containerwatcher

package
v0.3.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2025 License: Apache-2.0 Imports: 42 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateIGContainerWatcher 

func CreateIGContainerWatcher(
	cfg config.Config,
	containerProfileManager containerprofilemanager.ContainerProfileManagerClient,
	k8sClient *k8sinterface.KubernetesApi,
	igK8sClient *containercollection.K8sClient,
	dnsManagerClient dnsmanager.DNSManagerClient,
	metrics metricsmanager.MetricsManager,
	ruleManager rulemanager.RuleManagerClient,
	malwareManager malwaremanager.MalwareManagerClient,
	sbomManager sbommanager.SbomManagerClient,
	ruleBindingPodNotify *chan rulebindingmanager.RuleBindingNotify,
	runtime *containerutilsTypes.RuntimeConfig,
	thirdPartyEnricher containerwatcher.TaskBasedEnricher,
	processTreeManager processtree.ProcessTreeManager,
	clusterName string,
	objectCache objectcache.ObjectCache,
	networkStreamClient networkstream.NetworkStreamClient,
	containerProcessTree containerprocesstree.ContainerProcessTree,
	thirdPartyTracers containerwatcher.ThirdPartyTracers,
) (containerwatcher.ContainerWatcher, error)

CreateIGContainerWatcher creates a new container watcher with the ordered event processing design This function maintains compatibility with the v1 API while using the new v2 implementation

Types

type ContainerWatcher 

type ContainerWatcher struct {
	// contains filtered or unexported fields
}

ContainerWatcher represents the new container watcher implementation

func CreateContainerWatcher 

func CreateContainerWatcher(
	cfg config.Config,
	containerProfileManager containerprofilemanager.ContainerProfileManagerClient,
	k8sClient *k8sinterface.KubernetesApi,
	igK8sClient *containercollection.K8sClient,
	dnsManagerClient dnsmanager.DNSManagerClient,
	metrics metricsmanager.MetricsManager,
	ruleManager rulemanager.RuleManagerClient,
	malwareManager malwaremanager.MalwareManagerClient,
	sbomManager sbommanager.SbomManagerClient,
	ruleBindingPodNotify *chan rulebindingmanager.RuleBindingNotify,
	runtime *containerutilsTypes.RuntimeConfig,
	thirdPartyEnricher containerwatcher.TaskBasedEnricher,
	processTreeManager processtree.ProcessTreeManager,
	clusterName string,
	objectCache objectcache.ObjectCache,
	networkStreamClient networkstream.NetworkStreamClient,
	containerProcessTree containerprocesstree.ContainerProcessTree,
	thirdPartyTracers containerwatcher.ThirdPartyTracers,
) (*ContainerWatcher, error)

CreateContainerWatcher creates a new container watcher with the ordered event processing design

func (*ContainerWatcher) GetContainerCollection 

func (cw *ContainerWatcher) GetContainerCollection() *containercollection.ContainerCollection

GetContainerCollection returns the container collection

func (*ContainerWatcher) GetContainerSelector 

func (cw *ContainerWatcher) GetContainerSelector() *containercollection.ContainerSelector

GetContainerSelector returns the container selector

func (*ContainerWatcher) GetSocketEnricher 

func (cw *ContainerWatcher) GetSocketEnricher() *socketenricher.SocketEnricher

GetSocketEnricher returns the socket enricher

func (*ContainerWatcher) GetTracerCollection 

func (cw *ContainerWatcher) GetTracerCollection() *tracercollection.TracerCollection

GetTracerCollection returns the tracer collection

func (*ContainerWatcher) Ready 

func (cw *ContainerWatcher) Ready() bool

Ready returns true if the container watcher is ready to process events

func (*ContainerWatcher) RegisterContainerReceiver 

func (cw *ContainerWatcher) RegisterContainerReceiver(receiver containerwatcher.ContainerReceiver)

func (*ContainerWatcher) Start 

func (cw *ContainerWatcher) Start(ctx context.Context) error

Start initializes and starts the container watcher

func (*ContainerWatcher) StartContainerCollection 

func (cw *ContainerWatcher) StartContainerCollection(ctx context.Context) error

StartContainerCollection starts the container collection

func (*ContainerWatcher) Stop 

func (cw *ContainerWatcher) Stop()

Stop gracefully stops the container watcher

func (*ContainerWatcher) StopContainerCollection 

func (cw *ContainerWatcher) StopContainerCollection()

StopContainerCollection stops the container collection

func (*ContainerWatcher) UnregisterContainerReceiver 

func (cw *ContainerWatcher) UnregisterContainerReceiver(receiver containerwatcher.ContainerReceiver)

UnregisterContainerReceiver unregisters a container receiver

type EventEnricher 

type EventEnricher struct {
	// contains filtered or unexported fields
}

EventEnricher handles event enrichment with metrics and logging

func NewEventEnricher 

func NewEventEnricher(
	processTreeManager processtree.ProcessTreeManager,
) *EventEnricher

NewEventEnricher creates a new event enricher

func (*EventEnricher) EnrichEvents 

func (ee *EventEnricher) EnrichEvents(entry EventEntry) *ebpfevents.EnrichedEvent

type EventEntry added in v0.3.3 

type EventEntry struct {
	EventType   utils.EventType
	Event       utils.K8sEvent
	Timestamp   time.Time
	ContainerID string
	ProcessID   uint32
}

type EventHandlerFactory 

type EventHandlerFactory struct {
	// contains filtered or unexported fields
}

EventHandlerFactory manages the mapping of event types to their managers

func NewEventHandlerFactory 

func NewEventHandlerFactory(
	cfg config.Config,
	containerCollection *containercollection.ContainerCollection,
	containerProfileManager containerprofilemanager.ContainerProfileManagerClient,
	dnsManager dnsmanager.DNSManagerClient,
	ruleManager rulemanager.RuleManagerClient,
	malwareManager malwaremanager.MalwareManagerClient,
	networkStreamClient networkstream.NetworkStreamClient,
	metrics metricsmanager.MetricsManager,
	thirdPartyEventReceivers *maps.SafeMap[utils.EventType, mapset.Set[containerwatcher.GenericEventReceiver]],
	thirdPartyEnricher containerwatcher.TaskBasedEnricher,
	rulePolicyReporter *rulepolicy.RulePolicyReporter,
) *EventHandlerFactory

NewEventHandlerFactory creates a new event handler factory

func (*EventHandlerFactory) ProcessEvent 

func (ehf *EventHandlerFactory) ProcessEvent(enrichedEvent *events.EnrichedEvent)

ProcessEvent processes an event through all registered handlers

type Manager 

type Manager interface {
}

Manager represents a component that can receive events

type ManagerAdapter 

type ManagerAdapter struct {
	// contains filtered or unexported fields
}

ManagerAdapter adapts different manager interfaces to the common Manager interface

func NewManagerAdapter 

func NewManagerAdapter(reportEventFunc func(eventType utils.EventType, event utils.K8sEvent)) *ManagerAdapter

NewManagerAdapter creates a new manager adapter

func (*ManagerAdapter) ReportEvent 

func (ma *ManagerAdapter) ReportEvent(eventType utils.EventType, event utils.K8sEvent)

ReportEvent implements the Manager interface

type OrderedEventQueue 

type OrderedEventQueue struct {
	// contains filtered or unexported fields
}

func NewOrderedEventQueue 

func NewOrderedEventQueue(collectionInterval time.Duration, maxBufferSize int) *OrderedEventQueue

func (*OrderedEventQueue) AddEventDirect 

func (oeq *OrderedEventQueue) AddEventDirect(eventType utils.EventType, event utils.K8sEvent, containerID string, processID uint32)

func (*OrderedEventQueue) Empty 

func (oeq *OrderedEventQueue) Empty() bool

Empty returns whether the queue is empty

func (*OrderedEventQueue) GetFullQueueAlertChannel 

func (oeq *OrderedEventQueue) GetFullQueueAlertChannel() <-chan struct{}

func (*OrderedEventQueue) PeekEvent 

func (oeq *OrderedEventQueue) PeekEvent() (EventEntry, bool)

func (*OrderedEventQueue) PopEvent 

func (oeq *OrderedEventQueue) PopEvent() (EventEntry, bool)

func (*OrderedEventQueue) Size 

func (oeq *OrderedEventQueue) Size() int

Size returns the number of events in the queue

type TracerManager 

type TracerManager struct {
	// contains filtered or unexported fields
}

func NewTracerManager 

func NewTracerManager(cfg config.Config, tracerFactory containerwatcher.TracerFactoryInterface) *TracerManager

func (*TracerManager) GetAllTracers 

func (tm *TracerManager) GetAllTracers() map[utils.EventType]containerwatcher.TracerInterface

func (*TracerManager) GetTracer 

func (tm *TracerManager) GetTracer(eventType utils.EventType) (containerwatcher.TracerInterface, bool)

func (*TracerManager) RegisterTracer 

func (tm *TracerManager) RegisterTracer(tracer containerwatcher.TracerInterface)

func (*TracerManager) StartAllTracers 

func (tm *TracerManager) StartAllTracers(ctx context.Context) error

func (*TracerManager) StopAllTracers 

func (tm *TracerManager) StopAllTracers() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.