Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle policy recreation race condition #221

Merged
merged 1 commit into from
Mar 28, 2024
Merged

Handle policy recreation race condition #221

merged 1 commit into from
Mar 28, 2024

Conversation

mprahl
Copy link
Member

@mprahl mprahl commented Mar 28, 2024

When the configuration policy is recreated after the List call completes in the loop in the PeriodicallyExecConfigPolicies method, the old configuration policy status gets set on the new configuration policy which can lead to a compliance event not being set on the replicated parent policy.

Relates:
https://issues.redhat.com/browse/ACM-10500

@mprahl mprahl requested a review from JustinKuli March 28, 2024 17:22
@mprahl
Copy link
Member Author

mprahl commented Mar 28, 2024

/hold checking on if this can be called multiple times per evaluation

@mprahl mprahl changed the title Handle policy recreation race condition WIP: Handle policy recreation race condition Mar 28, 2024
JustinKuli
JustinKuli reviewed Mar 28, 2024
View reviewed changes
controllers/configurationpolicy_controller.go Outdated
Comment on lines 2996 to 3000
// If the policy was recreated after it was retrieved from the cache, there could be no compliance
// set on the parent policy. Updating the status here may prevent a compliance event from being generated on
// future evaluations so skipping the status update is very important. If sendEvent was true, there is still
// value to send the compliance event to the parent policy so that this history is not lost before the
// policy was recreated.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe: "If the UID has changed, then the policy has been deleted and created again. Do not update the status, because it was calculated based on a previous version. If sendEvent is true, that event might be useful and it can be emitted. By leaving the status blank, the policy will be reevaluated and send a new event.

@mprahl @JustinKuli
Handle policy recreation race condition
37e4659 
When the configuration policy is recreated after the
List call completes in the loop in the PeriodicallyExecConfigPolicies
method, the old configuration policy status gets set on the new
configuration policy which can lead to a compliance event not being set
on the replicated parent policy.

Relates:
https://issues.redhat.com/browse/ACM-10500

Co-authored-by: Justin Kulikauskas <jkulikau@redhat.com>
Signed-off-by: mprahl <mprahl@users.noreply.github.com>
@mprahl mprahl changed the title WIP: Handle policy recreation race condition Handle policy recreation race condition Mar 28, 2024
@mprahl
Copy link
Member Author

mprahl commented Mar 28, 2024

/unhold

@mprahl mprahl requested a review from JustinKuli March 28, 2024 20:32
JustinKuli
JustinKuli approved these changes Mar 28, 2024
View reviewed changes
Copy link
Member

@JustinKuli JustinKuli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@openshift-ci openshift-ci bot added the lgtm label Mar 28, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Mar 28, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JustinKuli, mprahl

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit e4c455a into open-cluster-management-io:main Mar 28, 2024
9 checks passed
@magic-mirror-bot magic-mirror-bot bot mentioned this pull request Mar 28, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JustinKuli JustinKuli JustinKuli approved these changes

@gparvin gparvin Awaiting requested review from gparvin

@yiraeChristineKim yiraeChristineKim Awaiting requested review from yiraeChristineKim

Assignees

@JustinKuli JustinKuli

Labels
approved dco-signoff: yes lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mprahl @JustinKuli