container

package

v0.0.0-...-862fb52 Latest Latest Go to latest Published: Oct 25, 2024 License: Apache-2.0 Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/slimtoolkit/slim

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func BuildStartupCommand(entrypoint []string, cmd []string, shell []string, clearEntrypoint bool, ...) []string
type Inspector
- func NewInspector(xc *app.ExecutionContext, crOpts *config.ContainerRunOptions, ...) (*Inspector, error)
type NetNameInfo

Constants ¶

View Source

const (
	SensorIPCModeDirect = "direct"
	SensorIPCModeProxy  = "proxy"
	SensorBinPath       = "/opt/_slim/bin/slim-sensor"
	ContainerNamePat    = "slimk_%v_%v"
	ArtifactsDir        = "artifacts"
	ReportArtifactTar   = "creport.tar"

	FileArtifactsOutTar = "files_out.tar"
	// FileArtifactsArchiveTar = "files_archive.tar"
	SensorMountPat       = "%s:/opt/_slim/bin/slim-sensor:ro"
	VolumeSensorMountPat = "%s:/opt/_slim/bin:ro"
	LabelName            = "_slim"
	MondelArtifactTar    = "mondel.tar"
)

Container inspector constants

Variables ¶

View Source

var ErrStartMonitorTimeout = errors.New("start monitor timeout")

Functions ¶

func BuildStartupCommand ¶

func BuildStartupCommand(
	entrypoint []string,
	cmd []string,
	shell []string,
	clearEntrypoint bool,
	newEntrypoint []string,
	clearCmd bool,
	newCmd []string) []string

Types ¶

type Inspector ¶

type Inspector struct {
	ContainerInfo         *dockerapi.Container
	ContainerPortsInfo    string
	ContainerPortList     string
	AvailablePorts        map[dockerapi.Port]dockerapi.PortBinding // Ports found to be available for probing.
	ContainerID           string
	ContainerName         string
	FatContainerCmd       []string
	LocalVolumePath       string
	DoUseLocalMounts      bool
	SensorVolumeName      string
	DoKeepTmpArtifacts    bool
	StatePath             string
	CmdPort               dockerapi.Port
	EvtPort               dockerapi.Port
	DockerHostIP          string
	ImageInspector        *image.Inspector
	APIClient             *dockerapi.Client
	Overrides             *config.ContainerOverrides
	ExplicitVolumeMounts  map[string]config.VolumeMount
	BaseMounts            []dockerapi.HostMount
	BaseVolumesFrom       []string
	DoPublishExposedPorts bool
	HasClassicLinks       bool
	Links                 []string
	EtcHostsMaps          []string
	DNSServers            []string
	DNSSearchDomains      []string
	DoShowContainerLogs   bool
	DoEnableMondel        bool
	RunTargetAsUser       bool
	KeepPerms             bool
	PathPerms             map[string]*fsutil.AccessInfo
	ExcludePatterns       map[string]*fsutil.AccessInfo
	DoExcludeVarLockFiles bool
	PreservePaths         map[string]*fsutil.AccessInfo
	IncludePaths          map[string]*fsutil.AccessInfo
	IncludeBins           map[string]*fsutil.AccessInfo
	IncludeDirBinsList    map[string]*fsutil.AccessInfo
	IncludeExes           map[string]*fsutil.AccessInfo
	DoIncludeShell        bool
	DoIncludeWorkdir      bool
	DoIncludeCertAll      bool
	DoIncludeCertBundles  bool
	DoIncludeCertDirs     bool
	DoIncludeCertPKAll    bool
	DoIncludeCertPKDirs   bool
	DoIncludeNew          bool
	DoIncludeSSHClient    bool
	DoIncludeOSLibsNet    bool
	DoIncludeZoneInfo     bool
	SelectedNetworks      map[string]NetNameInfo
	DoDebug               bool
	LogLevel              string
	LogFormat             string
	PrintState            bool
	InContainer           bool
	RTASourcePT           bool
	DoObfuscateMetadata   bool
	SensorIPCEndpoint     string
	SensorIPCMode         string
	TargetHost            string
	// contains filtered or unexported fields
}

Inspector is a container execution inspector

func NewInspector ¶

func NewInspector(
	xc *app.ExecutionContext,
	crOpts *config.ContainerRunOptions,
	logger *log.Entry,
	client *dockerapi.Client,
	statePath string,
	imageInspector *image.Inspector,
	localVolumePath string,
	doUseLocalMounts bool,
	sensorVolumeName string,
	doKeepTmpArtifacts bool,
	overrides *config.ContainerOverrides,
	explicitVolumeMounts map[string]config.VolumeMount,
	baseMounts []dockerapi.HostMount,
	baseVolumesFrom []string,
	portBindings map[dockerapi.Port][]dockerapi.PortBinding,
	doPublishExposedPorts bool,
	hasClassicLinks bool,
	links []string,
	etcHostsMaps []string,
	dnsServers []string,
	dnsSearchDomains []string,
	showContainerLogs bool,
	doEnableMondel bool,
	runTargetAsUser bool,
	keepPerms bool,
	pathPerms map[string]*fsutil.AccessInfo,
	excludePatterns map[string]*fsutil.AccessInfo,
	doExcludeVarLockFiles bool,
	preservePaths map[string]*fsutil.AccessInfo,
	includePaths map[string]*fsutil.AccessInfo,
	includeBins map[string]*fsutil.AccessInfo,
	includeDirBinsList map[string]*fsutil.AccessInfo,
	includeExes map[string]*fsutil.AccessInfo,
	doIncludeShell bool,
	doIncludeWorkdir bool,
	doIncludeCertAll bool,
	doIncludeCertBundles bool,
	doIncludeCertDirs bool,
	doIncludeCertPKAll bool,
	doIncludeCertPKDirs bool,
	doIncludeNew bool,
	doIncludeSSHClient bool,
	doIncludeOSLibsNet bool,
	doIncludeZoneInfo bool,
	selectedNetworks map[string]NetNameInfo,

	doDebug bool,
	logLevel string,
	logFormat string,
	inContainer bool,
	rtaSourcePT bool,
	doObfuscateMetadata bool,
	sensorIPCEndpoint string,
	sensorIPCMode string,
	printState bool,
	appNodejsInspectOpts config.AppNodejsInspectOptions) (*Inspector, error)

NewInspector creates a new container execution inspector

func (*Inspector) FinishMonitoring ¶

func (i *Inspector) FinishMonitoring()

FinishMonitoring ends the target container monitoring activities

func (*Inspector) HasCollectedData ¶

func (i *Inspector) HasCollectedData() bool

HasCollectedData returns true if any data was produced monitoring the target container

func (*Inspector) ProcessCollectedData ¶

func (i *Inspector) ProcessCollectedData() error

ProcessCollectedData performs post-processing on the collected container data

func (*Inspector) RunContainer ¶

func (i *Inspector) RunContainer() error

RunContainer starts the container inspector instance execution

func (*Inspector) ShowContainerLogs ¶

func (i *Inspector) ShowContainerLogs()

func (*Inspector) ShutdownContainer ¶

func (i *Inspector) ShutdownContainer(terminateOnly bool) error

ShutdownContainer terminates the container inspector instance execution

type NetNameInfo ¶

type NetNameInfo struct {
	Name     string
	FullName string
	Aliases  []string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL