Skip to content

Requesting support for falco artifacts

Hey, I was trying to put the Falco rules and plugins into the GitLab's container-registry however I released that the registry does not support the type.

Here outputs:

Error: PUT https://registry.gitlab.com/v2/x/falcosecurity/rules/k8saudit-rules/manifests/1: MANIFEST_INVALID: manifest invalid; unknown media type: application/vnd.cncf.falco.rulesfile.config.v1+json
Error: PUT https://registry.gitlab.com/v2/x/falcosecurity/plugins/k8saudit/manifests/sha256:b29c97a6590486f8b3b83644677e11d2f68e201a7035699189653d7f571d7e13: MANIFEST_INVALID: manifest invalid; unknown media type: application/vnd.cncf.falco.plugin.config.v1+json

This is how you can reproduce it. Falcoctl installation: https://github.com/falcosecurity/falcoctl

$ falcoctl registry pull ghcr.io/falcosecurity/rules/falco-rules:1 --platform linux/amd64 --dest-dir=./
 INFO  Preparing to pull artifact "ghcr.io/falcosecurity/rules/falco-rules:1"
 INFO  Pulling artifact in "./" directory
 INFO  Pulling 0ebd09df278e: ############################################# 100%
 INFO  Pulling 2348d43196bb: ############################################# 100%
 INFO  Pulling 7c5a9073b37f: ############################################# 100%
 INFO  Artifact of type "rulesfile" pulled. Digest: "sha256:7c5a9073b37fa49d04f8acb1942d2a35c78d050865c5270575335b259eb74735"
$ falcoctl registry push --type rulesfile --version "1" registry.gitlab.com/x/falcosecurity/rules/falco-rules:1 falco_rules.yaml.tar.gz --platform linux/amd64
 INFO  Preparing to push artifact "registry.gitlab.com/x/falcosecurity/rules/falco-rules:1" of type "rulesfile"
 INFO  Pushing a2bbf10103ad: ############################################# 100%
 INFO  Pushing 2348d43196bb: ############################################# 100%
 INFO  Pushing 005fcd9070fd: ############################################# 100%
 ERRO  unable to push artifact PUT "https://registry.gitlab.com/v2/x/falcosecurity/rules/falco-rules/manifests/sha256:005fcd9070fda2edc835d285ca6e5c2fa02effb63a246b450a94f932916ad997": response status code 400: manifest invalid: manifest invalid: unknown media type: application/vnd.cncf.falco.rulesfile.config.v1+json
 ERRO  PUT "https://registry.gitlab.com/v2/x/falcosecurity/rules/falco-rules/manifests/sha256:005fcd9070fda2edc835d285ca6e5c2fa02effb63a246b450a94f932916ad997": response status code 400: manifest invalid: manifest invalid: unknown media type: application/vnd.cncf.falco.rulesfile.config.v1+json

Or use crane copy

$ crane copy ghcr.io/falcosecurity/rules/falco-rules:1 registry.gitlab.com/x/falcosecurity/rules/k8saudit-rules:1
Edited by Emin Aktaş