MCPcopy
hub / github.com/crowdsecurity/crowdsec / checkContainers

Method checkContainers

pkg/acquisition/modules/docker/run.go:297–345  ·  view source on GitHub ↗
(ctx context.Context, monitChan chan *ContainerConfig, deleteChan chan *ContainerConfig)

Source from the content-addressed store, hash-verified

295}
296
297func (d *Source) checkContainers(ctx context.Context, monitChan chan *ContainerConfig, deleteChan chan *ContainerConfig) error {
298 // to track for garbage collection
299 runningContainersID := make(map[string]bool)
300
301 runningContainers, err := d.Client.ContainerList(ctx, client.ContainerListOptions{})
302 if err != nil {
303 if strings.Contains(strings.ToLower(err.Error()), "cannot connect to the docker daemon at") {
304 for id, container := range d.runningContainerState.GetAll() {
305 if container.t.Alive() {
306 d.logger.Infof("killing tail for container %s", container.Name)
307 container.t.Kill(nil)
308
309 if err := container.t.Wait(); err != nil {
310 d.logger.Infof("error while waiting for death of %s : %s", container.Name, err)
311 }
312 }
313
314 d.runningContainerState.Delete(id)
315 }
316 } else {
317 log.Errorf("container list err: %s", err)
318 }
319
320 return err
321 }
322
323 for _, container := range runningContainers.Items {
324 runningContainersID[container.ID] = true
325
326 // don't need to re eval an already monitored container
327 if _, ok := d.runningContainerState.Get(container.ID); ok {
328 continue
329 }
330
331 if containerConfig := d.EvalContainer(ctx, container); containerConfig != nil {
332 monitChan <- containerConfig
333 }
334 }
335
336 for containerStateID, containerConfig := range d.runningContainerState.GetAll() {
337 if _, ok := runningContainersID[containerStateID]; !ok {
338 deleteChan <- containerConfig
339 }
340 }
341
342 d.logger.Tracef("Reading logs from %d containers", d.runningContainerState.Len())
343
344 return nil
345}
346
347type subscription struct {
348 events <-chan dockerTypesEvents.Message

Callers 1

WatchMethod · 0.95

Calls 9

EvalContainerMethod · 0.95
ContainerListMethod · 0.80
GetAllMethod · 0.80
KillMethod · 0.80
TracefMethod · 0.80
ErrorMethod · 0.65
DeleteMethod · 0.45
GetMethod · 0.45
LenMethod · 0.45

Tested by

no test coverage detected