Skip to content

Commit

Permalink
Protect keystore map with mutex
Browse files Browse the repository at this point in the history
Signed-off-by: chrismark <[email protected]>
  • Loading branch information
ChrsMark committed Oct 16, 2020
1 parent f8ff7ce commit e5abbda
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion libbeat/common/kubernetes/k8skeystore/kubernetes_keystore.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ package k8skeystore
import (
"context"
"strings"
"sync"

metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
k8s "k8s.io/client-go/kubernetes"
Expand All @@ -38,6 +39,7 @@ type KubernetesKeystoresRegistry struct {
kubernetesKeystores KubernetesKeystores
logger *logp.Logger
client k8s.Interface
keystoreMapLock sync.RWMutex
}

// KubernetesSecretsKeystore allows to retrieve passwords from Kubernetes secrets for a given namespace
Expand All @@ -59,6 +61,7 @@ func NewKubernetesKeystoresRegistry(logger *logp.Logger, client k8s.Interface) k
kubernetesKeystores: KubernetesKeystores{},
logger: logger,
client: client,
keystoreMapLock: sync.RWMutex{},
}
}

Expand All @@ -76,11 +79,16 @@ func (kr *KubernetesKeystoresRegistry) GetKeystore(event bus.Event) keystore.Key
}
if namespace != "" {
// either retrieve already stored keystore or create a new one for the namespace
kr.keystoreMapLock.RLock()
if storedKeystore, ok := kr.kubernetesKeystores[namespace]; ok {
kr.keystoreMapLock.RUnlock()
return storedKeystore
}
kr.keystoreMapLock.RUnlock()
k8sKeystore, _ := Factoryk8s(namespace, kr.client, kr.logger)
kr.kubernetesKeystores["namespace"] = k8sKeystore
kr.keystoreMapLock.Lock()
kr.kubernetesKeystores[namespace] = k8sKeystore
kr.keystoreMapLock.Unlock()
return k8sKeystore
}
kr.logger.Debugf("Cannot retrieve kubernetes namespace from event: %s", event)
Expand Down

0 comments on commit e5abbda

Please sign in to comment.