The plugin uses docker top to check the processes running within the container. It is run directly after launching the container and there is no way to disable it. It's to ensure that the container is actually running the command intended by the plugin and not some other due to its entrypoint. See this and this

As pointed out by a docker dev in this issue, the `docker top` command requires cgroups to be available.

If they are not availabe an error message like this is returned:

$ docker top e163adc9c3155339452843933a4134a15babd4e29b60458c744f03d7a6811220
Error response from daemon: runc did not terminate successfully: exit status 1: unable to get all container pids: read /sys/fs/cgroup/e163adc9c3155339452843933a4134a15babd4e29b60458c744f03d7a6811220/cgroup.procs: operation not supported
: unknown 

There are scenarios in which cgroups are not available or hard to implement. This affects docker rootless and docker in docker rootless setups. More information:

https://docs.docker.com/engine/security/rootless/#limiting-resources

Fix ideas:

• different approach to check this would be running `ps` within the container using `docker exec`:

docker exec e163adc9c3155339452843933a4134a15babd4e29b60458c744f03d7a6811220 ps -o pid,comm

Unfortunately, I'm not able to check whether this works on windows or not.

• Ship a custom entrypoint with the plugin that ensures the correct command is run. This would avoid checking the process list afterward. 

• Always disable entrypoint files:

  docker run --entrypoint="" -it alpine sh

• Allow disabling the process list check