fix(userspace/libsinsp): not report container id as host on failed lookups

[jasondellaluce]

What type of PR is this?

/kind bug

Any specific area of the project related to this PR?

/area libsinsp

Does this PR require a change in the driver versions?

What this PR does / why we need it:

Which issue(s) this PR fixes:

On failed container info lookups, the container ID stored in each thread info can potentially be marked as empty. However, the container.id field currently reports empty container IDs as host value, thus making impossible to distinguish actual threads running on the host from threads running in containers for which the metadata lookup failed.

This attempts mitigating the issue by also checking that the thread is running outside of a namespace for container.id. As such, failed container ID lookups will return an empty string instead of host.

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

fix(userspace/libsinsp): not report container id as host on failed lookups

[jasondellaluce]

cc @Andreagit97

[Andreagit97]

/approve

Thank you for the fix! the ideal fix would be to extract the container-id directly from the cgroups even when no container engines are configured, but not sure if this is really feasible, for sure it deserves some investigation!

[poiana]

LGTM label has been added.

Git tree hash: e9478f953ee656983b6baed5860a8dfade666687

[FedeDP]

/approve

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Andreagit97, FedeDP, jasondellaluce

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Andreagit97,FedeDP,jasondellaluce]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment