update(docs): new readme style to introduce rules core concepts #212
Conversation
poiana
added
kind/documentation
README.md
Outdated
| [](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#core-scope) [](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#stable) [](./LICENSE) | ||
|
|
||
| Note: *This repository has been created upon this [proposal](https://github.com/falcosecurity/falco/blob/master/proposals/20221129-artifacts-distribution.md#move-falco-rules-to-their-own-repo).* | ||
| [](https://github.com/falcosecurity/rules/releases/latest) [](https://falco.org/docs/rules) [](https://falcosecurity.github.io/rules/) [](https://falco.org/docs/reference/rules/supported-fields/) |
There was a problem hiding this comment.
Hopefully explicitly linking to the Supported Fields page may drive adoption of newer fields.
README.md
Outdated
| For an up-to-date overview table linking to the respective Mitre Attack resources and more, please refer to the [rules overview](https://falcosecurity.github.io/rules/) document. Lastly, you can find Falco plugins rules in the respective [plugins](https://github.com/falcosecurity/plugins) repos' subfolder. | ||
| <p align="left"> | ||
| <img src="docs/images/announce.png" alt="Image" width="20" height="20"> | ||
| Starting from rules version 3.0.0, the <i>required_engine_version</i> follows semantic versioning and only functions with Falco version >= 0.37.0. Since rules version <a href="#falco-rules-2x">2.0.0</a>, we've modified our rules' shipping and distribution process. With Falco >= 0.37.0, <i>selective rules overrides</i> aim to further streamline the adoption and customization of upstream rules.</p> |
There was a problem hiding this comment.
@falcosecurity/falco-maintainers @falcosecurity/rules-maintainers is rules version 3.0.0 correct to ensure a clear transition to semver?
@LucaGuerra once we have the docs for "selective rules overrides" we can link to them as well.
There was a problem hiding this comment.
@falcosecurity/falco-maintainers @falcosecurity/rules-maintainers is rules version 3.0.0 correct to ensure a clear transition to semver?
Ok for me!
cc @Andreagit97
incertum
force-pushed
the
update-readme
branch
from
a95ef0b to
5a996e8
Compare
Signed-off-by: Melissa Kilby <[email protected]>
Signed-off-by: Melissa Kilby <[email protected]>
Signed-off-by: Melissa Kilby <[email protected]>
incertum
force-pushed
the
update-readme
branch
from
5a996e8 to
d4f9d4e
Compare
Signed-off-by: Melissa Kilby <[email protected]>
incertum
force-pushed
the
update-readme
branch
2 times, most recently
from
06aefe2 to
f35a5af
Compare
Signed-off-by: Melissa Kilby <[email protected]>
incertum
force-pushed
the
update-readme
branch
from
f35a5af to
084db08
Compare
|
LGTM label has been added. Git tree hash: 2c73a95fc6a997be40abe107cd7349d252b4f7e7
|
|
@leogr will you take care of unholding this once you feel we are close enough to the release? |
Sure! Also adding Luca in case I forget 👼 😅 |
Signed-off-by: Melissa Kilby <[email protected]>
…le falco release badge Signed-off-by: Melissa Kilby <[email protected]>
| @@ -1,6 +1,8 @@ | |||
| # Falco Rules | |||
|
|
|||
| [](https://github.com/falcosecurity/rules/releases/latest) [](https://falco.org/docs/rules) [](https://falcosecurity.github.io/rules/) [](https://falco.org/docs/rules/style-guide/) | |||
| [](https://github.com/falcosecurity/rules/releases/latest) [](https://github.com/falcosecurity/falco/releases/latest) | |||
There was a problem hiding this comment.
It would be nice to use https://github.com/falcosecurity/rules/blob/main/.github/FALCO_VERSIONS as input to generate the list of compatible versions.
Not a blocker for now. Just an idea.
There was a problem hiding this comment.
Yes this would be very cool! Would suggest regarding this PR finished and perhaps @leogr and @LucaGuerra you could open a small follow up PR once we have the next Falco version released. That PR could then also include more links and cross-references to new docs we have yet to create.
|
Since concerns around missing fields keep coming up, thought we should add another item "Bugs and Debugging" to the readme, linking to our Install and Operate Guides that will include new Help Guides soon. |
incertum
force-pushed
the
update-readme
branch
from
50f4c61 to
2161037
Compare
|
Now links to https://falco.org/docs/troubleshooting/ (needs to be synced with falcosecurity/falco-website#1246). |
Signed-off-by: Melissa Kilby <[email protected]>
incertum
force-pushed
the
update-readme
branch
from
2161037 to
b3ecf78
Compare
|
LGTM label has been added. Git tree hash: 40e5feb36189aa106b5526581b268bfc35893e21
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: incertum, leogr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
troubleshooting/ is live now. /hold cancel |
What type of PR is this?
/kind documentation
Any specific area of the project related to this PR?
/area documentation
Proposed rule maturity level
What this PR does / why we need it:
Trying a different style to convey rules core concepts better. The new (visually more appealing) layout reduces some prior redundancy and contains extra valuable information. Hopefully the README is now more concise, relevant and easier to follow.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer: