mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-15 20:20:22 +00:00
Code Activity

fix: concurrent map read and map write when applying a validate.podSecurity rule (#11012)

Browse source 
Signed-off-by: Liang Deng <283304489@qq.com>
This commit is contained in:
Liang Deng 2024-09-05 01:05:10 +08:00 committed by GitHub
parent 3412109bab
commit cac7b21225
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
pkg/pss/utils/mapping.go
View file

@ -1,5 +1,7 @@
package utils package utils
import "sync"
var PSS_baseline_control_names = []string{ var PSS_baseline_control_names = []string{
"HostProcess", "HostProcess",
"Host Namespaces", "Host Namespaces",
@ -110,17 +112,21 @@ var PSS_control_name_to_ids = map[string][]string{
}, },
} }
// reverse mapping of PSS_control_name_to_ids var pssControlIDToNameOnce = sync.OnceValue(initPSSControlNameToIdsMapping)
var pss_control_id_to_name = map[string]string{}
func PSSControlIDToName(id string) string { // initialize reverse mapping of PSS_control_name_to_ids
if len(pss_control_id_to_name) == 0 { func initPSSControlNameToIdsMapping() map[string]string {
for name, ids := range PSS_control_name_to_ids { pss_control_id_to_name := make(map[string]string)
for _, id := range ids { for name, ids := range PSS_control_name_to_ids {
pss_control_id_to_name[id] = name for _, id := range ids {
} pss_control_id_to_name[id] = name
} }
} }
return pss_control_id_to_name
}
func PSSControlIDToName(id string) string {
pss_control_id_to_name := pssControlIDToNameOnce()
return pss_control_id_to_name[id] return pss_control_id_to_name[id]
} }