a39dc Use Go templates for stdout (#630)
77cf435 Fix PerfBuffer shutdown
8b8045b add mkdocs documentation (#633)
42edaaf Group of small fixes (#643)
97d27e0 Merge pull request #629 from jan0ski/main
7bac7f5 feat: Add support for wildcard event suffixes
f8df7da Merge pull request #625 from krol3/labels-docker
d0d2670 fix relative link to quickstart-with-docker (#635)
1a31966 Merge pull request #631 from grantseltzer/use-helpers-package-in-tracee-ebpf
443994b Merge pull request #603 from grantseltzer/selftest-actions
5f4ab2d remove falcosidekick from container
656da9c Remove old helper functions from tracee-ebpf and update usage to new helpers package
25bfb2d fix: update imported gomodules so libbpfgo includes the newly added helper package
f66f7be Merge pull request #493 from mtcherni95/tracee-issue-485
8934c28 fix: copy argument parsing functions from traee-ebpf into libbpfgo
9753401 fix: move and document the signature helpers (#601)
284bb15 Add basic integration test framework (#606)
2e0edb2 Fix "make clean"
7492580 Adding labels Docker
ec34648 feat: Print loaded rules info at runtime
518d407 fix tracee-ebpf dockerfile for go 1.16
b995873 Merge pull request #620 from eyakubovich/fix-ringbuf-stop
09b2b47 Fix RingBuffer shutdown
1fd89c3 Merge pull request #616 from icarus-sparry/better_help
2aa71c7 Better help message for missing libbpf
cb4589f feat: add libbpfgo selftests to github actions
436c11d Merge pull request #598 from grantseltzer/improve-selftest
559ff36 improve readme with triggering a sig
f1f3c72 Remove debugfs mount
c22f59c feat: Use //go:embed to bundle artifacts (#596)
6b6a8d6 Adding version string to --list output (#602)
a6ceb2e feat: Add signature versioning (#597)
6486492 add tests for entrypoint
9c6d248 Webhook message formatting using go templates (#582)
8ab0254 fix: self test for ringbuffer should verify the integrity of the data sent from kernel space
228c6d3 tracee-ebpf: add magic_write event
0c581d0 tracee-ebpf: move capture write filter to tail
cc2a749 tracee-ebpf: add bytes argument type
9a25d02 Merge pull request #591 from grantseltzer/blocking-stop-channel-write
5ba8472 feat: Bump up to go1.16 (#589)
8d3c3d5 Merge pull request #483 from aquasecurity/gs/ringbuf-libbpfgo
809794b tracee-ebpf: remove validator workarounds
828f39e tracee-ebpf: fix docker builder (#587)
6eb7608 fix: rb.stopped should be set in the Stop method
42839aa feat: add support for ringbuffers in libbpfgo
d286732 feat: Add OPA tests to Github Actions (#535)
5dc1352 feat: Better formatted output for detected events. (#573)
28fbc66 feat: Add IDs to Signature Metadata. (#567)
05b0d91 tracee-ebpf: Fix readme for docker quickstart (#568)
097ce27 Added information how to run Tracee on Docker Mac
59312a1 tracee-ebpf: update minimal kernel version to 4.18
Docker images
docker pull docker.io/aquasec/tracee:latestdocker pull docker.io/aquasec/tracee:0.5.1docker pull docker.io/aquasec/tracee:slimdocker pull docker.io/aquasec/tracee:slim-0.5.1