fix(container): Propagate engine initialization errors to the caller

If the specific container engine worker fails
during initialization, the error is silently skipped making it hard to troubleshoot the real problem. Instead, accumulate and bubble up all the errors to the async handler.

Author: rabbitstack

plugins/container/go-worker/main_exe.go

@@ -70,9 +70,10 @@ func main() {
 	fmt.Println("Starting worker")
 	cstr := C.CString(initCfg)
 	enabledSocks := C.CString("")
-	ptr := StartWorker((*[0]byte)(C.echo_cb), cstr, &enabledSocks)
+	errmsg := C.CString("")
+	ptr := StartWorker((*[0]byte)(C.echo_cb), cstr, &enabledSocks, &errmsg)
 	if ptr == nil {
-		fmt.Println("Failed to start worker; nothing configured?")
+		fmt.Println(fmt.Sprintf("Failed to start worker; nothing configured? %s", C.GoString(errmsg)))
 		os.Exit(1)
 	}
 	socks := C.GoString(enabledSocks)

plugins/container/go-worker/worker_api.go

@@ -11,13 +11,15 @@ import "C"
 import (
 	"context"
 	"encoding/json"
-	"github.com/falcosecurity/plugin-sdk-go/pkg/ptr"
-	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/config"
-	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/container"
 	"runtime"
 	"runtime/cgo"
+	"strings"
 	"sync"
 	"unsafe"
+
+	"github.com/falcosecurity/plugin-sdk-go/pkg/ptr"
+	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/config"
+	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/container"
 )
 
 type PluginCtx struct {
@@ -29,7 +31,7 @@ type PluginCtx struct {
 }
 
 //export StartWorker
-func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t) unsafe.Pointer {
+func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t, errmsg **C.cchar_t) unsafe.Pointer {
 	var (
 		pluginCtx PluginCtx
 		ctx       context.Context
@@ -61,11 +63,15 @@ func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t) un
 		return nil
 	}
 
+	var errs strings.Builder
 	containerEngines := make([]container.Engine, 0)
 	enabledEngines := make(map[string][]string)
+
 	for _, generator := range generators {
 		engine, err := generator(ctx)
 		if err != nil {
+			errs.WriteString(err.Error())
+			errs.WriteByte('\n')
 			continue
 		}
 		containerEngines = append(containerEngines, engine)
@@ -82,6 +88,10 @@ func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t) un
 		}
 	}
 
+	if errs.Len() > 0 {
+		*errmsg = C.CString(errs.String())
+	}
+
 	pluginCtx.fetchCh = make(chan string, fetchChSize)
 
 	// Always append the dummy engine that is required to

plugins/container/src/caps/async/async.cpp

@@ -43,11 +43,22 @@ bool my_plugin::start_async_events(
     m_logger.log("starting async go-worker",
                  falcosecurity::_internal::SS_PLUGIN_LOG_SEV_DEBUG);
     nlohmann::json j(m_cfg);
+
     const char *enabled_engines = nullptr;
+    const char *err = nullptr;
+
     m_async_ctx = StartWorker(generate_async_event<ASYNC_HANDLER_GO_WORKER>,
-                              j.dump().c_str(), &enabled_engines);
+                              j.dump().c_str(), &enabled_engines, &err);
     m_logger.log(fmt::format("attached engine sockets: {}", enabled_engines),
                  falcosecurity::_internal::SS_PLUGIN_LOG_SEV_DEBUG);
+
+    if(err)
+    {
+        m_logger.log(fmt::format("failed to start async go-worker: {}", err),
+                     falcosecurity::_internal::SS_PLUGIN_LOG_SEV_ERROR);
+        free((void *)err);
+    }
+
     free((void *)enabled_engines);
 
     // Merge back pre-existing containers to our cache