get_containers_baselines
Retrieve runtime baselines for specified containers to assess security and configuration standards in Kubernetes and cloud environments.
Instructions
Get runtime baselines for multiple containers
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| container_ids | Yes | List of container IDs to get baselines for |
Implementation Reference
- src/operations/runtime.ts:17-68 (handler)The main handler function that fetches container runtime insights from the RAD Security API and extracts baselines for the specified container IDs.export async function getContainersBaselines( client: RadSecurityClient, containerIds: string[] ): Promise<any> { if (containerIds.length === 0) { throw new Error("No container IDs provided"); } // Convert list to comma-separated string for API request const containerIdsParam = containerIds.join(','); // Get container runtime insights for all containers const cris = await client.makeRequest( `/accounts/${client.getAccountId()}/container_runtime_insights`, { container_ids: containerIdsParam } ); if (!cris.entries) { throw new Error(`No process trees found for container_ids: ${containerIds}`); } // Map to store results const baselines: Record<string, any> = {}; // Process each container runtime insight for (const entry of cris.entries) { const criId = entry.id; const containerId = entry.summary?.container_meta?.container_id; if (!containerId || !containerIds.includes(containerId)) { continue; } // Get detailed data for this container const data = await client.makeRequest( `/accounts/${client.getAccountId()}/container_runtime_insights/${criId}` ); if (data.baseline) { baselines[containerId] = data.baseline; } else { // Just log a warning instead of raising an error to allow partial results console.warn(`No baseline found for container_id: ${containerId}`); } } if (Object.keys(baselines).length === 0) { throw new Error(`No baselines found for any of the container_ids: ${containerIds}`); } return baselines; }
- src/operations/runtime.ts:9-11 (schema)Zod schema defining the input parameters for the get_containers_baselines tool, requiring a list of container IDs.export const GetContainersBaselinesSchema = z.object({ container_ids: z.array(z.string()).describe("List of container IDs to get baselines for"), });
- src/index.ts:245-248 (registration)Tool registration in the listTools handler, defining the tool name, description, and input schema.name: "get_containers_baselines", description: "Get runtime baselines for multiple containers", inputSchema: zodToJsonSchema(runtime.GetContainersBaselinesSchema), },
- src/index.ts:623-631 (registration)Dispatch handler in the callTool request that parses arguments using the schema and invokes the runtime handler function.case "get_containers_baselines": { const args = runtime.GetContainersBaselinesSchema.parse(request.params.arguments); const response = await runtime.getContainersBaselines( client, args.container_ids ); return { content: [{ type: "text", text: JSON.stringify(response, null, 2) }], };