prt-core 0.5.0

Core library for prt — real-time network port scanner with change tracking, alerts, suspicious detection, known ports, bandwidth and container awareness
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272

//! Container name resolution for Docker/Podman.
//!
//! Resolves process PIDs to container names using:
//! - **Linux:** `/proc/{pid}/cgroup` → container ID → `docker ps` lookup
//! - **macOS:** `docker ps` with PID matching via `docker inspect`
//!
//! All lookups are batched per refresh cycle to minimize CLI overhead.
//! Missing Docker/Podman is handled gracefully (empty results, no errors).

use std::collections::HashMap;
use std::process::Command;
use std::time::Duration;

/// Timeout for docker CLI calls to avoid blocking the TUI.
const DOCKER_TIMEOUT_SECS: u64 = 2;

/// Resolve container names for a batch of PIDs.
///
/// Returns a map of PID → container name. PIDs not running in a
/// container are simply absent from the result. If Docker/Podman
/// is unavailable, returns an empty map.
pub fn resolve_container_names(pids: &[u32]) -> HashMap<u32, String> {
    if pids.is_empty() {
        return HashMap::new();
    }

    select_runtime_names(docker_resolve(pids), podman_resolve(pids))
}

/// Check if any entries have container names (used for adaptive column).
pub fn has_containers(names: &HashMap<u32, String>) -> bool {
    !names.is_empty()
}

/// Resolve via `docker ps` + `docker inspect`.
fn docker_resolve(pids: &[u32]) -> Option<HashMap<u32, String>> {
    let pid_set: std::collections::HashSet<u32> = pids.iter().copied().collect();
    // Get all running containers: ID and Name
    let output = run_with_timeout(
        "docker",
        &["ps", "--no-trunc", "--format", "{{.ID}} {{.Names}}"],
    )?;

    if output.is_empty() {
        return Some(HashMap::new());
    }

    let containers: Vec<(String, String)> = output
        .lines()
        .filter_map(|line| {
            let mut parts = line.splitn(2, ' ');
            let id = parts.next()?.trim().to_string();
            let name = parts.next()?.trim().to_string();
            if id.is_empty() || name.is_empty() {
                None
            } else {
                Some((id, name))
            }
        })
        .collect();

    if containers.is_empty() {
        return Some(HashMap::new());
    }

    // For each container, get its PID
    let mut result = HashMap::new();
    for (id, name) in &containers {
        if let Some(container_pid) = get_container_pid("docker", id) {
            if pid_set.contains(&container_pid) {
                result.insert(container_pid, name.clone());
            }
        }
    }

    Some(result)
}

/// Resolve via `podman ps` + `podman inspect`.
fn podman_resolve(pids: &[u32]) -> Option<HashMap<u32, String>> {
    let pid_set: std::collections::HashSet<u32> = pids.iter().copied().collect();
    let output = run_with_timeout(
        "podman",
        &["ps", "--no-trunc", "--format", "{{.ID}} {{.Names}}"],
    )?;

    if output.is_empty() {
        return Some(HashMap::new());
    }

    let containers: Vec<(String, String)> = output
        .lines()
        .filter_map(|line| {
            let mut parts = line.splitn(2, ' ');
            let id = parts.next()?.trim().to_string();
            let name = parts.next()?.trim().to_string();
            if id.is_empty() || name.is_empty() {
                None
            } else {
                Some((id, name))
            }
        })
        .collect();

    if containers.is_empty() {
        return Some(HashMap::new());
    }

    let mut result = HashMap::new();
    for (id, name) in &containers {
        if let Some(container_pid) = get_container_pid("podman", id) {
            if pid_set.contains(&container_pid) {
                result.insert(container_pid, name.clone());
            }
        }
    }

    Some(result)
}

/// Get the main PID of a container via `docker/podman inspect`.
fn get_container_pid(runtime: &str, container_id: &str) -> Option<u32> {
    let output = run_with_timeout(
        runtime,
        &["inspect", "--format", "{{.State.Pid}}", container_id],
    )?;
    output.trim().parse().ok().filter(|&pid: &u32| pid > 0)
}

/// Run a command with timeout, returning stdout as String.
/// Returns None if command not found, timeout, or non-zero exit.
fn run_with_timeout(cmd: &str, args: &[&str]) -> Option<String> {
    let mut child = Command::new(cmd)
        .args(args)
        .stdout(std::process::Stdio::piped())
        .stderr(std::process::Stdio::null())
        .spawn()
        .ok()?;

    let timeout = Duration::from_secs(DOCKER_TIMEOUT_SECS);
    let start = std::time::Instant::now();

    loop {
        match child.try_wait() {
            Ok(Some(status)) => {
                if !status.success() {
                    return None;
                }
                // Child already exited — read stdout directly (not wait_with_output,
                // which would double-wait and potentially deadlock).
                let mut out = String::new();
                if let Some(mut stdout) = child.stdout.take() {
                    use std::io::Read;
                    let _ = stdout.read_to_string(&mut out);
                }
                return Some(out);
            }
            Ok(None) => {
                if start.elapsed() > timeout {
                    let _ = child.kill();
                    return None;
                }
                std::thread::sleep(Duration::from_millis(50));
            }
            Err(_) => return None,
        }
    }
}

fn select_runtime_names(
    docker_names: Option<HashMap<u32, String>>,
    podman_names: Option<HashMap<u32, String>>,
) -> HashMap<u32, String> {
    match docker_names {
        Some(names) if !names.is_empty() => names,
        Some(names) => {
            let fallback = podman_names.unwrap_or_default();
            if fallback.is_empty() {
                names
            } else {
                fallback
            }
        }
        None => podman_names.unwrap_or_default(),
    }
}

/// Parse a `docker ps` line into (id, name).
#[cfg(test)]
fn parse_ps_line(line: &str) -> Option<(String, String)> {
    let mut parts = line.splitn(2, ' ');
    let id = parts.next()?.trim().to_string();
    let name = parts.next()?.trim().to_string();
    if id.is_empty() || name.is_empty() {
        None
    } else {
        Some((id, name))
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn parse_ps_line_valid() {
        let (id, name) = parse_ps_line("abc123def456 my-nginx").unwrap();
        assert_eq!(id, "abc123def456");
        assert_eq!(name, "my-nginx");
    }

    #[test]
    fn parse_ps_line_with_spaces_in_name() {
        // Docker names don't have spaces, but ensure parsing is robust
        let (id, name) = parse_ps_line("abc123 my container").unwrap();
        assert_eq!(id, "abc123");
        assert_eq!(name, "my container");
    }

    #[test]
    fn parse_ps_line_empty_returns_none() {
        assert!(parse_ps_line("").is_none());
        assert!(parse_ps_line(" ").is_none());
    }

    #[test]
    fn parse_ps_line_no_name_returns_none() {
        assert!(parse_ps_line("abc123").is_none());
    }

    #[test]
    fn resolve_empty_pids() {
        let result = resolve_container_names(&[]);
        assert!(result.is_empty());
    }

    #[test]
    fn has_containers_empty() {
        assert!(!has_containers(&HashMap::new()));
    }

    #[test]
    fn has_containers_with_data() {
        let mut m = HashMap::new();
        m.insert(1, "nginx".to_string());
        assert!(has_containers(&m));
    }

    #[test]
    fn select_runtime_names_prefers_podman_when_docker_is_empty() {
        let docker = Some(HashMap::new());
        let mut podman = HashMap::new();
        podman.insert(42, "api".to_string());

        let result = select_runtime_names(docker, Some(podman.clone()));

        assert_eq!(result, podman);
    }

    #[test]
    fn select_runtime_names_keeps_docker_when_it_has_matches() {
        let mut docker = HashMap::new();
        docker.insert(7, "web".to_string());

        let mut podman = HashMap::new();
        podman.insert(42, "api".to_string());

        let result = select_runtime_names(Some(docker.clone()), Some(podman));

        assert_eq!(result, docker);
    }
}