{"id":17239799,"url":"https://github.com/boz/circumspect","last_synced_at":"2026-04-17T07:31:27.740Z","repository":{"id":66878892,"uuid":"102220463","full_name":"boz/circumspect","owner":"boz","description":"Inspect attributes of peer processes","archived":false,"fork":false,"pushed_at":"2017-09-08T13:46:45.000Z","size":91,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-31T00:29:56.563Z","etag":null,"topics":["docker","golang","grpc","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/boz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-02T20:00:15.000Z","updated_at":"2023-03-05T01:40:49.000Z","dependencies_parsed_at":"2023-02-22T19:45:12.531Z","dependency_job_id":null,"html_url":"https://github.com/boz/circumspect","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boz%2Fcircumspect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boz%2Fcircumspect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boz%2Fcircumspect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boz%2Fcircumspect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/boz","download_url":"https://codeload.github.com/boz/circumspect/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245579677,"owners_count":20638679,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","golang","grpc","kubernetes"],"created_at":"2024-10-15T05:49:49.589Z","updated_at":"2026-04-17T07:31:22.676Z","avatar_url":"https://github.com/boz.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# circumspect: discover peer process attributes\n\n`circumspect` is small POC for determining attributes of a peer process on a linux.\n\nThere is a client and server which communicate over a unix domain socket.  When the client connects,\nthe server is able to determine:\n\n * pid, uid, gid of the client.\n * if the client is running in docker, attributes of the container that it's running in\n * if the client is running in kubernetes, attributes of the kubernetes pod and container\n\n## Usage\n\n### Start server inside minikube\n\nAfter [building](#building), boot up minikube and install binary and docker image:\n\n```sh\n$ make integration-minikube\n```\n\n### Connect from a docker container\n\nIn another terminal, launch a docker container inside minikube\n\n```sh\n$ make minikube-run-docker\n```\n\nThe `make integration-minikube` terminal should display:\n\n```\nprocess 4050 properties:\n\ndocker-id      97f529ffdb257633e7f3bb46d210d9761b00e29f07e23879ad90d7cb45451f30\ndocker-image   sha256:c32901baff489930b3ad0ad03ff709547452eee49cc6cfe1fe78af65f81fc918\ndocker-labels  foo  bar\ndocker-path    ./circumspect\ndocker-pid     4050\nsystem-gid     0\nsystem-pid     4050\nsystem-uid     0\n```\n\n### Connect from a kubernetes pod\n\nCreate a pod which connects as a client\n\n```sh\n$ make minikube-create-pod\n```\n\nThe `make integration-minikube` terminal should display:\n\n```\nprocess 4386 properties:\n\ndocker-id            72580b1439f87913edd0d9c1d5b622105ea47911f642a70ed0b36e94dc6ecf7e\ndocker-image         sha256:c32901baff489930b3ad0ad03ff709547452eee49cc6cfe1fe78af65f81fc918\ndocker-labels        io.kubernetes.container.name                                 worker-container\n                     io.kubernetes.pod.namespace                                  default\n                     annotation.io.kubernetes.container.hash                      2eef9918\n                     annotation.io.kubernetes.container.restartCount              0\n                     annotation.io.kubernetes.container.terminationMessagePath    /dev/termination-log\n                     annotation.io.kubernetes.container.terminationMessagePolicy  File\n                     annotation.io.kubernetes.pod.terminationGracePeriod          30\n                     io.kubernetes.container.logpath                              /var/log/pods/7b4a6c6b-9470-11e7-9e14-08002740d2fd/worker-container_0.log\n                     io.kubernetes.docker.type                                    container\n                     io.kubernetes.pod.name                                       worker\n                     io.kubernetes.pod.uid                                        7b4a6c6b-9470-11e7-9e14-08002740d2fd\n                     io.kubernetes.sandbox.id                                     85739086a895027958e2e2f77acc120da80d1229a0c2071f5eb6df88e81e873f\ndocker-path          /bin/sh\ndocker-pid           4323\nkube-annotations     this-is-a-worker  true\nkube-container-name  worker-container\nkube-labels          foo  bar\nkube-namespace       default\nkube-pod-name        worker\nsystem-gid           0\nsystem-pid           4386\nsystem-uid           0\n```\n\nThe [pod](_integration/pod.yml) connects every five seconds.  Stop it with\n\n```sh\n$ make minikube-delete-pod\n```\n\n### Inspect arbitrary pids on the system\n\nMostly just for testing.  Give it some PIDs and it will inspect them.\n\nInspect all docker processes:\n\n```sh\n$ docker ps --quiet | xargs docker inspect --format '{{.State.Pid}}' | xargs ./circumspect pid\n```\n\nInspect all processes:\n\n```sh\n$ ps -eo pid | sed 1d | xargs ./circumspect pid\n```\n\n## Commands\n\n```\nusage: circumspect [\u003cflags\u003e] \u003ccommand\u003e [\u003cargs\u003e ...]\n\nInspect process properties\n\nFlags:\n  -h, --help            Show context-sensitive help (also try --help-long and\n                        --help-man).\n  -l, --log-level=info  log level\n      --docker          enable docker discovery\n      --kube            enable kube discovery\n\nCommands:\n  help [\u003ccommand\u003e...]\n    Show help.\n\n\n  client [\u003cflags\u003e]\n    run rpc client\n\n    -s, --socket=\"/tmp/circumspect.sock\"  \n      rpc socket path\n\n  server [\u003cflags\u003e]\n    run rpc server\n\n    -s, --socket=\"/tmp/circumspect.sock\"  \n      rpc socket path\n\n  pid [\u003cpid\u003e...]\n    inspect given pid(s)\n\n```\n\n## Building\n\nCheckout into `$GOPATH/src/github.com/boz/circumspect` and install dependencies:\n\n```sh\ngo get -u github.com/kardianos/govendor\ngovendor sync\nmake\n```\n\n## Status\n\nOnly works on linux.  More info here:\n\n * https://groups.google.com/forum/#!topic/golang-dev/OgfhJ8Ujabo\n * https://github.com/golang/go/issues/1101\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboz%2Fcircumspect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fboz%2Fcircumspect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboz%2Fcircumspect/lists"}