mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-15 20:20:22 +00:00
fix: concurrent map read and map write when applying a validate.podSecurity rule (#11012)
Signed-off-by: Liang Deng <283304489@qq.com>
This commit is contained in:
parent
3412109bab
commit
cac7b21225
1 changed files with 14 additions and 8 deletions
|
@ -1,5 +1,7 @@
|
||||||
package utils
|
package utils
|
||||||
|
|
||||||
|
import "sync"
|
||||||
|
|
||||||
var PSS_baseline_control_names = []string{
|
var PSS_baseline_control_names = []string{
|
||||||
"HostProcess",
|
"HostProcess",
|
||||||
"Host Namespaces",
|
"Host Namespaces",
|
||||||
|
@ -110,17 +112,21 @@ var PSS_control_name_to_ids = map[string][]string{
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// reverse mapping of PSS_control_name_to_ids
|
var pssControlIDToNameOnce = sync.OnceValue(initPSSControlNameToIdsMapping)
|
||||||
var pss_control_id_to_name = map[string]string{}
|
|
||||||
|
|
||||||
func PSSControlIDToName(id string) string {
|
// initialize reverse mapping of PSS_control_name_to_ids
|
||||||
if len(pss_control_id_to_name) == 0 {
|
func initPSSControlNameToIdsMapping() map[string]string {
|
||||||
for name, ids := range PSS_control_name_to_ids {
|
pss_control_id_to_name := make(map[string]string)
|
||||||
for _, id := range ids {
|
for name, ids := range PSS_control_name_to_ids {
|
||||||
pss_control_id_to_name[id] = name
|
for _, id := range ids {
|
||||||
}
|
pss_control_id_to_name[id] = name
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return pss_control_id_to_name
|
||||||
|
}
|
||||||
|
|
||||||
|
func PSSControlIDToName(id string) string {
|
||||||
|
pss_control_id_to_name := pssControlIDToNameOnce()
|
||||||
return pss_control_id_to_name[id]
|
return pss_control_id_to_name[id]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Add table
Reference in a new issue