falcosecurity · poiana · Jan 13, 2021 · Jan 8, 2021
diff --git a/README.md b/README.md
@@ -45,6 +45,7 @@ Currently available outputs are :
 * [**Google Chat**](https://workspace.google.com/products/chat/)
 * [**Apache Kafka**](https://kafka.apache.org/)
 * [**PagerDuty**](https://pagerduty.com/)
+* [**Kubeless**](https://kubeless.io/)
 
 ## Usage
 
@@ -274,6 +275,13 @@ pagerduty:
   assignee: "" # A list of comma separated users to assign. Cannot be provided if pagerduty.escalationpolicy is already specified.
   escalationpolicy: "" # Escalation policy to assign. Cannot be provided if pagerduty.escalationpolicy is already specified
   # minimumpriority: "debug" # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
+
+kubeless:
+  function: "" # Name of Kubeless function, if not empty, Kubeless is enabled
+  namespace: "" # Namespace of Kubeless function (mandatory)
+  port: 8080 # Port of service of Kubeless function
+  kubeconfig: "~/.kube/config" # Kubeconfig file to use (only if falcoside is running outside the cluster)
+  # minimumpriority: "debug" # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
 ```
 
 Usage :
@@ -397,6 +405,11 @@ The *env vars* "match" field names in *yaml file with this structure (**take car
 * **PAGERDUTY_ASSIGNEE**: A list of comma separated users to assign. Cannot be provided if `PAGERDUTY_ESCALATION_POLICY` is already specified. If not empty, Pagerduty is *enabled*
 * **PAGERDUTY_ESCALATION_POLICY**: Escalation policy to assign. Cannot be provided if `PAGERDUTY_ASSIGNEE` is already specified.If not empty, Pagerduty is *enabled*
 * **PAGERDUTY_MINIMUMPRIORITY**: minimum priority of event for using this output, order is `emergency|alert|critical|error|warning|notice|informational|debug or "" (default)`
+* **KUBELESS_FUNCTION**: Name of Kubeless function, if not empty, Kubeless is *enabled*
+* **KUBELESS_NAMESPACE**: Namespace of Kubeless function (mandatory)
+* **KUBELESS_PORT**: Port of service of Kubeless function (default is `8080`)
+* **KUBELESS_KUBECONFIG**: Kubeconfig file to use (only if falcoside is running outside the cluster)
+* **KUBELESS_MINIMUMPRIORITY**: "debug" # minimum priority of event for using this output, order is `emergency|alert|critical|error|warning|notice|informational|debug or "" (default)`
 
 #### Slack/Rocketchat/Mattermost/Googlechat Message Formatting
 

diff --git a/config.go b/config.go
@@ -132,6 +132,11 @@ func getConfig() *types.Configuration {
 	v.SetDefault("Pagerduty.Assignee", []string{})
 	v.SetDefault("Pagerduty.EscalationPolicy", "")
 	v.SetDefault("Pagerduty.MinimumPriority", "")
+	v.SetDefault("Kubeless.Namespace", "")
+	v.SetDefault("Kubeless.Function", "")
+	v.SetDefault("Kubeless.Port", 8080)
+	v.SetDefault("Kubeless.Kubeconfig", "")
+	v.SetDefault("Kubeless.MinimumPriority", "")
 
 	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
 	v.AutomaticEnv()
@@ -198,6 +203,7 @@ func getConfig() *types.Configuration {
 	c.Googlechat.MinimumPriority = checkPriority(c.Googlechat.MinimumPriority)
 	c.Kafka.MinimumPriority = checkPriority(c.Kafka.MinimumPriority)
 	c.Pagerduty.MinimumPriority = checkPriority(c.Pagerduty.MinimumPriority)
+	c.Kubeless.MinimumPriority = checkPriority(c.Kubeless.MinimumPriority)
 
 	c.Slack.MessageFormatTemplate = getMessageFormatTemplate("Slack", c.Slack.MessageFormat)
 	c.Rocketchat.MessageFormatTemplate = getMessageFormatTemplate("Rocketchat", c.Rocketchat.MessageFormat)

diff --git a/config_example.yaml b/config_example.yaml
@@ -147,3 +147,10 @@ kafka:
   topic: "" # Name of the topic, if not empty, Kafka output is enabled
   # partition: 0 # Partition number of the topic.
   # minimumpriority: "debug" # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
+
+kubeless:
+  function: "" # Name of Kubeless function, if not empty, Kubeless is enabled
+  namespace: "" # Namespace of Kubeless function (mandatory)
+  port: 8080 # Port of service of Kubeless function
+  kubeconfig: "~/.kube/config" # Kubeconfig file to use (only if falcoside is running outside the cluster)
+  # minimumpriority: "debug" # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
diff --git a/go.mod b/go.mod
@@ -3,20 +3,26 @@ module github.com/falcosecurity/falcosidekick
 go 1.15
 
 require (
-	cloud.google.com/go/pubsub v1.8.3
-	github.com/Azure/azure-event-hubs-go/v3 v3.3.3
+	cloud.google.com/go/pubsub v1.9.1
+	github.com/Azure/azure-event-hubs-go/v3 v3.3.4
 	github.com/DataDog/datadog-go v4.2.0+incompatible
 	github.com/PagerDuty/go-pagerduty v1.3.0
-	github.com/aws/aws-sdk-go v1.35.30
+	github.com/aws/aws-sdk-go v1.36.23
 	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
 	github.com/emersion/go-smtp v0.14.0
+	github.com/gkarthiks/k8s-discovery v0.19.0
+	github.com/google/uuid v1.1.2
+	github.com/imdario/mergo v0.3.7 // indirect
+	github.com/nats-io/nats-streaming-server v0.19.0 // indirect
 	github.com/nats-io/nats.go v1.10.0
-	github.com/nats-io/stan.go v0.7.0
-	github.com/prometheus/client_golang v1.8.0
+	github.com/nats-io/stan.go v0.8.1
+	github.com/prometheus/client_golang v1.9.0
 	github.com/segmentio/kafka-go v0.4.8
 	github.com/spf13/viper v1.7.1
 	github.com/stretchr/testify v1.6.1
-	golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58
-	google.golang.org/api v0.35.0
+	golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5
+	google.golang.org/api v0.36.0
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6
+	k8s.io/apimachinery v0.20.1
+	k8s.io/client-go v0.20.1
 )