Merge pull request #1 from metalbear-co/eyal

Add name randomization, remove shell usage
metalbear-co · Feb 24, 2022 · 736f3bb · 736f3bb
2 parents 7d43de7 + 5ceee65
commit 736f3bb
Show file tree

Hide file tree

Showing 4 changed files with 95 additions and 22 deletions.
diff --git a/bintest.sh b/bintest.sh
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -42,8 +42,10 @@
 		"nan": "^2.15.0",
 		"net": "^1.0.2",
 		"node-go-require": "^2.0.0",
+		"node-netstat": "^1.8.0",
 		"ref-array-napi": "^1.2.2",
 		"ref-napi": "^3.0.3",
-		"ref-struct-napi": "^1.1.1"
+		"ref-struct-napi": "^1.1.1",
+		"shortid": "^2.2.16"
 	}
 }
diff --git a/src/extension.ts b/src/extension.ts
@@ -36,31 +36,41 @@ export async function activate(context: vscode.ExtensionContext) {
 		let pods = await k8sApi.listNamespacedPod('default');
 		let podNames = pods.body.items.map((pod: { metadata: { name: any; }; }) => { return pod.metadata.name; });
 
-		vscode.window.showQuickPick(podNames, { placeHolder: 'Select pod to mirror' }).then(async pod => {
-			// Find the debugged process' port
-
+		vscode.window.showQuickPick(podNames, { placeHolder: 'Select pod to mirror' }).then(async podName => {
 			// Infer container id from pod name
-			let containerID = cp.execSync('kubectl get -o jsonpath="{.status.containerStatuses[*].containerID}" pod ' + pod);
+			let containerID = pods.body.items.find((pod: { metadata: { name: any; }; }) => pod.metadata.name === podName)
+				.status.containerStatuses[0].containerID;
 
 			// Infert port from process ID
-			let port: string;
+			let port: string = '';
 			if (session.configuration.mirrord && session.configuration.mirrord.port) {
 				port = session.configuration.mirrord.port;
 			} else {
-				port = ProcessCapturer.pid.toString();
-				let result = [];
-				try {
-					result = cp.execSync(`lsof -a -P -p ${ProcessCapturer.pid} -iTCP -sTCP:LISTEN -Fn`);
-					port = result.toString('utf-8').split('\n').reverse()[1].split(':')[1];
-				}
-				catch (e) {
-					console.log(e);
-				}
+				var netstat = require('node-netstat');
+				netstat.commands['darwin'].args.push('-a'); // The default args don't list LISTEN ports on OSX
+				// TODO: Check on other linux, windows
+				netstat({
+					filter: {
+						pid: ProcessCapturer.pid,
+						protocol: 'tcp',
+					},
+					sync: true,
+					limit: 5,
+				}, (data: { state: string; local: { port: string; }; }) => {
+					if (data.state === 'LISTEN') {
+						port = data.local.port;
+					}
+				});
 			}
 
+			if (!port) {
+				throw new Error("Could not find the debugged process' port");
+			}
 
+			const shortid = require('shortid');
+			const agentPodName = 'mirrord-' + shortid.generate().toLowerCase();
 			let agentPod = {
-				metadata: { name: 'agentpod' },
+				metadata: { name: agentPodName },
 				spec: {
 					hostPID: true,
 					hostIPC: true,
@@ -85,18 +95,21 @@ export async function activate(context: vscode.ExtensionContext) {
 							command: [
 								"./mirrord-agent",
 								"--container-id",
-								containerID,
+								'abc',
 								"--ports",
-								port
+								port.toString()
 							]
 						}
 					]
 				}
 
 			};
 
-			await k8sApi.createNamespacedPod('default', agentPod);
-
+			try {
+				await k8sApi.createNamespacedPod('default', agentPod);
+			} catch (e) {
+				console.log(e);
+			}
 			const net = require('net');
 			const stream = require('stream');
 			let log = new k8s.Log(kc);