release event memory (#4138)

Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2025-03-31 03:45:17 +00:00 · 2022-06-22 09:37:46 -07:00 · 2022-06-22 09:37:46 -07:00 · b68f4ba679
commit b68f4ba679
parent a14cab0947
4 changed files with 33 additions and 36 deletions
--- a/pkg/event/controller.go
+++ b/pkg/event/controller.go
@ -148,30 +148,24 @@ func (gen *Generator) handleErr(err error, key interface{}) {
 }

 func (gen *Generator) processNextWorkItem() bool {
-	logger := gen.log
 	obj, shutdown := gen.queue.Get()
 	if shutdown {
 		return false
 	}

-	err := func(obj interface{}) error {
-		defer gen.queue.Done(obj)
-		var key Info
-		var ok bool
+	defer gen.queue.Done(obj)

-		if key, ok = obj.(Info); !ok {
-			gen.queue.Forget(obj)
-			logger.Info("Incorrect type; expected type 'info'", "obj", obj)
-			return nil
-		}
-		err := gen.syncHandler(key)
-		gen.handleErr(err, obj)
-		return nil
-	}(obj)
-	if err != nil {
-		logger.Error(err, "failed to process next work item")
+	var key Info
+	var ok bool
+	if key, ok = obj.(Info); !ok {
+		gen.queue.Forget(obj)
+		gen.log.Info("Incorrect type; expected type 'info'", "obj", obj)
 		return true
 	}
+
+	err := gen.syncHandler(key)
+	gen.handleErr(err, obj)
+
 	return true
 }

--- a/pkg/event/events.go
+++ b/pkg/event/events.go
@ -9,10 +9,10 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 )

-func NewPolicyFailEvent(source Source, reason Reason, engineResponse *response.EngineResponse, ruleResp *response.RuleResponse, blocked bool) *Info {
+func NewPolicyFailEvent(source Source, reason Reason, engineResponse *response.EngineResponse, ruleResp *response.RuleResponse, blocked bool) Info {
 	msg := buildPolicyEventMessage(ruleResp, engineResponse.GetResourceSpec(), blocked)

-	return &Info{
+	return Info{
 		Kind:      getPolicyKind(engineResponse.Policy),
 		Name:      engineResponse.PolicyResponse.Policy.Name,
 		Namespace: engineResponse.PolicyResponse.Policy.Namespace,
@ -50,39 +50,42 @@ func getPolicyKind(policy kyvernov1.PolicyInterface) string {
 	return "ClusterPolicy"
 }

-func NewPolicyAppliedEvent(source Source, engineResponse *response.EngineResponse) *Info {
+func NewPolicyAppliedEvent(source Source, engineResponse *response.EngineResponse) Info {
 	resource := engineResponse.PolicyResponse.Resource
+	var bldr strings.Builder
+	defer bldr.Reset()

-	var msg string
 	if resource.Namespace != "" {
-		msg = fmt.Sprintf("%s %s/%s: pass", resource.Kind, resource.Namespace, resource.Name)
+		fmt.Fprintf(&bldr, "%s %s/%s: pass", resource.Kind, resource.Namespace, resource.Name)
 	} else {
-		msg = fmt.Sprintf("%s %s: pass", resource.Kind, resource.Name)
+		fmt.Fprintf(&bldr, "%s %s: pass", resource.Kind, resource.Name)
 	}

-	return &Info{
+	return Info{
 		Kind:      getPolicyKind(engineResponse.Policy),
 		Name:      engineResponse.PolicyResponse.Policy.Name,
 		Namespace: engineResponse.PolicyResponse.Policy.Namespace,
 		Reason:    PolicyApplied.String(),
 		Source:    source,
-		Message:   msg,
+		Message:   bldr.String(),
 	}
 }

-func NewResourceViolationEvent(source Source, reason Reason, engineResponse *response.EngineResponse, ruleResp *response.RuleResponse) *Info {
-	policyName := engineResponse.Policy.GetName()
-	status := ruleResp.Status.String()
-	msg := fmt.Sprintf("policy %s/%s %s: %s", policyName, ruleResp.Name, status, ruleResp.Message)
+func NewResourceViolationEvent(source Source, reason Reason, engineResponse *response.EngineResponse, ruleResp *response.RuleResponse) Info {
+	var bldr strings.Builder
+	defer bldr.Reset()
+
+	fmt.Fprintf(&bldr, "policy %s/%s %s: %s", engineResponse.Policy.GetName(),
+		ruleResp.Name, ruleResp.Status.String(), ruleResp.Message)
 	resource := engineResponse.GetResourceSpec()

-	return &Info{
+	return Info{
 		Kind:      resource.Kind,
 		Name:      resource.Name,
 		Namespace: resource.Namespace,
 		Reason:    reason.String(),
 		Source:    source,
-		Message:   msg,
+		Message:   bldr.String(),
 	}
 }

--- a/pkg/policy/report.go
+++ b/pkg/policy/report.go
@ -170,7 +170,7 @@ func generateSuccessEvents(log logr.Logger, ers []*response.EngineResponse) (eve
 		if !er.IsFailed() {
 			logger.V(4).Info("generating event on policy for success rules")
 			e := event.NewPolicyAppliedEvent(event.PolicyController, er)
-			eventInfos = append(eventInfos, *e)
+			eventInfos = append(eventInfos, e)
 		}
 	}

@ -196,10 +196,10 @@ func generateFailEventsPerEr(log logr.Logger, er *response.EngineResponse) []eve
 		}

 		eventResource := event.NewResourceViolationEvent(event.PolicyController, event.PolicyViolation, er, &er.PolicyResponse.Rules[i])
-		eventInfos = append(eventInfos, *eventResource)
+		eventInfos = append(eventInfos, eventResource)

 		eventPolicy := event.NewPolicyFailEvent(event.PolicyController, event.PolicyViolation, er, &er.PolicyResponse.Rules[i], false)
-		eventInfos = append(eventInfos, *eventPolicy)
+		eventInfos = append(eventInfos, eventPolicy)
 	}

 	if len(eventInfos) > 0 {
--- a/pkg/webhooks/resource/report.go
+++ b/pkg/webhooks/resource/report.go
@ -21,17 +21,17 @@ func generateEvents(engineResponses []*response.EngineResponse, blocked bool, lo
 			for i, ruleResp := range er.PolicyResponse.Rules {
 				if ruleResp.Status == response.RuleStatusFail || ruleResp.Status == response.RuleStatusError {
 					e := event.NewPolicyFailEvent(event.AdmissionController, event.PolicyViolation, er, &er.PolicyResponse.Rules[i], blocked)
-					events = append(events, *e)
+					events = append(events, e)
 				}

 				if !blocked {
 					e := event.NewResourceViolationEvent(event.AdmissionController, event.PolicyViolation, er, &er.PolicyResponse.Rules[i])
-					events = append(events, *e)
+					events = append(events, e)
 				}
 			}
 		} else {
 			e := event.NewPolicyAppliedEvent(event.AdmissionController, er)
-			events = append(events, *e)
+			events = append(events, e)
 		}
 	}