docs: update default branch to main

Signed-off-by: Leonardo Grasso <[email protected]>
falcosecurity · Mar 28, 2024 · ba8a0e8 · ba8a0e8
1 parent a394acb
commit ba8a0e8
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 11 deletions.
diff --git a/docs/plugin-ids.md b/docs/plugin-ids.md
@@ -2,7 +2,7 @@
 
 Using a unique `id` is mandatory to maintain interoperability across all plugins with _event sourcing_ capability. When a plugin is loaded by a compatible application (e.g., Falco), the `id` is used to route events to the correct plugin. Indeed, attempting to load two or more plugins using the same `id` will result in an error.
 
-For this reason, The Falco Project maintains a [public registry of plugins](https://github.com/falcosecurity/plugins/blob/master/README.md#registering-a-new-plugin), which allows the assignment of a unique `id` for your plugin. However, some plugins may not be registered in the public registry. For example, if you are privately developing a plugin for your own use, you might use any `id` you want. To avoid conflicts in these situations, this document mandates general rules regarding `id` assignment and reservation.
+For this reason, The Falco Project maintains a [public registry of plugins](https://github.com/falcosecurity/plugins/blob/main/README.md#registering-a-new-plugin), which allows the assignment of a unique `id` for your plugin. However, some plugins may not be registered in the public registry. For example, if you are privately developing a plugin for your own use, you might use any `id` you want. To avoid conflicts in these situations, this document mandates general rules regarding `id` assignment and reservation.
 
 ## ID Blocks
 

diff --git a/plugins/gcpaudit/walkthrough.md b/plugins/gcpaudit/walkthrough.md
@@ -274,7 +274,7 @@ Falco is configured to monitor changes to its configuration files, so there is n
 
 With everything configured, the last step is to test the GCP Audit Logs plugin.
 
-If you read the [plugin rules file](https://github.com/falcosecurity/plugins/blob/master/plugins/gcpaudit/rules/gcp_auditlog_rules.yaml), you will see that there are dozens of different rules that you could test, but to keep it simple we’ll repeat the same test we did earlier and create and delete a Pub/Sub topic. 
+If you read the [plugin rules file](https://github.com/falcosecurity/plugins/blob/main/plugins/gcpaudit/rules/gcp_auditlog_rules.yaml), you will see that there are dozens of different rules that you could test, but to keep it simple we’ll repeat the same test we did earlier and create and delete a Pub/Sub topic. 
 
 Since the VM you created to run Falco does not have `gcloud` installed, the easiest way to do this section is to create a second shell instance either back on your local machine or in Cloud Shell - wherever you originally ran the gcloud commands from.
 

diff --git a/plugins/github/README.md b/plugins/github/README.md
@@ -121,4 +121,4 @@ The plugin can currently detect when the following types of secrets are committe
 - shopify_private_app_access_token
 - pypi_upload_token
 
-Adding a new secret detection is simply a matter of adding a new entry in the secretsChecks array in [secrets.go](https://github.com/falcosecurity/plugins/blob/master/plugins/github/pkg/github/secrets.go).
+Adding a new secret detection is simply a matter of adding a new entry in the secretsChecks array in [secrets.go](https://github.com/falcosecurity/plugins/blob/main/plugins/github/pkg/github/secrets.go).
diff --git a/plugins/k8saudit-eks/README.md b/plugins/k8saudit-eks/README.md
@@ -3,15 +3,15 @@
 ## Introduction
 
 This plugin extends Falco to support [Kubernetes Audit Events](https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#audit-backends) from AWS EKS clusters as a new data source.
-For more details about what Audit logs are, see the [README of k8saudit plugin](https://github.com/falcosecurity/plugins/blob/master/plugins/k8saudit/README.md).
+For more details about what Audit logs are, see the [README of k8saudit plugin](https://github.com/falcosecurity/plugins/blob/main/plugins/k8saudit/README.md).
 
 ### Functionality
 
 This plugin supports consuming Kubernetes Audit Events stored in Cloudwatch Logs for the EKS Clusters, see [AWS official documentation](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) for details.
 
 ## Capabilities
 
-The `k8saudit-eks` uses the field extraction methods of the [`k8saudit`](https://github.com/falcosecurity/plugins/tree/master/plugins/k8saudit) plugin as the format for the Audit Logs is same.
+The `k8saudit-eks` uses the field extraction methods of the [`k8saudit`](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit) plugin as the format for the Audit Logs is same.
 
 ### Event Source
 
@@ -122,7 +122,7 @@ A string which contains the name of your EKS Cluster (required).
 
 ### Rules
 
-The `k8saudit-eks` plugin ships with no default rule for test purpose, you can use the same rules than those for `k8saudit` plugin. See [here](https://github.com/falcosecurity/plugins/blob/master/plugins/k8saudit/rules/k8s_audit_rules.yaml).
+The `k8saudit-eks` plugin ships with no default rule for test purpose, you can use the same rules than those for `k8saudit` plugin. See [here](https://github.com/falcosecurity/plugins/blob/main/plugins/k8saudit/rules/k8s_audit_rules.yaml).
 
 
 To test if it works anyway, you can still use this one for example:

diff --git a/plugins/k8saudit-gke/README.md b/plugins/k8saudit-gke/README.md
@@ -14,7 +14,7 @@ GKE Admin Activity audit logs and GKE Data Access audit logs can be send to a Pu
 
 Optionally, the `k8saudit-gke` plugin can use the Google Container API to fetch cluster resource metadata labels. These cluster labels are appended to the resource labels of the log entry.
 
-Finally, the Google audit log entries are converted to a Kubernetes audit event object and handed off to the Falco rule pipeline. This means the field extraction methods and rules of the [`k8saudit`](https://github.com/falcosecurity/plugins/tree/master/plugins/k8saudit) can be used.
+Finally, the Google audit log entries are converted to a Kubernetes audit event object and handed off to the Falco rule pipeline. This means the field extraction methods and rules of the [`k8saudit`](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit) can be used.
 > [!WARNING] 
 > As the Kubernetes audit event is reconstructed from a Google audit logs entry some Falco rules might not work as expected due to missing information.
 

diff --git a/plugins/k8smeta/README.md b/plugins/k8smeta/README.md
@@ -96,7 +96,7 @@ The plugin doesn't have open params
 
 ### Rules
 
-This plugin doesn't provide any custom rule, you can use the default Falco ruleset and add the necessary `k8smeta` fields. A very simple example rule can be found [here](https://github.com/falcosecurity/plugins/blob/master/plugins/k8smeta/test/rules/example_rule.yaml)
+This plugin doesn't provide any custom rule, you can use the default Falco ruleset and add the necessary `k8smeta` fields. A very simple example rule can be found [here](https://github.com/falcosecurity/plugins/blob/main/plugins/k8smeta/test/rules/example_rule.yaml)
 
 ### Running
 
@@ -123,4 +123,4 @@ cmake ..
 make k8smeta -j10
 ```
 
-To run local tests follow the steps [here](https://github.com/falcosecurity/plugins/blob/master/plugins/k8smeta/test/README.md)
+To run local tests follow the steps [here](https://github.com/falcosecurity/plugins/blob/main/plugins/k8smeta/test/README.md)
diff --git a/release.md b/release.md
@@ -1,9 +1,9 @@
 # Release Process
 
-Our release process is automated by a couple of GitHub Actions ([`Update Plugins-dev`](https://github.com/falcosecurity/plugins/blob/master/.github/workflows/push_master.yml) and [`Release Plugins`](https://github.com/falcosecurity/plugins/blob/master/.github/workflows/release.yml)). 
+Our release process is automated by a couple of GitHub Actions ([`Update Plugins-dev`](https://github.com/falcosecurity/plugins/blob/main/.github/workflows/main.yml) and [`Release Plugins`](https://github.com/falcosecurity/plugins/blob/main/.github/workflows/release.yml)). 
 
 The process publishes two types of releases:
-- **dev** builds: the process is fully automated, and it is triggered when changes are merged into `master` branch
+- **dev** builds: the process is fully automated, and it is triggered when changes are merged into `main` branch
 - **stable** builds: the process is automated, but it needs to be manually triggered by tagging a plugin with a release version (see the [section](#Stable-builds) below)
 
 Regardless of the type, if a plugin provides a ruleset, the ruleset is released, too, with the same version number. This may change in the future. Also, see [Versioning a rulset](https://github.com/falcosecurity/rules/blob/main/RELEASE.md#versioning-a-ruleset) guidelines before deciding the release version number.