chore(deps): bump docker/login-action in the actions group

Bumps the actions group with 1 update: [docker/login-action](https://github.com/docker/login-action). Updates `docker/login-action` from 3.4.0 to 3.5.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](74a5d14239...184bdaa072) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps): bump github.com/docker/docker
2025-08-06 10:34:03 +02:00 · 2025-07-30 09:01:16 +02:00 · 2025-07-29 22:22:12 +02:00 · 2025-07-23 11:27:34 +02:00 · 2025-07-21 11:27:31 +02:00 · 2025-07-21 11:26:31 +02:00
126 changed files with 3256 additions and 2514 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,235 +0,0 @@
-version: 2.1
-jobs:
-  "build-test":
-    docker:
-      - image: golang:1.21-alpine
-    steps:
-      - checkout
-      - setup_remote_docker: # used by integration tests that runs driverkit binary that needs docker
-          version: 20.10.24
-      - run:
-          name: Install deps
-          command: apk add gcc musl-dev make bash git binutils-gold
-      - run:
-          name: Build
-          command: make build
-      - run:
-          name: Test
-          command: make test
-      - run:
-          name: Integration tests
-          command: make integration_test
-      - run:
-          name: Prepare Artifacts
-          command: |
-            mkdir -p /tmp/build-amd64
-            cp _output/bin/driverkit /tmp/build-amd64/
-      - store_artifacts:
-          path: /tmp/build-amd64/driverkit
-          destination: driverkit_amd64      
-      - persist_to_workspace:
-          root: /tmp
-          paths:
-            - build-amd64/
-  "build-test-arm64":
-    machine:
-      enabled: true
-      image: ubuntu-2004:2022.04.1
-    resource_class: arm.medium
-    steps:
-      - checkout:
-          path: /tmp/source
-      - run:
-          name: Prepare project
-          command: |
-            docker run --rm -it -v /tmp/source:/source -v /var/run/docker.sock:/var/run/docker.sock -w /source --name alpine_sh -d golang:1.21-alpine sh
-            docker exec alpine_sh apk add gcc musl-dev make bash git docker binutils-gold
-            docker exec alpine_sh git config --global --add safe.directory /source
-      - run:
-          name: Build
-          command: docker exec alpine_sh make build
-      - run:
-          name: Test
-          command: docker exec alpine_sh make test
-      - run:
-          name: Integration tests
-          command: docker exec alpine_sh make integration_test
-      - run:
-          name: Prepare Artifacts
-          command: |
-            mkdir -p /tmp/build-arm64
-            cp /tmp/source/_output/bin/driverkit /tmp/build-arm64/
-      - store_artifacts:
-          path: /tmp/build-arm64/driverkit
-          destination: driverkit_arm64      
-      - persist_to_workspace:
-          root: /tmp
-          paths:
-            - build-arm64/
-  "build-images":
-    docker:
-      - image: alpine:3.16
-    steps: 
-      - attach_workspace:
-          at: /
-      - checkout
-      - setup_remote_docker:
-          version: 20.10.24
-          docker_layer_caching: true
-      - run:
-          name: Install deps
-          command: |
-            apk update
-            apk add make bash git docker docker-cli-buildx
-      - run:
-          name: Login to registry
-          command: echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
-      - run:
-          name: Prepare artifact for driverkit image
-          command: | # driverkit dockerfile expects the binary there
-            mkdir -p build-amd64
-            cp /build-amd64/driverkit build-amd64/
-      - run:
-          name: Build and Push docker images
-          command: GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/all
-      - run:
-          name: Push latest images
-          command: |
-            if [ -n "$CIRCLE_TAG" ]
-            then
-              GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/latest
-            else
-              echo "Skipping (no git tag)"
-            fi
-  "build-images-arm64":
-    machine:
-      enabled: true
-      image: ubuntu-2004:2022.04.1
-      docker_layer_caching: true 
-    resource_class: arm.medium
-    steps:
-      - attach_workspace:
-          at: /tmp
-      - checkout:
-          path: /tmp/source
-      - run:
-          name: Install deps
-          command: |
-            sudo apt update
-            sudo apt install make bash git
-      - run:
-          name: Login to registry
-          command: echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
-      - run:
-          name: Prepare artifact for driverkit image
-          command: | # driverkit dockerfile expects the binary there
-            mkdir -p /tmp/source/build-arm64
-            cp /tmp/build-arm64/driverkit /tmp/source/build-arm64/
-      - run:
-          name: Build and Push docker images
-          command: |
-            cd /tmp/source
-            GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/all
-      - run:
-          name: Push latest images if needed
-          command: |
-            cd /tmp/source
-            if [ -n "$CIRCLE_TAG" ]
-            then
-              GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/latest
-            else
-              echo "Skipping (no git tag)"
-            fi
-  "images":
-    docker:
-      - image: cimg/base:stable
-        user: root
-    steps:
-      - checkout
-      - setup_remote_docker:
-          version: 20.10.24
-      - run:
-          name: Prepare env
-          command: |
-            echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
-            sudo apt update
-            sudo apt install make bash git
-      - run:
-          name: Build and Push manifest to registry
-          command: |
-            GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make manifest/all
-      - run:
-          name: Push latest manifest if needed
-          command: |
-            if [ -n "$CIRCLE_TAG" ]
-            then
-              GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make manifest/latest
-            else
-              echo "Skipping (no git tag)"
-            fi
-  "release":
-    docker:
-      - image: cimg/go:1.21
-    steps:
-      - checkout
-      - run:
-          name: Install goreleaser
-          command: |
-            echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
-            sudo apt update
-            sudo apt install goreleaser
-      - run:
-          name: Release
-          command: GIT_TAG="$CIRCLE_TAG" make release
-workflows:
-  version: 2.1
-  build:
-    jobs:
-      - "build-test":
-          filters:
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-      - "build-test-arm64":
-          filters:
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-      - "build-images":
-          context: falco
-          filters:
-            branches:
-              only:
-                - master
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-          requires:
-            - "build-test"
-      - "build-images-arm64":
-          context: falco
-          filters:
-            branches:
-              only:
-                - master
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-          requires:
-            - "build-test-arm64"      
-      - "images":
-          context: falco
-          filters:
-            branches:
-              only:
-                - master
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-          requires:
-            - "build-images"
-            - "build-images-arm64"
-      - "release":
-          context: falco
-          filters:
-            branches:
-              ignore: /.*/
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-          requires:
-            - "images"
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -66,5 +66,5 @@ For example, `action required: change the API interface of the rule engine`.
 -->

 ```release-note
-
+NONE
 ```
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    groups:
+      actions:
+        update-types:
+          - "minor"
+          - "patch"
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -0,0 +1,77 @@
+name: CI Build
+on:
+  pull_request:
+    branches: [master]
+  workflow_dispatch:
+
+# Checks if any concurrent jobs under the same pull request or branch are being executed
+# NOTE: this will cancel every workflow that is being ran against a PR as group is just the github ref (without the workflow name)
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true  
+
+jobs:
+  build-test-dev:
+    strategy:
+      matrix:
+        arch: [amd64, arm64]
+    uses: ./.github/workflows/reusable_build_test_driverkit.yml
+    with:
+      arch: ${{ matrix.arch }}
+
+  paths-filter:
+    runs-on: ubuntu-latest
+    outputs:
+      docker_needs_build: ${{ steps.filter.outputs.docker }}
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+        id: filter
+        with:
+          filters: |
+            docker:
+              - 'docker/**'  
+
+  build-images-dev:
+    needs: [build-test-dev,paths-filter]
+    if: needs.paths-filter.outputs.docker_needs_build == 'true'
+    strategy:
+      matrix:
+        arch: [ amd64, arm64 ]
+    uses: ./.github/workflows/reusable_build_push_images.yml
+    with:
+      arch: ${{ matrix.arch }}
+      push: false
+    secrets: inherit
+
+  gomodtidy:
+    name: Enforce go.mod tidiness
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          ref: "${{ github.event.pull_request.head.sha }}"
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          persist-credentials: false
+
+      - name: Setup Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+        with:
+          go-version-file: 'go.mod'
+
+      - name: Execute go mod tidy and check the outcome
+        working-directory: ./
+        run: |
+          go mod tidy
+          exit_code=$(git diff --exit-code)
+          exit ${exit_code}
+
+      - name: Print a comment in case of failure
+        run: |
+          echo "The go.mod and/or go.sum files appear not to be correctly tidied.
+
+          Please, rerun go mod tidy to fix the issues."
+          exit 1
+        if: |
+          failure() && github.event.pull_request.head.repo.full_name == github.repository    
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@ -0,0 +1,36 @@
+name: Master CI
+on:
+  push:
+    branches: [master]
+
+# Checks if any concurrent jobs is running for master CI and eventually cancel it
+concurrency:
+  group: ci-master
+  cancel-in-progress: true  
+
+jobs:
+  build-test-master:
+    strategy:
+      matrix:
+        arch: [amd64, arm64]
+    uses: ./.github/workflows/reusable_build_test_driverkit.yml
+    with:
+      arch: ${{ matrix.arch }}
+
+  push-images-master:
+    needs: build-test-master
+    strategy:
+      matrix:
+        arch: [amd64, arm64]
+    uses: ./.github/workflows/reusable_build_push_images.yml
+    with:
+      arch: ${{ matrix.arch }}
+      push: true
+    secrets: inherit
+
+  images-master:
+    needs: push-images-master
+    uses: ./.github/workflows/reusable_manifest_images.yml
+    secrets: inherit
+      
+    
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -0,0 +1,68 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - v*
+
+permissions:
+  contents: write # needed to write releases
+  id-token: write # needed for keyless signing
+
+jobs:
+  build-test-release:
+    strategy:
+      matrix:
+        arch: [amd64, arm64]
+    uses: ./.github/workflows/reusable_build_test_driverkit.yml
+    with:
+      arch: ${{ matrix.arch }}
+
+  push-images-release:
+    needs: build-test-release
+    strategy:
+      matrix:
+        arch: [amd64, arm64]
+    uses: ./.github/workflows/reusable_build_push_images.yml
+    with:
+      arch: ${{ matrix.arch }}
+      tag: ${{ github.ref_name }}
+      is_latest: true
+      push: true
+    secrets: inherit  
+
+  images-release:
+    needs: push-images-release
+    uses: ./.github/workflows/reusable_manifest_images.yml
+    with:
+      tag: ${{ github.ref_name }}
+      is_latest: true
+    secrets: inherit
+
+  release:
+    needs: images-release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
+
+      - name: Fetch
+        run: git fetch --prune --force --tags
+
+      - name: Setup Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+        with:
+          go-version-file: 'go.mod'
+      
+      - name: Install GoReleaser
+        uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
+        with:
+          install-only: true
+
+      - name: Release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GIT_TAG: ${{ github.ref_name }}
+        run: make release  
--- a/.github/workflows/reusable_build_push_images.yml
+++ b/.github/workflows/reusable_build_push_images.yml
@ -0,0 +1,72 @@
+# This is a reusable workflow used by master and release CI
+on:
+  workflow_call:
+    inputs:
+      arch:
+        description: amd64 or arm64
+        required: true
+        type: string
+      branch:
+        description: name of the branch
+        required: false
+        type: string
+        default: 'master'
+      tag:
+        description: The tag to use (e.g. "master" or "0.35.0")
+        required: false
+        type: string
+        default: ''
+      is_latest:
+        description: Update the latest tag with the new image
+        required: false
+        type: boolean
+        default: false
+      push:
+        description: Whether to also push images
+        required: false
+        type: boolean
+        default: false
+
+jobs:
+  build-images:
+    runs-on: ${{ (inputs.arch == 'arm64' && 'ubuntu-22.04-arm') || 'ubuntu-22.04' }}
+    env:
+      GIT_BRANCH: ${{ inputs.branch }}
+      GIT_TAG: ${{ inputs.tag }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        
+      - name: Create download folder
+        run: mkdir -p build-${{ inputs.arch }}
+        
+      - name: Download Driverkit
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        with:
+          name: driverkit-${{ inputs.arch }}
+          path: build-${{ inputs.arch }}
+          
+      - name: Enforce executable bit
+        run: chmod +x build-${{ inputs.arch }}/driverkit
+        
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+          
+      - name: Login to Docker Hub
+        if: inputs.push
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USER }}
+          password: ${{ secrets.DOCKERHUB_SECRET }}
+          
+      - name: Build and Push docker images
+        if: inputs.push
+        run: make push/all
+
+      - name: Build docker images
+        if: inputs.push == false
+        run: make image/all
+
+      - name: Push latest images if needed
+        if: inputs.push && inputs.is_latest
+        run: make push/latest
--- a/.github/workflows/reusable_build_test_driverkit.yml
+++ b/.github/workflows/reusable_build_test_driverkit.yml
@ -0,0 +1,47 @@
+# This is a reusable workflow used by master and release CI
+on:
+  workflow_call:
+    inputs:
+      arch:
+        description: amd64 or arm64
+        required: true
+        type: string
+
+jobs:
+  build-test:
+    # See https://github.com/actions/runner/issues/409#issuecomment-1158849936
+    runs-on: ${{ (inputs.arch == 'arm64' && 'ubuntu-22.04-arm') || 'ubuntu-22.04' }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
+
+      - name: Setup Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+        with:
+          go-version-file: 'go.mod'
+
+      - name: Build
+        run: make build
+        
+      - name: Test
+        run: make test
+        
+      - name: Set integration tests DRIVERVERSIONS env
+        if: inputs.arch == 'amd64'
+        run: echo "DRIVERVERSIONS=master 6.0.1+driver 2.0.0+driver 17f5df52a7d9ed6bb12d3b1768460def8439936d" >> $GITHUB_ENV
+        
+      - name: Set integration tests DRIVERVERSIONS env
+        if: inputs.arch == 'arm64'
+        run: echo "DRIVERVERSIONS=master 6.0.1+driver 2.0.0+driver" >> $GITHUB_ENV
+      
+      - name: Integration tests
+        run: make integration_test
+        
+      - name: Upload driverkit
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: driverkit-${{ inputs.arch }}
+          path: |
+            ${{ github.workspace }}/_output/bin/driverkit
--- a/.github/workflows/reusable_manifest_images.yml
+++ b/.github/workflows/reusable_manifest_images.yml
@ -0,0 +1,45 @@
+# This is a reusable workflow used by master and release CI
+on:
+  workflow_call:
+    inputs:
+      branch:
+        description: name of the branch
+        required: false
+        type: string
+        default: 'master'
+      tag:
+        description: The tag to use (e.g. "master" or "0.35.0")
+        required: false
+        type: string
+        default: ''
+      is_latest:
+        description: Update the latest tag with the new image
+        required: false
+        type: boolean
+        default: false
+
+jobs:
+  push-manifest:
+    runs-on: ubuntu-latest
+    env:
+      GIT_BRANCH: ${{ inputs.branch }}
+      GIT_TAG: ${{ inputs.tag }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+          
+      - name: Login to Docker Hub
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USER }}
+          password: ${{ secrets.DOCKERHUB_SECRET }}
+          
+      - name: Build and Push manifest to registry
+        run: make manifest/all
+      
+      - name: Push latest manifest if needed
+        if: inputs.is_latest
+        run: make manifest/latest
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@ -1,3 +1,5 @@
+version: 2
+
 project_name: driverkit
 builds:
  - id: "driverkit"
@ -11,7 +13,6 @@ builds:
    main: .
    flags:
      - -v 
-      - -buildmode=pie
    ldflags: 
      - "{{.Env.LDFLAGS}}"
    binary: driverkit
--- a/19
+++ b/19
@ -16,6 +16,8 @@ ifeq ($(COMMITS_FROM_GIT_TAG),0)
 	endif
 endif

+DRIVERVERSIONS ?= master
+
 DOCKER_ORG ?= falcosecurity

 ARCH := $(shell uname -m)
@ -41,7 +43,7 @@ driverkit_docgen ?= _output/bin/docgen
 build: clean ${driverkit}

 ${driverkit}:
-	CGO_ENABLED=0 GOEXPERIMENT=loopvar go build -v -buildmode=pie -ldflags '${LDFLAGS}' -o $@ .
+	CGO_ENABLED=0 GOEXPERIMENT=loopvar go build -v -ldflags '${LDFLAGS}' -o $@ .

 .PHONY: release
 release: clean
@ -87,28 +89,27 @@ manifest/all: manifest/driverkit

 .PHONY: manifest/driverkit
 manifest/driverkit:
-	$(DOCKER) manifest create $(IMAGE_NAME_DRIVERKIT):$(GIT_REF) $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_x86_64 $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_aarch64
-	$(DOCKER) manifest push $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)
-	$(DOCKER) manifest create $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT) $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_x86_64 $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_aarch64
-	$(DOCKER) manifest push $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)
+	$(DOCKER) buildx imagetools create -t $(IMAGE_NAME_DRIVERKIT):$(GIT_REF) $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_x86_64 $(IMAGE_NAME_DRIVERKIT):$(GIT_REF)_aarch64
+	$(DOCKER) buildx imagetools create -t $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT) $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_x86_64 $(IMAGE_NAME_DRIVERKIT):$(GIT_COMMIT)_aarch64

 .PHONY: manifest/latest
 manifest/latest:
-	$(DOCKER) manifest create $(IMAGE_NAME_DRIVERKIT):latest $(IMAGE_NAME_DRIVERKIT):latest_x86_64 $(IMAGE_NAME_DRIVERKIT):latest_aarch64
-	$(DOCKER) manifest push $(IMAGE_NAME_DRIVERKIT):latest
+	$(DOCKER) buildx imagetools create -t $(IMAGE_NAME_DRIVERKIT):latest $(IMAGE_NAME_DRIVERKIT):latest_x86_64 $(IMAGE_NAME_DRIVERKIT):latest_aarch64

 .PHONY: test
 test:
 	go clean -testcache
 	GOEXPERIMENT=loopvar go test -v -cover -race ./...
-	GOEXPERIMENT=loopvar go test -v -cover -buildmode=pie ./cmd
+	GOEXPERIMENT=loopvar go test -v -cover ./cmd

 .PHONY: integration_test
 integration_test: $(test_configs)

 .PHONY: $(test_configs)
 $(test_configs): ${driverkit}
-	${driverkit} docker -c $@ --builderimage auto:master -l debug --timeout 600
+	$(foreach d,$(DRIVERVERSIONS),\
+		${driverkit} docker -c $@ --builderimage auto:master -l debug --timeout 600 --driverversion $d; \
+	)

 .PHONY: ${driverkit_docgen}
 ${driverkit_docgen}: ${PWD}/docgen
--- a/2
+++ b/2
@ -4,5 +4,7 @@ approvers:
  - fededp
  - EXONER4TED
  - lowaiz
+  - LucaGuerra
+
 emeritus_approvers:
  - fntlnz
--- a/RELEASE.md
+++ b/RELEASE.md
@ -1,6 +1,6 @@
 # Release Process

-Our release process is based upon [CircleCI](https://app.circleci.com/pipelines/github/falcosecurity/driverkit) and [goreleaser](https://github.com/goreleaser/goreleaser) tool for artifacts.
+Our release process is fully automated using [Github actions](.github/workflows/release.yml) and [goreleaser](https://github.com/goreleaser/goreleaser) tool for artifacts.

 When we release we do the following process:

--- a/cmd/cli_test.go
+++ b/cmd/cli_test.go
@ -19,8 +19,6 @@ package cmd

 import (
 	"bytes"
-	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"runtime"
@ -132,6 +130,8 @@ var tests = []testCase{
 			"ubuntu-aws",
 			"--output-module",
 			"/tmp/falco-ubuntu-aws.ko",
+			"--output-probe",
+			"/tmp/falco-ubuntu-aws.o",
 			"--loglevel",
 			"debug",
 		},
@ -144,6 +144,7 @@ var tests = []testCase{
 		env: map[string]string{
 			"DRIVERKIT_KERNELVERSION": "59",
 			"DRIVERKIT_OUTPUT_MODULE": "/tmp/falco-ubuntu-aws.ko",
+			"DRIVERKIT_OUTPUT_PROBE":  "/tmp/falco-ubuntu-aws.o",
 		},
 		args: []string{
 			"docker",
@ -315,9 +316,14 @@ var tests = []testCase{

 func run(t *testing.T, test testCase) {
 	// Setup
-	c := NewRootCmd()
-	b := bytes.NewBufferString("")
-	c.SetOutput(b)
+	configOpts, err := NewConfigOptions()
+	assert.NilError(t, err)
+	rootOpts, err := NewRootOptions()
+	assert.NilError(t, err)
+	var buf bytes.Buffer
+	configOpts.setOutput(&buf, true)
+	c := NewRootCmd(configOpts, rootOpts)
+	c.SetOutput(&buf)
 	if len(test.args) == 0 || (test.args[0] != "__complete" && test.args[0] != "__completeNoDesc" && test.args[0] != "help" && test.args[0] != "completion") {
 		test.args = append(test.args, "--dryrun")
 	}
@ -328,19 +334,18 @@ func run(t *testing.T, test testCase) {
 		}
 	}
 	// Test
-	err := c.Execute()
+	err = c.Execute()
 	if err != nil {
 		if test.expect.err == "" {
 			t.Fatalf("error executing CLI: %v", err)
 		} else {
 			assert.Error(t, err, test.expect.err)
 		}
+		// Exactly same behavior as rootCmd.Start(), but here we use ERROR instead of FATAL to avoid leaving
+		configOpts.Printer.Logger.Error("error executing driverkit", configOpts.Printer.Logger.Args("err", err.Error()))
 	}
-	out, err := io.ReadAll(b)
-	if err != nil {
-		t.Fatalf("error reading CLI output: %v", err)
-	}
-	res := stripansi.Strip(string(out))
+	out := buf.String()
+	res := stripansi.Strip(out)
 	assert.Equal(t, test.expect.out, res)
 	// Teardown
 	for k := range test.env {
@ -365,7 +370,7 @@ type testTemplateData struct {
 }

 func readTemplateFile(t *testing.T, s string) string {
-	out, err := ioutil.ReadFile("testdata/templates/" + s)
+	out, err := os.ReadFile("testdata/templates/" + s)
 	assert.NilError(t, err)
 	return string(out)
 }
--- a/cmd/completion.go
+++ b/cmd/completion.go
@ -17,6 +17,7 @@ package cmd
 import (
 	"bytes"
 	"fmt"
+	"github.com/spf13/pflag"
 	"os"
 	"strings"
 	"text/template"
@ -46,12 +47,12 @@ func validateArgs() cobra.PositionalArgs {
 		if len(args) == 0 {
 			return nil
 		}
-		return cobra.ExactValidArgs(1)(c, args)
+		return cobra.MatchAll(cobra.ExactArgs(1), cobra.OnlyValidArgs)(c, args)
 	}
 }

 // NewCompletionCmd ...
-func NewCompletionCmd() *cobra.Command {
+func NewCompletionCmd(_ *ConfigOptions, _ *RootOptions, _ *pflag.FlagSet) *cobra.Command {
 	var long bytes.Buffer
 	tmpl := template.Must(template.New("long").Parse(longUsageTemplate))
 	tmpl.Execute(&long, map[string]interface{}{
@ -65,25 +66,23 @@ func NewCompletionCmd() *cobra.Command {
 		Args:              validateArgs(),
 		ValidArgs:         cmdArgs,
 		DisableAutoGenTag: true,
-		Run: func(c *cobra.Command, args []string) {
+		RunE: func(c *cobra.Command, args []string) error {
 			if len(args) == 0 {
-				c.Help()
-				return
+				return c.Help()
 			}

 			arg := args[0]
 			switch arg {
 			case "bash":
-				c.Root().GenBashCompletion(os.Stdout)
-				break
+				return c.Root().GenBashCompletion(os.Stdout)
 			case "zsh":
-				c.Root().GenZshCompletion(os.Stdout)
-				break
+				return c.Root().GenZshCompletion(os.Stdout)
 			case "fish":
-				c.Root().GenFishCompletion(os.Stdout, true)
+				return c.Root().GenFishCompletion(os.Stdout, true)
 			case "help":
-				c.Help()
+				return c.Help()
 			}
+			return nil
 		},
 	}

--- a/cmd/config_options.go
+++ b/cmd/config_options.go
@ -15,51 +15,141 @@ limitations under the License.
 package cmd

 import (
-	"fmt"
-	"log/slog"
+	"errors"
+	"github.com/falcosecurity/falcoctl/pkg/output"
+	"github.com/mitchellh/go-homedir"
+	"github.com/spf13/pflag"
+	"github.com/spf13/viper"
+	"io"
 	"os"
+	"strings"

 	"github.com/creasty/defaults"
 	"github.com/falcosecurity/driverkit/validate"
 	"github.com/go-playground/validator/v10"
+	"github.com/pterm/pterm"
 )

 var validProcessors = []string{"docker", "kubernetes", "kubernetes-in-cluster", "local"}
 var aliasProcessors = []string{"docker", "k8s", "k8s-ic"}
-var configOptions *ConfigOptions

 // ConfigOptions represent the persistent configuration flags of driverkit.
 type ConfigOptions struct {
-	ConfigFile string
-	LogLevel   string `validate:"loglevel" name:"log level" default:"INFO"`
+	configFile string
 	Timeout    int    `validate:"number,min=30" default:"120" name:"timeout"`
 	ProxyURL   string `validate:"omitempty,proxy" name:"proxy url"`
-	DryRun     bool
+	dryRun     bool

-	configErrors bool
+	// Printer used by all commands to output messages.
+	Printer *output.Printer
+	// writer is used to write the output of the printer.
+	writer         io.Writer
+	logLevel       *output.LogLevel
+	disableStyling bool
+}
+
+func (co *ConfigOptions) initPrinter() {
+	// DisableStyling is only enforced by tests.
+	if co.disableStyling {
+		pterm.DisableStyling()
+	}
+	co.Printer = output.NewPrinter(co.logLevel.ToPtermLogLevel(), pterm.LogFormatterColorful, co.writer)
+	if co.disableStyling {
+		// Disable time print for tests
+		co.Printer.Logger = co.Printer.Logger.WithTime(false)
+	}
+
+}
+
+// Called by tests to disable styling and set bytes buffer as output
+func (co *ConfigOptions) setOutput(writer io.Writer, disableStyling bool) {
+	co.writer = writer
+	co.disableStyling = disableStyling
+	co.initPrinter()
 }

 // NewConfigOptions creates an instance of ConfigOptions.
-func NewConfigOptions() *ConfigOptions {
-	o := &ConfigOptions{}
-	if err := defaults.Set(o); err != nil {
-		slog.With("err", err.Error(), "options", "ConfigOptions").Error("error setting driverkit options defaults")
-		os.Exit(1)
+func NewConfigOptions() (*ConfigOptions, error) {
+	o := &ConfigOptions{
+		writer:         os.Stdout,
+		logLevel:       output.NewLogLevel(),
+		disableStyling: false,
 	}
-	return o
+	o.initPrinter()
+	if err := defaults.Set(o); err != nil {
+		// Return ConfigOptions anyway because we need the logger
+		return o, err
+	}
+	return o, nil
 }

 // Validate validates the ConfigOptions fields.
-func (co *ConfigOptions) Validate() []error {
+func (co *ConfigOptions) validate() []error {
 	if err := validate.V.Struct(co); err != nil {
-		errors := err.(validator.ValidationErrors)
-		errArr := []error{}
-		for _, e := range errors {
+		var errs validator.ValidationErrors
+		errors.As(err, &errs)
+		var errArr []error
+		for _, e := range errs {
 			// Translate each error one at a time
-			errArr = append(errArr, fmt.Errorf(e.Translate(validate.T)))
+			errArr = append(errArr, errors.New(e.Translate(validate.T)))
 		}
-		co.configErrors = true
 		return errArr
 	}
 	return nil
 }
+
+// AddFlags registers the common flags.
+func (co *ConfigOptions) AddFlags(flags *pflag.FlagSet) {
+	flags.StringVarP(&co.configFile, "config", "c", co.configFile, "config file path (default $HOME/.driverkit.yaml if exists)")
+	flags.VarP(co.logLevel, "loglevel", "l", "set level for logs "+co.logLevel.Allowed())
+	flags.IntVar(&co.Timeout, "timeout", co.Timeout, "timeout in seconds")
+	flags.StringVar(&co.ProxyURL, "proxy", co.ProxyURL, "the proxy to use to download data")
+	flags.BoolVar(&co.dryRun, "dryrun", co.dryRun, "do not actually perform the action")
+}
+
+// Init reads in config file and ENV variables if set.
+func (co *ConfigOptions) Init() bool {
+	configErr := false
+	if errs := co.validate(); errs != nil {
+		for _, err := range errs {
+			co.Printer.Logger.Error("error validating config options",
+				co.Printer.Logger.Args("err", err.Error()))
+		}
+		configErr = true
+	}
+	if co.configFile != "" {
+		viper.SetConfigFile(co.configFile)
+	} else {
+		// Find home directory.
+		home, err := homedir.Dir()
+		if err != nil {
+			co.Printer.Logger.Error("error getting the home directory",
+				co.Printer.Logger.Args("err", err.Error()))
+			// not setting configErr = true because we fallback to `$HOME/.driverkit.yaml` and try with it
+		}
+
+		viper.AddConfigPath(home)
+		viper.SetConfigName(".driverkit")
+	}
+
+	viper.AutomaticEnv()
+	viper.SetEnvPrefix("driverkit")
+	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
+
+	// If a config file is found, read it in.
+	err := viper.ReadInConfig()
+	// Init printer with either read or existent one,
+	// so that we can further log considering log level set.
+	co.initPrinter()
+	if err == nil {
+		co.Printer.Logger.Info("using config file",
+			co.Printer.Logger.Args("file", viper.ConfigFileUsed()))
+	} else {
+		var configFileNotFoundError viper.ConfigFileNotFoundError
+		if errors.As(err, &configFileNotFoundError) {
+			// Config file not found, ignore ...
+			co.Printer.Logger.Debug("running without a configuration file")
+		}
+	}
+	return configErr
+}
--- a/cmd/docker.go
+++ b/cmd/docker.go
@ -15,32 +15,42 @@ limitations under the License.
 package cmd

 import (
-	"log/slog"
-	"os"
-
+	"bytes"
 	"github.com/falcosecurity/driverkit/pkg/driverbuilder"
+	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	"github.com/spf13/viper"
 )

 // NewDockerCmd creates the `driverkit docker` command.
-func NewDockerCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+func NewDockerCmd(configOpts *ConfigOptions, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
 	dockerCmd := &cobra.Command{
 		Use:   "docker",
 		Short: "Build Falco kernel modules and eBPF probes against a docker daemon.",
-		Run: func(c *cobra.Command, args []string) {
-			slog.With("processor", c.Name()).Info("driver building, it will take a few seconds")
-			if !configOptions.DryRun {
-				b := rootOpts.ToBuild()
-				if !b.HasOutputs() {
-					return
+		RunE: func(c *cobra.Command, args []string) error {
+			configOpts.Printer.Logger.Info("starting build",
+				configOpts.Printer.Logger.Args("processor", c.Name()))
+			if !configOpts.dryRun {
+				if !rootOpts.Output.HasOutputs() {
+					configOpts.Printer.Logger.Info("no output specified")
+					return nil
 				}
-				if err := driverbuilder.NewDockerBuildProcessor(viper.GetInt("timeout"), viper.GetString("proxy")).Start(b); err != nil {
-					slog.With("err", err.Error()).Error("exiting")
-					os.Exit(1)
+				// Since we use a spinner, cache log data to a bytesbuffer;
+				// we will later print it once we stop the spinner.
+				var b *builder.Build
+				if configOpts.disableStyling {
+					b = rootOpts.ToBuild(configOpts.Printer)
+				} else {
+					var buf bytes.Buffer
+					b = rootOpts.ToBuild(configOpts.Printer.WithWriter(&buf))
+					configOpts.Printer.Spinner, _ = configOpts.Printer.Spinner.Start("driver building, it will take a few seconds")
+					defer func() {
+						configOpts.Printer.DefaultText.Print(buf.String())
+					}()
 				}
+				return driverbuilder.NewDockerBuildProcessor(configOpts.Timeout, configOpts.ProxyURL).Start(b)
 			}
+			return nil
 		},
 	}
 	// Add root flags
--- a/cmd/images.go
+++ b/cmd/images.go
@ -15,7 +15,8 @@ limitations under the License.
 package cmd

 import (
-	"log/slog"
+	"bytes"
+	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
 	"os"

 	"github.com/olekukonko/tablewriter"
@ -24,14 +25,30 @@ import (
 )

 // NewImagesCmd creates the `driverkit images` command.
-func NewImagesCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+func NewImagesCmd(configOpts *ConfigOptions, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
 	imagesCmd := &cobra.Command{
 		Use:   "images",
 		Short: "List builder images",
-		Run: func(c *cobra.Command, args []string) {
-			slog.With("processor", c.Name()).Info("listing images")
-			b := rootOpts.ToBuild()
+		RunE: func(c *cobra.Command, args []string) error {
+			configOpts.Printer.Logger.Info("starting loading images",
+				configOpts.Printer.Logger.Args("processor", c.Name()))
+			// Since we use a spinner, cache log data to a bytesbuffer;
+			// we will later print it once we stop the spinner.
+			var (
+				buf bytes.Buffer
+				b   *builder.Build
+			)
+			if configOpts.disableStyling {
+				b = rootOpts.ToBuild(configOpts.Printer)
+			} else {
+				b = rootOpts.ToBuild(configOpts.Printer.WithWriter(&buf))
+				configOpts.Printer.Spinner, _ = configOpts.Printer.Spinner.Start("listing images, it will take a few seconds")
+			}
 			b.LoadImages()
+			if !configOpts.disableStyling {
+				_ = configOpts.Printer.Spinner.Stop()
+				configOpts.Printer.DefaultText.Print(buf.String())
+			}

 			table := tablewriter.NewWriter(os.Stdout)
 			table.SetHeader([]string{"Image", "Target", "Arch", "GCC"})
@ -47,6 +64,7 @@ func NewImagesCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Comman
 				table.Append(data)
 			}
 			table.Render() // Send output
+			return nil
 		},
 	}
 	// Add root flags
--- a/cmd/kubernetes.go
+++ b/cmd/kubernetes.go
@ -15,8 +15,8 @@ limitations under the License.
 package cmd

 import (
-	"log/slog"
-	"os"
+	"bytes"
+	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
 	"regexp"
 	"strings"

@ -24,12 +24,11 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kubernetes/factory"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	"github.com/spf13/viper"
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 )

 // NewKubernetesCmd creates the `driverkit kubernetes` command.
-func NewKubernetesCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+func NewKubernetesCmd(configOpts *ConfigOptions, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
 	kubernetesCmd := &cobra.Command{
 		Use:     "kubernetes",
 		Short:   "Build Falco kernel modules and eBPF probes against a Kubernetes cluster.",
@ -58,34 +57,39 @@ func NewKubernetesCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Co

 	kubefactory := factory.NewFactory(configFlags)

-	kubernetesCmd.Run = func(cmd *cobra.Command, args []string) {
-		slog.With("processor", cmd.Name()).Info("driver building, it will take a few seconds")
-		if !configOptions.DryRun {
-			if err := kubernetesRun(cmd, args, kubefactory, rootOpts); err != nil {
-				slog.With("err", err.Error()).Error("exiting")
-				os.Exit(1)
+	kubernetesCmd.RunE = func(c *cobra.Command, args []string) error {
+		configOpts.Printer.Logger.Info("starting build",
+			configOpts.Printer.Logger.Args("processor", c.Name()))
+		if !configOpts.dryRun {
+			if !rootOpts.Output.HasOutputs() {
+				configOpts.Printer.Logger.Info("no output specified")
+				return nil
 			}
+			// Since we use a spinner, cache log data to a bytesbuffer;
+			// we will later print it once we stop the spinner.
+			var b *builder.Build
+			if configOpts.disableStyling {
+				b = rootOpts.ToBuild(configOpts.Printer)
+			} else {
+				var buf bytes.Buffer
+				b = rootOpts.ToBuild(configOpts.Printer.WithWriter(&buf))
+				configOpts.Printer.Spinner, _ = configOpts.Printer.Spinner.Start("driver building, it will take a few seconds")
+				defer func() {
+					configOpts.Printer.DefaultText.Print(buf.String())
+				}()
+			}
+			return kubernetesRun(kubefactory, b, configOpts)
 		}
+		return nil
 	}

 	return kubernetesCmd
 }

-func kubernetesRun(cmd *cobra.Command, args []string, kubefactory factory.Factory, rootOpts *RootOptions) error {
-	f := cmd.Flags()
-	b := rootOpts.ToBuild()
-	if !b.HasOutputs() {
-		return nil
-	}
-
-	namespaceStr, err := f.GetString("namespace")
-	if err != nil {
-		return err
-	}
-	if len(namespaceStr) == 0 {
-		namespaceStr = "default"
-	}
-
+func kubernetesRun(kubefactory factory.Factory,
+	b *builder.Build,
+	configOpts *ConfigOptions,
+) error {
 	kc, err := kubefactory.KubernetesClientSet()
 	if err != nil {
 		return err
@ -98,6 +102,12 @@ func kubernetesRun(cmd *cobra.Command, args []string, kubefactory factory.Factor
 		return err
 	}

-	buildProcessor := driverbuilder.NewKubernetesBuildProcessor(kc.CoreV1(), clientConfig, kubernetesOptions.RunAsUser, kubernetesOptions.Namespace, kubernetesOptions.ImagePullSecret, viper.GetInt("timeout"), viper.GetString("proxy"))
+	buildProcessor := driverbuilder.NewKubernetesBuildProcessor(kc.CoreV1(),
+		clientConfig,
+		kubernetesOptions.RunAsUser,
+		kubernetesOptions.Namespace,
+		kubernetesOptions.ImagePullSecret,
+		configOpts.Timeout,
+		configOpts.ProxyURL)
 	return buildProcessor.Start(b)
 }
--- a/cmd/kubernetes_in_cluster.go
+++ b/cmd/kubernetes_in_cluster.go
@ -15,20 +15,18 @@ limitations under the License.
 package cmd

 import (
-	"log/slog"
-	"os"
-
+	"bytes"
 	"github.com/falcosecurity/driverkit/pkg/driverbuilder"
+	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
 	"github.com/falcosecurity/driverkit/pkg/kubernetes/factory"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	"github.com/spf13/viper"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 )

 // NewKubernetesInClusterCmd creates the `driverkit kubernetes` command.
-func NewKubernetesInClusterCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+func NewKubernetesInClusterCmd(configOpts *ConfigOptions, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
 	kubernetesInClusterCmd := &cobra.Command{
 		Use:     "kubernetes-in-cluster",
 		Short:   "Build Falco kernel modules and eBPF probes against a Kubernetes cluster inside a Kubernetes cluster.",
@ -42,32 +40,42 @@ func NewKubernetesInClusterCmd(rootOpts *RootOptions, rootFlags *pflag.FlagSet)
 	// Add root flags
 	kubernetesInClusterCmd.PersistentFlags().AddFlagSet(rootFlags)

-	kubernetesInClusterCmd.Run = func(cmd *cobra.Command, args []string) {
-		slog.With("processor", cmd.Name()).Info("driver building, it will take a few seconds")
-		if !configOptions.DryRun {
-			config, err := rest.InClusterConfig()
-			if err != nil {
-				slog.With("err", err.Error()).Error("exiting")
-				os.Exit(1)
+	kubernetesInClusterCmd.RunE = func(c *cobra.Command, args []string) error {
+		configOpts.Printer.Logger.Info("starting build",
+			configOpts.Printer.Logger.Args("processor", c.Name()))
+		if !configOpts.dryRun {
+			if !rootOpts.Output.HasOutputs() {
+				configOpts.Printer.Logger.Info("no output specified")
+				return nil
 			}
-			if err = factory.SetKubernetesDefaults(config); err != nil {
-				slog.With("err", err.Error()).Error("exiting")
-				os.Exit(1)
-			}
-			if err = kubernetesInClusterRun(cmd, args, config, rootOpts); err != nil {
-				slog.With("err", err.Error()).Error("exiting")
-				os.Exit(1)
+			// Since we use a spinner, cache log data to a bytesbuffer;
+			// we will later print it once we stop the spinner.
+			var b *builder.Build
+			if configOpts.disableStyling {
+				b = rootOpts.ToBuild(configOpts.Printer)
+			} else {
+				var buf bytes.Buffer
+				b = rootOpts.ToBuild(configOpts.Printer.WithWriter(&buf))
+				configOpts.Printer.Spinner, _ = configOpts.Printer.Spinner.Start("driver building, it will take a few seconds")
+				defer func() {
+					configOpts.Printer.DefaultText.Print(buf.String())
+				}()
 			}
+			return kubernetesInClusterRun(b, configOpts)
 		}
+		return nil
 	}

 	return kubernetesInClusterCmd
 }

-func kubernetesInClusterRun(_ *cobra.Command, _ []string, kubeConfig *rest.Config, rootOpts *RootOptions) error {
-	b := rootOpts.ToBuild()
-	if !b.HasOutputs() {
-		return nil
+func kubernetesInClusterRun(b *builder.Build, configOpts *ConfigOptions) error {
+	kubeConfig, err := rest.InClusterConfig()
+	if err != nil {
+		return err
+	}
+	if err = factory.SetKubernetesDefaults(kubeConfig); err != nil {
+		return err
 	}

 	kc, err := kubernetes.NewForConfig(kubeConfig)
@ -75,7 +83,12 @@ func kubernetesInClusterRun(_ *cobra.Command, _ []string, kubeConfig *rest.Confi
 		return err
 	}

-	buildProcessor := driverbuilder.NewKubernetesBuildProcessor(kc.CoreV1(), kubeConfig, kubernetesOptions.RunAsUser, kubernetesOptions.Namespace, kubernetesOptions.ImagePullSecret, viper.GetInt("timeout"), viper.GetString("proxy"))
-
+	buildProcessor := driverbuilder.NewKubernetesBuildProcessor(kc.CoreV1(),
+		kubeConfig,
+		kubernetesOptions.RunAsUser,
+		kubernetesOptions.Namespace,
+		kubernetesOptions.ImagePullSecret,
+		configOpts.Timeout,
+		configOpts.ProxyURL)
 	return buildProcessor.Start(b)
 }
--- a/cmd/local.go
+++ b/cmd/local.go
@ -1,58 +1,60 @@
 package cmd

 import (
+	"bytes"
 	"github.com/falcosecurity/driverkit/pkg/driverbuilder"
+	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-	"github.com/spf13/viper"
-	"log/slog"
-	"os"
-	"os/user"
-	"runtime"
 )

 type localCmdOptions struct {
-	useDKMS bool
-	srcDir  string
-	envMap  map[string]string
+	useDKMS         bool
+	downloadHeaders bool
+	srcDir          string
+	envMap          map[string]string
 }

 // NewLocalCmd creates the `driverkit local` command.
-func NewLocalCmd(rootCommand *RootCmd, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
+func NewLocalCmd(configOpts *ConfigOptions, rootOpts *RootOptions, rootFlags *pflag.FlagSet) *cobra.Command {
 	opts := localCmdOptions{}
 	localCmd := &cobra.Command{
-		Use:               "local",
-		Short:             "Build Falco kernel modules and eBPF probes in local env with local kernel sources and gcc/clang.",
-		PersistentPreRunE: persistentPreRunFunc(rootCommand, rootOpts),
-		Run: func(c *cobra.Command, args []string) {
-			slog.With("processor", c.Name()).Info("driver building, it will take a few seconds")
-			if !configOptions.DryRun {
-				b := rootOpts.ToBuild()
-				if !b.HasOutputs() {
-					return
+		Use:   "local",
+		Short: "Build Falco kernel modules and eBPF probes in local env with local kernel sources and gcc/clang.",
+		RunE: func(c *cobra.Command, args []string) error {
+			configOpts.Printer.Logger.Info("starting build",
+				configOpts.Printer.Logger.Args("processor", c.Name()))
+			if !configOpts.dryRun {
+				if !rootOpts.Output.HasOutputs() {
+					configOpts.Printer.Logger.Info("no output specified")
+					return nil
 				}
-				if opts.useDKMS {
-					currentUser, err := user.Current()
-					if err != nil {
-						slog.With("err", err.Error()).Error("Failed to retrieve user. Exiting.")
-						os.Exit(1)
-					}
-					if currentUser.Username != "root" {
-						slog.Error("Must be run as root for DKMS build.")
-						os.Exit(1)
-					}
-				}
-				if err := driverbuilder.NewLocalBuildProcessor(viper.GetInt("timeout"), opts.useDKMS, opts.srcDir, opts.envMap).Start(b); err != nil {
-					slog.With("err", err.Error()).Error("exiting")
-					os.Exit(1)
+				// Since we use a spinner, cache log data to a bytesbuffer;
+				// we will later print it once we stop the spinner.
+				var b *builder.Build
+				if configOpts.disableStyling {
+					b = rootOpts.ToBuild(configOpts.Printer)
+				} else {
+					var buf bytes.Buffer
+					b = rootOpts.ToBuild(configOpts.Printer.WithWriter(&buf))
+					configOpts.Printer.Spinner, _ = configOpts.Printer.Spinner.Start("driver building, it will take a few seconds")
+					defer func() {
+						configOpts.Printer.DefaultText.Print(buf.String())
+					}()
 				}
+				return driverbuilder.NewLocalBuildProcessor(opts.useDKMS,
+					opts.downloadHeaders,
+					false,
+					opts.srcDir,
+					opts.envMap,
+					configOpts.Timeout).Start(b)
 			}
+			return nil
 		},
 	}
 	// Add root flags, but not the ones unneeded
 	unusedFlagsSet := map[string]struct{}{
 		"architecture":        {},
-		"target":              {},
 		"kernelurls":          {},
 		"builderrepo":         {},
 		"builderimage":        {},
@ -71,18 +73,9 @@ func NewLocalCmd(rootCommand *RootCmd, rootOpts *RootOptions, rootFlags *pflag.F
 		}
 	})
 	flagSet.BoolVar(&opts.useDKMS, "dkms", false, "Enforce usage of DKMS to build the kernel module.")
+	flagSet.BoolVar(&opts.downloadHeaders, "download-headers", false, "Try to automatically download kernel headers.")
 	flagSet.StringVar(&opts.srcDir, "src-dir", "", "Enforce usage of local source dir to build drivers.")
-	flagSet.StringToStringVar(&opts.envMap, "env", nil, "Env variables to be enforced during the driver build.")
+	flagSet.StringToStringVar(&opts.envMap, "env", make(map[string]string), "Env variables to be enforced during the driver build.")
 	localCmd.PersistentFlags().AddFlagSet(flagSet)
 	return localCmd
 }
-
-// Partially overrides rootCmd.persistentPreRunFunc setting some defaults before config init/validation stage.
-func persistentPreRunFunc(rootCommand *RootCmd, rootOpts *RootOptions) func(c *cobra.Command, args []string) error {
-	return func(c *cobra.Command, args []string) error {
-		// Default values
-		rootOpts.Target = "local"
-		rootOpts.Architecture = runtime.GOARCH
-		return rootCommand.c.PersistentPreRunE(c, args)
-	}
-}
--- a/cmd/root.go
+++ b/cmd/root.go
@ -15,32 +15,29 @@ limitations under the License.
 package cmd

 import (
+	"errors"
 	"fmt"
 	"io"
-	"log/slog"
 	"os"
-	"runtime"
 	"sort"
 	"strings"

-	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
-	"github.com/falcosecurity/driverkit/validate"
-
 	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
+	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 	"github.com/falcosecurity/driverkit/pkg/version"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"

-	homedir "github.com/mitchellh/go-homedir"
 	"github.com/spf13/viper"
 )

-func persistentValidateFunc(rootCommand *RootCmd, rootOpts *RootOptions) func(c *cobra.Command, args []string) error {
+func persistentValidateFunc(rootCommand *RootCmd, configOpts *ConfigOptions, rootOpts *RootOptions) func(c *cobra.Command, args []string) error {
 	return func(c *cobra.Command, args []string) error {
-		initConfig()
+		var validationError = errors.New("exiting for validation errors")
+		configErr := configOpts.Init()
 		// Early exit if detect some error into config flags
-		if configOptions.configErrors {
-			return fmt.Errorf("exiting for validation errors")
+		if configErr {
+			return validationError
 		}
 		// Merge environment variables or config file values into the RootOptions instance
 		skip := map[string]bool{ // do not merge these
@ -61,13 +58,13 @@ func persistentValidateFunc(rootCommand *RootCmd, rootOpts *RootOptions) func(c
 					// rather than replace, it appends. Since viper will already have the cli options set
 					// if supplied, we only need this step if rootCommand doesn't already have them e.g.
 					// not set on CLI so read from config.
-					if cli_urls, err := rootCommand.c.Flags().GetStringSlice(name); err == nil && len(cli_urls) != 0 {
+					if cliURLs, err := rootCommand.c.Flags().GetStringSlice(name); err == nil && len(cliURLs) != 0 {
 						return
 					}
 					value := viper.GetStringSlice(name)
 					if len(value) != 0 {
 						strValue := strings.Join(value, ",")
-						rootCommand.c.Flags().Set(name, strValue)
+						_ = rootCommand.c.Flags().Set(name, strValue)
 					}
 				} else {
 					value := viper.GetString(name)
@ -79,7 +76,7 @@ func persistentValidateFunc(rootCommand *RootCmd, rootOpts *RootOptions) func(c
 					}
 					// set the value, if any, otherwise let the default
 					if value != "" {
-						rootCommand.c.Flags().Set(name, value)
+						_ = rootCommand.c.Flags().Set(name, value)
 					}
 				}
 			}
@ -92,11 +89,12 @@ func persistentValidateFunc(rootCommand *RootCmd, rootOpts *RootOptions) func(c
 		if c.Root() != c && c.Name() != "help" && c.Name() != "__complete" && c.Name() != "__completeNoDesc" && c.Name() != "completion" {
 			if errs := rootOpts.Validate(); errs != nil {
 				for _, err := range errs {
-					slog.With("err", err.Error()).Error("error validating build options")
+					configOpts.Printer.Logger.Error("error validating build options",
+						configOpts.Printer.Logger.Args("err", err.Error()))
 				}
-				return fmt.Errorf("exiting for validation errors")
+				return validationError
 			}
-			rootOpts.Log()
+			rootOpts.Log(configOpts.Printer)
 		}
 		return nil
 	}
@ -108,9 +106,7 @@ type RootCmd struct {
 }

 // NewRootCmd instantiates the root command.
-func NewRootCmd() *RootCmd {
-	configOptions = NewConfigOptions()
-	rootOpts := NewRootOptions()
+func NewRootCmd(configOpts *ConfigOptions, rootOpts *RootOptions) *RootCmd {
 	rootCmd := &cobra.Command{
 		Use:                   "driverkit",
 		Short:                 "A command line tool to build Falco kernel modules and eBPF probes.",
@ -119,74 +115,51 @@ func NewRootCmd() *RootCmd {
 		Args:                  cobra.OnlyValidArgs,
 		DisableFlagsInUseLine: true,
 		DisableAutoGenTag:     true,
+		SilenceErrors:         true,
+		SilenceUsage:          true,
 		Version:               version.String(),
-		Run: func(c *cobra.Command, args []string) {
+		RunE: func(c *cobra.Command, args []string) error {
 			if len(args) == 0 {
-				slog.With("processors", validProcessors).Info("specify a valid processor")
+				configOpts.Printer.Logger.Info("specify a valid processor", configOpts.Printer.Logger.Args("processors", validProcessors))
 			}
 			// Fallback to help
-			c.Help()
+			return c.Help()
 		},
 	}
 	ret := &RootCmd{
 		c: rootCmd,
 	}

-	rootCmd.PersistentPreRunE = persistentValidateFunc(ret, rootOpts)
+	rootCmd.PersistentPreRunE = persistentValidateFunc(ret, configOpts, rootOpts)

 	flags := rootCmd.Flags()

 	targets := builder.Targets()
 	sort.Strings(targets)

-	flags.StringVarP(&configOptions.ConfigFile, "config", "c", configOptions.ConfigFile, "config file path (default $HOME/.driverkit.yaml if exists)")
-	flags.StringVarP(&configOptions.LogLevel, "loglevel", "l", configOptions.LogLevel, "log level")
-	flags.IntVar(&configOptions.Timeout, "timeout", configOptions.Timeout, "timeout in seconds")
-	flags.BoolVar(&configOptions.DryRun, "dryrun", configOptions.DryRun, "do not actually perform the action")
-	flags.StringVar(&configOptions.ProxyURL, "proxy", configOptions.ProxyURL, "the proxy to use to download data")
+	configOpts.AddFlags(flags)
+	rootOpts.AddFlags(flags, targets)

-	flags.StringVar(&rootOpts.Output.Module, "output-module", rootOpts.Output.Module, "filepath where to save the resulting kernel module")
-	flags.StringVar(&rootOpts.Output.Probe, "output-probe", rootOpts.Output.Probe, "filepath where to save the resulting eBPF probe")
-	flags.StringVar(&rootOpts.Architecture, "architecture", runtime.GOARCH, "target architecture for the built driver, one of "+kernelrelease.SupportedArchs.String())
-	flags.StringVar(&rootOpts.DriverVersion, "driverversion", rootOpts.DriverVersion, "driver version as a git commit hash or as a git tag")
-	flags.StringVar(&rootOpts.KernelVersion, "kernelversion", rootOpts.KernelVersion, "kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v'")
-	flags.StringVar(&rootOpts.KernelRelease, "kernelrelease", rootOpts.KernelRelease, "kernel release to build the module for, it can be found by executing 'uname -v'")
-	flags.StringVarP(&rootOpts.Target, "target", "t", rootOpts.Target, "the system to target the build for, one of ["+strings.Join(targets, ",")+"]")
-	flags.StringVar(&rootOpts.KernelConfigData, "kernelconfigdata", rootOpts.KernelConfigData, "base64 encoded kernel config data: in some systems it can be found under the /boot directory, in other it is gzip compressed under /proc")
-	flags.StringVar(&rootOpts.ModuleDeviceName, "moduledevicename", rootOpts.ModuleDeviceName, "kernel module device name (the default is falco, so the device will be under /dev/falco*)")
-	flags.StringVar(&rootOpts.ModuleDriverName, "moduledrivername", rootOpts.ModuleDriverName, "kernel module driver name, i.e. the name you see when you check installed modules via lsmod")
-	flags.StringVar(&rootOpts.BuilderImage, "builderimage", rootOpts.BuilderImage, "docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.")
-	flags.StringSliceVar(&rootOpts.BuilderRepos, "builderrepo", rootOpts.BuilderRepos, "list of docker repositories or yaml file (absolute path) containing builder images index with the format 'images: [ { target:<target>, name:<image-name>, arch: <arch>, tag: <imagetag>, gcc_versions: [ <gcc-tag> ] },...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit-builder --builderrepo falcosecurity/driverkit-builder --builderrepo '/path/to/my/index.yaml'.")
-	flags.StringVar(&rootOpts.GCCVersion, "gccversion", rootOpts.GCCVersion, "enforce a specific gcc version for the build")
-
-	flags.StringSliceVar(&rootOpts.KernelUrls, "kernelurls", nil, "list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls \"<URL3>,<URL4>\")")
-
-	flags.StringVar(&rootOpts.Repo.Org, "repo-org", rootOpts.Repo.Org, "repository github organization")
-	flags.StringVar(&rootOpts.Repo.Name, "repo-name", rootOpts.Repo.Name, "repository github name")
-
-	flags.StringVar(&rootOpts.Registry.Name, "registry-name", rootOpts.Registry.Name, "registry name to which authenticate")
-	flags.StringVar(&rootOpts.Registry.Username, "registry-user", rootOpts.Registry.Username, "registry username")
-	flags.StringVar(&rootOpts.Registry.Password, "registry-password", rootOpts.Registry.Password, "registry password")
-	flags.BoolVar(&rootOpts.Registry.PlainHTTP, "registry-plain-http", rootOpts.Registry.PlainHTTP, "allows interacting with remote registry via plain http requests")
-
-	viper.BindPFlags(flags)
+	if err := viper.BindPFlags(flags); err != nil {
+		panic(err)
+	}

 	// Flag annotations and custom completions
-	rootCmd.MarkFlagFilename("config", viper.SupportedExts...)
-	rootCmd.RegisterFlagCompletionFunc("target", func(c *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+	_ = rootCmd.MarkFlagFilename("config", viper.SupportedExts...)
+	_ = rootCmd.RegisterFlagCompletionFunc("target", func(c *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 		return targets, cobra.ShellCompDirectiveDefault
 	})
-	rootCmd.RegisterFlagCompletionFunc("architecture", func(c *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+	_ = rootCmd.RegisterFlagCompletionFunc("architecture", func(c *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 		return kernelrelease.SupportedArchs.Strings(), cobra.ShellCompDirectiveDefault
 	})

 	// Subcommands
-	rootCmd.AddCommand(NewKubernetesCmd(rootOpts, flags))
-	rootCmd.AddCommand(NewKubernetesInClusterCmd(rootOpts, flags))
-	rootCmd.AddCommand(NewDockerCmd(rootOpts, flags))
-	rootCmd.AddCommand(NewLocalCmd(ret, rootOpts, flags))
-	rootCmd.AddCommand(NewImagesCmd(rootOpts, flags))
-	rootCmd.AddCommand(NewCompletionCmd())
+	rootCmd.AddCommand(NewKubernetesCmd(configOpts, rootOpts, flags))
+	rootCmd.AddCommand(NewKubernetesInClusterCmd(configOpts, rootOpts, flags))
+	rootCmd.AddCommand(NewDockerCmd(configOpts, rootOpts, flags))
+	rootCmd.AddCommand(NewLocalCmd(configOpts, rootOpts, flags))
+	rootCmd.AddCommand(NewImagesCmd(configOpts, rootOpts, flags))
+	rootCmd.AddCommand(NewCompletionCmd(configOpts, rootOpts, flags))

 	ret.StripSensitive()

@ -215,32 +188,15 @@ func (r *RootCmd) Command() *cobra.Command {
 	return r.c
 }

-func createDefaultLogger(w io.Writer) {
-	h := slog.NewTextHandler(w, &slog.HandlerOptions{
-		Level: validate.ProgramLevel,
-		ReplaceAttr: func(groups []string, a slog.Attr) slog.Attr {
-			if a.Key == slog.TimeKey {
-				return slog.Attr{}
-			}
-			return a
-		}})
-	slog.SetDefault(slog.New(h))
+// SetArgs proxies the arguments to the underlying cobra.Command.
+func (r *RootCmd) SetArgs(args []string) {
+	r.c.SetArgs(args)
 }

 // SetOutput sets the main command output writer.
 func (r *RootCmd) SetOutput(w io.Writer) {
 	r.c.SetOut(w)
 	r.c.SetErr(w)
-	createDefaultLogger(w)
-}
-
-func init() {
-	createDefaultLogger(os.Stdout)
-}
-
-// SetArgs proxies the arguments to the underlying cobra.Command.
-func (r *RootCmd) SetArgs(args []string) {
-	r.c.SetArgs(args)
 }

 // Execute proxies the cobra.Command execution.
@ -250,50 +206,30 @@ func (r *RootCmd) Execute() error {

 // Start creates the root command and runs it.
 func Start() {
-	root := NewRootCmd()
-	if err := root.Execute(); err != nil {
-		slog.With("err", err.Error()).Error("error executing driverkit")
-		os.Exit(1)
-	}
-}
-
-// initConfig reads in config file and ENV variables if set.
-func initConfig() {
-	if errs := configOptions.Validate(); errs != nil {
-		for _, err := range errs {
-			slog.With("err", err.Error()).Error("error validating config options")
-		}
-		// configOptions.configErrors should be true here
-	}
-	if configOptions.ConfigFile != "" {
-		viper.SetConfigFile(configOptions.ConfigFile)
-	} else {
-		// Find home directory.
-		home, err := homedir.Dir()
-		if err != nil {
-			slog.With("err", err.Error()).Debug("error getting the home directory")
-			// not setting configOptions.configErrors = true because we fallback to `$HOME/.driverkit.yaml` and try with it
-		}
-
-		viper.AddConfigPath(home)
-		viper.SetConfigName(".driverkit")
-	}
-
-	viper.AutomaticEnv()
-	viper.SetEnvPrefix("driverkit")
-	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
-
-	// If a config file is found, read it in.
-	if err := viper.ReadInConfig(); err == nil {
-		slog.With("file", viper.ConfigFileUsed()).Info("using config file")
-	} else {
-		if _, ok := err.(viper.ConfigFileNotFoundError); ok {
-			// Config file not found, ignore ...
-			slog.Debug("running without a configuration file")
+	configOpts, err := NewConfigOptions()
+	if err != nil {
+		// configOpts will never be nil here
+		if configOpts != nil {
+			configOpts.Printer.Logger.Fatal("error setting driverkit config options defaults",
+				configOpts.Printer.Logger.Args("err", err.Error()))
 		} else {
-			// Config file was found but another error was produced
-			slog.With("file", viper.ConfigFileUsed(), "err", err.Error()).Debug("error running with config file")
-			configOptions.configErrors = true
+			os.Exit(1)
 		}
 	}
+	rootOpts, err := NewRootOptions()
+	if err != nil {
+		configOpts.Printer.Logger.Fatal("error setting driverkit root options defaults",
+			configOpts.Printer.Logger.Args("err", err.Error()))
+	}
+
+	// Cleanup spinner upon leaving if any
+	defer func() {
+		if configOpts.Printer.Spinner != nil {
+			_ = configOpts.Printer.Spinner.Stop()
+		}
+	}()
+	root := NewRootCmd(configOpts, rootOpts)
+	if err = root.Execute(); err != nil {
+		configOpts.Printer.Logger.Fatal("error executing driverkit", configOpts.Printer.Logger.Args("err", err.Error()))
+	}
 }
--- a/cmd/root_options.go
+++ b/cmd/root_options.go
@ -15,9 +15,12 @@ limitations under the License.
 package cmd

 import (
-	"fmt"
-	"log/slog"
+	"errors"
+	"github.com/falcosecurity/falcoctl/pkg/output"
+	"github.com/spf13/pflag"
 	"os"
+	"runtime"
+	"strings"

 	"github.com/creasty/defaults"
 	"github.com/falcosecurity/driverkit/pkg/driverbuilder/builder"
@ -32,6 +35,10 @@ type OutputOptions struct {
 	Probe  string `validate:"required_without=Module,filepath,omitempty,endswith=.o" name:"output probe path"`
 }

+func (oo *OutputOptions) HasOutputs() bool {
+	return oo.Module != "" || oo.Probe != ""
+}
+
 type RepoOptions struct {
 	Org  string `default:"falcosecurity" name:"organization name"`
 	Name string `default:"libs" name:"repo name"`
@ -68,23 +75,23 @@ func init() {
 }

 // NewRootOptions ...
-func NewRootOptions() *RootOptions {
+func NewRootOptions() (*RootOptions, error) {
 	rootOpts := &RootOptions{}
 	if err := defaults.Set(rootOpts); err != nil {
-		slog.With("err", err.Error(), "options", "RootOptions").Error("error setting driverkit options defaults")
-		os.Exit(1)
+		return nil, err
 	}
-	return rootOpts
+	return rootOpts, nil
 }

 // Validate validates the RootOptions fields.
 func (ro *RootOptions) Validate() []error {
 	if err := validate.V.Struct(ro); err != nil {
-		errors := err.(validator.ValidationErrors)
+		var errs validator.ValidationErrors
+		errors.As(err, &errs)
 		errArr := []error{}
-		for _, e := range errors {
+		for _, e := range errs {
 			// Translate each error one at a time
-			errArr = append(errArr, fmt.Errorf(e.Translate(validate.T)))
+			errArr = append(errArr, errors.New(e.Translate(validate.T)))
 		}
 		return errArr
 	}
@ -93,31 +100,58 @@ func (ro *RootOptions) Validate() []error {
 	kr := kernelrelease.FromString(ro.KernelRelease)
 	kr.Architecture = kernelrelease.Architecture(ro.Architecture)
 	if !kr.SupportsModule() && !kr.SupportsProbe() {
-		return []error{fmt.Errorf("both module and probe are not supported by given options")}
+		return []error{errors.New("both module and probe are not supported by given options")}
 	}

 	return nil
 }

+func (ro *RootOptions) AddFlags(flags *pflag.FlagSet, targets []string) {
+	flags.StringVar(&ro.Output.Module, "output-module", ro.Output.Module, "filepath where to save the resulting kernel module")
+	flags.StringVar(&ro.Output.Probe, "output-probe", ro.Output.Probe, "filepath where to save the resulting eBPF probe")
+	flags.StringVar(&ro.Architecture, "architecture", runtime.GOARCH, "target architecture for the built driver, one of "+kernelrelease.SupportedArchs.String())
+	flags.StringVar(&ro.DriverVersion, "driverversion", ro.DriverVersion, "driver version as a git commit hash or as a git tag")
+	flags.StringVar(&ro.KernelVersion, "kernelversion", ro.KernelVersion, "kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v'")
+	flags.StringVar(&ro.KernelRelease, "kernelrelease", ro.KernelRelease, "kernel release to build the module for, it can be found by executing 'uname -v'")
+	flags.StringVarP(&ro.Target, "target", "t", ro.Target, "the system to target the build for, one of ["+strings.Join(targets, ",")+"]")
+	flags.StringVar(&ro.KernelConfigData, "kernelconfigdata", ro.KernelConfigData, "base64 encoded kernel config data: in some systems it can be found under the /boot directory, in other it is gzip compressed under /proc")
+	flags.StringVar(&ro.ModuleDeviceName, "moduledevicename", ro.ModuleDeviceName, "kernel module device name (the default is falco, so the device will be under /dev/falco*)")
+	flags.StringVar(&ro.ModuleDriverName, "moduledrivername", ro.ModuleDriverName, "kernel module driver name, i.e. the name you see when you check installed modules via lsmod")
+	flags.StringVar(&ro.BuilderImage, "builderimage", ro.BuilderImage, "docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.")
+	flags.StringSliceVar(&ro.BuilderRepos, "builderrepo", ro.BuilderRepos, "list of docker repositories or yaml file (absolute path) containing builder images index with the format 'images: [ { target:<target>, name:<image-name>, arch: <arch>, tag: <imagetag>, gcc_versions: [ <gcc-tag> ] },...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit-builder --builderrepo falcosecurity/driverkit-builder --builderrepo '/path/to/my/index.yaml'.")
+	flags.StringVar(&ro.GCCVersion, "gccversion", ro.GCCVersion, "enforce a specific gcc version for the build")
+
+	flags.StringSliceVar(&ro.KernelUrls, "kernelurls", nil, "list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls \"<URL3>,<URL4>\")")
+
+	flags.StringVar(&ro.Repo.Org, "repo-org", ro.Repo.Org, "repository github organization")
+	flags.StringVar(&ro.Repo.Name, "repo-name", ro.Repo.Name, "repository github name")
+
+	flags.StringVar(&ro.Registry.Name, "registry-name", ro.Registry.Name, "registry name to which authenticate")
+	flags.StringVar(&ro.Registry.Username, "registry-user", ro.Registry.Username, "registry username")
+	flags.StringVar(&ro.Registry.Password, "registry-password", ro.Registry.Password, "registry password")
+	flags.BoolVar(&ro.Registry.PlainHTTP, "registry-plain-http", ro.Registry.PlainHTTP, "allows interacting with remote registry via plain http requests")
+}
+
 // Log emits a log line containing the receiving RootOptions for debugging purposes.
 //
 // Call it only after validation.
-func (ro *RootOptions) Log() {
-	slog.Debug("running with options",
-		"output-module", ro.Output.Module,
-		"output-probe", ro.Output.Probe,
-		"driverversion", ro.DriverVersion,
-		"kernelrelease", ro.KernelRelease,
-		"kernelversion", ro.KernelVersion,
-		"target", ro.Target,
-		"arch", ro.Architecture,
-		"kernelurls", ro.KernelUrls,
-		"repo-org", ro.Repo.Org,
-		"repo-name", ro.Repo.Name,
-	)
+func (ro *RootOptions) Log(printer *output.Printer) {
+	printer.Logger.Debug("running with options",
+		printer.Logger.Args(
+			"output-module", ro.Output.Module,
+			"output-probe", ro.Output.Probe,
+			"driverversion", ro.DriverVersion,
+			"kernelrelease", ro.KernelRelease,
+			"kernelversion", ro.KernelVersion,
+			"target", ro.Target,
+			"arch", ro.Architecture,
+			"kernelurls", ro.KernelUrls,
+			"repo-org", ro.Repo.Org,
+			"repo-name", ro.Repo.Name,
+		))
 }

-func (ro *RootOptions) ToBuild() *builder.Build {
+func (ro *RootOptions) ToBuild(printer *output.Printer) *builder.Build {
 	kernelConfigData := ro.KernelConfigData
 	if len(kernelConfigData) == 0 {
 		kernelConfigData = "bm8tZGF0YQ==" // no-data
@ -145,6 +179,7 @@ func (ro *RootOptions) ToBuild() *builder.Build {
 		RegistryUser:      ro.Registry.Username,
 		RegistryPassword:  ro.Registry.Password,
 		RegistryPlainHTTP: ro.Registry.PlainHTTP,
+		Printer:           printer,
 	}

 	// loop over BuilderRepos to build the list ImagesListers based on the value of the builderRepo:
@ -160,7 +195,8 @@ func (ro *RootOptions) ToBuild() *builder.Build {
 			imageLister, err = builder.NewRepoImagesLister(builderRepo, build)
 		}
 		if err != nil {
-			slog.With("err", err.Error()).Warn("Skipping repo", "repo", builderRepo)
+			printer.Logger.Warn("skipping repo",
+				printer.Logger.Args("repo", builderRepo, "err", err.Error()))
 		} else {
 			build.ImagesListers = append(build.ImagesListers, imageLister)
 		}
@ -170,11 +206,13 @@ func (ro *RootOptions) ToBuild() *builder.Build {
 	kr := build.KernelReleaseFromBuildConfig()
 	if len(build.ModuleFilePath) > 0 && !kr.SupportsModule() {
 		build.ModuleFilePath = ""
-		slog.Warn("Skipping build attempt of module for unsupported kernel release", "kernelrelease", kr.String())
+		printer.Logger.Warn("skipping build attempt of module for unsupported kernel release",
+			printer.Logger.Args("kernelrelease", kr.String()))
 	}
 	if len(build.ProbeFilePath) > 0 && !kr.SupportsProbe() {
 		build.ProbeFilePath = ""
-		slog.Warn("Skipping build attempt of probe for unsupported kernel release", "kernelrelease", kr.String())
+		printer.Logger.Warn("skipping build attempt of probe for unsupported kernel release",
+			printer.Logger.Args("kernelrelease", kr.String()))
 	}
 	return build
 }
--- a/cmd/testdata/autohelp.txt
+++ b/cmd/testdata/autohelp.txt
@ -1,4 +1,5 @@
-level=INFO msg="specify a valid processor" processors="[docker kubernetes kubernetes-in-cluster local]"
+INFO  specify a valid processor
+    └ processors: [docker kubernetes kubernetes-in-cluster local]
 {{ .Desc }}

 {{ .Usage }}
--- a/cmd/testdata/configs/1.yaml
+++ b/cmd/testdata/configs/1.yaml
@ -3,4 +3,5 @@ kernelversion: 59
 target: ubuntu-aws
 output:
    module: /tmp/falco-ubuntu-aws.ko
+    probe: /tmp/falco-ubuntu-aws.o
 driverversion: master
--- a/cmd/testdata/configs/2.yaml
+++ b/cmd/testdata/configs/2.yaml
@ -7,4 +7,5 @@ kernelurls: [
 target: ubuntu-aws
 output:
    module: /tmp/falco-ubuntu-aws.ko
+    probe: /tmp/falco-ubuntu-aws.o
 driverversion: master
--- a/cmd/testdata/docker-from-config-debug.txt
+++ b/cmd/testdata/docker-from-config-debug.txt
@ -1,3 +1,13 @@
-level=INFO msg="using config file" file=testdata/configs/1.yaml
-level=DEBUG msg="running with options" output-module=/tmp/falco-ubuntu-aws.ko output-probe="" driverversion=master kernelrelease=4.15.0-1057-aws kernelversion=59 target=ubuntu-aws arch={{ .CurrentArch }} kernelurls=[] repo-org=falcosecurity repo-name=libs
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+INFO  using config file file: testdata/configs/1.yaml
+DEBUG running with options
+    ├ output-module: /tmp/falco-ubuntu-aws.ko
+    ├ output-probe: /tmp/falco-ubuntu-aws.o
+    ├ driverversion: master
+    ├ kernelrelease: 4.15.0-1057-aws
+    ├ kernelversion: 59
+    ├ target: ubuntu-aws
+    ├ arch: {{ .CurrentArch }}
+    ├ kernelurls: []
+    ├ repo-org: falcosecurity
+    └ repo-name: libs
+INFO  starting build processor: docker
--- a/cmd/testdata/docker-override-from-config-debug.txt
+++ b/cmd/testdata/docker-override-from-config-debug.txt
@ -1,3 +1,13 @@
-level=INFO msg="using config file" file=testdata/configs/1.yaml
-level=DEBUG msg="running with options" output-module=/tmp/override.ko output-probe="" driverversion=master kernelrelease=4.15.0-1057-aws kernelversion=229 target=ubuntu-aws arch={{ .CurrentArch }} kernelurls=[] repo-org=falcosecurity repo-name=libs
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+INFO  using config file file: testdata/configs/1.yaml
+DEBUG running with options
+    ├ output-module: /tmp/override.ko
+    ├ output-probe: /tmp/falco-ubuntu-aws.o
+    ├ driverversion: master
+    ├ kernelrelease: 4.15.0-1057-aws
+    ├ kernelversion: 229
+    ├ target: ubuntu-aws
+    ├ arch: {{ .CurrentArch }}
+    ├ kernelurls: []
+    ├ repo-org: falcosecurity
+    └ repo-name: libs
+INFO  starting build processor: docker
--- a/cmd/testdata/docker-override-urls-from-config-debug.txt
+++ b/cmd/testdata/docker-override-urls-from-config-debug.txt
@ -1,3 +1,13 @@
-level=INFO msg="using config file" file=testdata/configs/2.yaml
-level=DEBUG msg="running with options" output-module=/tmp/falco-ubuntu-aws.ko output-probe="" driverversion=master kernelrelease=4.15.0-1057-aws kernelversion=59 target=ubuntu-aws arch={{ .CurrentArch }} kernelurls="[https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-aws-headers-4.15.0-1057_4.15.0-1057.59_all.deb https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-headers-4.15.0-1057-aws_4.15.0-1057.59_amd64.deb]" repo-org=falcosecurity repo-name=libs
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+INFO  using config file file: testdata/configs/2.yaml
+DEBUG running with options
+    ├ output-module: /tmp/falco-ubuntu-aws.ko
+    ├ output-probe: /tmp/falco-ubuntu-aws.o
+    ├ driverversion: master
+    ├ kernelrelease: 4.15.0-1057-aws
+    ├ kernelversion: 59
+    ├ target: ubuntu-aws
+    ├ arch: {{ .CurrentArch }}
+    ├ kernelurls: [https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-aws-headers-4.15.0-1057_4.15.0-1057.59_all.deb https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-headers-4.15.0-1057-aws_4.15.0-1057.59_amd64.deb]
+    ├ repo-org: falcosecurity
+    └ repo-name: libs
+INFO  starting build processor: docker
--- a/cmd/testdata/docker-related-target-debug.txt
+++ b/cmd/testdata/docker-related-target-debug.txt
@ -1,3 +1,13 @@
-level=DEBUG msg="running without a configuration file"
-level=DEBUG msg="running with options" output-module=/tmp/falco-ubuntu-azure.ko output-probe="" driverversion=master kernelrelease=4.15.0-1057-azure kernelversion=62 target=ubuntu-azure arch={{ .CurrentArch }} kernelurls="[http://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-azure/linux-azure-headers-4.15.0-1057_4.15.0-1057.62_all.deb http://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-azure/linux-headers-4.15.0-1057-azure_4.15.0-1057.62_amd64.deb]" repo-org=falcosecurity repo-name=libs
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+DEBUG running without a configuration file 
+DEBUG running with options
+    ├ output-module: /tmp/falco-ubuntu-azure.ko
+    ├ output-probe: /tmp/falco-ubuntu-aws.o
+    ├ driverversion: master
+    ├ kernelrelease: 4.15.0-1057-azure
+    ├ kernelversion: 62
+    ├ target: ubuntu-azure
+    ├ arch: {{ .CurrentArch }}
+    ├ kernelurls: [http://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-azure/linux-azure-headers-4.15.0-1057_4.15.0-1057.62_all.deb http://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-azure/linux-headers-4.15.0-1057-azure_4.15.0-1057.62_amd64.deb]
+    ├ repo-org: falcosecurity
+    └ repo-name: libs
+INFO  starting build processor: docker
--- a/cmd/testdata/docker-target-redhat-validation-error-debug.txt
+++ b/cmd/testdata/docker-target-redhat-validation-error-debug.txt
@ -1,8 +1,4 @@
-level=DEBUG msg="running without a configuration file"
-level=ERROR msg="error validating build options" err="builder image is a required field when target is redhat"
-Error: exiting for validation errors
-Usage:
-  driverkit docker [flags]
-
-{{ .Flags }}
-
+DEBUG running without a configuration file 
+ERROR error validating build options
+    └ err: builder image is a required field when target is redhat
+ERROR error executing driverkit err: exiting for validation errors
--- a/cmd/testdata/docker-with-flags-debug.txt
+++ b/cmd/testdata/docker-with-flags-debug.txt
@ -1,3 +1,13 @@
-level=DEBUG msg="running without a configuration file"
-level=DEBUG msg="running with options" output-module=/tmp/falco-ubuntu-aws.ko output-probe="" driverversion=master kernelrelease=4.15.0-1057-aws kernelversion=59 target=ubuntu-aws arch={{ .CurrentArch }} kernelurls="[https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-aws-headers-4.15.0-1057_4.15.0-1057.59_all.deb https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-headers-4.15.0-1057-aws_4.15.0-1057.59_amd64.deb]" repo-org=falcosecurity repo-name=libs
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+DEBUG running without a configuration file 
+DEBUG running with options
+    ├ output-module: /tmp/falco-ubuntu-aws.ko
+    ├ output-probe: /tmp/falco-ubuntu-aws.o
+    ├ driverversion: master
+    ├ kernelrelease: 4.15.0-1057-aws
+    ├ kernelversion: 59
+    ├ target: ubuntu-aws
+    ├ arch: {{ .CurrentArch }}
+    ├ kernelurls: [https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-aws-headers-4.15.0-1057_4.15.0-1057.59_all.deb https://mirrors.edge.kernel.org/ubuntu/pool/main/l/linux-aws/linux-headers-4.15.0-1057-aws_4.15.0-1057.59_amd64.deb]
+    ├ repo-org: falcosecurity
+    └ repo-name: libs
+INFO  starting build processor: docker
--- a/cmd/testdata/docker-with-flags.txt
+++ b/cmd/testdata/docker-with-flags.txt
@ -1 +1 @@
-level=INFO msg="driver building, it will take a few seconds" processor=docker
+INFO  starting build processor: docker
--- a/cmd/testdata/dockernoopts.txt
+++ b/cmd/testdata/dockernoopts.txt
@ -1,10 +1,7 @@
-level=ERROR msg="error validating build options" err="kernel release is a required field"
-level=ERROR msg="error validating build options" err="target is a required field"
-level=ERROR msg="error validating build options" err="output module path is required when probe is missing"
-level=ERROR msg="error validating build options" err="output probe path is required when module is missing"
-Error: exiting for validation errors
-Usage:
-  driverkit docker [flags]
-
-{{ .Flags }}
-
+ERROR error validating build options err: kernel release is a required field
+ERROR error validating build options err: target is a required field
+ERROR error validating build options
+    └ err: output module path is required when probe is missing
+ERROR error validating build options
+    └ err: output probe path is required when module is missing
+ERROR error executing driverkit err: exiting for validation errors
--- a/cmd/testdata/invalid-proxyconfig.txt
+++ b/cmd/testdata/invalid-proxyconfig.txt
@ -1,11 +1,3 @@
-level=ERROR msg="error validating config options" err="proxy url must start with http:// or https:// or socks5:// prefix"
-Error: exiting for validation errors
-{{ .Usage }}
-
-{{ .Commands }}
-
-{{ .Flags }}
-  -v, --version                    version for driverkit
-
-{{ .Info }}
-
+ERROR error validating config options
+    └ err: proxy url must start with http:// or https:// or socks5:// prefix
+ERROR error executing driverkit err: exiting for validation errors
--- a/cmd/testdata/non-existent-processor.txt
+++ b/cmd/testdata/non-existent-processor.txt
@ -1,10 +1 @@
-Error: invalid argument "abc" for "driverkit"
-{{ .Usage }}
-
-{{ .Commands }}
-
-{{ .Flags }}
-  -v, --version                    version for driverkit
-
-{{ .Info }}
-
+ERROR error executing driverkit err: invalid argument "abc" for "driverkit"
--- a/cmd/testdata/templates/flags.txt
+++ b/cmd/testdata/templates/flags.txt
@ -11,7 +11,7 @@ Flags:
      --kernelrelease string       kernel release to build the module for, it can be found by executing 'uname -v'
      --kernelurls strings         list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string       kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
-  -l, --loglevel string            log level (default "INFO")
+  -l, --loglevel string            set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string    kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string    kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
      --output-module string       filepath where to save the resulting kernel module
--- a/docgen/docgen.go
+++ b/docgen/docgen.go
@ -18,8 +18,6 @@ import (
 	"bytes"
 	"flag"
 	"fmt"
-	"io/ioutil"
-	"log/slog"
 	"os"
 	"path"
 	"strings"
@ -61,7 +59,22 @@ func main() {
 	flag.Parse()

 	// Get root command
-	driverkit := cmd.NewRootCmd()
+	configOpts, err := cmd.NewConfigOptions()
+	if err != nil {
+		// configOpts will never be nil here
+		if configOpts != nil {
+			configOpts.Printer.Logger.Fatal("error setting driverkit config options defaults",
+				configOpts.Printer.Logger.Args("err", err.Error()))
+		} else {
+			os.Exit(1)
+		}
+	}
+	rootOpts, err := cmd.NewRootOptions()
+	if err != nil {
+		configOpts.Printer.Logger.Fatal("error setting driverkit root options defaults",
+			configOpts.Printer.Logger.Args("err", err.Error()))
+	}
+	driverkit := cmd.NewRootCmd(configOpts, rootOpts)
 	root := driverkit.Command()
 	num := len(root.Commands()) + 1

@ -84,23 +97,20 @@ func main() {
 	}

 	// Generate markdown docs
-	err := doc.GenMarkdownTreeCustom(root, outputDir, prepender(num), linker)
+	err = doc.GenMarkdownTreeCustom(root, outputDir, prepender(num), linker)
 	if err != nil {
-		slog.With("err", err.Error()).Error("markdown generation")
-		os.Exit(1)
+		configOpts.Printer.Logger.Fatal("markdown generation", configOpts.Printer.Logger.Args("err", err.Error()))
 	}

 	if targetWebsite {
 		err = os.Rename(path.Join(outputDir, "driverkit.md"), path.Join(outputDir, "_index.md"))
 		if err != nil {
-			slog.With("err", err.Error()).Error("renaming main docs page")
-			os.Exit(1)
+			configOpts.Printer.Logger.Fatal("renaming main docs page", configOpts.Printer.Logger.Args("err", err.Error()))
 		}
 	}

 	if err = stripSensitive(); err != nil {
-		slog.With("err", err.Error()).Error("error replacing sensitive data")
-		os.Exit(1)
+		configOpts.Printer.Logger.Fatal("error replacing sensitive data", configOpts.Printer.Logger.Args("err", err.Error()))
 	}
 }

@ -117,7 +127,7 @@ func stripSensitive() error {

 	for _, file := range files {
 		filePath := path.Join(outputDir, file.Name())
-		file, err := ioutil.ReadFile(filePath)
+		file, err := os.ReadFile(filePath)
 		if err != nil {
 			return err
 		}
@ -127,7 +137,7 @@ func stripSensitive() error {
 			target := []byte(os.Getenv(s))
 			file = bytes.ReplaceAll(file, target, append(envMark, []byte(s)...))
 		}
-		if err = ioutil.WriteFile(filePath, file, 0666); err != nil {
+		if err = os.WriteFile(filePath, file, 0666); err != nil {
 			return err
 		}
 	}
--- a/docker/builders/builder-amazonlinux2-x86_64_gcc10.0.0.Dockerfile
+++ b/docker/builders/builder-amazonlinux2-x86_64_gcc10.0.0.Dockerfile
@ -0,0 +1,32 @@
+FROM amazonlinux:2.0.20240529.0
+
+LABEL maintainer="cncf-falco-dev@lists.cncf.io"
+
+RUN yum -y install gcc10 \
+    clang \
+    llvm \
+    bash-completion \
+    bc \
+    ca-certificates \
+    curl \
+    gnupg2 \
+    libc6-dev \
+    elfutils-libelf-devel \
+    xz \
+    cpio \
+    flex \
+    bison \
+    openssl \
+    openssl-devel \
+    wget \
+    binutils \
+    which \
+    make \
+    cmake3 \
+    tar \
+    zstd \
+    git
+
+# Properly create soft links
+RUN ln -s /usr/bin/gcc10-cc /usr/bin/gcc-10.0.0
+RUN ln -s /usr/bin/cmake3 /usr/bin/cmake
--- a/docker/builders/builder-any-aarch64_gcc13.0.0.Dockerfile
+++ b/docker/builders/builder-any-aarch64_gcc13.0.0.Dockerfile
@ -0,0 +1 @@
+builder-any-x86_64_gcc13.0.0.Dockerfile
--- a/docker/builders/builder-any-aarch64_gcc14.0.0.Dockerfile
+++ b/docker/builders/builder-any-aarch64_gcc14.0.0.Dockerfile
@ -0,0 +1 @@
+builder-any-x86_64_gcc14.0.0.Dockerfile
--- a/docker/builders/builder-any-x86_64_gcc10.0.0_gcc9.0.0.Dockerfile
+++ b/docker/builders/builder-any-x86_64_gcc10.0.0_gcc9.0.0.Dockerfile
@ -39,8 +39,10 @@ RUN apt-get update \
 	software-properties-common \
 	gpg \
 	zstd \
-    && rm -rf /var/lib/apt/lists/*
+	cmake \
+	git \
+	&& rm -rf /var/lib/apt/lists/*

 # Properly create soft link
 RUN ln -s /usr/bin/gcc-9 /usr/bin/gcc-9.0.0
-RUN ln -s /usr/bin/gcc-10 /usr/bin/gcc-10.0.0
+RUN ln -s /usr/bin/gcc-10 /usr/bin/gcc-10.0.0
--- a/docker/builders/builder-any-x86_64_gcc12.0.0_gcc11.0.0.Dockerfile
+++ b/docker/builders/builder-any-x86_64_gcc12.0.0_gcc11.0.0.Dockerfile
@ -39,7 +39,9 @@ RUN apt-get update \
 	software-properties-common \
 	gpg \
 	zstd \
-    && rm -rf /var/lib/apt/lists/*
+	cmake \
+	git \
+	&& rm -rf /var/lib/apt/lists/*

 # Properly create soft links
 RUN ln -s /usr/bin/gcc-11 /usr/bin/gcc-11.0.0
--- a/docker/builders/builder-any-x86_64_gcc13.0.0.Dockerfile
+++ b/docker/builders/builder-any-x86_64_gcc13.0.0.Dockerfile
@ -0,0 +1,40 @@
+FROM fedora:39
+
+LABEL maintainer="cncf-falco-dev@lists.cncf.io"
+
+ARG TARGETARCH
+
+RUN dnf install -y \
+	bash-completion \
+	bc \
+	clang \
+	llvm \
+	ca-certificates \
+	curl \
+	dkms \
+	dwarves \
+	gnupg2 \
+	gcc \
+	jq \
+	glibc-devel \
+	elfutils-libelf-devel \
+	netcat \
+	xz \
+	cpio \
+	flex \
+	bison \
+	openssl \
+	openssl-devel \
+	ncurses-devel \
+	systemd-devel \
+	pciutils-devel \
+	binutils-devel \
+	lsb-release \
+	wget \
+	gpg \
+	zstd \
+	cmake \
+	git
+
+# Properly create soft links
+RUN ln -s /usr/bin/gcc /usr/bin/gcc-13.0.0
--- a/docker/builders/builder-any-x86_64_gcc14.0.0.Dockerfile
+++ b/docker/builders/builder-any-x86_64_gcc14.0.0.Dockerfile
@ -0,0 +1,40 @@
+FROM fedora:41
+
+LABEL maintainer="cncf-falco-dev@lists.cncf.io"
+
+ARG TARGETARCH
+
+RUN dnf install -y \
+	bash-completion \
+	bc \
+	clang \
+	llvm \
+	ca-certificates \
+	curl \
+	dkms \
+	dwarves \
+	gnupg2 \
+	gcc \
+	jq \
+	glibc-devel \
+	elfutils-libelf-devel \
+	netcat \
+	xz \
+	cpio \
+	flex \
+	bison \
+	openssl \
+	openssl-devel \
+	ncurses-devel \
+	systemd-devel \
+	pciutils-devel \
+	binutils-devel \
+	lsb-release \
+	wget \
+	gpg \
+	zstd \
+	cmake \
+	git
+
+# Properly create soft links
+RUN ln -s /usr/bin/gcc /usr/bin/gcc-14.0.0
--- a/docker/builders/builder-any-x86_64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0.Dockerfile
+++ b/docker/builders/builder-any-x86_64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0.Dockerfile
@ -1,4 +1,4 @@
-FROM debian:buster-backports
+FROM debian:buster

 LABEL maintainer="cncf-falco-dev@lists.cncf.io"

@ -6,16 +6,23 @@ ARG TARGETARCH

 RUN cp /etc/skel/.bashrc /root && cp /etc/skel/.profile /root

+# Use 20250630T203427Z debian apt snapshot as it still contains support for buster.
+RUN cat <<EOF > /etc/apt/sources.list
+deb http://snapshot.debian.org/archive/debian/20250630T203427Z buster main
+deb http://snapshot.debian.org/archive/debian-security/20250630T203427Z buster/updates main
+deb http://snapshot.debian.org/archive/debian/20250630T203427Z buster-updates main
+EOF
+
 RUN apt-get update \
 	&& apt-get install -y --no-install-recommends \
 	bash-completion \
 	bc \
 	clang \
-    llvm \
+    	llvm \
 	ca-certificates \
 	curl \
 	dkms \
-	dwarves/buster-backports \
+	dwarves \
 	gnupg2 \
 	gcc \
 	jq \
@ -40,7 +47,8 @@ RUN apt-get update \
 	zstd \
 	gawk \
 	mawk \
-    && rm -rf /var/lib/apt/lists/*
+	git \
+	&& rm -rf /var/lib/apt/lists/*

 RUN if [ "$TARGETARCH" = "amd64" ] ; then apt-get install -y --no-install-recommends libmpx2; fi

@ -123,6 +131,13 @@ RUN curl -L -o binutils_2.30-22_${TARGETARCH}.deb https://download.falco.org/dep
 	&& dpkg -i *binutils*.deb \
 	&& rm -f *binutils*.deb

+# Install a recent version of cmake (debian buster has at most 3.13)
+RUN curl -L -o /tmp/cmake.tar.gz https://github.com/Kitware/CMake/releases/download/v3.22.5/cmake-3.22.5-linux-$(uname -m).tar.gz; \
+    gzip -d /tmp/cmake.tar.gz; \
+    tar -xpf /tmp/cmake.tar --directory=/tmp; \
+    cp -R /tmp/cmake-3.22.5-linux-$(uname -m)/* /usr; \
+    rm -rf /tmp/cmake-3.22.5-linux-$(uname -m)/
+
 # Properly create soft link
 RUN ln -s /usr/bin/gcc-4.8 /usr/bin/gcc-4.8.0
 RUN if [ "$TARGETARCH" = "amd64" ] ; then ln -s /usr/bin/gcc-4.9 /usr/bin/gcc-4.9.0; fi;
--- a/docker/builders/builder-centos-x86_64_gcc4.8.5.Dockerfile
+++ b/docker/builders/builder-centos-x86_64_gcc4.8.5.Dockerfile
@ -2,8 +2,19 @@ FROM centos:7

 LABEL maintainer="cncf-falco-dev@lists.cncf.io"

-RUN yum -y install centos-release-scl && \
-    yum -y install gcc \
+# Fix broken mirrors - centos:7 eol
+RUN sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo; \
+    sed -i s/^#.*baseurl=http/baseurl=https/g /etc/yum.repos.d/*.repo; \
+    sed -i s/^mirrorlist=http/#mirrorlist=https/g /etc/yum.repos.d/*.repo
+
+RUN yum -y install centos-release-scl
+
+# fix broken mirrors (again)
+RUN sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo; \
+    sed -i s/^#.*baseurl=http/baseurl=https/g /etc/yum.repos.d/*.repo; \
+    sed -i s/^mirrorlist=http/#mirrorlist=https/g /etc/yum.repos.d/*.repo
+
+RUN yum -y install gcc \
    llvm-toolset-7.0 \
 	bash-completion \
 	bc \
@ -21,7 +32,15 @@ RUN yum -y install centos-release-scl && \
 	wget \
 	binutils \
 	which \
-	make
+	make \
+	git
+
+# Install cmake3.x (on centos7 `cmake` package installs cmake2.x)
+RUN curl -L -o /tmp/cmake.tar.gz https://github.com/Kitware/CMake/releases/download/v3.22.5/cmake-3.22.5-linux-$(uname -m).tar.gz; \
+    gzip -d /tmp/cmake.tar.gz; \
+    tar -xpf /tmp/cmake.tar --directory=/tmp; \
+    cp -R /tmp/cmake-3.22.5-linux-$(uname -m)/* /usr; \
+    rm -rf /tmp/cmake-3.22.5-linux-$(uname -m)/

 # Properly create soft link
 RUN ln -s /usr/bin/gcc /usr/bin/gcc-4.8.5
--- a/docs/builder.md
+++ b/docs/builder.md
@ -13,7 +13,8 @@ If that distribution is not yet supported by driverkit, the Falco Drivers Build
 Adding support for a new distro is a multiple-step work:
 * first of all, a new builder on driverkit must be created
 * secondly, [kernel-crawler](https://github.com/falcosecurity/kernel-crawler) must also be updated to support the new distro; see [below](#5-kernel-crawler) section
-* lastly, [test-infra](https://github.com/falcosecurity/test-infra) must be updated to add the new [prow config](https://github.com/falcosecurity/test-infra/tree/master/config/jobs/build-drivers) for new distro related jobs
+* third, [dbg-go](https://github.com/falcosecurity/dbg-go) must [bump driverkit](https://github.com/falcosecurity/dbg-go?tab=readme-ov-file#bumping-driverkit) and enable support to generate configs for the new distro: https://github.com/falcosecurity/dbg-go/blob/main/pkg/root/distro.go#L30.
+* lastly, [test-infra](https://github.com/falcosecurity/test-infra) must be updated to add the new [prow config](https://github.com/falcosecurity/test-infra/tree/master/config/jobs/build-drivers) for new distro related jobs and `dbg-go` images must be bumped, see https://github.com/falcosecurity/test-infra/tree/master/images/build-drivers and https://github.com/falcosecurity/test-infra/tree/master/images/update-dbg.

 Here, we will only focus about driverkit part.

@ -37,7 +38,7 @@ Your builder will need a constant for the target it implements. Usually that con
 can just be the ID of the distribution you are implementing, as taken reading `/etc/os-release` file.  
 A builder can implement more than one target at time. For example, the minikube builder is just a vanilla one.

-Once you have the constant, you will need to add it to the `BuilderByTarget` map.  
+Once you have the constant, you will need to add it to the [byTarget](https://github.com/falcosecurity/driverkit/blob/master/pkg/driverbuilder/builder/target.go) map. 
 Open your file and you will need to add something like this:

 ```go
@ -48,7 +49,7 @@ type archLinux struct {
 }

 func init() {
-	BuilderByTarget[TargetTypeArchLinux] = &archLinux{}
+	byTarget[TargetTypeArchLinux] = &archLinux{}
 }
 ```

@ -58,15 +59,19 @@ you just registered.
 Here's a very minimalistic example:

 ```go
-func (c archlinux) Name() string {
+func (c *archlinux) Name() string {
    return TargetTypeArchlinux.String()
 }

-func (c archlinux) TemplateScript() string {
-	return archlinuxTemplate
+func (c *archlinux) TemplateKernelUrlsScript() string { 
+	return archlinuxKernelTemplate 
 }

-func (c archlinux) URLs(cfg Config, kr kernelrelease.KernelRelease) ([]string, error) {
+func (c *archlinux) TemplateScript() string {
+    return archlinuxTemplate
+}
+
+func (c archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
    urls := []string{}
    if kr.Architecture == kernelrelease.ArchitectureAmd64 {
        urls = append(urls, fmt.Sprintf("https://archive.archlinux.org/packages/l/linux-headers/linux-headers-%s.%s-%d-%s.pkg.tar.xz",
@ -75,7 +80,7 @@ func (c archlinux) URLs(cfg Config, kr kernelrelease.KernelRelease) ([]string, e
            cfg.KernelVersion,
            kr.Architecture.ToNonDeb()))
    } else {
-        urls = append(urls, fmt.Sprintf("http://tardis.tiny-vps.com/aarm/packages/l/linux-%s-headers/linux-%s-headers-%s-%d-%s.pkg.tar.xz",
+        urls = append(urls, fmt.Sprintf("https://alaa.ad24.cz/packages/l/linux-%s-headers/linux-%s-headers-%s-%d-%s.pkg.tar.xz",
            kr.Architecture.ToNonDeb(),
            kr.Architecture.ToNonDeb(),
            kr.Fullversion,
@ -85,17 +90,17 @@ func (c archlinux) URLs(cfg Config, kr kernelrelease.KernelRelease) ([]string, e
    return urls, nil
 }

-func (c archlinux) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *archlinux) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
    return archlinuxTemplateData{
-        commonTemplateData: cfg.toTemplateData(),
-        KernelDownloadURL:  urls[0],
+        KernelDownloadURL: urls[0],
    }
 }
 ```

 Essentially, the various methods that you are implementing are needed to:
-* fill the script template (see below), that is a `bash` script that will be executed by driverkit at build time
-* fetch kernel headers urls that will later be downloaded inside the builder container, and used for the driver build
+* fill the kernel download/extract script template, a `bash` script responsible to fetch and extract the kernel headers for the distro
+* fill the build script template (see below), that is a `bash` script that will be executed by driverkit at build time
+* return a list of possible kernel headers urls that will later be downloaded by the kernel download script, and then used for the driver build

 Under `pkg/driverbuilder/builder/templates` folder, you can find all the template scripts for the supported builders.  
 Adding a new template there and using `go:embed` to include it in your builder, allows leaner code
@ -103,14 +108,57 @@ without mixing up templates and builder logic.
 For example:

 ```go
+//go:embed templates/archlinux_kernel.sh
+var archlinuxKernelTemplate string
+
 //go:embed templates/archlinux.sh
 var archlinuxTemplate string
 ```

-Depending on how the distro works, the script will need to fetch the kernel headers for it at the specific kernel version specified
-in the `Config` struct at `c.Build.KernelVersion`.
+Depending on how the distro works, the "kernel" template script will fetch the kernel headers for it at the specific kernel version specified
+in the `Config` struct at `c.Build.KernelVersion`, and then extracting them.  
+Finally, the script will also `export` the `KERNELDIR` variable to be consumed by the actual build script.  
+Example kernel download template for archlinux:
+```bash
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.pkg.tar.xz -SL {{ .KernelDownloadURL }}
+tar -xf kernel-devel.pkg.tar.xz
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/lib/modules/*/build/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
+```
+
 Once you have those, based on what that kernel can do and based on what was configured
-by the user you will need to build the kernel module driver and/or the eBPF probe driver.
+by the user, the build script will build the kernel module driver and/or the eBPF probe driver.
+Example build template for archlinux:
+```bash
+set -xeuo pipefail
+
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}
+
+{{ if .BuildModule }}
+# Build the module
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
+strip -g {{ .ModuleFullPath }}
+# Print results
+modinfo {{ .ModuleFullPath }}
+{{ end }}
+
+{{ if .BuildProbe }}
+# Build the eBPF probe
+make bpf
+ls -l driver/bpf/probe.o
+{{ end }}
+```

 How does this work?

@ -145,4 +193,4 @@ can also support collecting the new builders kernel versions and header package
 for the new builder are automatically built by [test-infra](https://github.com/falcosecurity/test-infra). If required, add a feature request
 for support for the new builder on the kernel-crawler repository.  

-> **NOTE**: be sure that the crawler you are going to add is interesting for the community as a whole.
+> **NOTE**: be sure that the crawler you are going to add is interesting for the community as a whole.
--- a/docs/driverkit.md
+++ b/docs/driverkit.md
@ -21,7 +21,7 @@ driverkit
      --kernelrelease string       kernel release to build the module for, it can be found by executing 'uname -v'
      --kernelurls strings         list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string       kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
-  -l, --loglevel string            log level (default "INFO")
+  -l, --loglevel string            set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string    kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string    kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
      --output-module string       filepath where to save the resulting kernel module
@ -33,7 +33,7 @@ driverkit
      --registry-user string       registry username
      --repo-name string           repository github name (default "libs")
      --repo-org string            repository github organization (default "falcosecurity")
-  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,talos,ubuntu,vanilla]
+  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
      --timeout int                timeout in seconds (default 120)
 ```

@ -44,4 +44,5 @@ driverkit
 * [driverkit images](driverkit_images.md)	 - List builder images
 * [driverkit kubernetes](driverkit_kubernetes.md)	 - Build Falco kernel modules and eBPF probes against a Kubernetes cluster.
 * [driverkit kubernetes-in-cluster](driverkit_kubernetes-in-cluster.md)	 - Build Falco kernel modules and eBPF probes against a Kubernetes cluster inside a Kubernetes cluster.
+* [driverkit local](driverkit_local.md)	 - Build Falco kernel modules and eBPF probes in local env with local kernel sources and gcc/clang.

--- a/docs/driverkit_docker.md
+++ b/docs/driverkit_docker.md
@ -21,7 +21,7 @@ driverkit docker [flags]
      --kernelrelease string       kernel release to build the module for, it can be found by executing 'uname -v'
      --kernelurls strings         list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string       kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
-  -l, --loglevel string            log level (default "INFO")
+  -l, --loglevel string            set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string    kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string    kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
      --output-module string       filepath where to save the resulting kernel module
@ -33,7 +33,7 @@ driverkit docker [flags]
      --registry-user string       registry username
      --repo-name string           repository github name (default "libs")
      --repo-org string            repository github organization (default "falcosecurity")
-  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,talos,ubuntu,vanilla]
+  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
      --timeout int                timeout in seconds (default 120)
 ```

--- a/docs/driverkit_images.md
+++ b/docs/driverkit_images.md
@ -21,7 +21,7 @@ driverkit images [flags]
      --kernelrelease string       kernel release to build the module for, it can be found by executing 'uname -v'
      --kernelurls strings         list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string       kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
-  -l, --loglevel string            log level (default "INFO")
+  -l, --loglevel string            set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string    kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string    kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
      --output-module string       filepath where to save the resulting kernel module
@ -33,7 +33,7 @@ driverkit images [flags]
      --registry-user string       registry username
      --repo-name string           repository github name (default "libs")
      --repo-org string            repository github organization (default "falcosecurity")
-  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,talos,ubuntu,vanilla]
+  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
      --timeout int                timeout in seconds (default 120)
 ```

--- a/docs/driverkit_kubernetes-in-cluster.md
+++ b/docs/driverkit_kubernetes-in-cluster.md
@ -22,7 +22,7 @@ driverkit kubernetes-in-cluster [flags]
      --kernelrelease string       kernel release to build the module for, it can be found by executing 'uname -v'
      --kernelurls strings         list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string       kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
-  -l, --loglevel string            log level (default "INFO")
+  -l, --loglevel string            set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string    kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string    kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
  -n, --namespace string           If present, the namespace scope for the pods and its config  (default "default")
@ -36,7 +36,7 @@ driverkit kubernetes-in-cluster [flags]
      --repo-name string           repository github name (default "libs")
      --repo-org string            repository github organization (default "falcosecurity")
      --run-as-user int            Pods runner user
-  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,talos,ubuntu,vanilla]
+  -t, --target string              the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
      --timeout int                timeout in seconds (default 120)
 ```

--- a/docs/driverkit_kubernetes.md
+++ b/docs/driverkit_kubernetes.md
@ -22,6 +22,7 @@ driverkit kubernetes [flags]
      --cluster string                 the name of the kubeconfig cluster to use
  -c, --config string                  config file path (default $HOME/.driverkit.yaml if exists)
      --context string                 the name of the kubeconfig context to use
+      --disable-compression            if true, opt-out of response compression for all requests to the server
      --driverversion string           driver version as a git commit hash or as a git tag (default "master")
      --dryrun                         do not actually perform the action
      --gccversion string              enforce a specific gcc version for the build
@ -33,7 +34,7 @@ driverkit kubernetes [flags]
      --kernelurls strings             list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls "<URL3>,<URL4>")
      --kernelversion string           kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
      --kubeconfig string              path to the kubeconfig file to use for CLI requests
-  -l, --loglevel string                log level (default "info")
+  -l, --loglevel string                set level for logs (info, warn, debug, trace) (default "info")
      --moduledevicename string        kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
      --moduledrivername string        kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
  -n, --namespace string               If present, the namespace scope for the pods and its config  (default "default")
@ -49,7 +50,7 @@ driverkit kubernetes [flags]
      --request-timeout string         the length of time to wait before giving up on a single server request, non-zero values should contain a corresponding time unit (e.g, 1s, 2m, 3h), a value of zero means don't timeout requests (default "0")
      --run-as-user int                Pods runner user
  -s, --server string                  the address and port of the Kubernetes API server
-  -t, --target string                  the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,talos,ubuntu,vanilla]
+  -t, --target string                  the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
      --timeout int                    timeout in seconds (default 120)
      --tls-server-name string         server name to use for server certificate validation, if it is not provided, the hostname used to contact the server is used
      --token string                   bearer token for authentication to the API server
--- a/docs/driverkit_local.md
+++ b/docs/driverkit_local.md
@ -0,0 +1,36 @@
+## driverkit local
+
+Build Falco kernel modules and eBPF probes in local env with local kernel sources and gcc/clang.
+
+```
+driverkit local [flags]
+```
+
+### Options
+
+```
+  -c, --config string             config file path (default $HOME/.driverkit.yaml if exists)
+      --dkms                      Enforce usage of DKMS to build the kernel module.
+      --download-headers          Try to automatically download kernel headers.
+      --driverversion string      driver version as a git commit hash or as a git tag (default "master")
+      --dryrun                    do not actually perform the action
+      --env stringToString        Env variables to be enforced during the driver build. (default [])
+  -h, --help                      help for local
+      --kernelrelease string      kernel release to build the module for, it can be found by executing 'uname -v'
+      --kernelversion string      kernel version to build the module for, it's the numeric value after the hash when you execute 'uname -v' (default "1")
+  -l, --loglevel string           set level for logs (info, warn, debug, trace) (default "info")
+      --moduledevicename string   kernel module device name (the default is falco, so the device will be under /dev/falco*) (default "falco")
+      --moduledrivername string   kernel module driver name, i.e. the name you see when you check installed modules via lsmod (default "falco")
+      --output-module string      filepath where to save the resulting kernel module
+      --output-probe string       filepath where to save the resulting eBPF probe
+      --repo-name string          repository github name (default "libs")
+      --repo-org string           repository github organization (default "falcosecurity")
+      --src-dir string            Enforce usage of local source dir to build drivers.
+  -t, --target string             the system to target the build for, one of [alinux,almalinux,amazonlinux,amazonlinux2,amazonlinux2022,amazonlinux2023,arch,bottlerocket,centos,debian,fedora,flatcar,minikube,ol,opensuse,photon,redhat,rocky,sles,talos,ubuntu,vanilla]
+      --timeout int               timeout in seconds (default 120)
+```
+
+### SEE ALSO
+
+* [driverkit](driverkit.md)	 - A command line tool to build Falco kernel modules and eBPF probes.
+
--- a/go.mod
+++ b/go.mod
@ -1,142 +1,162 @@
 module github.com/falcosecurity/driverkit

-go 1.21
+go 1.24.1
+
+toolchain go1.24.2

 require (
 	github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
-	github.com/blang/semver v3.5.1+incompatible
-	github.com/containerd/containerd v1.7.5 // indirect
+	github.com/blang/semver/v4 v4.0.0
 	github.com/creasty/defaults v1.7.0
-	github.com/docker/docker v24.0.7+incompatible
+	github.com/docker/docker v28.3.3+incompatible
+	github.com/falcosecurity/falcoctl v0.11.1
 	github.com/go-playground/locales v0.14.1
 	github.com/go-playground/universal-translator v0.18.1
-	github.com/go-playground/validator/v10 v10.15.3
+	github.com/go-playground/validator/v10 v10.24.0
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opencontainers/image-spec v1.1.0-rc4
-	github.com/sirupsen/logrus v1.9.3 // indirect
-	github.com/spf13/cobra v1.7.0
-	github.com/spf13/pflag v1.0.5
-	github.com/spf13/viper v1.16.0
-	gotest.tools v2.2.0+incompatible
-	k8s.io/api v0.28.1
-	k8s.io/apimachinery v0.28.1
-	k8s.io/cli-runtime v0.28.1
-	k8s.io/client-go v0.28.1
-	k8s.io/kubectl v0.28.1
-	k8s.io/utils v0.0.0-20230726121419-3b25d923346b
-	modernc.org/sqlite v1.25.0
-)
-
-require (
-	github.com/falcosecurity/falcoctl v0.6.0
 	github.com/olekukonko/tablewriter v0.0.5
+	github.com/opencontainers/image-spec v1.1.1
+	github.com/pterm/pterm v0.12.80
+	github.com/spf13/cobra v1.9.1
+	github.com/spf13/pflag v1.0.6
+	github.com/spf13/viper v1.20.0
 	gopkg.in/yaml.v3 v3.0.1
-	oras.land/oras-go/v2 v2.3.0
+	gotest.tools v2.2.0+incompatible
+	k8s.io/api v0.32.3
+	k8s.io/apimachinery v0.32.3
+	k8s.io/cli-runtime v0.30.0
+	k8s.io/client-go v0.32.3
+	k8s.io/kubectl v0.30.0
+	k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738
+	modernc.org/sqlite v1.29.9
+	oras.land/oras-go/v2 v2.5.0
 )

 require (
-	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
+	atomicgo.dev/cursor v0.2.0 // indirect
+	atomicgo.dev/keyboard v0.2.9 // indirect
+	atomicgo.dev/schedule v0.1.0 // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
-	github.com/Microsoft/go-winio v0.6.1 // indirect
-	github.com/Microsoft/hcsshim v0.10.0 // indirect
-	github.com/chai2010/gettext-go v1.0.2 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/docker/distribution v2.8.2+incompatible // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/chai2010/gettext-go v1.0.3 // indirect
+	github.com/containerd/console v1.0.4 // indirect
+	github.com/containerd/errdefs v1.0.0 // indirect
+	github.com/containerd/errdefs/pkg v0.3.0 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
+	github.com/creack/pty v1.1.21 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/distribution/reference v0.6.0 // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
-	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
-	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
+	github.com/emicklei/go-restful/v3 v3.12.0 // indirect
+	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
 	github.com/fatih/camelcase v1.0.0 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.8.0 // indirect
 	github.com/fvbommel/sortorder v1.1.0 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
-	github.com/go-errors/errors v1.4.2 // indirect
-	github.com/go-logr/logr v1.2.4 // indirect
-	github.com/go-openapi/jsonpointer v0.20.0 // indirect
-	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
+	github.com/go-errors/errors v1.5.1 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-openapi/jsonpointer v0.21.0 // indirect
+	github.com/go-openapi/jsonreference v0.21.0 // indirect
+	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/btree v1.1.2 // indirect
-	github.com/google/gnostic-models v0.6.8 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/btree v1.1.3 // indirect
+	github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/google/uuid v1.3.1 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/gookit/color v1.5.4 // indirect
+	github.com/gorilla/websocket v1.5.1 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/imdario/mergo v0.3.16 // indirect
+	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
-	github.com/klauspost/compress v1.16.7 // indirect
-	github.com/leodido/go-urn v1.2.4 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
-	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/lithammer/fuzzysearch v1.1.8 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/moby/docker-image-spec v1.3.1 // indirect
+	github.com/moby/go-archive v0.1.0 // indirect
 	github.com/moby/patternmatcher v0.6.0 // indirect
-	github.com/moby/spdystream v0.2.0 // indirect
-	github.com/moby/sys/sequential v0.5.0 // indirect
-	github.com/moby/term v0.5.0 // indirect
+	github.com/moby/spdystream v0.5.0 // indirect
+	github.com/moby/sys/atomicwriter v0.1.0 // indirect
+	github.com/moby/sys/sequential v0.6.0 // indirect
+	github.com/moby/sys/user v0.4.0 // indirect
+	github.com/moby/sys/userns v0.1.0 // indirect
+	github.com/moby/term v0.5.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
+	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/runc v1.1.9 // indirect
-	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/sergi/go-diff v1.2.0 // indirect
-	github.com/spf13/afero v1.9.5 // indirect
-	github.com/spf13/cast v1.5.1 // indirect
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/sagikazarmark/locafero v0.7.0 // indirect
+	github.com/sergi/go-diff v1.3.1 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/sourcegraph/conc v0.3.0 // indirect
+	github.com/spf13/afero v1.12.0 // indirect
+	github.com/spf13/cast v1.7.1 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
+	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xlab/treeprint v1.2.0 // indirect
-	go.starlark.net v0.0.0-20230831151029-c9e9adf3fde2 // indirect
-	golang.org/x/crypto v0.14.0 // indirect
-	golang.org/x/mod v0.12.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/oauth2 v0.11.0 // indirect
-	golang.org/x/sync v0.3.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/term v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect
-	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.59.0 // indirect
+	go.opentelemetry.io/otel v1.34.0 // indirect
+	go.opentelemetry.io/otel/metric v1.34.0 // indirect
+	go.opentelemetry.io/otel/trace v1.34.0 // indirect
+	go.starlark.net v0.0.0-20240507195648-35fe9f26b4bc // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/crypto v0.36.0 // indirect
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
+	golang.org/x/net v0.38.0 // indirect
+	golang.org/x/oauth2 v0.28.0 // indirect
+	golang.org/x/sync v0.12.0 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/term v0.30.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
+	golang.org/x/time v0.11.0 // indirect
+	google.golang.org/protobuf v1.36.5 // indirect
+	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gotest.tools/v3 v3.4.0 // indirect
-	k8s.io/component-base v0.28.1 // indirect
-	k8s.io/klog/v2 v2.100.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20230901164831-6c774f458599 // indirect
-	lukechampine.com/uint128 v1.3.0 // indirect
-	modernc.org/cc/v3 v3.41.0 // indirect
-	modernc.org/ccgo/v3 v3.16.15 // indirect
-	modernc.org/libc v1.24.1 // indirect
+	gotest.tools/v3 v3.5.2 // indirect
+	k8s.io/component-base v0.30.0 // indirect
+	k8s.io/klog/v2 v2.130.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
+	modernc.org/gc/v3 v3.0.0-20240304020402-f0dba7c97c2b // indirect
+	modernc.org/libc v1.50.5 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
-	modernc.org/memory v1.7.1 // indirect
-	modernc.org/opt v0.1.3 // indirect
+	modernc.org/memory v1.8.0 // indirect
 	modernc.org/strutil v1.2.0 // indirect
 	modernc.org/token v1.1.0 // indirect
-	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/kustomize/api v0.14.0 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.14.3 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect
-	sigs.k8s.io/yaml v1.3.0 // indirect
+	sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
+	sigs.k8s.io/kustomize/api v0.17.1 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.17.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
--- a/pkg/driverbuilder/builder/aliyunlinux.go
+++ b/pkg/driverbuilder/builder/aliyunlinux.go
@ -21,6 +21,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/alinux_kernel.sh
+var alinuxKernelTemplate string
+
 //go:embed templates/alinux.sh
 var alinuxTemplate string

@ -32,7 +35,6 @@ func init() {
 }

 type alinuxTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -43,6 +45,10 @@ func (c *alinux) Name() string {
 	return TargetTypeAlinux.String()
 }

+func (c *alinux) TemplateKernelUrlsScript() string {
+	return alinuxKernelTemplate
+}
+
 func (c *alinux) TemplateScript() string {
 	return alinuxTemplate
 }
@ -51,10 +57,9 @@ func (c *alinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchAlinuxKernelURLS(kr), nil
 }

-func (c *alinux) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *alinux) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return alinuxTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/almalinux.go
+++ b/pkg/driverbuilder/builder/almalinux.go
@ -21,6 +21,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/almalinux_kernel.sh
+var almaKernelTemplate string
+
 //go:embed templates/almalinux.sh
 var almaTemplate string

@ -32,7 +35,6 @@ func init() {
 }

 type almaTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -44,6 +46,10 @@ func (c *alma) Name() string {
 	return TargetTypeAlma.String()
 }

+func (c *alma) TemplateKernelUrlsScript() string {
+	return almaKernelTemplate
+}
+
 func (c *alma) TemplateScript() string {
 	return almaTemplate
 }
@ -52,10 +58,9 @@ func (c *alma) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchAlmaKernelURLS(kr), nil
 }

-func (c *alma) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *alma) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return almaTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/amazonlinux.go
+++ b/pkg/driverbuilder/builder/amazonlinux.go
@ -22,10 +22,9 @@ import (
 	"database/sql"
 	_ "embed"
 	"fmt"
+	"github.com/blang/semver/v4"
 	"io"
-	"io/ioutil"
 	"log"
-	"log/slog"
 	"net/http"
 	"os"
 	"strings"
@ -35,6 +34,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/amazonlinux_kernel.sh
+var amazonlinuxKernelTemplate string
+
 //go:embed templates/amazonlinux.sh
 var amazonlinuxTemplate string

@ -80,7 +82,6 @@ func init() {
 }

 type amazonlinuxTemplateData struct {
-	commonTemplateData
 	KernelDownloadURLs []string
 }

@ -88,6 +89,8 @@ func (a *amazonlinux) Name() string {
 	return TargetTypeAmazonLinux.String()
 }

+func (a *amazonlinux) TemplateKernelUrlsScript() string { return amazonlinuxKernelTemplate }
+
 func (a *amazonlinux) TemplateScript() string {
 	return amazonlinuxTemplate
 }
@ -96,9 +99,8 @@ func (a *amazonlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchAmazonLinuxPackagesURLs(a, kr)
 }

-func (a *amazonlinux) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (a *amazonlinux) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return amazonlinuxTemplateData{
-		commonTemplateData: c.toTemplateData(a, kr),
 		KernelDownloadURLs: urls,
 	}
 }
@ -162,7 +164,7 @@ func (a *amazonlinux2023) repos() []string {
 }

 func (a *amazonlinux2023) baseUrl() string {
-	return "https://cdn.amazonlinux.com/al2023/core/mirrors/"
+	return "https://cdn.amazonlinux.com/al2023/core/mirrors"
 }

 func (a *amazonlinux2023) ext() string {
@ -177,6 +179,14 @@ func (a *amazonlinux2) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchAmazonLinuxPackagesURLs(a, kr)
 }

+func (a *amazonlinux2) GCCVersion(kr kernelrelease.KernelRelease) semver.Version {
+	// 5.10 amazonlinux2 kernels need gcc 10
+	if kr.Major == 5 && kr.Minor == 10 {
+		return semver.Version{Major: 10}
+	}
+	return semver.Version{}
+}
+
 func (a *amazonlinux2) repos() []string {
 	return []string{
 		"core/2.0",
@ -200,16 +210,13 @@ func buildMirror(a amazonBuilder, r string, kv kernelrelease.KernelRelease) (str
 	switch a.(type) {
 	case *amazonlinux:
 		baseURL = fmt.Sprintf("%s/%s", a.baseUrl(), r)
-	case *amazonlinux2:
-		baseURL = fmt.Sprintf("%s/%s/%s", a.baseUrl(), r, kv.Architecture.ToNonDeb())
-	case *amazonlinux2022:
+	case *amazonlinux2, *amazonlinux2022, *amazonlinux2023:
 		baseURL = fmt.Sprintf("%s/%s/%s", a.baseUrl(), r, kv.Architecture.ToNonDeb())
 	default:
 		return "", fmt.Errorf("unsupported target")
 	}

 	mirror := fmt.Sprintf("%s/%s", baseURL, "mirror.list")
-	slog.With("url", mirror, "version", r).Debug("looking for repo...")
 	return mirror, nil
 }

@ -230,89 +237,89 @@ func fetchAmazonLinuxPackagesURLs(a amazonBuilder, kv kernelrelease.KernelReleas
 	visited := make(map[string]struct{})

 	for _, v := range a.repos() {
-		mirror, err := buildMirror(a, v, kv)
-		if err != nil {
-			return nil, err
-		}
-
-		// Obtain the repo URL by getting mirror URL content
-		mirrorRes, err := http.Get(mirror)
-		if err != nil {
-			return nil, err
-		}
-		defer mirrorRes.Body.Close()
-
-		var repo string
-		scanner := bufio.NewScanner(mirrorRes.Body)
-		if scanner.Scan() {
-			repo = scanner.Text()
-		}
-		if repo == "" {
-			return nil, fmt.Errorf("repository not found")
-		}
-		repo = strings.ReplaceAll(strings.TrimSuffix(repo, "\n"), "$basearch", kv.Architecture.ToNonDeb())
-		repo = strings.TrimSuffix(repo, "/")
-		repoDatabaseURL := fmt.Sprintf("%s/repodata/primary.sqlite.%s", repo, a.ext())
-		if _, ok := visited[repoDatabaseURL]; ok {
-			continue
-		}
-		// Download the repo database
-		repoRes, err := http.Get(repoDatabaseURL)
-		slog.With("url", repoDatabaseURL).Debug("downloading...")
-		if err != nil {
-			return nil, err
-		}
-		defer repoRes.Body.Close()
-		visited[repoDatabaseURL] = struct{}{}
-
-		unzip, err := unzipFuncFromBuilder(a)
-		if err != nil {
-			return nil, err
-		}
-
-		dbBytes, err := unzip(repoRes.Body)
-		if err != nil {
-			return nil, err
-		}
-		// Create the temporary database file
-		dbFile, err := ioutil.TempFile(os.TempDir(), fmt.Sprintf("%s-*.sqlite", a.Name()))
-		if err != nil {
-			return nil, err
-		}
-		defer os.Remove(dbFile.Name())
-		if _, err := dbFile.Write(dbBytes); err != nil {
-			return nil, err
-		}
-		// Open the database
-		db, err := sql.Open("sqlite", dbFile.Name())
-		if err != nil {
-			return nil, err
-		}
-		defer db.Close()
-		slog.With("db", dbFile.Name()).Debug("connecting to database...")
-		// Query the database
-		rel := strings.TrimPrefix(strings.TrimSuffix(kv.FullExtraversion, fmt.Sprintf(".%s", kv.Architecture.ToNonDeb())), "-")
-		q := fmt.Sprintf("SELECT location_href FROM packages WHERE name LIKE 'kernel-devel%%' AND version='%s' AND release='%s'", kv.Fullversion, rel)
-		stmt, err := db.Prepare(q)
-		if err != nil {
-			return nil, err
-		}
-		defer stmt.Close()
-		rows, err := stmt.Query()
-		if err != nil {
-			return nil, err
-		}
-		defer rows.Close()
-		for rows.Next() {
-			var href string
-			err = rows.Scan(&href)
+		err := func() error {
+			mirror, err := buildMirror(a, v, kv)
 			if err != nil {
-				log.Fatal(err)
+				return err
 			}
-			urls = append(urls, fmt.Sprintf("%s/%s", repo, href))
-		}

-		if err := dbFile.Close(); err != nil {
+			// Obtain the repo URL by getting mirror URL content
+			mirrorRes, err := http.Get(mirror)
+			if err != nil {
+				return err
+			}
+			defer mirrorRes.Body.Close()
+
+			var repo string
+			scanner := bufio.NewScanner(mirrorRes.Body)
+			if scanner.Scan() {
+				repo = scanner.Text()
+			}
+			if repo == "" {
+				return fmt.Errorf("repository not found")
+			}
+			repo = strings.ReplaceAll(strings.TrimSuffix(repo, "\n"), "$basearch", kv.Architecture.ToNonDeb())
+			repo = strings.TrimSuffix(repo, "/")
+			repoDatabaseURL := fmt.Sprintf("%s/repodata/primary.sqlite.%s", repo, a.ext())
+			if _, ok := visited[repoDatabaseURL]; ok {
+				return nil
+			}
+			// Download the repo database
+			repoRes, err := http.Get(repoDatabaseURL)
+			if err != nil {
+				return err
+			}
+			defer repoRes.Body.Close()
+			visited[repoDatabaseURL] = struct{}{}
+
+			unzip, err := unzipFuncFromBuilder(a)
+			if err != nil {
+				return err
+			}
+
+			dbBytes, err := unzip(repoRes.Body)
+			if err != nil {
+				return err
+			}
+			// Create the temporary database file
+			dbFile, err := os.CreateTemp(os.TempDir(), fmt.Sprintf("%s-*.sqlite", a.Name()))
+			if err != nil {
+				return err
+			}
+			defer os.Remove(dbFile.Name())
+			if _, err := dbFile.Write(dbBytes); err != nil {
+				return err
+			}
+			// Open the database
+			db, err := sql.Open("sqlite", dbFile.Name())
+			if err != nil {
+				return err
+			}
+			defer db.Close()
+			// Query the database
+			rel := strings.TrimPrefix(strings.TrimSuffix(kv.FullExtraversion, fmt.Sprintf(".%s", kv.Architecture.ToNonDeb())), "-")
+			q := fmt.Sprintf("SELECT location_href FROM packages WHERE name LIKE 'kernel-devel%%' AND version='%s' AND release='%s'", kv.Fullversion, rel)
+			stmt, err := db.Prepare(q)
+			if err != nil {
+				return err
+			}
+			defer stmt.Close()
+			rows, err := stmt.Query()
+			if err != nil {
+				return err
+			}
+			defer rows.Close()
+			for rows.Next() {
+				var href string
+				err = rows.Scan(&href)
+				if err != nil {
+					log.Fatal(err)
+				}
+				urls = append(urls, fmt.Sprintf("%s/%s", repo, href))
+			}
+			return dbFile.Close()
+		}()
+		if err != nil {
 			return nil, err
 		}

--- a/pkg/driverbuilder/builder/archlinux.go
+++ b/pkg/driverbuilder/builder/archlinux.go
@ -22,6 +22,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/archlinux_kernel.sh
+var archlinuxKernelTemplate string
+
 //go:embed templates/archlinux.sh
 var archlinuxTemplate string

@ -37,7 +40,6 @@ type archlinux struct {
 }

 type archlinuxTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -45,11 +47,19 @@ func (c *archlinux) Name() string {
 	return TargetTypeArchlinux.String()
 }

+func (c *archlinux) TemplateKernelUrlsScript() string { return archlinuxKernelTemplate }
+
 func (c *archlinux) TemplateScript() string {
 	return archlinuxTemplate
 }

 func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
+	// uname -r returns "6.8.1-arch1-1" but headers URL is "6.8.1.arch1-1"
+	// Also, for 0-patch releases, like: "6.8.0-arch1-1", headers url is "6.8.arch1-1"
+	kr.FullExtraversion = strings.Replace(kr.FullExtraversion, "-arch", ".arch", 1)
+	if kr.Patch == 0 {
+		kr.Fullversion = strings.TrimSuffix(kr.Fullversion, ".0")
+	}

 	urls := []string{}
 	possibleCompressionSuffixes := []string{
@ -65,10 +75,10 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 				urls = append(
 					urls,
 					fmt.Sprintf(
-						"%s/linux-headers-%s%s-%s.pkg.tar.%s",
+						"%s/linux-headers-%s-%s-%s.pkg.tar.%s",
 						baseURL,
-						kr.Fullversion,
-						kr.FullExtraversion,
+						kr.String(),
+						kr.KernelVersion,
 						kr.Architecture.ToNonDeb(),
 						compressionAlgo,
 					),
@ -80,10 +90,10 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 				urls = append(
 					urls,
 					fmt.Sprintf(
-						"%s/linux-hardened-headers-%s%s-%s.pkg.tar.%s",
+						"%s/linux-hardened-headers-%s-%s-%s.pkg.tar.%s",
 						baseURL,
-						kr.Fullversion,
-						kr.FullExtraversion,
+						kr.String(),
+						kr.KernelVersion,
 						kr.Architecture.ToNonDeb(),
 						compressionAlgo,
 					),
@ -95,10 +105,10 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 				urls = append(
 					urls,
 					fmt.Sprintf(
-						"%s/linux-zen-headers-%s%s-%s.pkg.tar.%s",
+						"%s/linux-zen-headers-%s-%s-%s.pkg.tar.%s",
 						baseURL,
-						kr.Fullversion,
-						kr.FullExtraversion,
+						kr.String(),
+						kr.KernelVersion,
 						kr.Architecture.ToNonDeb(),
 						compressionAlgo,
 					),
@ -110,10 +120,10 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 				urls = append(
 					urls,
 					fmt.Sprintf(
-						"%s/linux-lts-headers-%s%s-%s.pkg.tar.%s",
+						"%s/linux-lts-headers-%s-%s-%s.pkg.tar.%s",
 						baseURL,
-						kr.Fullversion,
-						kr.FullExtraversion,
+						kr.String(),
+						kr.KernelVersion,
 						kr.Architecture.ToNonDeb(),
 						compressionAlgo,
 					),
@ -121,15 +131,15 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 			}
 		}
 	} else if kr.Architecture.ToNonDeb() == "aarch64" {
-		baseURL := "http://tardis.tiny-vps.com/aarm/packages/l/linux-aarch64-headers/"
+		baseURL := "https://alaa.ad24.cz/packages/l/linux-aarch64-headers/"
 		for _, compressionAlgo := range possibleCompressionSuffixes {
 			urls = append(
 				urls,
 				fmt.Sprintf(
-					"%s/linux-aarch64-headers-%s%s-%s.pkg.tar.%s",
+					"%s/linux-aarch64-headers-%s-%s-%s.pkg.tar.%s",
 					baseURL,
-					kr.Fullversion,
-					kr.FullExtraversion,
+					kr.String(),
+					kr.KernelVersion,
 					kr.Architecture.ToNonDeb(),
 					compressionAlgo,
 				),
@ -140,9 +150,8 @@ func (c *archlinux) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return urls, nil
 }

-func (c *archlinux) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *archlinux) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return archlinuxTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }
--- a/pkg/driverbuilder/builder/bottlerocket.go
+++ b/pkg/driverbuilder/builder/bottlerocket.go
@ -35,9 +35,8 @@ func (b *bottlerocket) Name() string {
 	return TargetTypeBottlerocket.String()
 }

-func (b *bottlerocket) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (b *bottlerocket) KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} {
 	return vanillaTemplateData{
-		commonTemplateData: c.toTemplateData(b, kr),
 		KernelDownloadURL:  urls[0],
 		KernelLocalVersion: kr.FullExtraversion,
 	}
--- a/pkg/driverbuilder/builder/build.go
+++ b/pkg/driverbuilder/builder/build.go
@ -17,6 +17,7 @@ package builder
 import (
 	"context"
 	"fmt"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"strings"

 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
@ -49,6 +50,8 @@ type Build struct {
 	RegistryUser      string
 	RegistryPassword  string
 	RegistryPlainHTTP bool
+
+	*output.Printer
 }

 func (b *Build) KernelReleaseFromBuildConfig() kernelrelease.KernelRelease {
@ -108,7 +111,3 @@ func (b *Build) ClientForRegistry(registry string) *auth.Client {

 	return client
 }
-
-func (b *Build) HasOutputs() bool {
-	return b.ModuleFilePath != "" || b.ProbeFilePath != ""
-}
--- a/pkg/driverbuilder/builder/builders.go
+++ b/pkg/driverbuilder/builder/builders.go
@ -16,34 +16,43 @@ package builder

 import (
 	"bytes"
+	_ "embed"
 	"errors"
 	"fmt"
-	"log/slog"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"net/http"
 	"net/url"
-	"os"
 	"path"
 	"strings"
 	"text/template"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

 // DriverDirectory is the directory the processor uses to store the driver.
-const DriverDirectory = "/tmp/driver"
+const (
+	DriverDirectory = "/tmp/driver"
+	cmakeCmdFmt     = `cmake -Wno-dev \
+  -DUSE_BUNDLED_DEPS=On \
+  -DCREATE_TEST_TARGETS=Off \
+  -DBUILD_LIBSCAP_GVISOR=Off \
+  -DBUILD_LIBSCAP_MODERN_BPF=Off \
+  -DENABLE_DRIVERS_TESTS=Off \
+  -DDRIVER_NAME=%s \
+  -DPROBE_NAME=%s \
+  -DBUILD_BPF=On \
+  -DDRIVER_VERSION=%s \
+  -DPROBE_VERSION=%s \
+  -DGIT_COMMIT=%s \
+  -DDRIVER_DEVICE_NAME=%s \
+  -DPROBE_DEVICE_NAME=%s \
+  .. && \
+  sed -i s/'DRIVER_COMMIT ""'/'DRIVER_COMMIT "%s"'/g driver/src/driver_config.h`
+)

-// ModuleFileName is the standard file name for the kernel module.
-const ModuleFileName = "module.ko"
-
-// ProbeFileName is the standard file name for the eBPF probe.
-const ProbeFileName = "probe.o"
-
-// ModuleFullPath is the standard path for the kernel module. Builders must place the compiled module at this location.
-var ModuleFullPath = path.Join(DriverDirectory, ModuleFileName)
-
-// ProbeFullPath is the standard path for the eBPF probe. Builders must place the compiled probe at this location.
-var ProbeFullPath = path.Join(DriverDirectory, "bpf", ProbeFileName)
+//go:embed templates/libs_download.sh
+var libsDownloadTemplate string

 var HeadersNotFoundErr = errors.New("kernel headers not found")

@ -55,33 +64,80 @@ type Config struct {
 	*Build
 }

+func (c Config) ToDriverFullPath() string {
+	return path.Join(DriverDirectory, "build", "driver", fmt.Sprintf("%s.ko", c.DriverName))
+}
+
+func (c Config) ToProbeFullPath() string {
+	return path.Join(DriverDirectory, "build", "driver", "bpf", "probe.o")
+}
+
 type commonTemplateData struct {
-	DriverBuildDir    string
-	ModuleDownloadURL string
-	ModuleDriverName  string
-	ModuleFullPath    string
-	BuildModule       bool
-	BuildProbe        bool
-	GCCVersion        string
+	DriverBuildDir   string
+	ModuleDriverName string
+	ModuleFullPath   string
+	BuildModule      bool
+	BuildProbe       bool
+	GCCVersion       string
+	CmakeCmd         string
 }

 // Builder represents a builder capable of generating a script for a driverkit target.
 type Builder interface {
 	Name() string
+	TemplateKernelUrlsScript() string
 	TemplateScript() string
 	URLs(kr kernelrelease.KernelRelease) ([]string, error)
-	TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} // error return type is managed
+	KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} // error return type is managed
 }

-// MinimumURLsBuilder is an optional interface
+// MinimumURLsBuilder is an optional interface implemented by builders
 // to specify minimum number of requested headers urls
 type MinimumURLsBuilder interface {
 	MinimumURLs() int
 }

-func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error) {
-	t := template.New(b.Name())
-	parsed, err := t.Parse(b.TemplateScript())
+// TemplateDataSpecifier is an optional interface implemented by builders
+// to specify a custom template data instead of the default one.
+type TemplateDataSpecifier interface {
+	TemplateData(c Config, kr kernelrelease.KernelRelease) interface{}
+}
+
+type libsDownloadTemplateData struct {
+	DriverBuildDir    string
+	ModuleDownloadURL string
+}
+
+// LibsDownloadScript returns the script that downloads and configures libs repo at requested commit/tag
+func LibsDownloadScript(c Config) (string, error) {
+	t := template.New("download-libs")
+	parsed, err := t.Parse(libsDownloadTemplate)
+	if err != nil {
+		return "", err
+	}
+
+	td := libsDownloadTemplateData{
+		DriverBuildDir:    DriverDirectory,
+		ModuleDownloadURL: fmt.Sprintf("%s/%s.tar.gz", c.DownloadBaseURL, c.DriverVersion),
+	}
+
+	buf := bytes.NewBuffer(nil)
+	err = parsed.Execute(buf, td)
+	if err != nil {
+		return "", err
+	}
+
+	return buf.String(), nil
+}
+
+// KernelDownloadScript returns the script that will download and extract kernel headers
+func KernelDownloadScript(b Builder,
+	kernelurls []string,
+	kr kernelrelease.KernelRelease,
+	printer *output.Printer,
+) (string, error) {
+	t := template.New("download-kernel")
+	parsed, err := t.Parse(b.TemplateKernelUrlsScript())
 	if err != nil {
 		return "", err
 	}
@ -92,7 +148,7 @@ func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error)
 		minimumURLs = bb.MinimumURLs()
 	}

-	if c.KernelUrls == nil {
+	if kernelurls == nil {
 		urls, err = b.URLs(kr)
 		if err != nil {
 			return "", err
@ -104,7 +160,7 @@ func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error)
 			urls, err = GetResolvingURLs(urls)
 		}
 	} else {
-		urls, err = GetResolvingURLs(c.KernelUrls)
+		urls, err = GetResolvingURLs(kernelurls)
 	}
 	if err != nil {
 		return "", err
@ -114,7 +170,10 @@ func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error)
 		return "", fmt.Errorf("not enough headers packages found; expected %d, found %d", minimumURLs, len(urls))
 	}

-	td := b.TemplateData(c, kr, urls)
+	printer.Logger.Debug("kernel headers found",
+		printer.Logger.Args("urls", urls))
+
+	td := b.KernelTemplateData(kr, urls)
 	if tdErr, ok := td.(error); ok {
 		return "", tdErr
 	}
@ -124,6 +183,31 @@ func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error)
 	if err != nil {
 		return "", err
 	}
+
+	return buf.String(), nil
+}
+
+// Script retrieves the actually drivers building script
+func Script(b Builder, c Config, kr kernelrelease.KernelRelease) (string, error) {
+	t := template.New(b.Name())
+	parsed, err := t.Parse(b.TemplateScript())
+	if err != nil {
+		return "", err
+	}
+
+	var td interface{}
+	if bb, ok := b.(TemplateDataSpecifier); ok {
+		td = bb.TemplateData(c, kr)
+	} else {
+		td = c.toTemplateData(b, kr)
+	}
+
+	buf := bytes.NewBuffer(nil)
+	err = parsed.Execute(buf, td)
+	if err != nil {
+		return "", err
+	}
+
 	return buf.String(), nil
 }

@ -135,6 +219,14 @@ type GCCVersionRequestor interface {

 func defaultGCC(kr kernelrelease.KernelRelease) semver.Version {
 	switch kr.Major {
+	case 6:
+		if kr.Minor >= 9 {
+			return semver.Version{Major: 14}
+		}
+		if kr.Minor >= 5 {
+			return semver.Version{Major: 13}
+		}
+		return semver.Version{Major: 12}
 	case 5:
 		if kr.Minor >= 15 {
 			return semver.Version{Major: 12}
@ -150,7 +242,7 @@ func defaultGCC(kr kernelrelease.KernelRelease) semver.Version {
 	case 2:
 		return semver.Version{Major: 4, Minor: 8}
 	default:
-		return semver.Version{Major: 12}
+		return semver.Version{Major: 14}
 	}
 }

@ -214,8 +306,10 @@ func (b *Build) setGCCVersion(builder Builder, kr kernelrelease.KernelRelease) {
 		proposedGCCs := make([]semver.Version, 0)
 		for _, img := range b.Images {
 			proposedGCCs = append(proposedGCCs, img.GCCVersion)
-			slog.With("image", img.Name, "targetGCC", targetGCC.String()).
-				Debug("proposedGCC", "version", img.GCCVersion.String())
+			b.Logger.Debug("proposed GCC",
+				b.Logger.Args("image", img.Name,
+					"targetGCC", targetGCC.String(),
+					"proposedGCC", img.GCCVersion.String()))
 		}

 		// Now, sort versions and fetch
@ -230,8 +324,8 @@ func (b *Build) setGCCVersion(builder Builder, kr kernelrelease.KernelRelease) {
 		}
 		b.GCCVersion = lastGCC.String()
 	}
-	slog.With("targetGCC", targetGCC.String()).
-		Debug("foundGCC", "version", b.GCCVersion)
+	b.Logger.Debug("found GCC",
+		b.Logger.Args("targetGCC", targetGCC.String(), "version", b.GCCVersion))
 }

 type BuilderImageNetworkMode interface {
@ -285,26 +379,32 @@ func Targets() []string {
 func (c Config) toTemplateData(b Builder, kr kernelrelease.KernelRelease) commonTemplateData {
 	c.setGCCVersion(b, kr)
 	return commonTemplateData{
-		DriverBuildDir:    DriverDirectory,
-		ModuleDownloadURL: fmt.Sprintf("%s/%s.tar.gz", c.DownloadBaseURL, c.DriverVersion),
-		ModuleDriverName:  c.DriverName,
-		ModuleFullPath:    ModuleFullPath,
-		BuildModule:       len(c.ModuleFilePath) > 0,
-		BuildProbe:        len(c.ProbeFilePath) > 0,
-		GCCVersion:        c.GCCVersion,
+		DriverBuildDir:   DriverDirectory,
+		ModuleDriverName: c.DriverName,
+		ModuleFullPath:   c.ToDriverFullPath(),
+		BuildModule:      len(c.ModuleFilePath) > 0,
+		BuildProbe:       len(c.ProbeFilePath) > 0,
+		GCCVersion:       c.GCCVersion,
+		CmakeCmd: fmt.Sprintf(cmakeCmdFmt,
+			c.DriverName,
+			c.DriverName,
+			c.DriverVersion,
+			c.DriverVersion,
+			c.DriverVersion,
+			c.DeviceName,
+			c.DeviceName,
+			c.DriverVersion),
 	}
 }

 func resolveURLReference(u string) string {
 	uu, err := url.Parse(u)
 	if err != nil {
-		slog.Error(err.Error())
-		os.Exit(1)
+		panic(err)
 	}
 	base, err := url.Parse(uu.Host)
 	if err != nil {
-		slog.Error(err.Error())
-		os.Exit(1)
+		panic(err)
 	}
 	return base.ResolveReference(uu).String()
 }
@ -324,7 +424,6 @@ func GetResolvingURLs(urls []string) ([]string, error) {
 		}
 		if res.StatusCode == http.StatusOK {
 			results = append(results, u)
-			slog.With("url", u).Debug("kernel header url found")
 		}
 	}
 	if len(results) == 0 {
--- a/pkg/driverbuilder/builder/builders_test.go
+++ b/pkg/driverbuilder/builder/builders_test.go
@ -17,7 +17,7 @@ package builder
 import (
 	"testing"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

--- a/pkg/driverbuilder/builder/centos.go
+++ b/pkg/driverbuilder/builder/centos.go
@ -18,10 +18,13 @@ import (
 	_ "embed"
 	"fmt"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/centos_kernel.sh
+var centosKernelTemplate string
+
 //go:embed templates/centos.sh
 var centosTemplate string

@ -37,7 +40,6 @@ type centos struct {
 }

 type centosTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -45,6 +47,8 @@ func (c *centos) Name() string {
 	return TargetTypeCentos.String()
 }

+func (c *centos) TemplateKernelUrlsScript() string { return centosKernelTemplate }
+
 func (c *centos) TemplateScript() string {
 	return centosTemplate
 }
@ -176,10 +180,9 @@ func (c *centos) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return urls, nil
 }

-func (c *centos) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *centos) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return centosTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/debian.go
+++ b/pkg/driverbuilder/builder/debian.go
@ -17,6 +17,7 @@ package builder
 import (
 	_ "embed"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"net/http"
 	"regexp"
@ -25,6 +26,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/debian_kernel.sh
+var debianKernelTemplate string
+
 //go:embed templates/debian.sh
 var debianTemplate string

@ -42,7 +46,6 @@ func init() {
 }

 type debianTemplateData struct {
-	commonTemplateData
 	KernelDownloadURLS   []string
 	KernelLocalVersion   string
 	KernelHeadersPattern string
@ -56,6 +59,8 @@ func (v *debian) Name() string {
 	return TargetTypeDebian.String()
 }

+func (v *debian) TemplateKernelUrlsScript() string { return debianKernelTemplate }
+
 func (v *debian) TemplateScript() string {
 	return debianTemplate
 }
@ -64,16 +69,17 @@ func (v *debian) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchDebianKernelURLs(kr)
 }

-func (v *debian) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (v *debian) KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} {
 	var KernelHeadersPattern string
 	if strings.HasSuffix(kr.Extraversion, "pve") {
 		KernelHeadersPattern = "linux-headers-*pve"
+	} else if strings.Contains(kr.FullExtraversion, "rpi") {
+		KernelHeadersPattern = "linux-headers-*-rpi-v*"
 	} else {
 		KernelHeadersPattern = "linux-headers-*" + kr.Architecture.String()
 	}

 	return debianTemplateData{
-		commonTemplateData:   c.toTemplateData(v, kr),
 		KernelDownloadURLS:   urls,
 		KernelLocalVersion:   kr.FullExtraversion,
 		KernelHeadersPattern: KernelHeadersPattern,
@ -129,9 +135,18 @@ func fetchDebianHeadersURLFromRelease(baseURL string, kr kernelrelease.KernelRel
 	matchExtraGroupCommon := "common"

 	// match for kernel versions like 4.19.0-6-cloud-amd64
-	if strings.Contains(kr.FullExtraversion, "-cloud") {
-		extraVersionPartial = strings.TrimSuffix(extraVersionPartial, "-cloud")
-		matchExtraGroup = "cloud-" + matchExtraGroup
+	supportedExtraFlavors := []string{"cloud", "rt", "rpi"}
+	for _, supportedExtraFlavor := range supportedExtraFlavors {
+		if strings.Contains(kr.FullExtraversion, "-"+supportedExtraFlavor) {
+			extraVersionPartial = strings.TrimSuffix(extraVersionPartial, "-"+supportedExtraFlavor)
+			matchExtraGroup = supportedExtraFlavor + "-" + matchExtraGroup
+
+			// rpi and rt have a different common package, named `common-{rt,rpi}`
+			if supportedExtraFlavor == "rt" || supportedExtraFlavor == "rpi" {
+				matchExtraGroupCommon += "-" + supportedExtraFlavor
+			}
+			break
+		}
 	}

 	// download index
@ -140,7 +155,7 @@ func fetchDebianHeadersURLFromRelease(baseURL string, kr kernelrelease.KernelRel
 		return nil, err
 	}
 	defer resp.Body.Close()
-	body, err := ioutil.ReadAll(resp.Body)
+	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/driverbuilder/builder/fedora.go
+++ b/pkg/driverbuilder/builder/fedora.go
@ -22,6 +22,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/fedora_kernel.sh
+var fedoraKernelTemplate string
+
 //go:embed templates/fedora.sh
 var fedoraTemplate string

@ -37,7 +40,6 @@ type fedora struct {
 }

 type fedoraTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -45,6 +47,8 @@ func (c *fedora) Name() string {
 	return TargetTypeFedora.String()
 }

+func (c *fedora) TemplateKernelUrlsScript() string { return fedoraKernelTemplate }
+
 func (c *fedora) TemplateScript() string {
 	return fedoraTemplate
 }
@ -81,15 +85,21 @@ func (c *fedora) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 			kr.Fullversion,
 			kr.FullExtraversion,
 		),
+		fmt.Sprintf( // updates-archive
+			"https://fedoraproject-updates-archive.fedoraproject.org/fedora/%s/%s/kernel-devel-%s%s.rpm",
+			version,
+			kr.Architecture.ToNonDeb(),
+			kr.Fullversion,
+			kr.FullExtraversion,
+		),
 	}

 	// return out all possible urls
 	return urls, nil
 }

-func (c *fedora) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *fedora) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return fedoraTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }
--- a/pkg/driverbuilder/builder/flatcar.go
+++ b/pkg/driverbuilder/builder/flatcar.go
@ -21,10 +21,13 @@ import (
 	"net/http"
 	"strings"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/flatcar_kernel.sh
+var flatcarKernelTemplate string
+
 //go:embed templates/flatcar.sh
 var flatcarTemplate string

@ -36,7 +39,6 @@ func init() {
 }

 type flatcarTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -49,6 +51,10 @@ func (f *flatcar) Name() string {
 	return TargetTypeFlatcar.String()
 }

+func (f *flatcar) TemplateKernelUrlsScript() string {
+	return flatcarKernelTemplate
+}
+
 func (f *flatcar) TemplateScript() string {
 	return flatcarTemplate
 }
@ -60,7 +66,7 @@ func (f *flatcar) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchFlatcarKernelURLS(f.info.KernelVersion), nil
 }

-func (f *flatcar) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (f *flatcar) KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} {
 	// This happens when `kernelurls` option is passed,
 	// therefore URLs() method is not called.
 	if f.info == nil {
@ -70,8 +76,7 @@ func (f *flatcar) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []
 	}

 	return flatcarTemplateData{
-		commonTemplateData: c.toTemplateData(f, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/image.go
+++ b/pkg/driverbuilder/builder/image.go
@ -17,12 +17,12 @@ package builder
 import (
 	"context"
 	"fmt"
-	"log/slog"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"os"
 	"regexp"
 	"strings"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 	"github.com/falcosecurity/falcoctl/pkg/oci/repository"
 	"gopkg.in/yaml.v3"
@ -47,7 +47,7 @@ type Image struct {
 }

 type ImagesLister interface {
-	LoadImages() []Image
+	LoadImages(printer *output.Printer) []Image
 }

 type FileImagesLister struct {
@ -98,7 +98,7 @@ func NewFileImagesLister(filePath string, build *Build) (*FileImagesLister, erro
 	}, nil
 }

-func (f *FileImagesLister) LoadImages() []Image {
+func (f *FileImagesLister) LoadImages(printer *output.Printer) []Image {
 	var (
 		res       []Image
 		imageList YAMLImagesList
@ -107,37 +107,43 @@ func (f *FileImagesLister) LoadImages() []Image {
 	// loop over lines in file to print them
 	fileData, err := os.ReadFile(f.FilePath)
 	if err != nil {
-		slog.With("err", err.Error(), "FilePath", f.FilePath).Warn("Error opening builder repo file")
+		printer.Logger.Warn("error opening builder repo file",
+			printer.Logger.Args("err", err.Error(), "filepath", f.FilePath))
 		return res
 	}

 	err = yaml.Unmarshal(fileData, &imageList)
 	if err != nil {
-		slog.With("err", err.Error(), "FilePath", f.FilePath).Warn("Error unmarshalling builder repo file")
+		printer.Logger.Warn("error unmarshalling builder repo file",
+			printer.Logger.Args("err", err.Error(), "filepath", f.FilePath))
 		return res
 	}

 	for _, image := range imageList.Images {
-		logger := slog.With("FilePath", f.FilePath, "image", image)
 		// Values checks
 		if image.Arch != f.Arch {
-			logger.Debug("Skipping wrong-arch image")
+			printer.Logger.Debug("skipping wrong-arch image",
+				printer.Logger.Args("filepath", f.FilePath, "image", image))
 			continue
 		}
 		if image.Tag != f.Tag {
-			logger.Debug("Skipping wrong-tag image")
+			printer.Logger.Debug("skipping wrong-tag image",
+				printer.Logger.Args("filepath", f.FilePath, "image", image))
 			continue
 		}
 		if image.Target != "any" && image.Target != f.Target {
-			logger.Debug("Skipping wrong-target image")
+			printer.Logger.Debug("skipping wrong-target image",
+				printer.Logger.Args("filepath", f.FilePath, "image", image))
 			continue
 		}
 		if image.Name == "" {
-			logger.Debug("Skipping empty name image")
+			printer.Logger.Debug("skipping empty name image",
+				printer.Logger.Args("filepath", f.FilePath, "image", image))
 			continue
 		}
 		if len(image.GCCVersions) == 0 {
-			logger.Debug("Expected at least 1 gcc version")
+			printer.Logger.Debug("expected at least 1 gcc version",
+				printer.Logger.Args("filepath", f.FilePath, "image", image))
 			continue
 		}

@ -178,10 +184,11 @@ func NewRepoImagesLister(repo string, build *Build) (*RepoImagesLister, error) {
 	return &RepoImagesLister{repoOCI}, nil
 }

-func (repo *RepoImagesLister) LoadImages() []Image {
+func (repo *RepoImagesLister) LoadImages(printer *output.Printer) []Image {
 	tags, err := repo.Tags(context.Background())
 	if err != nil {
-		slog.With("Repo", repo.Reference, "err", err.Error()).Warn("Skipping repo")
+		printer.Logger.Warn("skipping repo",
+			printer.Logger.Args("repo", repo.Reference, "err", err.Error()))
 		return nil
 	}

@ -229,7 +236,7 @@ func (repo *RepoImagesLister) LoadImages() []Image {

 func (b *Build) LoadImages() {
 	for _, imagesLister := range b.ImagesListers {
-		for _, image := range imagesLister.LoadImages() {
+		for _, image := range imagesLister.LoadImages(b.Printer) {
 			// User forced a gcc version? Only load images matching the requested gcc version.
 			if b.GCCVersion != "" && b.GCCVersion != image.GCCVersion.String() {
 				continue
@ -241,8 +248,7 @@ func (b *Build) LoadImages() {
 		}
 	}
 	if len(b.Images) == 0 {
-		slog.Error("Could not load any builder image. Leaving.")
-		os.Exit(1)
+		b.Printer.Logger.Fatal("Could not load any builder image. Leaving.")
 	}
 }

--- a/pkg/driverbuilder/builder/image_test.go
+++ b/pkg/driverbuilder/builder/image_test.go
@ -15,12 +15,14 @@ limitations under the License.
 package builder

 import (
+	"github.com/falcosecurity/falcoctl/pkg/output"
+	"github.com/pterm/pterm"
 	"io"
 	"net/http"
 	"os"
 	"testing"

-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/docker/docker/testutil/registry"
 	"gotest.tools/assert"
 )
@ -236,6 +238,8 @@ images:
 }

 func TestFileImagesLister(t *testing.T) {
+	printer := output.NewPrinter(pterm.LogLevelInfo, pterm.LogFormatterColorful, os.Stdout)
+
 	// setup images file
 	f, err := os.CreateTemp(t.TempDir(), "imagetest")
 	if err != nil {
@ -269,11 +273,13 @@ func TestFileImagesLister(t *testing.T) {
 			t.Fatal(err)
 		}

-		assert.DeepEqual(t, test.expected, lister.LoadImages())
+		assert.DeepEqual(t, test.expected, lister.LoadImages(printer))
 	}
 }

 func TestRepoImagesLister(t *testing.T) {
+	printer := output.NewPrinter(pterm.LogLevelInfo, pterm.LogFormatterColorful, os.Stdout)
+
 	mock, err := registry.NewMock(t)
 	assert.NilError(t, err)
 	defer mock.Close()
@ -300,6 +306,6 @@ func TestRepoImagesLister(t *testing.T) {
 		mock.RegisterHandler("/v2/foo/test/tags/list", func(w http.ResponseWriter, r *http.Request) {
 			w.Write([]byte(test.jsonData))
 		})
-		assert.DeepEqual(t, test.expected, lister.LoadImages())
+		assert.DeepEqual(t, test.expected, lister.LoadImages(printer))
 	}
 }
--- a/pkg/driverbuilder/builder/local.go
+++ b/pkg/driverbuilder/builder/local.go
@ -4,6 +4,7 @@ import (
 	_ "embed"
 	"fmt"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
+	"path/filepath"
 )

 // NOTE: since this is only used by local build,
@ -23,6 +24,10 @@ func (l *LocalBuilder) Name() string {
 	return "local"
 }

+func (l *LocalBuilder) TemplateKernelUrlsScript() string {
+	panic("cannot be called on local builder")
+}
+
 func (l *LocalBuilder) TemplateScript() string {
 	return localTemplate
 }
@ -44,16 +49,28 @@ type localTemplateData struct {
 	KernelRelease string
 }

-func (l *LocalBuilder) TemplateData(c Config, kr kernelrelease.KernelRelease, _ []string) interface{} {
+func (l *LocalBuilder) KernelTemplateData(_ kernelrelease.KernelRelease, _ []string) interface{} {
+	panic("cannot be called on local builder")
+}
+
+func (l *LocalBuilder) TemplateData(c Config, kr kernelrelease.KernelRelease) interface{} {
 	return localTemplateData{
 		commonTemplateData: commonTemplateData{
-			DriverBuildDir:    l.GetDriverBuildDir(),
-			ModuleDownloadURL: fmt.Sprintf("%s/%s.tar.gz", c.DownloadBaseURL, c.DriverVersion),
-			ModuleDriverName:  c.DriverName,
-			ModuleFullPath:    l.GetModuleFullPath(c, kr),
-			BuildModule:       len(c.ModuleFilePath) > 0,
-			BuildProbe:        len(c.ProbeFilePath) > 0,
-			GCCVersion:        l.GccPath,
+			DriverBuildDir:   l.GetDriverBuildDir(),
+			ModuleDriverName: c.DriverName,
+			ModuleFullPath:   l.GetModuleFullPath(c, kr),
+			BuildModule:      len(c.ModuleFilePath) > 0,
+			BuildProbe:       len(c.ProbeFilePath) > 0,
+			GCCVersion:       l.GccPath,
+			CmakeCmd: fmt.Sprintf(cmakeCmdFmt,
+				c.DriverName,
+				c.DriverName,
+				c.DriverVersion,
+				c.DriverVersion,
+				c.DriverVersion,
+				c.DeviceName,
+				c.DeviceName,
+				c.DriverVersion),
 		},
 		UseDKMS:       l.UseDKMS,
 		DownloadSrc:   len(l.SrcDir) == 0, // if no srcdir is provided, download src!
@ -63,17 +80,26 @@ func (l *LocalBuilder) TemplateData(c Config, kr kernelrelease.KernelRelease, _
 }

 func (l *LocalBuilder) GetModuleFullPath(c Config, kr kernelrelease.KernelRelease) string {
-	moduleFullPath := ModuleFullPath
 	if l.UseDKMS {
 		// When using dkms, we will use a GLOB to match the pattern; ModuleFullPath won't be used in the templated script anyway.
-		moduleFullPath = fmt.Sprintf("/var/lib/dkms/%s/%s/%s/%s/module/%s.*", c.DriverName, c.DriverVersion, kr.String(), kr.Architecture.ToNonDeb(), c.DriverName)
+		return fmt.Sprintf("/var/lib/dkms/%s/%s/%s/%s/module/%s.*", c.DriverName, c.DriverVersion, kr.String(), kr.Architecture.ToNonDeb(), c.DriverName)
 	}
-	return moduleFullPath
+	if l.SrcDir != "" {
+		return filepath.Join(l.SrcDir, fmt.Sprintf("%s.ko", c.DriverName))
+	}
+	return c.ToDriverFullPath()
+}
+
+func (l *LocalBuilder) GetProbeFullPath(c Config) string {
+	if l.SrcDir != "" {
+		return filepath.Join(l.SrcDir, "bpf", "probe.o")
+	}
+	return c.ToProbeFullPath()
 }

 func (l *LocalBuilder) GetDriverBuildDir() string {
 	driverBuildDir := DriverDirectory
-	if len(l.SrcDir) > 0 {
+	if l.SrcDir != "" {
 		driverBuildDir = l.SrcDir
 	}
 	return driverBuildDir
--- a/pkg/driverbuilder/builder/minikube.go
+++ b/pkg/driverbuilder/builder/minikube.go
@ -15,7 +15,7 @@ limitations under the License.
 package builder

 import (
-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

@ -36,9 +36,8 @@ func (m *minikube) Name() string {
 	return TargetTypeMinikube.String()
 }

-func (m *minikube) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (m *minikube) KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} {
 	return vanillaTemplateData{
-		commonTemplateData: c.toTemplateData(m, kr),
 		KernelDownloadURL:  urls[0],
 		KernelLocalVersion: kr.FullExtraversion,
 	}
--- a/pkg/driverbuilder/builder/opensuse.go
+++ b/pkg/driverbuilder/builder/opensuse.go
@ -22,6 +22,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/opensuse_kernel.sh
+var opensuseKernelTemplate string
+
 //go:embed templates/opensuse.sh
 var opensuseTemplate string

@ -44,7 +47,7 @@ var baseURLs []string = []string{
 }

 // all known releases - will need to expand as more are added
-var releases []string = []string{
+var releases = []string{
 	// openSUSE leap
 	"43.2",
 	"15.0",
@ -69,7 +72,6 @@ type opensuse struct {
 }

 type opensuseTemplateData struct {
-	commonTemplateData
 	KernelDownloadURLs []string
 }

@ -81,6 +83,10 @@ func (o *opensuse) Name() string {
 	return TargetTypeOpenSUSE.String()
 }

+func (o *opensuse) TemplateKernelUrlsScript() string {
+	return opensuseKernelTemplate
+}
+
 func (o *opensuse) TemplateScript() string {
 	return opensuseTemplate
 }
@ -259,9 +265,8 @@ func validateURLs(urls []string, kernelDefaultDevelPattern string, kernelDevelNo

 }

-func (o *opensuse) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (o *opensuse) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return opensuseTemplateData{
-		commonTemplateData: cfg.toTemplateData(o, kr),
 		KernelDownloadURLs: urls,
 	}
 }
--- a/pkg/driverbuilder/builder/oracle.go
+++ b/pkg/driverbuilder/builder/oracle.go
@ -22,6 +22,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/oracle_kernel.sh
+var oracleKernelTemplate string
+
 //go:embed templates/oracle.sh
 var oracleTemplate string

@ -37,7 +40,6 @@ type oracle struct {
 }

 type oracleTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -45,6 +47,10 @@ func (c *oracle) Name() string {
 	return TargetTypeoracle.String()
 }

+func (c *oracle) TemplateKernelUrlsScript() string {
+	return oracleKernelTemplate
+}
+
 func (c *oracle) TemplateScript() string {
 	return oracleTemplate
 }
@ -119,9 +125,8 @@ func (c *oracle) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return urls, nil
 }

-func (c *oracle) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *oracle) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return oracleTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }
--- a/pkg/driverbuilder/builder/photon.go
+++ b/pkg/driverbuilder/builder/photon.go
@ -24,6 +24,9 @@ import (
 // TargetTypePhoton identifies the Photon target.
 const TargetTypePhoton Type = "photon"

+//go:embed templates/photonos_kernel.sh
+var photonKernelTemplate string
+
 //go:embed templates/photonos.sh
 var photonTemplate string

@ -36,7 +39,6 @@ type photon struct {
 }

 type photonTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -44,6 +46,10 @@ func (p *photon) Name() string {
 	return TargetTypePhoton.String()
 }

+func (p *photon) TemplateKernelUrlsScript() string {
+	return photonKernelTemplate
+}
+
 func (p *photon) TemplateScript() string {
 	return photonTemplate
 }
@ -52,10 +58,9 @@ func (p *photon) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchPhotonKernelURLS(kr), nil
 }

-func (p *photon) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (p *photon) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return photonTemplateData{
-		commonTemplateData: cfg.toTemplateData(p, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/redhat.go
+++ b/pkg/driverbuilder/builder/redhat.go
@ -20,6 +20,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/redhat_kernel.sh
+var redhatKernelTemplate string
+
 //go:embed templates/redhat.sh
 var redhatTemplate string

@ -35,7 +38,6 @@ func init() {
 }

 type redhatTemplateData struct {
-	commonTemplateData
 	KernelPackage string
 }

@ -43,11 +45,15 @@ func (v *redhat) Name() string {
 	return TargetTypeRedhat.String()
 }

+func (v *redhat) TemplateKernelUrlsScript() string {
+	return redhatKernelTemplate
+}
+
 func (v *redhat) TemplateScript() string {
 	return redhatTemplate
 }

-func (v *redhat) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
+func (v *redhat) URLs(_ kernelrelease.KernelRelease) ([]string, error) {
 	return nil, nil
 }

@ -56,9 +62,8 @@ func (v *redhat) MinimumURLs() int {
 	return 0
 }

-func (v *redhat) TemplateData(c Config, kr kernelrelease.KernelRelease, _ []string) interface{} {
+func (v *redhat) KernelTemplateData(kr kernelrelease.KernelRelease, _ []string) interface{} {
 	return redhatTemplateData{
-		commonTemplateData: c.toTemplateData(v, kr),
-		KernelPackage:      kr.Fullversion + kr.FullExtraversion,
+		KernelPackage: kr.Fullversion + kr.FullExtraversion,
 	}
 }
--- a/pkg/driverbuilder/builder/rocky.go
+++ b/pkg/driverbuilder/builder/rocky.go
@ -21,6 +21,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/rocky_kernel.sh
+var rockyKernelTemplate string
+
 //go:embed templates/rocky.sh
 var rockyTemplate string

@ -32,7 +35,6 @@ func init() {
 }

 type rockyTemplateData struct {
-	commonTemplateData
 	KernelDownloadURL string
 }

@ -44,6 +46,10 @@ func (c *rocky) Name() string {
 	return TargetTypeRocky.String()
 }

+func (c *rocky) TemplateKernelUrlsScript() string {
+	return rockyKernelTemplate
+}
+
 func (c *rocky) TemplateScript() string {
 	return rockyTemplate
 }
@ -52,10 +58,9 @@ func (c *rocky) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
 	return fetchRockyKernelURLS(kr), nil
 }

-func (c *rocky) TemplateData(cfg Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (c *rocky) KernelTemplateData(_ kernelrelease.KernelRelease, urls []string) interface{} {
 	return rockyTemplateData{
-		commonTemplateData: cfg.toTemplateData(c, kr),
-		KernelDownloadURL:  urls[0],
+		KernelDownloadURL: urls[0],
 	}
 }

--- a/pkg/driverbuilder/builder/sles.go
+++ b/pkg/driverbuilder/builder/sles.go
@ -20,6 +20,9 @@ import (
 	"github.com/falcosecurity/driverkit/pkg/kernelrelease"
 )

+//go:embed templates/sles_kernel.sh
+var slesKernelTemplate string
+
 //go:embed templates/sles.sh
 var slesTemplate string

@ -35,7 +38,6 @@ func init() {
 }

 type slesTemplateData struct {
-	commonTemplateData
 	KernelPackage string
 }

@ -43,11 +45,15 @@ func (v *sles) Name() string {
 	return TargetTypeSLES.String()
 }

+func (v *sles) TemplateKernelUrlsScript() string {
+	return slesKernelTemplate
+}
+
 func (v *sles) TemplateScript() string {
 	return slesTemplate
 }

-func (v *sles) URLs(kr kernelrelease.KernelRelease) ([]string, error) {
+func (v *sles) URLs(_ kernelrelease.KernelRelease) ([]string, error) {
 	return nil, nil
 }

@ -56,10 +62,9 @@ func (v *sles) MinimumURLs() int {
 	return 0
 }

-func (v *sles) TemplateData(c Config, kr kernelrelease.KernelRelease, _ []string) interface{} {
+func (v *sles) KernelTemplateData(kr kernelrelease.KernelRelease, _ []string) interface{} {
 	return slesTemplateData{
-		commonTemplateData: c.toTemplateData(v, kr),
-		KernelPackage:      kr.Fullversion + kr.FullExtraversion,
+		KernelPackage: kr.Fullversion + kr.FullExtraversion,
 	}
 }

--- a/pkg/driverbuilder/builder/talos.go
+++ b/pkg/driverbuilder/builder/talos.go
@ -35,9 +35,8 @@ func (b *talos) Name() string {
 	return TargetTypeTalos.String()
 }

-func (b *talos) TemplateData(c Config, kr kernelrelease.KernelRelease, urls []string) interface{} {
+func (b *talos) KernelTemplateData(kr kernelrelease.KernelRelease, urls []string) interface{} {
 	return vanillaTemplateData{
-		commonTemplateData: c.toTemplateData(b, kr),
 		KernelDownloadURL:  urls[0],
 		KernelLocalVersion: kr.FullExtraversion,
 	}
--- a/pkg/driverbuilder/builder/templates/alinux.sh
+++ b/pkg/driverbuilder/builder/templates/alinux.sh
@ -22,31 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
-rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -54,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/alinux_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/alinux_kernel.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
+rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/src/kernels/*/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/almalinux.sh
+++ b/pkg/driverbuilder/builder/templates/almalinux.sh
@ -22,31 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
-rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -54,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/almalinux_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/almalinux_kernel.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
+rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/src/kernels/*/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/amazonlinux.sh
+++ b/pkg/driverbuilder/builder/templates/amazonlinux.sh
@ -22,42 +22,20 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-{{ range $url := .KernelDownloadURLs }}
-curl --silent -o kernel.rpm -SL {{ $url }}
-rpm2cpio kernel.rpm | cpio --extract --make-directories
-rm -rf kernel.rpm
-{{ end }}
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
-# Build the kernel module
-cd {{ .DriverBuildDir }}
-
-make KERNELDIR=/tmp/kernel CC=/usr/bin/gcc-{{ .GCCVersion }} LD=/usr/bin/ld.bfd CROSS_COMPILE=""
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+# Build the module
+make CC=/usr/bin/gcc-{{ .GCCVersion }} LD=/usr/bin/ld.bfd CROSS_COMPILE="" driver
+strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
 {{ end }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/amazonlinux_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/amazonlinux_kernel.sh
@ -0,0 +1,38 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+{{ range $url := .KernelDownloadURLs }}
+curl --silent -o kernel.rpm -SL {{ $url }}
+rpm2cpio kernel.rpm | cpio --extract --make-directories
+rm -rf kernel.rpm
+{{ end }}
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/src/kernels/*/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/archlinux.sh
+++ b/pkg/driverbuilder/builder/templates/archlinux.sh
@ -22,31 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.pkg.tar.xz -SL {{ .KernelDownloadURL }}
-tar -xf kernel-devel.pkg.tar.xz
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/lib/modules/*/build/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -54,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/archlinux_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/archlinux_kernel.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.pkg.tar.xz -SL {{ .KernelDownloadURL }}
+tar -xf kernel-devel.pkg.tar.xz
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/lib/modules/*/build/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/centos.sh
+++ b/pkg/driverbuilder/builder/templates/centos.sh
@ -22,32 +22,14 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
-rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+sed -i 's/$(MAKE) -C $(KERNELDIR)/$(MAKE) KCFLAGS="-Wno-incompatible-pointer-types" -C $(KERNELDIR)/g' driver/Makefile.in
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-sed -i 's/make -C $(KERNELDIR)/make KCFLAGS="-Wno-incompatible-pointer-types" -C $(KERNELDIR)/g' Makefile
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -55,7 +37,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/centos_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/centos_kernel.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
+rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/src/kernels/*/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/debian.sh
+++ b/pkg/driverbuilder/builder/templates/debian.sh
@ -22,39 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-{{ range $url := .KernelDownloadURLS }}
-curl --silent -o kernel.deb -SL {{ $url }}
-ar x kernel.deb
-tar -xvf data.tar.xz
-{{ end }}
-
-cd /tmp/kernel-download/
-
-cp -r usr/* /usr
-cp -r lib/* /lib
-
-cd /usr/src
-sourcedir=$(find . -type d -name "{{ .KernelHeadersPattern }}" | head -n 1 | xargs readlink -f)
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=$sourcedir
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -62,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=$sourcedir
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/debian_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/debian_kernel.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+{{ range $url := .KernelDownloadURLS }}
+curl --silent -o kernel.deb -SL {{ $url }}
+ar x kernel.deb
+tar -xf data.tar.xz
+{{ end }}
+
+cd usr/src/
+sourcedir=$(find . -type d -name "{{ .KernelHeadersPattern }}" | head -n 1 | xargs readlink -f)
+
+# Patch makefile to avoid using absolute `/usr/src` path; instead use `..` relative one.
+sed -i 's/\/usr\/src/../g' $sourcedir/Makefile
+
+# exit value
+export KERNELDIR=$sourcedir
--- a/pkg/driverbuilder/builder/templates/fedora.sh
+++ b/pkg/driverbuilder/builder/templates/fedora.sh
@ -22,31 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
-rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -54,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/fedora_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/fedora_kernel.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
+rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv usr/src/kernels/*/* /tmp/kernel
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/flatcar.sh
+++ b/pkg/driverbuilder/builder/templates/flatcar.sh
@ -22,38 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -SL {{ .KernelDownloadURL }} | tar -Jxf - -C /tmp/kernel-download
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv /tmp/kernel-download/*/* /tmp/kernel
-
-# Prepare the kernel
-cd /tmp/kernel
-cp /driverkit/kernel.config /tmp/kernel.config
-
-sed -i -e 's|^\(EXTRAVERSION =\).*|\1 -flatcar|' Makefile
-make KCONFIG_CONFIG=/tmp/kernel.config oldconfig
-make KCONFIG_CONFIG=/tmp/kernel.config modules_prepare
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -61,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/flatcar_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/flatcar_kernel.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+curl --silent -SL {{ .KernelDownloadURL }} | tar -Jxf - -C /tmp/kernel-download
+rm -Rf /tmp/kernel
+mkdir -p /tmp/kernel
+mv /tmp/kernel-download/*/* /tmp/kernel
+
+# Prepare the kernel
+cd /tmp/kernel
+cp /driverkit/kernel.config /tmp/kernel.config
+
+sed -i -e 's|^\(EXTRAVERSION =\).*|\1 -flatcar|' Makefile
+make KCONFIG_CONFIG=/tmp/kernel.config oldconfig
+make KCONFIG_CONFIG=/tmp/kernel.config modules_prepare
+
+# exit value
+export KERNELDIR=/tmp/kernel
--- a/pkg/driverbuilder/builder/templates/libs_download.sh
+++ b/pkg/driverbuilder/builder/templates/libs_download.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+rm -Rf {{ .DriverBuildDir }}
+mkdir {{ .DriverBuildDir }}
+rm -Rf /tmp/module-download
+mkdir -p /tmp/module-download
+
+curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
+mv /tmp/module-download/*/* {{ .DriverBuildDir }}
+
+rm -Rf /tmp/module-download
--- a/pkg/driverbuilder/builder/templates/local.sh
+++ b/pkg/driverbuilder/builder/templates/local.sh
@ -20,20 +20,15 @@
 # looking for it in a bunch of ways. Convenient when running Falco inside
 # a container or in other weird environments.
 #
-set -xeuo pipefail
+set -xeo pipefail

+{{ if or .BuildProbe (and  .BuildModule (not .UseDKMS)) }}
+cd {{ .DriverBuildDir }}
 {{ if .DownloadSrc }}
-echo "* Downloading driver sources"
-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /tmp/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /tmp/fill-driver-config.sh {{ .DriverBuildDir }}
+echo "* Configuring sources with cmake"
+mkdir -p build && cd build
+{{ .CmakeCmd }}
+{{ end }}
 {{ end }}

 {{ if .BuildModule }}
@ -43,14 +38,21 @@ echo "* Building kmod with DKMS"
 echo "#!/usr/bin/env bash" > "/tmp/falco-dkms-make"
 echo "make CC={{ .GCCVersion }} \$@" >> "/tmp/falco-dkms-make"
 chmod +x "/tmp/falco-dkms-make"
-dkms install --directive="MAKE='/tmp/falco-dkms-make'" -m "{{ .ModuleDriverName }}" -v "{{ .DriverVersion }}" -k "{{ .KernelRelease }}"
+if [[ -n "${KERNELDIR}" ]]; then
+  dkms install --kernelsourcedir ${KERNELDIR} --directive="MAKE='/tmp/falco-dkms-make'" -m "{{ .ModuleDriverName }}" -v "{{ .DriverVersion }}" -k "{{ .KernelRelease }}"
+else
+  dkms install --directive="MAKE='/tmp/falco-dkms-make'" -m "{{ .ModuleDriverName }}" -v "{{ .DriverVersion }}" -k "{{ .KernelRelease }}"
+fi
 rm -Rf "/tmp/falco-dkms-make"
 {{ else }}
 echo "* Building kmod"
-# Build the module
-cd {{ .DriverBuildDir }}
+{{ if .DownloadSrc }}
+# Build the module - cmake configured
+make CC={{ .GCCVersion }} driver
+{{ else }}
+# Build the module - preconfigured sources
 make CC={{ .GCCVersion }}
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+{{ end }}
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -59,10 +61,20 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 echo "* Building eBPF probe"
-# Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
+if [ ! -d /sys/kernel/debug/tracing ]; then
+  echo "* Mounting debugfs"
+  # Do not fail if this fails.
+  mount -t debugfs nodev /sys/kernel/debug || :
+fi
+
+{{ if .DownloadSrc }}
+# Build the eBPF probe - cmake configured
+make bpf
+ls -l driver/bpf/probe.o
+{{ else }}
+# Build the eBPF probe - preconfigured sources
+cd bpf
 make
 ls -l probe.o
 {{ end }}
-
-rm -Rf /tmp/module-download
+{{ end }}
--- a/pkg/driverbuilder/builder/templates/opensuse.sh
+++ b/pkg/driverbuilder/builder/templates/opensuse.sh
@ -22,34 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-{{range $url := .KernelDownloadURLs}}
-curl --silent -o kernel-devel.rpm -SL {{ $url }}
-# cpio will warn *extremely verbose* when trying to duplicate over the same directory - redirect stderr to null
-rpm2cpio kernel-devel.rpm | cpio --quiet --extract --make-directories 2> /dev/null
-{{end}}
-cd /tmp/kernel-download/usr/src
-ls -alh /tmp/kernel-download/usr/src
-sourcedir="$(find . -type d -name "linux-*-obj" | head -n 1 | xargs readlink -f)/*/default"
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=$sourcedir
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -57,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/pkg/driverbuilder/builder/templates/opensuse_kernel.sh
+++ b/pkg/driverbuilder/builder/templates/opensuse_kernel.sh
@ -0,0 +1,37 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+#
+# Copyright (C) 2023 The Falco Authors.
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Simple script that desperately tries to load the kernel instrumentation by
+# looking for it in a bunch of ways. Convenient when running Falco inside
+# a container or in other weird environments.
+#
+set -xeuo pipefail
+
+# Fetch the kernel
+mkdir /tmp/kernel-download
+cd /tmp/kernel-download
+{{range $url := .KernelDownloadURLs}}
+curl --silent -o kernel-devel.rpm -SL {{ $url }}
+# cpio will warn *extremely verbose* when trying to duplicate over the same directory - redirect stderr to null
+rpm2cpio kernel-devel.rpm | cpio --quiet --extract --make-directories 2> /dev/null
+{{end}}
+cd /tmp/kernel-download/usr/src
+sourcedir="$(find . -type d -name "linux-*-obj" | head -n 1 | xargs readlink -f)/*/default"
+
+# exit value
+export KERNELDIR=$sourcedir
--- a/pkg/driverbuilder/builder/templates/oracle.sh
+++ b/pkg/driverbuilder/builder/templates/oracle.sh
@ -22,31 +22,13 @@
 #
 set -xeuo pipefail

-rm -Rf {{ .DriverBuildDir }}
-mkdir {{ .DriverBuildDir }}
-rm -Rf /tmp/module-download
-mkdir -p /tmp/module-download
-
-curl --silent -SL {{ .ModuleDownloadURL }} | tar -xzf - -C /tmp/module-download
-mv /tmp/module-download/*/driver/* {{ .DriverBuildDir }}
-
-cp /driverkit/module-Makefile {{ .DriverBuildDir }}/Makefile
-bash /driverkit/fill-driver-config.sh {{ .DriverBuildDir }}
-
-# Fetch the kernel
-mkdir /tmp/kernel-download
-cd /tmp/kernel-download
-curl --silent -o kernel-devel.rpm -SL {{ .KernelDownloadURL }}
-rpm2cpio kernel-devel.rpm | cpio --extract --make-directories
-rm -Rf /tmp/kernel
-mkdir -p /tmp/kernel
-mv usr/src/kernels/*/* /tmp/kernel
+cd {{ .DriverBuildDir }}
+mkdir -p build && cd build
+{{ .CmakeCmd }}

 {{ if .BuildModule }}
 # Build the module
-cd {{ .DriverBuildDir }}
-make CC=/usr/bin/gcc-{{ .GCCVersion }} KERNELDIR=/tmp/kernel
-mv {{ .ModuleDriverName }}.ko {{ .ModuleFullPath }}
+make CC=/usr/bin/gcc-{{ .GCCVersion }} driver
 strip -g {{ .ModuleFullPath }}
 # Print results
 modinfo {{ .ModuleFullPath }}
@ -54,7 +36,6 @@ modinfo {{ .ModuleFullPath }}

 {{ if .BuildProbe }}
 # Build the eBPF probe
-cd {{ .DriverBuildDir }}/bpf
-make KERNELDIR=/tmp/kernel
-ls -l probe.o
+make bpf
+ls -l driver/bpf/probe.o
 {{ end }}
--- a/Show More
+++ b/Show More