mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-28 02:18:15 +00:00
Code Activity

fix: mutation of cached object in bg scan controller (#5608)

Browse source 
* fix: mutation of cached object in bg scan controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: mutation of cached object in bg scan controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2022-12-07 16:37:23 +01:00 committed by GitHub
parent 7219b4f8a3
commit ae0dd5ce08
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pkg/controllers/report/background/controller.go
View file

@ -198,7 +198,7 @@ func (c *controller) fetchPolicies(logger logr.Logger, namespace string) ([]kyve
func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk schema.GroupVersionKind, resource resource.Resource) error {
namespace := meta.GetNamespace()
labels := meta.GetLabels()
metaLabels := meta.GetLabels()
// load all policies
policies, err := c.fetchClusterPolicies(logger)
if err != nil {
@ -260,7 +260,7 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
expected[reportutils.PolicyLabel(policy)] = policy
}
toDelete := map[string]string{}
for label := range labels {
for label := range metaLabels {
if reportutils.IsPolicyLabel(label) {
// if the policy doesn't exist anymore
if expected[label] == nil {
@ -275,7 +275,7 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
var toCreate []kyvernov1.PolicyInterface
for label, policy := range expected {
// if the background policy changed, we need to recreate entries
if labels[label] != policy.GetResourceVersion() {
if metaLabels[label] != policy.GetResourceVersion() {
if name, err := reportutils.PolicyNameFromLabel(namespace, label); err != nil {
return err
} else {
@ -294,8 +294,11 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
report := reportutils.DeepCopy(before)
var ruleResults []policyreportv1alpha2.PolicyReportResult
// deletions
for _, label := range toDelete {
delete(labels, label)
reportLabels := report.GetLabels()
if reportLabels != nil {
for _, label := range toDelete {
delete(reportLabels, label)
}
}
for _, result := range report.GetResults() {
if _, ok := toDelete[result.Policy]; !ok {