Skip to content

fix(plugins/container): handle liveness and readiness probes#1218

Open
leogr wants to merge 2 commits intomainfrom
container/fix/probes
Open

fix(plugins/container): handle liveness and readiness probes#1218
leogr wants to merge 2 commits intomainfrom
container/fix/probes

Conversation

@leogr
Copy link
Member

@leogr leogr commented Feb 19, 2026

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area plugins

/area registry

/area build

/area documentation

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #1017

Special notes for your reviewer:

leogr added 2 commits February 19, 2026 13:02
@leogr
chore(plugins/container): move probe helpers to its own file
61997c8 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
@leogr
fix(plugins/container): add livness and readiness probes handling to …
5f7a220 
…CRI engine

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
@poiana
Copy link
Contributor

poiana commented Feb 19, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leogr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@leogr
Copy link
Member Author

leogr commented Feb 19, 2026

cc @deepskyblue86

@poiana poiana added the size/XL label Feb 19, 2026
@github-actions
Copy link

github-actions bot commented Feb 19, 2026

Rules files suggestions

irozzo-1A
irozzo-1A reviewed Feb 24, 2026
View reviewed changes
plugins/container/go-worker/pkg/container/cri.go
readinessProbe *event.Probe
)
containerName := ctr.GetMetadata().GetName()
if annotation, ok := podSandboxStatus.GetAnnotations()[k8sLastAppliedConfigAnnotation]; ok {
Copy link
Contributor

@irozzo-1A irozzo-1A Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a best effort extraction, the last-applied-configuration is part of the legacy mechanism to track changes with client side apply. It's not there when using server-side apply or when creating the resources without apply.

The kubelet exposes an API to list the pods spec managed by it, we could rely on it but it's not always accessible (especially in a secure clutster). Otherwise we could pass from Apiserver proxy.

TBH I would rather deprecate this feature from the container plugin, as it is a Kubernetes specific information and not strictly related to the container runtime.

Copy link
Member Author

@leogr leogr Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TBH I would rather deprecate this feature from the container plugin, as it is a Kubernetes specific information and not strictly related to the container runtime.

I tend to agree with this.

cc @falcosecurity/plugins-maintainers any thoughts in this regard? 🤔

Copy link
Contributor

@ekoops ekoops Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with the fact that this is a kubernetes-specific information and that the mechanism is a bit fragile. At this point, better to remove the support here and move it to k8smeta

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@irozzo-1A irozzo-1A irozzo-1A left review comments

@ekoops ekoops ekoops left review comments

@deepskyblue86 deepskyblue86 Awaiting requested review from deepskyblue86

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

approved area/plugins dco-signoff: yes kind/bug Something isn't working kind/cleanup size/XL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Container plugin: container.liveness_probe is always NONE

4 participants

@leogr @poiana @irozzo-1A @ekoops