SONAR-14011 widen container detection

diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2.java b/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2.java
index b46a1e1e3c4ac80e06ec0375cfe0a9f4c8f4d2cf..3a4ca08f5bd267681676bdc51805c18032c85393 100644 (file)
--- a/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2.java
+++ b/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2.java
@@ -42,4 +42,6 @@ public interface Paths2 {
    * @see java.nio.file.Paths#get(URI) 
    */
   Path get(URI uri);
+
+  boolean exists(String first, String... more);
 }

diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2Impl.java b/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2Impl.java
index bd893aef5bbbc6b7de7339638ad39e10bd50c6df..0f99bd2fbf4756b5d2c8c3a92fab5fe66739b26e 100644 (file)
--- a/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2Impl.java
+++ b/server/sonar-server-common/src/main/java/org/sonar/server/util/Paths2Impl.java
@@ -23,6 +23,8 @@ import java.net.URI;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 
+import static java.nio.file.Path.of;
+
 public final class Paths2Impl implements Paths2 {
   private static final Paths2 INSTANCE = new Paths2Impl();
 
@@ -43,4 +45,9 @@ public final class Paths2Impl implements Paths2 {
   public Path get(URI uri) {
     return Paths.get(uri);
   }
+
+  @Override
+  public boolean exists(String first, String... more){
+    return of(first, more).toFile().exists();
+  }
 }

diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/util/Paths2ImplTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/util/Paths2ImplTest.java
index 9a61922efd0307d57e103718e82e5ad085700c56..d7c38dbae93c52a41f870a813107e5ac30ff0c18 100644 (file)
--- a/server/sonar-server-common/src/test/java/org/sonar/server/util/Paths2ImplTest.java
+++ b/server/sonar-server-common/src/test/java/org/sonar/server/util/Paths2ImplTest.java
@@ -28,6 +28,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static java.nio.file.Path.of;
 
 @RunWith(DataProviderRunner.class)
 public class Paths2ImplTest {
@@ -69,4 +70,11 @@ public class Paths2ImplTest {
       {URI.create("file:///b/c")}
     };
   }
+
+  @Test
+  @UseDataProvider("getStringParameters")
+  public void exists_returns_result_of_Paths_exists(String first, String... others) {
+    assertThat(Paths2Impl.getInstance().exists(first, others))
+      .isEqualTo(of(first, others).toFile().exists());
+  }
 }

diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/DockerSupportImpl.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/DockerSupportImpl.java
index 67f9e6fba108c2c185c79af8fc7cf4e1acff21cb..39fccd52b2c20da2135b37ad7af84f0a438d101f 100644 (file)
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/DockerSupportImpl.java
+++ b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/DockerSupportImpl.java
@@ -33,8 +33,11 @@ public class DockerSupportImpl implements DockerSupport {
 
   @Override
   public boolean isRunningInDocker() {
+    if (paths2.exists("/run/.containerenv")) {
+      return true;
+    }
     try (Stream<String> stream = Files.lines(paths2.get("/proc/1/cgroup"))) {
-      return stream.anyMatch(line -> line.contains("/docker"));
+      return stream.anyMatch(line -> line.contains("/docker") || line.contains("/kubepods") || line.contains("containerd.service") );
     } catch (IOException e) {
       return false;
     }

diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/DockerSupportImplTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/DockerSupportImplTest.java
index c5a27e248df8a288b8962ee3ac58018a4bb2bab3..b4525e92442f4e9d750765df0cae0c541b8892ce 100644 (file)
--- a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/DockerSupportImplTest.java
+++ b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/DockerSupportImplTest.java
@@ -36,6 +36,7 @@ import static org.mockito.Mockito.when;
 
 public class DockerSupportImplTest {
   private static final String CGROUP_DIR = "/proc/1/cgroup";
+  private static final String PODMAN_FILE_PATH = "/run/.containerenv";
 
   @Rule
   public TemporaryFolder temporaryFolder = new TemporaryFolder();
@@ -98,4 +99,60 @@ public class DockerSupportImplTest {
     assertThat(underTest.isRunningInDocker()).isTrue();
   }
 
+  @Test
+  public void isInDocker_returns_true_if_cgroup_dir_contains_file_with_kubepods_string() throws IOException {
+    Path cgroupFile = temporaryFolder.newFile().toPath();
+    String content = "11:blkio:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "10:cpuset:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "9:net_cls,net_prio:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "8:pids:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "7:perf_event:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "6:freezer:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "5:hugetlb:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "4:memory:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "3:devices:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "2:cpu,cpuacct:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366" + lineSeparator() +
+      "1:name=systemd:/kubepods/burstable/pod8e9a7fc0-4e11-4497-a424-19b9713eff0e/8953402928cc7fc95c7dc7bdb75b194139fe29e8fa196d7f90924deb29164366";
+    FileUtils.write(cgroupFile.toFile(), content, StandardCharsets.UTF_8);
+    when(paths2.get(CGROUP_DIR)).thenReturn(cgroupFile);
+
+    assertThat(underTest.isRunningInDocker()).isTrue();
+  }
+
+  @Test
+  public void isInDocker_returns_true_if_cgroup_dir_contains_file_with_containerd_string() throws IOException {
+    Path cgroupFile = temporaryFolder.newFile().toPath();
+    String content = "12:blkio:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "11:perf_event:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "10:hugetlb:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "9:pids:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "8:rdma:/" + lineSeparator() +
+      "7:memory:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "6:cpuset:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "5:net_cls,net_prio:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "4:freezer:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "3:cpu,cpuacct:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "2:devices:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "1:name=systemd:/default/846fe494c3021f068c9156ca6eb8a91038389b7e2a2b1ae9b050b33c3a5c9298" + lineSeparator() +
+      "0::/system.slice/containerd.service";
+    FileUtils.write(cgroupFile.toFile(), content, StandardCharsets.UTF_8);
+    when(paths2.get(CGROUP_DIR)).thenReturn(cgroupFile);
+
+    assertThat(underTest.isRunningInDocker()).isTrue();
+  }
+
+  @Test
+  public void isInDocker_returns_true_if_podman_file_exists() throws IOException {
+    when(paths2.exists(PODMAN_FILE_PATH)).thenReturn(true);
+    assertThat(underTest.isRunningInDocker()).isTrue();
+  }
+
+  @Test
+  public void isInDocker_returns_false_if_podman_file_exists() throws IOException {
+    when(paths2.exists(PODMAN_FILE_PATH)).thenReturn(false);
+    Path emptyFile = temporaryFolder.newFile().toPath();
+    when(paths2.get(CGROUP_DIR)).thenReturn(emptyFile);
+    assertThat(underTest.isRunningInDocker()).isFalse();
+  }
+
 }