stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
console-runner-image / build-runner-image (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-14 16:24:16 +02:00
parent 233873f620
commit e2e404e705
37 changed files with 2079 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Zastava/StellaOps.Zastava.Observer/Worker/ContainerLifecycleHostedService.cs
View File

@@ -10,6 +10,7 @@ using StellaOps.Zastava.Observer.Configuration;
using StellaOps.Zastava.Observer.ContainerRuntime;
using StellaOps.Zastava.Observer.ContainerRuntime.Cri;
using StellaOps.Zastava.Observer.Runtime;
using StellaOps.Zastava.Observer.Runtime.ProcSnapshot;
namespace StellaOps.Zastava.Observer.Worker;
@@ -24,6 +25,7 @@ internal sealed class ContainerLifecycleHostedService : BackgroundService
private readonly ContainerStateTrackerFactory trackerFactory;
private readonly ContainerRuntimePoller poller;
private readonly IRuntimeProcessCollector processCollector;
private readonly IProcSnapshotCollector procSnapshotCollector;
private readonly TimeProvider timeProvider;
private readonly ILogger<ContainerLifecycleHostedService> logger;
private readonly Random jitterRandom = new();
@@ -38,6 +40,7 @@ internal sealed class ContainerLifecycleHostedService : BackgroundService
ContainerStateTrackerFactory trackerFactory,
ContainerRuntimePoller poller,
IRuntimeProcessCollector processCollector,
IProcSnapshotCollector procSnapshotCollector,
TimeProvider timeProvider,
ILogger<ContainerLifecycleHostedService> logger)
{
@@ -50,6 +53,7 @@ internal sealed class ContainerLifecycleHostedService : BackgroundService
this.trackerFactory = trackerFactory ?? throw new ArgumentNullException(nameof(trackerFactory));
this.poller = poller ?? throw new ArgumentNullException(nameof(poller));
this.processCollector = processCollector ?? throw new ArgumentNullException(nameof(processCollector));
this.procSnapshotCollector = procSnapshotCollector ?? throw new ArgumentNullException(nameof(procSnapshotCollector));
this.timeProvider = timeProvider ?? throw new ArgumentNullException(nameof(timeProvider));
this.logger = logger ?? throw new ArgumentNullException(nameof(logger));
}
@@ -112,6 +116,7 @@ internal sealed class ContainerLifecycleHostedService : BackgroundService
nodeName,
timeProvider,
processCollector,
procSnapshotCollector,
cancellationToken).ConfigureAwait(false);
if (envelopes.Count > 0)

21
src/Zastava/StellaOps.Zastava.Observer/Worker/ContainerRuntimePoller.cs
View File

@@ -6,6 +6,7 @@ using StellaOps.Zastava.Observer.ContainerRuntime.Cri;
using StellaOps.Zastava.Observer.Cri;
using StellaOps.Zastava.Observer.Posture;
using StellaOps.Zastava.Observer.Runtime;
using StellaOps.Zastava.Observer.Runtime.ProcSnapshot;
namespace StellaOps.Zastava.Observer.Worker;
@@ -29,6 +30,7 @@ internal sealed class ContainerRuntimePoller
string nodeName,
TimeProvider timeProvider,
IRuntimeProcessCollector? processCollector,
IProcSnapshotCollector? procSnapshotCollector,
CancellationToken cancellationToken)
{
ArgumentNullException.ThrowIfNull(tracker);
@@ -61,9 +63,21 @@ internal sealed class ContainerRuntimePoller
}
RuntimeProcessCapture? capture = null;
if (processCollector is not null && lifecycleEvent.Kind == ContainerLifecycleEventKind.Start)
StellaOps.Signals.Models.ProcSnapshotDocument? procSnapshot = null;
if (lifecycleEvent.Kind == ContainerLifecycleEventKind.Start)
{
capture = await processCollector.CollectAsync(enriched, cancellationToken).ConfigureAwait(false);
if (processCollector is not null)
{
capture = await processCollector.CollectAsync(enriched, cancellationToken).ConfigureAwait(false);
}
// Collect proc snapshot for language-specific runtime info (Java/PHP/.NET)
if (procSnapshotCollector is not null)
{
var imageDigest = enriched.ImageRef ?? enriched.Image ?? string.Empty;
procSnapshot = await procSnapshotCollector.CollectAsync(enriched, imageDigest, tenant, cancellationToken).ConfigureAwait(false);
}
}
RuntimePostureEvaluationResult? posture = null;
@@ -80,7 +94,8 @@ internal sealed class ContainerRuntimePoller
nodeName,
capture,
posture?.Posture,
posture?.Evidence));
posture?.Evidence,
procSnapshot));
}
}

5
src/Zastava/StellaOps.Zastava.Observer/Worker/RuntimeEventFactory.cs
View File

@@ -1,6 +1,7 @@
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;
using StellaOps.Signals.Models;
using StellaOps.Zastava.Core.Contracts;
using StellaOps.Zastava.Observer.Configuration;
using StellaOps.Zastava.Observer.ContainerRuntime;
@@ -20,7 +21,8 @@ internal static class RuntimeEventFactory
string nodeName,
RuntimeProcessCapture? capture = null,
RuntimePosture? posture = null,
IReadOnlyList<RuntimeEvidence>? additionalEvidence = null)
IReadOnlyList<RuntimeEvidence>? additionalEvidence = null,
ProcSnapshotDocument? procSnapshot = null)
{
ArgumentNullException.ThrowIfNull(lifecycleEvent);
ArgumentNullException.ThrowIfNull(endpoint);
@@ -62,6 +64,7 @@ internal static class RuntimeEventFactory
Process = capture?.Process,
LoadedLibraries = capture?.Libraries ?? Array.Empty<RuntimeLoadedLibrary>(),
Posture = posture,
ProcSnapshot = procSnapshot,
Evidence = MergeEvidence(capture?.Evidence, additionalEvidence),
Annotations = annotations.Count == 0 ? null : new SortedDictionary<string, string>(annotations, StringComparer.Ordinal)
};