Add gateway to docker inspect output

Signed-off-by: Mustaeen Ahmed <contact@mustaeen.dev>

add test TestContainerInspectGateway

Signed-off-by: Mustaeen Ahmed <contact@mustaeen.dev>

Fix test issues

Signed-off-by: Mustaeen Ahmed <contact@mustaeen.dev>

Remove container.test

Signed-off-by: Mustaeen Ahmed <contact@mustaeen.dev>

Resolve review and tests

Signed-off-by: Mustaeen Ahmed <contact@mustaeen.dev>

feature: populate NetworkSettings.Gateway and add e2e coverage

Author: must108

cmd/nerdctl/container/container_inspect_gateway_linux_test.go

@@ -0,0 +1,79 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package container
+
+import (
+	"testing"
+
+	"github.com/containerd/nerdctl/mod/tigron/require"
+	"github.com/containerd/nerdctl/mod/tigron/test"
+	"github.com/containerd/nerdctl/mod/tigron/tig"
+	"gotest.tools/v3/assert"
+
+	"github.com/containerd/nerdctl/v2/pkg/testutil"
+	"github.com/containerd/nerdctl/v2/pkg/testutil/nerdtest"
+)
+
+func TestContainerInspectGateway(t *testing.T) {
+	testCase := nerdtest.Setup()
+
+	// This test validates nerdctl's inspect conversion path
+	// Running this against Docker would not use this code path
+	testCase.Require = require.All(
+		require.Not(require.Windows),
+		require.Not(nerdtest.Docker),
+		nerdtest.Rootful,
+	)
+
+	testCase.Setup = func(data test.Data, helpers test.Helpers) {
+		helpers.Ensure("network", "create", data.Identifier("net"))
+
+		helpers.Ensure("run", "-d",
+			"--name", data.Identifier("ctr"),
+			"--network", data.Identifier("net"),
+			testutil.CommonImage, "sleep", nerdtest.Infinity)
+
+		nerdtest.EnsureContainerStarted(helpers, data.Identifier("ctr"))
+	}
+
+	testCase.Cleanup = func(data test.Data, helpers test.Helpers) {
+		helpers.Anyhow("rm", "-f", data.Identifier("ctr"))
+		helpers.Anyhow("network", "rm", data.Identifier("net"))
+	}
+
+	testCase.Command = func(data test.Data, helpers test.Helpers) test.TestableCommand {
+		return helpers.Command("container", "inspect", data.Identifier("ctr"))
+	}
+
+	testCase.Expected = func(data test.Data, helpers test.Helpers) *test.Expected {
+		return &test.Expected{
+			ExitCode: 0,
+			Output: func(_ string, t tig.T) {
+				netInspect := nerdtest.InspectNetwork(helpers, data.Identifier("net"))
+				assert.Assert(t, len(netInspect.IPAM.Config) > 0)
+				assert.Assert(t, netInspect.IPAM.Config[0].Gateway != "")
+
+				ctrInspect := nerdtest.InspectContainer(helpers, data.Identifier("ctr"))
+				assert.Assert(t, ctrInspect.NetworkSettings != nil)
+				assert.Assert(t, ctrInspect.NetworkSettings.Gateway != "")
+				assert.Equal(t, ctrInspect.NetworkSettings.Gateway, netInspect.IPAM.Config[0].Gateway)
+			},
+		}
+	}
+
+	testCase.Run(t)
+}

pkg/containerinspector/containerinspector_linux.go

@@ -23,6 +23,7 @@ import (
 	"strings"
 
 	"github.com/containernetworking/plugins/pkg/ns"
+	"github.com/vishvananda/netlink"
 
 	"github.com/containerd/nerdctl/v2/pkg/inspecttypes/native"
 )
@@ -55,6 +56,10 @@ func InspectNetNS(ctx context.Context, pid int) (*native.NetNS, error) {
 			res.Interfaces[i] = x
 		}
 		res.PrimaryInterface = determinePrimaryInterface(res.Interfaces)
+		routes, err := netlink.RouteList(nil, netlink.FAMILY_V4)
+		if err == nil {
+			res.Gateway = selectDefaultGateway(routes, res.PrimaryInterface)
+		}
 		return nil
 	}
 	if err := ns.WithNetNSPath(nsPath, fn); err != nil {
@@ -73,3 +78,27 @@ func determinePrimaryInterface(interfaces []native.NetInterface) int {
 	}
 	return 0
 }
+
+func selectDefaultGateway(routes []netlink.Route, primaryIfIndex int) string {
+	for _, route := range routes {
+		if route.Dst != nil || route.Gw == nil {
+			continue
+		}
+		if route.Gw.To4() == nil {
+			continue
+		}
+		if route.LinkIndex == primaryIfIndex {
+			return route.Gw.String()
+		}
+	}
+	for _, route := range routes {
+		if route.Dst != nil || route.Gw == nil {
+			continue
+		}
+		if route.Gw.To4() == nil {
+			continue
+		}
+		return route.Gw.String()
+	}
+	return ""
+}

pkg/inspecttypes/dockercompat/dockercompat.go

@@ -281,7 +281,7 @@ type CPUSettings struct {
 // DefaultNetworkSettings is from https://github.com/moby/moby/blob/v20.10.1/api/types/types.go#L405-L414
 type DefaultNetworkSettings struct {
 	// TODO EndpointID          string // EndpointID uniquely represents a service endpoint in a Sandbox
-	// TODO Gateway             string // Gateway holds the gateway address for the network
+	Gateway             string // Gateway holds the gateway address for the network
 	GlobalIPv6Address   string // GlobalIPv6Address holds network's global IPv6 address
 	GlobalIPv6PrefixLen int    // GlobalIPv6PrefixLen represents mask length of network's global IPv6 address
 	IPAddress           string // IPAddress holds the IPv4 address for the network
@@ -743,6 +743,7 @@ func networkSettingsFromNative(n *native.NetNS, _ *specs.Spec) (*NetworkSettings
 		}
 
 	}
+	res.DefaultNetworkSettings.Gateway = n.Gateway
 	if primary != nil {
 		res.DefaultNetworkSettings.MacAddress = primary.MacAddress
 		res.DefaultNetworkSettings.IPAddress = primary.IPAddress

pkg/inspecttypes/dockercompat/dockercompat_test.go

@@ -401,6 +401,7 @@ func TestNetworkSettingsFromNative(t *testing.T) {
 		{
 			name: "Given NetNS with single Interface with Port Annotation, Return populated NetworkSettings",
 			n: &native.NetNS{
+				Gateway: "10.0.4.1",
 				Interfaces: []native.NetInterface{
 					{
 						Interface: net.Interface{
@@ -427,6 +428,9 @@ func TestNetworkSettingsFromNative(t *testing.T) {
 				Annotations: map[string]string{},
 			},
 			expected: &NetworkSettings{
+				DefaultNetworkSettings: DefaultNetworkSettings{
+					Gateway: "10.0.4.1",
+				},
 				Ports: &nat.PortMap{
 					nat.Port("77/tcp"): []nat.PortBinding{
 						{
@@ -449,6 +453,7 @@ func TestNetworkSettingsFromNative(t *testing.T) {
 		{
 			name: "Given NetNS with single Interface without Port Annotations, Return valid NetworkSettings w/ empty Ports",
 			n: &native.NetNS{
+				Gateway: "10.0.4.1",
 				Interfaces: []native.NetInterface{
 					{
 						Interface: net.Interface{
@@ -467,6 +472,9 @@ func TestNetworkSettingsFromNative(t *testing.T) {
 				Annotations: map[string]string{},
 			},
 			expected: &NetworkSettings{
+				DefaultNetworkSettings: DefaultNetworkSettings{
+					Gateway: "10.0.4.1",
+				},
 				Ports: &nat.PortMap{},
 				Networks: map[string]*NetworkEndpointSettings{
 					"unknown-eth0.100": {

pkg/inspecttypes/native/container.go

@@ -44,6 +44,7 @@ type NetNS struct {
 	// Zero means unset.
 	PrimaryInterface int            `json:"PrimaryInterface,omitempty"`
 	Interfaces       []NetInterface `json:"Interfaces,omitempty"`
+	Gateway          string         `json:"Gateway,omitempty"`
 	PortMappings     []cni.PortMapping
 }