utils

package
v0.2.130 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 29, 2024 License: Apache-2.0 Imports: 40 Imported by: 1

Documentation

Index

Constants

View Source
const (
	ErrKernelVersion = "incompatible kernel version"
	ErrMacOS         = "no vdso address found in auxv"
)
View Source
const (
	// standard exit codes
	ExitCodeSuccess = iota
	ExitCodeError   = 1

	// custom exit codes
	ExitCodeRuncNotFound       = 100
	ExitCodeIncompatibleKernel = 101
	ExitCodeMacOS              = 102
)
View Source
const (
	Unknown = iota
	Container
	InitContainer
	EphemeralContainer
)

Variables

View Source
var (
	ContainerHasTerminatedError = errors.New("container has terminated")
	ContainerReachedMaxTime     = errors.New("container reached max time")
	ObjectCompleted             = errors.New("object is completed")
	TooLargeObjectError         = errors.New("object is too large")
	IncompleteSBOMError         = errors.New("incomplete SBOM")
)

Functions

func AddRandomDuration

func AddRandomDuration(min, max int, duration time.Duration) time.Duration

AddRandomDuration adds between min and max seconds to duration

func After

func After(value string, a string) string

func Atoi

func Atoi(s string) int

func Between

func Between(value string, a string, b string) string

func CalculateFileHashes added in v0.2.122

func CalculateFileHashes(path string) (sha1Hash string, md5Hash string, err error)

CalculateFileHashes calculates both SHA1 and MD5 hashes of the given file.

func CalculateSHA256FileExecHash

func CalculateSHA256FileExecHash(path string, args []string) string

func ChunkBy added in v0.2.106

func ChunkBy[T any](items []T, chunkSize int) [][]T

func CreateK8sContainerID

func CreateK8sContainerID(namespaceName string, podName string, containerName string) string

func CreateK8sPodID

func CreateK8sPodID(namespaceName string, podName string) string

func CreateProcessTree

func CreateProcessTree(process *apitypes.Process, shimPid uint32) (*apitypes.Process, error)

Creates a process tree from a process. The process tree will be built from scanning the /proc filesystem.

func CurrentDir

func CurrentDir() string

func DetectContainerRuntimeViaK8sAPI added in v0.2.111

func DetectContainerRuntimeViaK8sAPI(ctx context.Context, k8sClient *k8sinterface.KubernetesApi, nodeName string) (*containerutilsTypes.RuntimeConfig, error)

func DetectContainerRuntimes added in v0.2.111

func DetectContainerRuntimes(hostMount string) ([]*containerutilsTypes.RuntimeConfig, error)

func EnrichApplicationProfileContainer

func EnrichApplicationProfileContainer(container *v1beta1.ApplicationProfileContainer, observedCapabilities, observedSyscalls []string, execs map[string][]string, opens map[string]mapset.Set[string])

func EnrichNeighborhoodContainer

func EnrichNeighborhoodContainer(container *v1beta1.NetworkNeighborhoodContainer, ingress, egress []v1beta1.NetworkNeighbor)

func EscapeJSONPointerElement

func EscapeJSONPointerElement(s string) string

EscapeJSONPointerElement escapes a JSON pointer element See https://www.rfc-editor.org/rfc/rfc6901#section-3

func GenerateNeighborsIdentifier

func GenerateNeighborsIdentifier(neighborEntry v1beta1.NetworkNeighbor) (string, error)

func GetApplicationProfileContainer

func GetApplicationProfileContainer(object *v1beta1.ApplicationProfile, containerType ContainerType, containerIndex int) *v1beta1.ApplicationProfileContainer

TODO make generic?

func GetCmdlineByPid

func GetCmdlineByPid(pid int) (*string, error)

func GetCommFromPid

func GetCommFromPid(pid uint32) (string, error)

func GetContainerStatuses

func GetContainerStatuses(podStatus v1.PodStatus) []v1.ContainerStatus

func GetExecArgsFromEvent

func GetExecArgsFromEvent(event *tracerexectype.Event) []string

Get exec args from the given event.

func GetExecPathFromEvent

func GetExecPathFromEvent(event *tracerexectype.Event) string

Get the path of the executable from the given event.

func GetFileSize

func GetFileSize(path string) (int64, error)

Get the size of the given file.

func GetHostFilePathFromEvent

func GetHostFilePathFromEvent(event interface{}, containerPid uint32) (string, error)

Get the path of the file on the node.

func GetLabels

func GetLabels(watchedContainer *WatchedContainerData, stripContainer bool) map[string]string

func GetNamespaceMatchLabels

func GetNamespaceMatchLabels(destinationNamespace, sourceNamespace string) map[string]string

func GetNetworkNeighborhoodContainer

func GetNetworkNeighborhoodContainer(object *v1beta1.NetworkNeighborhood, containerType ContainerType, containerIndex int) *v1beta1.NetworkNeighborhoodContainer

TODO make generic?

func GetPathFromPid

func GetPathFromPid(pid uint32) (string, error)

func GetProcessEnv

func GetProcessEnv(pid int) (map[string]string, error)

func GetProcessFromProcessTree

func GetProcessFromProcessTree(process *apitypes.Process, pid uint32) *apitypes.Process

func GetProcessStat

func GetProcessStat(pid int) (*procfs.ProcStat, error)

func SetInMap

func SetInMap(newExecMap *maps.SafeMap[string, mapset.Set[string]]) func(k string, v mapset.Set[string]) bool

func ToInstanceType

func ToInstanceType(c ContainerType) helpersv1.InstanceType

func TrimRuntimePrefix

func TrimRuntimePrefix(id string) string

TrimRuntimePrefix removes the runtime prefix from a container ID.

Types

type ContainerType

type ContainerType int

func (ContainerType) String

func (c ContainerType) String() string

type EventType

type EventType int
const (
	ExecveEventType EventType = iota
	OpenEventType
	CapabilitiesEventType
	DnsEventType
	NetworkEventType
	SyscallEventType
	RandomXEventType
	SymlinkEventType
	HardlinkEventType
	SSHEventType
	AllEventType
)

type PackageSourceInfoData

type PackageSourceInfoData struct {
	Exist                 bool
	PackageSPDXIdentifier []v1beta1.ElementID
}

type PatchOperation

type PatchOperation struct {
	Op    string      `json:"op"`
	Path  string      `json:"path"`
	Value interface{} `json:"value"`
}

func AppendStatusAnnotationPatchOperations

func AppendStatusAnnotationPatchOperations(existingPatch []PatchOperation, watchedContainer *WatchedContainerData) []PatchOperation

func CreateCapabilitiesPatchOperations

func CreateCapabilitiesPatchOperations(capabilities, syscalls []string, execs map[string][]string, opens map[string]mapset.Set[string], containerType string, containerIndex int) []PatchOperation

func CreateNetworkPatchOperations

func CreateNetworkPatchOperations(ingress, egress []v1beta1.NetworkNeighbor, containerType string, containerIndex int) []PatchOperation

type WatchedContainerCompletionStatus

type WatchedContainerCompletionStatus string
const (
	WatchedContainerCompletionStatusPartial WatchedContainerCompletionStatus = helpersv1.Partial
	WatchedContainerCompletionStatusFull    WatchedContainerCompletionStatus = helpersv1.Complete
)

type WatchedContainerData

type WatchedContainerData struct {
	InstanceID                                 instanceidhandler.IInstanceID
	UpdateDataTicker                           *time.Ticker
	SyncChannel                                chan error
	SBOMSyftFiltered                           *v1beta1.SBOMSyftFiltered
	RelevantRealtimeFilesByIdentifier          map[string]bool
	RelevantRelationshipsArtifactsByIdentifier map[string]bool
	RelevantArtifactsFilesByIdentifier         map[string]bool
	ParentResourceVersion                      string
	ContainerID                                string
	ImageTag                                   string
	ImageID                                    string
	Wlid                                       string
	TemplateHash                               string
	K8sContainerID                             string
	SBOMResourceVersion                        int
	ContainerType                              ContainerType
	ContainerIndex                             int
	ContainerNames                             map[ContainerType][]string
	NsMntId                                    uint64
	InitialDelayExpired                        bool

	ParentWorkloadSelector *metav1.LabelSelector
	SeccompProfilePath     *string
	// contains filtered or unexported fields
}

func (*WatchedContainerData) GetCompletionStatus

func (watchedContainer *WatchedContainerData) GetCompletionStatus() WatchedContainerCompletionStatus

func (*WatchedContainerData) GetStatus

func (watchedContainer *WatchedContainerData) GetStatus() WatchedContainerStatus

func (*WatchedContainerData) ResetStatusUpdatedFlag

func (watchedContainer *WatchedContainerData) ResetStatusUpdatedFlag()

func (*WatchedContainerData) SetCompletionStatus

func (watchedContainer *WatchedContainerData) SetCompletionStatus(newStatus WatchedContainerCompletionStatus)

func (*WatchedContainerData) SetContainerInfo

func (watchedContainer *WatchedContainerData) SetContainerInfo(wl workloadinterface.IWorkload, containerName string)

func (*WatchedContainerData) SetStatus

func (watchedContainer *WatchedContainerData) SetStatus(newStatus WatchedContainerStatus)

func (*WatchedContainerData) StatusUpdated

func (watchedContainer *WatchedContainerData) StatusUpdated() bool

type WatchedContainerStatus

type WatchedContainerStatus string
const (
	WatchedContainerStatusInitializing WatchedContainerStatus = helpersv1.Initializing
	WatchedContainerStatusReady        WatchedContainerStatus = helpersv1.Ready
	WatchedContainerStatusCompleted    WatchedContainerStatus = helpersv1.Completed

	WatchedContainerStatusMissingRuntime WatchedContainerStatus = helpersv1.MissingRuntime
	WatchedContainerStatusTooLarge       WatchedContainerStatus = helpersv1.TooLarge
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL