new: dynamic builders

Makefile

@@ -18,23 +18,25 @@ endif
 
 DOCKER_ORG ?= falcosecurity
 
-BUILDERS := $(patsubst build/builder_%.Dockerfile,%,$(wildcard build/builder_*.Dockerfile))
+ARCH := $(shell uname -m)
+
+BUILDERS := $(patsubst docker/builders/builder-%.Dockerfile,%,$(wildcard docker/builders/builder*$(ARCH)*.Dockerfile))
 
 IMAGE_NAME_BUILDER_BASE ?= docker.io/$(DOCKER_ORG)/driverkit-builder
 
-IMAGE_NAME_SUFFIX_REF := ":$(GIT_REF)_$(shell uname -m)"
-IMAGE_NAME_SUFFIX_COMMIT := ":$(GIT_COMMIT)_$(shell uname -m)"
-IMAGE_NAME_SUFFIX_LATEST := ":latest_$(shell uname -m)"
+IMAGE_NAME_SUFFIX_REF := ":$(GIT_REF)_$(ARCH)"
+IMAGE_NAME_SUFFIX_COMMIT := ":$(GIT_COMMIT)_$(ARCH)"
+IMAGE_NAME_SUFFIX_LATEST := ":latest_$(ARCH)"
 
 IMAGE_NAME_DRIVERKIT ?= docker.io/$(DOCKER_ORG)/driverkit
 
-IMAGE_NAME_DRIVERKIT_REF := $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_$(shell uname -m)
-IMAGE_NAME_DRIVERKIT_COMMIT := $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_$(shell uname -m)
-IMAGE_NAME_DRIVERKIT_LATEST := $(IMAGE_NAME_DRIVERKIT):latest_$(shell uname -m)
+IMAGE_NAME_DRIVERKIT_REF := $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_$(ARCH)
+IMAGE_NAME_DRIVERKIT_COMMIT := $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_$(ARCH)
+IMAGE_NAME_DRIVERKIT_LATEST := $(IMAGE_NAME_DRIVERKIT):latest_$(ARCH)
 
-LDFLAGS := -X github.com/falcosecurity/driverkit/pkg/version.buildTime=$(shell date +%s) -X github.com/falcosecurity/driverkit/pkg/version.gitCommit=${GIT_COMMIT} -X github.com/falcosecurity/driverkit/pkg/version.gitTag=$(if ${GIT_TAG},${GIT_TAG},v0.0.0) -X github.com/falcosecurity/driverkit/pkg/version.commitsFromGitTag=${COMMITS_FROM_GIT_TAG} -X github.com/falcosecurity/driverkit/pkg/driverbuilder/builder.BaseImage=${IMAGE_NAME_BUILDER_BASE}:$(GIT_COMMIT)
+LDFLAGS := -X github.com/falcosecurity/driverkit/pkg/version.buildTime=$(shell date +%s) -X github.com/falcosecurity/driverkit/pkg/version.gitCommit=${GIT_COMMIT} -X github.com/falcosecurity/driverkit/pkg/version.gitTag=$(if ${GIT_TAG},${GIT_TAG},v0.0.0) -X github.com/falcosecurity/driverkit/pkg/version.commitsFromGitTag=${COMMITS_FROM_GIT_TAG}
 
-TARGET_TEST_ARCH ?= $(shell uname -m)
+TARGET_TEST_ARCH ?= $(ARCH)
 test_configs := $(wildcard test/$(TARGET_TEST_ARCH)/configs/*.yaml)
 
 driverkit ?= _output/bin/driverkit
@@ -60,41 +62,41 @@ image/all: image/builder image/driverkit
 .PHONY: image/builder
 image/builder:
 	$(foreach b,$(BUILDERS),\
-		$(DOCKER) buildx build -o type=image,push="false" -f build/builder_$b.Dockerfile . ; \
+		$(DOCKER) buildx build -o type=image,push="false" -f docker/builders/builder-$b.Dockerfile . ; \
     )
 
 .PHONY: image/driverkit
 image/driverkit:
-	$(DOCKER) buildx build -o type=image,push="false" -f build/driverkit.Dockerfile .
+	$(DOCKER) buildx build -o type=image,push="false" -f docker/driverkit.Dockerfile .
 
 push/all: push/builder push/driverkit
 
 .PHONY: push/builder
 push/builder:
 	$(foreach b,$(BUILDERS),\
-		$(DOCKER) buildx build --push -t "$(IMAGE_NAME_BUILDER_BASE)_$b$(IMAGE_NAME_SUFFIX_REF)" -t "$(IMAGE_NAME_BUILDER_BASE)_$b$(IMAGE_NAME_SUFFIX_COMMIT)" -f build/builder_$b.Dockerfile . ; \
+		$(DOCKER) buildx build --push -t "$(IMAGE_NAME_BUILDER_BASE)-$b$(IMAGE_NAME_SUFFIX_REF)" -t "$(IMAGE_NAME_BUILDER_BASE)-$b$(IMAGE_NAME_SUFFIX_COMMIT)" -f docker/builders/builder-$b.Dockerfile . ; \
 	)
 
 .PHONY: push/driverkit
 push/driverkit:
-	$(DOCKER) buildx build --push -t "$(IMAGE_NAME_DRIVERKIT_REF)" -t "$(IMAGE_NAME_DRIVERKIT_COMMIT)" -f build/driverkit.Dockerfile .
+	$(DOCKER) buildx build --push -t "$(IMAGE_NAME_DRIVERKIT_REF)" -t "$(IMAGE_NAME_DRIVERKIT_COMMIT)" -f docker/driverkit.Dockerfile .
 
 .PHONY: push/latest
 push/latest:
 	$(foreach b,$(BUILDERS),\
-		$(DOCKER) buildx build --push -t "$(IMAGE_NAME_BUILDER_BASE)_$b$(IMAGE_NAME_SUFFIX_LATEST)" -f build/builder_$b.Dockerfile . ; \
+		$(DOCKER) buildx build --push -t "$(IMAGE_NAME_BUILDER_BASE)-$b$(IMAGE_NAME_SUFFIX_LATEST)" -f docker/builders/builder-$b.Dockerfile . ; \
 	)
-	$(DOCKER) buildx build --push -t "$(IMAGE_NAME_DRIVERKIT_LATEST)" -f build/driverkit.Dockerfile .
+	$(DOCKER) buildx build --push -t "$(IMAGE_NAME_DRIVERKIT_LATEST)" -f docker/driverkit.Dockerfile .
 
 manifest/all: manifest/builder manifest/driverkit
 
 .PHONY: manifest/builder
 manifest/builder:
 	$(foreach b,$(BUILDERS),\
-		$(DOCKER) manifest create "$(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_REF)" $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_REF)_x86_64 $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_REF)_aarch64 ; \
-		$(DOCKER) manifest push "$(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_REF)" ; \
-		$(DOCKER) manifest create $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_COMMIT) $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_COMMIT)_x86_64 $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_COMMIT)_aarch64 ; \
-		$(DOCKER) manifest push $(IMAGE_NAME_BUILDER_BASE)_$b:$(GIT_COMMIT) ; \
+		$(DOCKER) manifest create "$(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_REF)" $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_REF)_x86_64 $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_REF)_aarch64 ; \
+		$(DOCKER) manifest push "$(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_REF)" ; \
+		$(DOCKER) manifest create $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_COMMIT) $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_COMMIT)_x86_64 $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_COMMIT)_aarch64 ; \
+		$(DOCKER) manifest push $(IMAGE_NAME_BUILDER_BASE)-$b:$(GIT_COMMIT) ; \
 	)
 
 .PHONY: manifest/driverkit
@@ -107,8 +109,8 @@ manifest/driverkit:
 .PHONY: manifest/latest
 manifest/latest:
 	$(foreach b,$(BUILDERS),\
-	  	$(DOCKER) manifest create "$(IMAGE_NAME_BUILDER_BASE)_$b:latest" $(IMAGE_NAME_BUILDER_BASE)_$b:latest_x86_64 $(IMAGE_NAME_BUILDER_BASE)_$b:latest_aarch64 ; \
-		$(DOCKER) manifest push "$(IMAGE_NAME_BUILDER_BASE)_$b:latest" ; \
+	  	$(DOCKER) manifest create "$(IMAGE_NAME_BUILDER_BASE)-$b:latest" $(IMAGE_NAME_BUILDER_BASE)-$b:latest_x86_64 $(IMAGE_NAME_BUILDER_BASE)-$b:latest_aarch64 ; \
+		$(DOCKER) manifest push "$(IMAGE_NAME_BUILDER_BASE)-$b:latest" ; \
 	)
 	$(DOCKER) manifest create $(IMAGE_NAME_DRIVERKIT):latest $(IMAGE_NAME_DRIVERKIT):latest_x86_64 $(IMAGE_NAME_DRIVERKIT):latest_aarch64
 	$(DOCKER) manifest push $(IMAGE_NAME_DRIVERKIT):latest
@@ -124,7 +126,7 @@ integration_test: $(test_configs)
 
 .PHONY: $(test_configs)
 $(test_configs): ${driverkit}
-	${driverkit} docker -c $@ --builderimage auto:master -l debug --timeout 600
+	${driverkit} docker -c $@ --builderimage auto:master -l debug --timeout 600 --builderrepo docker.io/fededp/driverkit
 
 .PHONY: ${driverkit_docgen}
 ${driverkit_docgen}: ${PWD}/docgen

cmd/images.go

@@ -0,0 +1,41 @@
+package cmd
+
+import (
+	"github.com/olekukonko/tablewriter"
+	logger "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+	"os"
+)
+
+// NewImagesCmd creates the `driverkit images` command.
+func NewImagesCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+	imagesCmd := &cobra.Command{
+		Use:   "images",
+		Short: "List builder images",
+		Run: func(c *cobra.Command, args []string) {
+			logger.WithField("processor", c.Name()).Info("listing images")
+			b := rootOpts.toBuild()
+			b.LoadImages()
+
+			table := tablewriter.NewWriter(os.Stdout)
+			table.SetHeader([]string{"Image", "Target", "Arch", "GCC"})
+			table.SetBorders(tablewriter.Border{Left: true, Top: false, Right: true, Bottom: false})
+			table.SetCenterSeparator("|")
+
+			for _, img := range b.Images {
+				data := make([]string, 4)
+				data[0] = img.Name
+				data[1] = img.Target.String()
+				data[2] = b.Architecture
+				data[3] = img.GCCVersion.String()
+				table.Append(data)
+			}
+			table.Render() // Send output
+		},
+	}
+	// Add root flags
+	imagesCmd.PersistentFlags().AddFlagSet(rootFlags)
+
+	return imagesCmd
+}

cmd/root.go

@@ -144,7 +144,7 @@ func NewRootCmd() *RootCmd {
 	flags.StringVar(&rootOpts.ModuleDeviceName, "moduledevicename", rootOpts.ModuleDeviceName, "kernel module device name (the default is falco, so the device will be under /dev/falco*)")
 	flags.StringVar(&rootOpts.ModuleDriverName, "moduledrivername", rootOpts.ModuleDriverName, "kernel module driver name, i.e. the name you see when you check installed modules via lsmod")
 	flags.StringVar(&rootOpts.BuilderImage, "builderimage", rootOpts.BuilderImage, "docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.")
-	flags.StringVar(&rootOpts.BuilderImageBase, "builderimagebase", rootOpts.BuilderImageBase, "base docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.")
+	flags.StringSliceVar(&rootOpts.BuilderRepos, "builderrepo", rootOpts.BuilderRepos, "list of docker repositories in descending priority order, used to search for builder images. Default falcosecurity/driverkit will always be enforced as lowest priority repo. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit")
 	flags.StringVar(&rootOpts.GCCVersion, "gccversion", rootOpts.GCCVersion, "enforce a specific gcc version for the build")
 
 	flags.StringSliceVar(&rootOpts.KernelUrls, "kernelurls", nil, "list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls \"<URL3>,<URL4>\")")
@@ -167,6 +167,7 @@ func NewRootCmd() *RootCmd {
 	rootCmd.AddCommand(NewKubernetesCmd(rootOpts, flags))
 	rootCmd.AddCommand(NewKubernetesInClusterCmd(rootOpts, flags))
 	rootCmd.AddCommand(NewDockerCmd(rootOpts, flags))
+	rootCmd.AddCommand(NewImagesCmd(rootOpts, flags))
 	rootCmd.AddCommand(NewCompletionCmd())
 
 	ret.StripSensitive()

cmd/root_options.go

@@ -33,7 +33,7 @@ type RootOptions struct {
 	Target           string   `validate:"required,target" name:"target"`
 	KernelConfigData string   `validate:"omitempty,base64" name:"kernel config data"` // fixme > tag "name" does not seem to work when used at struct level, but works when used at inner level
 	BuilderImage     string   `validate:"omitempty,imagename" name:"builder image"`
-	BuilderImageBase string   `validate:"omitempty,imagename" name:"builder base image"`
+	BuilderRepos     []string `validate:"omitempty" name:"docker repositories to look for builder images"`
 	GCCVersion       string   `validate:"omitempty,semvertolerant" name:"gcc version"`
 	KernelUrls       []string `name:"kernel header urls"`
 	Repo             RepoOptions
@@ -116,23 +116,27 @@ func (ro *RootOptions) toBuild() *builder.Build {
 	}
 
 	build := &builder.Build{
-		TargetType:             builder.Type(ro.Target),
-		DriverVersion:          ro.DriverVersion,
-		KernelVersion:          ro.KernelVersion,
-		KernelRelease:          ro.KernelRelease,
-		Architecture:           ro.Architecture,
-		KernelConfigData:       kernelConfigData,
-		ModuleFilePath:         ro.Output.Module,
-		ProbeFilePath:          ro.Output.Probe,
-		ModuleDriverName:       ro.ModuleDriverName,
-		ModuleDeviceName:       ro.ModuleDeviceName,
-		GCCVersion:             ro.GCCVersion,
-		CustomBuilderImage:     ro.BuilderImage,
-		CustomBuilderImageBase: ro.BuilderImageBase,
-		KernelUrls:             ro.KernelUrls,
-		RepoOrg:                ro.Repo.Org,
-		RepoName:               ro.Repo.Name,
-	}
+		TargetType:       builder.Type(ro.Target),
+		DriverVersion:    ro.DriverVersion,
+		KernelVersion:    ro.KernelVersion,
+		KernelRelease:    ro.KernelRelease,
+		Architecture:     ro.Architecture,
+		KernelConfigData: kernelConfigData,
+		ModuleFilePath:   ro.Output.Module,
+		ProbeFilePath:    ro.Output.Probe,
+		ModuleDriverName: ro.ModuleDriverName,
+		ModuleDeviceName: ro.ModuleDeviceName,
+		GCCVersion:       ro.GCCVersion,
+		BuilderImage:     ro.BuilderImage,
+		BuilderRepos:     ro.BuilderRepos,
+		KernelUrls:       ro.KernelUrls,
+		RepoOrg:          ro.Repo.Org,
+		RepoName:         ro.Repo.Name,
+	}
+
+	// Always append falcosecurity repo; Note: this is a prio first slice
+	// therefore, default falcosecurity repo has lowest prio.
+	build.BuilderRepos = append(build.BuilderRepos, "docker.io/falcosecurity/driverkit")
 
 	// attempt the build in case it comes from an invalid config
 	kr := build.KernelReleaseFromBuildConfig()

cmd/testdata/templates/commands.txt

@@ -2,5 +2,6 @@ Available Commands:
   completion            Generates completion scripts.
   docker                Build Falco kernel modules and eBPF probes against a docker daemon.
   help                  Help about any command
+  images                List builder images
   kubernetes            Build Falco kernel modules and eBPF probes against a Kubernetes cluster.
   kubernetes-in-cluster Build Falco kernel modules and eBPF probes against a Kubernetes cluster inside a Kubernetes cluster.

cmd/testdata/templates/flags.txt

@@ -1,7 +1,7 @@
 Flags:
       --architecture string       target architecture for the built driver, one of {{ .Architectures }} (default "{{ .CurrentArch }}")
       --builderimage string       docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.
-      --builderimagebase string   base docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.
+      --builderrepo strings       list of docker repositories in descending priority order, used to search for builder images. Default falcosecurity/driverkit will always be enforced as lowest priority repo. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit
   -c, --config string             config file path (default $HOME/.driverkit.yaml if exists)
       --driverversion string      driver version as a git commit hash or as a git tag (default "master")
       --dryrun                    do not actually perform the action

docker/builders/builder-any-aarch64_gcc10.0.0_gcc9.0.0.Dockerfile

@@ -0,0 +1 @@
+builder-any-x86_64_gcc10.0.0_gcc9.0.0.Dockerfile

docker/builders/builder-any-aarch64_gcc12.0.0_gcc11.0.0.Dockerfile

@@ -0,0 +1 @@
+builder-any-x86_64_gcc12.0.0_gcc11.0.0.Dockerfile

docker/builders/builder-any-aarch64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0.Dockerfile

@@ -0,0 +1 @@
+builder-any-x86_64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0.Dockerfile

build/builder_bullseye.Dockerfile → docker/builders/builder-any-x86_64_gcc10.0.0_gcc9.0.0.Dockerfile

@@ -39,4 +39,8 @@ RUN apt-get update \
 	software-properties-common \
 	gpg \
 	zstd \
-    && rm -rf /var/lib/apt/lists/*
+    && rm -rf /var/lib/apt/lists/*
+
+# Properly create soft link
+RUN ln -s /usr/bin/gcc-9 /usr/bin/gcc-9.0.0
+RUN ln -s /usr/bin/gcc-10 /usr/bin/gcc-10.0.0

build/builder_bookworm.Dockerfile → docker/builders/builder-any-x86_64_gcc12.0.0_gcc11.0.0.Dockerfile

@@ -39,4 +39,8 @@ RUN apt-get update \
 	software-properties-common \
 	gpg \
 	zstd \
-    && rm -rf /var/lib/apt/lists/*
+    && rm -rf /var/lib/apt/lists/*
+
+# Properly create soft links
+RUN ln -s /usr/bin/gcc-11 /usr/bin/gcc-11.0.0
+RUN ln -s /usr/bin/gcc-12 /usr/bin/gcc-12.0.0

build/builder_buster.Dockerfile → docker/builders/builder-any-x86_64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0.Dockerfile

@@ -120,3 +120,10 @@ RUN curl -L -o binutils_2.30-22_${TARGETARCH}.deb https://download.falco.org/dep
 	&& curl -L -o binutils-common_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/binutils-common_2.30-22_${TARGETARCH}.deb \
 	&& dpkg -i *binutils*.deb \
 	&& rm -f *binutils*.deb
+
+# Properly create soft link
+RUN ln -s /usr/bin/gcc-4.8 /usr/bin/gcc-4.8.0
+RUN if [ "$TARGETARCH" = "amd64" ] ; then ln -s /usr/bin/gcc-4.9 /usr/bin/gcc-4.9.0; fi;
+RUN ln -s /usr/bin/gcc-5 /usr/bin/gcc-5.0.0
+RUN ln -s /usr/bin/gcc-6 /usr/bin/gcc-6.0.0
+RUN ln -s /usr/bin/gcc-8 /usr/bin/gcc-8.0.0

docker/builders/builder-centos-x86_64_gcc4.8.5.Dockerfile

@@ -0,0 +1,31 @@
+FROM centos:7
+
+LABEL maintainer="cncf-falco-dev@lists.cncf.io"
+
+RUN yum -y install centos-release-scl && \
+    yum -y install gcc \
+    llvm-toolset-7.0 \
+	bash-completion \
+	bc \
+	ca-certificates \
+	curl \
+	gnupg2 \
+	libc6-dev \
+	elfutils-libelf-devel \
+	xz \
+	cpio \
+	flex \
+	bison \
+	openssl \
+	openssl-devel \
+	wget \
+	binutils \
+	which \
+	make
+
+# Properly create soft link
+RUN ln -s /usr/bin/gcc /usr/bin/gcc-4.8.5
+
+RUN source scl_source enable llvm-toolset-7.0
+RUN echo "source scl_source enable llvm-toolset-7.0" >> /etc/bashrc
+RUN source /etc/bashrc

docs/builder.md

@@ -127,55 +127,22 @@ Indeed, the hardest part is fetching the kernel headers urls for each distro.
 
 ### 3. Customize GCC version
 
-Driverkit builder images support multiple gcc versions:
+A builder can enforce a GCC selection algorithm,  
+by implementing the `builder.GCCVersionRequestor` interface.  
+A sane default algorithm is provided, that selects a GCC version based on the kernel version.   
+The requested gcc version is then [used to find the correct builder image to be used](builder_images.md#selection-algorithm).  
 
-From **driverkit-builder_buster** image:
+> **NOTE**: when implementing the `builder.GCCVersionRequestor`, returning an empty `semver.Version` means to fallback at default algorithm.
 
-* /usr/bin/gcc-8
-* /usr/bin/gcc-6 (6.3.0)
-* /usr/bin/gcc-5 (5.5.0)
-* /usr/bin/gcc-4.8 (4.8.4)
-
-From **driverkit-builder_bullseye** image:
-
-* /usr/bin/gcc-9
-* /usr/bin/gcc-10
-
-From **driverkit-builder_bookworm** image:
-
-* /usr/bin/gcc-11
-* /usr/bin/gcc-12
-
-You can dynamically choose the one you prefer,
-by letting your builder implement the `builder.GCCVersionRequestor` interface.  
-A sane default is provided, selecting it switching on the kernel version.  
-Please note that requested gcc version is used to find the correct builder image to be used.
-
-Moreover, Driverkit builder images support multiple clang versions:
-
-From **driverkit-builder_buster** image:
-
-* /usr/bin/clang (clang-7)
-
-From **driverkit-builder_bullseye** image:
-
-* /usr/bin/clang (clang-11)
-
-From **driverkit-builder_bookworm** image:
-
-* /usr/bin/clang (clang-14)
-
-Note, however, that there is no mechanism to dynamically choose a clang version,  
-because touching it should never be needed.  
-The build will use the one provided by the chosen builder image.    
-Any failure must be treated as a bug, and therefore an issue opened on [libs](https://github.com/falcosecurity/libs) repository.
+However, there is no mechanism to dynamically choose a clang version, because there should never be any need of touching it.   
+The build will use the one provided by the chosen builder image.  
+Any failure must be treated as a bug, and reported on [libs](https://github.com/falcosecurity/libs) repository.
 
 ### 5. kernel-crawler
 
 When creating a new builder, it is recommended to check that [kernel-crawler](https://github.com/falcosecurity/kernel-crawler)
 can also support collecting the new builders kernel versions and header package URLs. This will make sure that the latest drivers
 for the new builder are automatically built by [test-infra](https://github.com/falcosecurity/test-infra). If required, add a feature request
 for support for the new builder on the kernel-crawler repository.  
-Note: be sure that the crawler you wants to add is interesting for the community as a whole.  
-For example, an archlinux crawler doesn't make much sense, because Arch is a rolling release and we should not support  
-any past Arch kernel for Falco.
+
+> **NOTE**: be sure that the crawler you are going to add is interesting for the community as a whole.