fleet/orbit/pkg/table/containerd/mounts_linux.go

//go:build linux

package containerd

import (
	"context"
	"fmt"
	"strings"

	"github.com/containerd/containerd"
	"github.com/containerd/containerd/namespaces"
	"github.com/osquery/osquery-go/plugin/table"
	"github.com/rs/zerolog/log"
)

// MountsColumns is the schema of the containerd_mounts table.
func MountsColumns() []table.ColumnDefinition {
	return []table.ColumnDefinition{
		table.TextColumn("namespace"),
		table.TextColumn("container_id"),
		table.TextColumn("type"),
		table.TextColumn("source"),
		table.TextColumn("destination"),
		table.TextColumn("options"),
	}
}

// GenerateMounts is called to return the results for the containerd_mounts table at query time.
// Constraints for generating can be retrieved from the queryContext.
func GenerateMounts(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
	client, err := containerd.New("/run/containerd/containerd.sock")
	if err != nil {
		return nil, fmt.Errorf("Failed to connect to containerd: %w", err)
	}
	defer client.Close()

	// Get all namespaces so we can iterate over them
	namespacesList, err := client.NamespaceService().List(ctx)
	if err != nil {
		return nil, fmt.Errorf("Failed to list namespaces: %w", err)
	}

	rows := []map[string]string{}
	for _, namespace := range namespacesList {
		nsCtx := namespaces.WithNamespace(ctx, namespace)

		containers, err := client.Containers(nsCtx)
		if err != nil {
			return nil, fmt.Errorf("Failed to list containers: %w", err)
		}

		for _, container := range containers {
			// Get the container's spec to access mount information
			spec, err := container.Spec(nsCtx)
			if err != nil {
				log.Printf("Failed to get spec for container %s: %v", container.ID(), err)
				continue
			}

			// Iterate through mounts in the spec
			if spec.Mounts != nil {
				for _, mount := range spec.Mounts {
					row := map[string]string{
						"namespace":    namespace,
						"container_id": container.ID(),
						"type":         mount.Type,
						"source":       mount.Source,
						"destination":  mount.Destination,
						"options":      strings.Join(mount.Options, ","),
					}
					rows = append(rows, row)
				}
			}
		}
	}

	return rows, nil
}
Add `containerd_mounts` table for fleetd (#39276) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #38393 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. ## Testing - [x] QA'd all new/changed functionality manually ## fleetd/orbit/Fleet Desktop - [x] If the change applies to only one platform, confirmed that `runtime.GOOS` is used as needed to isolate changes - [x] Verified that fleetd runs on macOS, Linux and Windows (Linux only) --------- Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com> 2026-02-10 16:57:13 +00:00			`//go:build linux`

			`package containerd`

			`import (`
			`"context"`
			`"fmt"`
			`"strings"`

			`"github.com/containerd/containerd"`
			`"github.com/containerd/containerd/namespaces"`
			`"github.com/osquery/osquery-go/plugin/table"`
			`"github.com/rs/zerolog/log"`
			`)`

			`// MountsColumns is the schema of the containerd_mounts table.`
			`func MountsColumns() []table.ColumnDefinition {`
			`return []table.ColumnDefinition{`
			`table.TextColumn("namespace"),`
			`table.TextColumn("container_id"),`
			`table.TextColumn("type"),`
			`table.TextColumn("source"),`
			`table.TextColumn("destination"),`
			`table.TextColumn("options"),`
			`}`
			`}`

			`// GenerateMounts is called to return the results for the containerd_mounts table at query time.`
			`// Constraints for generating can be retrieved from the queryContext.`
			`func GenerateMounts(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {`
			`client, err := containerd.New("/run/containerd/containerd.sock")`
			`if err != nil {`
			`return nil, fmt.Errorf("Failed to connect to containerd: %w", err)`
			`}`
			`defer client.Close()`

			`// Get all namespaces so we can iterate over them`
			`namespacesList, err := client.NamespaceService().List(ctx)`
			`if err != nil {`
			`return nil, fmt.Errorf("Failed to list namespaces: %w", err)`
			`}`

			`rows := []map[string]string{}`
			`for _, namespace := range namespacesList {`
			`nsCtx := namespaces.WithNamespace(ctx, namespace)`

			`containers, err := client.Containers(nsCtx)`
			`if err != nil {`
			`return nil, fmt.Errorf("Failed to list containers: %w", err)`
			`}`

			`for _, container := range containers {`
			`// Get the container's spec to access mount information`
			`spec, err := container.Spec(nsCtx)`
			`if err != nil {`
			`log.Printf("Failed to get spec for container %s: %v", container.ID(), err)`
			`continue`
			`}`

			`// Iterate through mounts in the spec`
			`if spec.Mounts != nil {`
			`for _, mount := range spec.Mounts {`
			`row := map[string]string{`
			`"namespace": namespace,`
			`"container_id": container.ID(),`
			`"type": mount.Type,`
			`"source": mount.Source,`
			`"destination": mount.Destination,`
			`"options": strings.Join(mount.Options, ","),`
			`}`
			`rows = append(rows, row)`
			`}`
			`}`
			`}`
			`}`

			`return rows, nil`
			`}`