Fake tagger instead of tags resolver in tests

pkg/security/probe/opts_linux.go

@@ -23,8 +23,8 @@ type Opts struct {
 	PathResolutionEnabled bool
 	// EnvsVarResolutionEnabled defines if environment variables resolution is enabled
 	EnvsVarResolutionEnabled bool
-	// TagsResolver will override the default one. Mainly here for tests.
-	TagsResolver tags.Resolver
+	// Tagger will override the default one. Mainly here for tests.
+	Tagger tags.Tagger
 	// SyscallsMonitorEnabled enable syscalls map monitor
 	SyscallsMonitorEnabled bool
 	// TTYFallbackEnabled enable the tty procfs fallback

pkg/security/probe/probe_ebpf.go

@@ -2019,7 +2019,7 @@ func NewEBPFProbe(probe *Probe, config *config.Config, opts Opts, telemetry tele
 	resolversOpts := resolvers.Opts{
 		PathResolutionEnabled:    probe.Opts.PathResolutionEnabled,
 		EnvVarsResolutionEnabled: probe.Opts.EnvsVarResolutionEnabled,
-		TagsResolver:             probe.Opts.TagsResolver,
+		Tagger:                   probe.Opts.Tagger,
 		UseRingBuffer:            useRingBuffers,
 		TTYFallbackEnabled:       probe.Opts.TTYFallbackEnabled,
 	}

pkg/security/probe/probe_ebpfless.go

@@ -679,7 +679,7 @@ func NewEBPFLessProbe(probe *Probe, config *config.Config, opts Opts, telemetry
 	}
 
 	resolversOpts := resolvers.Opts{
-		TagsResolver: opts.TagsResolver,
+		Tagger: opts.Tagger,
 	}
 
 	p.Resolvers, err = resolvers.NewEBPFLessResolvers(config, p.statsdClient, probe.scrubber, resolversOpts, telemetry)

pkg/security/resolvers/opts_linux.go

@@ -12,7 +12,7 @@ import "github.com/DataDog/datadog-agent/pkg/security/resolvers/tags"
 type Opts struct {
 	PathResolutionEnabled    bool
 	EnvVarsResolutionEnabled bool
-	TagsResolver             tags.Resolver
+	Tagger                   tags.Tagger
 	UseRingBuffer            bool
 	TTYFallbackEnabled       bool
 }

pkg/security/resolvers/resolvers_ebpf.go

@@ -50,7 +50,7 @@ type EBPFResolvers struct {
 	ContainerResolver    *container.Resolver
 	TimeResolver         *ktime.Resolver
 	UserGroupResolver    *usergroup.Resolver
-	TagsResolver         tags.Resolver
+	TagsResolver         *tags.LinuxResolver
 	DentryResolver       *dentry.Resolver
 	ProcessResolver      *process.EBPFResolver
 	NamespaceResolver    *netns.Resolver
@@ -96,12 +96,7 @@ func NewEBPFResolvers(config *config.Config, manager *manager.Manager, statsdCli
 		return nil, err
 	}
 
-	var tagsResolver tags.Resolver
-	if opts.TagsResolver != nil {
-		tagsResolver = opts.TagsResolver
-	} else {
-		tagsResolver = tags.NewResolver(config.Probe, telemetry, cgroupsResolver)
-	}
+	tagsResolver := tags.NewResolver(config.Probe, telemetry, opts.Tagger, cgroupsResolver)
 
 	userGroupResolver, err := usergroup.NewResolver(cgroupsResolver)
 	if err != nil {
@@ -195,7 +190,7 @@ func (r *EBPFResolvers) Start(ctx context.Context) error {
 		return err
 	}
 
-	if err := r.TagsResolver.Start(ctx, r.CGroupResolver); err != nil {
+	if err := r.TagsResolver.Start(ctx); err != nil {
 		return err
 	}
 

pkg/security/resolvers/resolvers_ebpfless.go

@@ -26,7 +26,7 @@ import (
 // EBPFLessResolvers holds the list of the event attribute resolvers
 type EBPFLessResolvers struct {
 	ContainerResolver *container.Resolver
-	TagsResolver      tags.Resolver
+	TagsResolver      *tags.LinuxResolver
 	ProcessResolver   *process.EBPFLessResolver
 	HashResolver      *hash.Resolver
 }
@@ -38,13 +38,7 @@ func NewEBPFLessResolvers(config *config.Config, statsdClient statsd.ClientInter
 		return nil, err
 	}
 
-	var tagsResolver tags.Resolver
-	if opts.TagsResolver != nil {
-		tagsResolver = opts.TagsResolver
-	} else {
-		tagsResolver = tags.NewResolver(config.Probe, telemetry, cgroupsResolver)
-	}
-
+	tagsResolver := tags.NewResolver(config.Probe, telemetry, opts.Tagger, cgroupsResolver)
 	processOpts := process.NewResolverOpts()
 	processOpts.WithEnvsValue(config.Probe.EnvsWithValue)
 
@@ -73,7 +67,7 @@ func (r *EBPFLessResolvers) Start(ctx context.Context) error {
 		return err
 	}
 
-	if err := r.TagsResolver.Start(ctx, nil); err != nil {
+	if err := r.TagsResolver.Start(ctx); err != nil {
 		return err
 	}
 

pkg/security/resolvers/resolvers_windows.go

@@ -35,7 +35,7 @@ func NewResolvers(config *config.Config, statsdClient statsd.ClientInterface, sc
 		return nil, err
 	}
 
-	tagsResolver := tags.NewResolver(config.Probe, telemetry)
+	tagsResolver := tags.NewResolver(config.Probe, telemetry, nil)
 
 	userSessionsResolver, err := usersessions.NewResolver(config.RuntimeSecurity)
 	if err != nil {

pkg/security/resolvers/tags/resolver.go

@@ -12,15 +12,13 @@ import (
 	"strings"
 
 	coreconfig "github.com/DataDog/datadog-agent/comp/core/config"
-	tagger "github.com/DataDog/datadog-agent/comp/core/tagger/def"
-	remoteTagger "github.com/DataDog/datadog-agent/comp/core/tagger/impl-remote"
+	taggerdef "github.com/DataDog/datadog-agent/comp/core/tagger/def"
+	remotetagger "github.com/DataDog/datadog-agent/comp/core/tagger/impl-remote"
 	"github.com/DataDog/datadog-agent/comp/core/tagger/types"
 	"github.com/DataDog/datadog-agent/comp/core/telemetry"
 	"github.com/DataDog/datadog-agent/pkg/api/security"
 	pkgconfigsetup "github.com/DataDog/datadog-agent/pkg/config/setup"
 	"github.com/DataDog/datadog-agent/pkg/security/probe/config"
-	"github.com/DataDog/datadog-agent/pkg/security/resolvers/cgroup"
-	cgroupModel "github.com/DataDog/datadog-agent/pkg/security/resolvers/cgroup/model"
 	"github.com/DataDog/datadog-agent/pkg/security/utils"
 	"github.com/DataDog/datadog-agent/pkg/util/log"
 )
@@ -56,17 +54,15 @@ func (n *nullTagger) Tag(_ types.EntityID, _ types.TagCardinality) ([]string, er
 
 // Resolver represents a cache resolver
 type Resolver interface {
-	Start(ctx context.Context, cgroupManager cgroup.ResolverInterface) error
+	Start(ctx context.Context) error
 	Stop() error
 	Resolve(id string) []string
 	ResolveWithErr(fid string) ([]string, error)
 	GetValue(id string, tag string) string
-	RegisterListener(event Event, listener utils.Listener[*cgroupModel.CacheEntry]) error
 }
 
 // DefaultResolver represents a default resolver based directly on the underlying tagger
 type DefaultResolver struct {
-	*utils.Notifier[Event, *cgroupModel.CacheEntry]
 	tagger Tagger
 }
 
@@ -95,7 +91,7 @@ func (t *DefaultResolver) GetValue(id string, tag string) string {
 }
 
 // Start the resolver
-func (t *DefaultResolver) Start(ctx context.Context, _ cgroup.ResolverInterface) error {
+func (t *DefaultResolver) Start(ctx context.Context) error {
 	go func() {
 		if err := t.tagger.Start(ctx); err != nil {
 			log.Errorf("failed to init tagger: %s", err)
@@ -116,15 +112,18 @@ func (t *DefaultResolver) Stop() error {
 }
 
 // NewDefaultResolver returns a new default tags resolver
-func NewDefaultResolver(config *config.Config, telemetry telemetry.Component) *DefaultResolver {
+func NewDefaultResolver(config *config.Config, telemetry telemetry.Component, tagger Tagger) *DefaultResolver {
+	if tagger == nil {
+		tagger = &nullTagger{}
+	}
+
 	ddConfig := pkgconfigsetup.Datadog()
 	resolver := &DefaultResolver{
-		tagger:   &nullTagger{},
-		Notifier: utils.NewNotifier[Event, *cgroupModel.CacheEntry](),
+		tagger: tagger,
 	}
 
 	if config.RemoteTaggerEnabled {
-		params := tagger.RemoteParams{
+		params := taggerdef.RemoteParams{
 			RemoteFilter: types.NewMatchAllFilter(),
 			RemoteTarget: func(c coreconfig.Component) (string, error) { return fmt.Sprintf(":%v", c.GetInt("cmd_port")), nil },
 			RemoteTokenFetcher: func(c coreconfig.Component) func() (string, error) {
@@ -134,7 +133,8 @@ func NewDefaultResolver(config *config.Config, telemetry telemetry.Component) *D
 			},
 		}
 
-		resolver.tagger, _ = remoteTagger.NewRemoteTagger(params, ddConfig, log.NewWrapper(2), telemetry)
+		resolver.tagger, _ = remotetagger.NewRemoteTagger(params, ddConfig, log.NewWrapper(2), telemetry)
 	}
+
 	return resolver
 }

pkg/security/resolvers/tags/resolver_linux.go

@@ -15,22 +15,24 @@ import (
 	"github.com/DataDog/datadog-agent/pkg/security/probe/config"
 	"github.com/DataDog/datadog-agent/pkg/security/resolvers/cgroup"
 	cgroupModel "github.com/DataDog/datadog-agent/pkg/security/resolvers/cgroup/model"
+	"github.com/DataDog/datadog-agent/pkg/security/utils"
 )
 
 // LinuxResolver represents a default resolver based directly on the underlying tagger
 type LinuxResolver struct {
 	*DefaultResolver
+	*utils.Notifier[Event, *cgroupModel.CacheEntry]
 	workloadsWithoutTags chan *cgroupModel.CacheEntry
 	cgroupResolver       *cgroup.Resolver
 }
 
 // Start the resolver
-func (t *LinuxResolver) Start(ctx context.Context, cgroupResolver cgroup.ResolverInterface) error {
-	if err := t.DefaultResolver.Start(ctx, cgroupResolver); err != nil {
+func (t *LinuxResolver) Start(ctx context.Context) error {
+	if err := t.DefaultResolver.Start(ctx); err != nil {
 		return err
 	}
 
-	if err := cgroupResolver.RegisterListener(cgroup.CGroupCreated, t.checkTags); err != nil {
+	if err := t.cgroupResolver.RegisterListener(cgroup.CGroupCreated, t.checkTags); err != nil {
 		return err
 	}
 
@@ -88,9 +90,10 @@ func (t *LinuxResolver) fetchTags(container *cgroupModel.CacheEntry) error {
 }
 
 // NewResolver returns a new tags resolver
-func NewResolver(config *config.Config, telemetry telemetry.Component, cgroupsResolver *cgroup.Resolver) Resolver {
+func NewResolver(config *config.Config, telemetry telemetry.Component, tagger Tagger, cgroupsResolver *cgroup.Resolver) *LinuxResolver {
 	resolver := &LinuxResolver{
-		DefaultResolver:      NewDefaultResolver(config, telemetry),
+		Notifier:             utils.NewNotifier[Event, *cgroupModel.CacheEntry](),
+		DefaultResolver:      NewDefaultResolver(config, telemetry, tagger),
 		workloadsWithoutTags: make(chan *cgroupModel.CacheEntry, 100),
 		cgroupResolver:       cgroupsResolver,
 	}

pkg/security/resolvers/tags/resolver_other.go

@@ -14,6 +14,6 @@ import (
 )
 
 // NewResolver returns a new tags resolver
-func NewResolver(config *config.Config, telemetry telemetry.Component) Resolver {
-	return NewDefaultResolver(config, telemetry)
+func NewResolver(config *config.Config, telemetry telemetry.Component, tagger Tagger) Resolver {
+	return NewDefaultResolver(config, telemetry, tagger)
 }