Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-22 23:09:41 +02:00
Code Issues Releases Activity

fix(token-cache-manager): refactor to avoid data races EE-4438 (#8094)

Browse source
This commit is contained in:
andres-portainer 2022-11-22 18:31:14 -03:00 committed by GitHub
parent dd01165224
commit c28be7aced
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 159 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

19
api/http/proxy/factory/kubernetes/token.go
View file

@ -43,18 +43,15 @@ func (manager *tokenManager) GetAdminServiceAccountToken() string {
return manager.adminToken
}
// GetUserServiceAccountToken setup a user's service account if it does not exist, then retrieve its token
func (manager *tokenManager) GetUserServiceAccountToken(userID int, endpointID portainer.EndpointID) (string, error) {
manager.tokenCache.mutex.Lock()
defer manager.tokenCache.mutex.Unlock()
token, ok := manager.tokenCache.getToken(userID)
if !ok {
tokenFunc := func() (string, error) {
memberships, err := manager.dataStore.TeamMembership().TeamMembershipsByUserID(portainer.UserID(userID))
if err != nil {
return "", err
}
teamIds := make([]int, 0)
teamIds := make([]int, 0, len(memberships))
for _, membership := range memberships {
teamIds = append(teamIds, int(membership.TeamID))
}
@ -70,14 +67,8 @@ func (manager *tokenManager) GetUserServiceAccountToken(userID int, endpointID p
return "", err
}
serviceAccountToken, err := manager.kubecli.GetServiceAccountBearerToken(userID)
if err != nil {
return "", err
}
manager.tokenCache.addToken(userID, serviceAccountToken)
token = serviceAccountToken
return manager.kubecli.GetServiceAccountBearerToken(userID)
}
return token, nil
return manager.tokenCache.getOrAddToken(portainer.UserID(userID), tokenFunc)
}