⚡ Remove pcap command and make it an option under tap command

Also copy TAR to worker container.

cmd/pcap.go

@@ -1,18 +0,0 @@
-package cmd
-
-import (
-	"github.com/spf13/cobra"
-)
-
-var pcapCmd = &cobra.Command{
-	Use:   "pcap",
-	Short: "Capture from a PCAP file using your Docker Daemon instead of Kubernetes.",
-	RunE: func(cmd *cobra.Command, args []string) error {
-		pcap()
-		return nil
-	},
-}
-
-func init() {
-	rootCmd.AddCommand(pcapCmd)
-}

cmd/tap.go

@@ -55,6 +55,7 @@ func init() {
 	tapCmd.Flags().BoolP(configStructs.AllNamespacesLabel, "A", defaultTapConfig.AllNamespaces, "Tap all namespaces.")
 	tapCmd.Flags().String(configStructs.HumanMaxEntriesDBSizeLabel, defaultTapConfig.HumanMaxEntriesDBSize, "Override the default max entries db size.")
 	tapCmd.Flags().Bool(configStructs.DryRunLabel, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them.")
+	tapCmd.Flags().StringP(configStructs.PcapLabel, "p", defaultTapConfig.Pcap, "Capture from a PCAP snapshot of Kubeshark (.tar.gz) using your Docker Daemon instead of Kubernetes.")
 	tapCmd.Flags().Bool(configStructs.ServiceMeshLabel, defaultTapConfig.ServiceMesh, "Capture the encrypted traffic if the cluster is configured with a service mesh and with mTLS.")
 	tapCmd.Flags().Bool(configStructs.TlsLabel, defaultTapConfig.Tls, "Capture the traffic that's encrypted with OpenSSL or Go crypto/tls libraries.")
 	tapCmd.Flags().Bool(configStructs.DebugLabel, defaultTapConfig.Debug, "Enable the debug mode.")

cmd/tapPcapRunner.go

@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"os"
 
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
@@ -83,7 +84,14 @@ func pullImages(ctx context.Context, cli *client.Client, imageFront string, imag
 	return nil
 }
 
-func createAndStartContainers(ctx context.Context, cli *client.Client, imageFront string, imageHub string, imageWorker string) (
+func createAndStartContainers(
+	ctx context.Context,
+	cli *client.Client,
+	imageFront string,
+	imageHub string,
+	imageWorker string,
+	pcapReader io.Reader,
+) (
 	respFront container.ContainerCreateCreatedBody,
 	respHub container.ContainerCreateCreatedBody,
 	respWorker container.ContainerCreateCreatedBody,
@@ -163,6 +171,10 @@ func createAndStartContainers(ctx context.Context, cli *client.Client, imageFron
 		return
 	}
 
+	if err = cli.CopyToContainer(ctx, respWorker.ID, "/app/import", pcapReader, types.CopyToContainerOptions{}); err != nil {
+		return
+	}
+
 	var containerWorker types.ContainerJSON
 	containerWorker, err = cli.ContainerInspect(ctx, respWorker.ID)
 	if err != nil {
@@ -210,8 +222,9 @@ func stopAndRemoveContainers(
 	return
 }
 
-func pcap() {
-	log.Info().Msg("Starting Docker containers...")
+func pcap(pcapPath string) {
+	docker.SetRegistry(config.Config.Tap.DockerRegistry)
+	docker.SetTag(config.Config.Tap.DockerTag)
 
 	ctx := context.Background()
 	cli, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
@@ -231,7 +244,18 @@ func pcap() {
 		return
 	}
 
-	respFront, respHub, respWorker, workerIPAddr, err := createAndStartContainers(ctx, cli, imageFront, imageHub, imageWorker)
+	pcapFile, err := os.Open(pcapPath)
+	defer pcapFile.Close()
+	pcapReader := bufio.NewReader(pcapFile)
+
+	respFront, respHub, respWorker, workerIPAddr, err := createAndStartContainers(
+		ctx,
+		cli,
+		imageFront,
+		imageHub,
+		imageWorker,
+		pcapReader,
+	)
 	if err != nil {
 		log.Error().Err(err).Send()
 		return

cmd/tapRunner.go

@@ -42,6 +42,11 @@ func tap() {
 	state.startTime = time.Now()
 	docker.SetRegistry(config.Config.Tap.DockerRegistry)
 	docker.SetTag(config.Config.Tap.DockerTag)
+	log.Info().Str("registry", docker.GetRegistry()).Str("tag", docker.GetTag()).Msg("Using Docker:")
+	if config.Config.Tap.Pcap != "" {
+		pcap(config.Config.Tap.Pcap)
+		return
+	}
 
 	connector = connect.NewConnector(kubernetes.GetLocalhostOnPort(config.Config.Tap.Hub.SrcPort), connect.DefaultRetries, connect.DefaultTimeout)
 

config/configStructs/tapConfig.go

@@ -18,6 +18,7 @@ const (
 	AllNamespacesLabel         = "all-namespaces"
 	HumanMaxEntriesDBSizeLabel = "max-entries-db-size"
 	DryRunLabel                = "dry-run"
+	PcapLabel                  = "pcap"
 	ServiceMeshLabel           = "service-mesh"
 	TlsLabel                   = "tls"
 	DebugLabel                 = "debug"
@@ -50,6 +51,7 @@ type TapConfig struct {
 	AllNamespaces         bool             `yaml:"all-namespaces" default:"false"`
 	HumanMaxEntriesDBSize string           `yaml:"max-entries-db-size" default:"200MB"`
 	DryRun                bool             `yaml:"dry-run" default:"false"`
+	Pcap                  string           `yaml:"pcap" default:""`
 	HubResources          models.Resources `yaml:"hub-resources"`
 	WorkerResources       models.Resources `yaml:"worker-resources"`
 	ServiceMesh           bool             `yaml:"service-mesh" default:"true"`