From 405531f19f323ee761c8f7ad39cd17f5fc95196f Mon Sep 17 00:00:00 2001
From: Oleh Neichev <oleg.neichev@gmail.com>
Date: Sat, 23 Mar 2024 12:54:06 +0200
Subject: [PATCH] tetragon-oci-hook: container name from annotations

We cannot use arg.Watcher.FindContainer() because it uses k8s API where
the container is still not available.

Instead, we extract the name of the container from arg.Req.ContainerName

Fixes: #1879

Signed-off-by: Oleh Neichev <oleg.neichev@gmail.com>
---
 pkg/policyfilter/rthooks/rthooks.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/pkg/policyfilter/rthooks/rthooks.go b/pkg/policyfilter/rthooks/rthooks.go
index bdd5d573367..43844f8c4db 100644
--- a/pkg/policyfilter/rthooks/rthooks.go
+++ b/pkg/policyfilter/rthooks/rthooks.go
@@ -5,6 +5,7 @@ package rthooks
 
 import (
 	"context"
+	"fmt"
 	"path/filepath"
 	"time"
 
@@ -92,15 +93,14 @@ func createContainerHook(_ context.Context, arg *rthooks.CreateContainerArg) err
 		return err
 	}
 
-	var containerFound bool
-	var container *corev1.ContainerStatus
 	namespace := pod.ObjectMeta.Namespace
-	pod, container, containerFound = arg.Watcher.FindContainer(containerID)
-	if !containerFound {
-		log.WithError(err).Warnf("failed to find container information %s, aborting hook.", containerID)
-	}
 
-	containerName := container.Name
+	containerName := arg.Req.ContainerName
+	if containerName == "" {
+		err := fmt.Errorf("failed to find container information %s, aborting hook", containerID)
+		log.Warn(err)
+		return err
+	}
 
 	log.WithFields(logrus.Fields{
 		"pod-id":         podID,