From ae0dd5ce086d35285c90f20f70f6f7b79414b86d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?=
 <charled.breteche@gmail.com>
Date: Wed, 7 Dec 2022 16:37:23 +0100
Subject: [PATCH] fix: mutation of cached object in bg scan controller (#5608)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: mutation of cached object in bg scan controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: mutation of cached object in bg scan controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
---
 pkg/controllers/report/background/controller.go | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/pkg/controllers/report/background/controller.go b/pkg/controllers/report/background/controller.go
index 92893e5f7d..29a712d21b 100644
--- a/pkg/controllers/report/background/controller.go
+++ b/pkg/controllers/report/background/controller.go
@@ -198,7 +198,7 @@ func (c *controller) fetchPolicies(logger logr.Logger, namespace string) ([]kyve
 
 func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk schema.GroupVersionKind, resource resource.Resource) error {
 	namespace := meta.GetNamespace()
-	labels := meta.GetLabels()
+	metaLabels := meta.GetLabels()
 	// load all policies
 	policies, err := c.fetchClusterPolicies(logger)
 	if err != nil {
@@ -260,7 +260,7 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
 			expected[reportutils.PolicyLabel(policy)] = policy
 		}
 		toDelete := map[string]string{}
-		for label := range labels {
+		for label := range metaLabels {
 			if reportutils.IsPolicyLabel(label) {
 				// if the policy doesn't exist anymore
 				if expected[label] == nil {
@@ -275,7 +275,7 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
 		var toCreate []kyvernov1.PolicyInterface
 		for label, policy := range expected {
 			// if the background policy changed, we need to recreate entries
-			if labels[label] != policy.GetResourceVersion() {
+			if metaLabels[label] != policy.GetResourceVersion() {
 				if name, err := reportutils.PolicyNameFromLabel(namespace, label); err != nil {
 					return err
 				} else {
@@ -294,8 +294,11 @@ func (c *controller) updateReport(ctx context.Context, meta metav1.Object, gvk s
 		report := reportutils.DeepCopy(before)
 		var ruleResults []policyreportv1alpha2.PolicyReportResult
 		// deletions
-		for _, label := range toDelete {
-			delete(labels, label)
+		reportLabels := report.GetLabels()
+		if reportLabels != nil {
+			for _, label := range toDelete {
+				delete(reportLabels, label)
+			}
 		}
 		for _, result := range report.GetResults() {
 			if _, ok := toDelete[result.Policy]; !ok {