Makefile.tracee: to have official 3 container flavors

This change makes it possible to have 3 containers generated: 1. tracee # uses CO-RE by default 2. tracee-btfhub # uses CO-RE by default and has embedded BTFs 3. tracee-nocore # does not use CO-RE eBPF object (builds it) The "tracee" container is the "slim" version and "tracee-nocore" is the fat version of tracee (sort of speak). If you want to execute "tracee-ebpf" instead of full tracee, those 3 flavors allow you to do so by exporting: TRACEE_EBPF_ONLY=1 environment variable to docker. With that, the entrypoint will be changed automatically to execute "tracee-ebpf" instead of "tracee".
YuviGold · Jan 17, 2022 · c40129b · c40129b
1 parent 6a9ca8b
commit c40129b
Showing 1 changed file with 29 additions and 1 deletion.
diff --git a/builder/Makefile.tracee b/builder/Makefile.tracee
@@ -40,6 +40,7 @@ help:
 	@echo "To execute tracee container(s):"
 	@echo ""
 	@echo "    $$ make -f builder/Makefile.tracee run-alpine-tracee-core"
+	@echo "    $$ make -f builder/Makefile.tracee run-alpine-tracee-core-btfhub"
 	@echo "    $$ make -f builder/Makefile.tracee run-alpine-tracee-nocore"
 	@echo ""
 	@echo "To execute tracee-ebpf container(s):"
@@ -92,14 +93,17 @@ build-alpine-tracee-core: \
 		--build-arg=FLAVOR=tracee-core \
 		.
 
+ALPINE_TRACEE_CORE_BTFHUB_CONTNAME = tracee-btfhub
+ALPINE_TRACEE_CORE_DOCKERFILE = builder/Dockerfile.alpine-tracee
+
 .PHONY: build-alpine-tracee-core-btfhub
 build-alpine-tracee-core-btfhub: \
 	| .check_$(CMD_DOCKER) \
 	.check_tree
 #
 	$(CMD_DOCKER) build \
 		-f $(ALPINE_TRACEE_CORE_DOCKERFILE) \
-		-t $(ALPINE_TRACEE_CORE_CONTNAME):latest \
+		-t $(ALPINE_TRACEE_CORE_BTFHUB_CONTNAME):latest \
 		--build-arg=BTFHUB=1 \
 		--build-arg=FLAVOR=tracee-core \
 		.
@@ -135,6 +139,18 @@ run-alpine-tracee-core: \
 		--rm -it $(ALPINE_TRACEE_CORE_CONTNAME) \
 		$(ARG)
 
+.PHONY: run-alpine-tracee-core-btfhub
+run-alpine-tracee-core-btfhub: \
+	| .check_$(CMD_DOCKER) \
+	.check_tree
+#
+	$(CMD_DOCKER) run --privileged --pid=host \
+		-v /etc/os-release:/etc/os-release-host:ro \
+		-e LIBBPFGO_OSRELEASE_FILE=/etc/os-release-host \
+		-e TRACEE_EBPF_ONLY=0 \
+		--rm -it $(ALPINE_TRACEE_CORE_BTFHUB_CONTNAME) \
+		$(ARG)
+
 .PHONY: run-alpine-tracee-nocore
 run-alpine-tracee-nocore: \
 	| .check_$(CMD_DOCKER) \
@@ -166,6 +182,18 @@ run-alpine-tracee-ebpf-core: \
 		--rm -it $(ALPINE_TRACEE_CORE_CONTNAME) \
 		$(ARG)
 
+.PHONY: run-alpine-tracee-ebpf-core-btfhub
+run-alpine-tracee-ebpf-core-btfhub: \
+	| .check_$(CMD_DOCKER) \
+	.check_tree
+#
+	$(CMD_DOCKER) run --privileged --pid=host \
+		-v /etc/os-release:/etc/os-release-host:ro \
+		-e LIBBPFGO_OSRELEASE_FILE=/etc/os-release-host \
+		-e TRACEE_EBPF_ONLY=1 \
+		--rm -it $(ALPINE_TRACEE_CORE_BTFHUB_CONTNAME) \
+		$(ARG)
+
 .PHONY: run-alpine-tracee-ebpf-nocore
 run-alpine-tracee-ebpf-nocore: \
 	| .check_$(CMD_DOCKER) \