Skip to content

Commit

Permalink
Stop storing stateless kubernetes keystores (#21880)
Browse files Browse the repository at this point in the history
  • Loading branch information
ChrsMark authored Oct 19, 2020
1 parent 803ddca commit b2d1929
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 15 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -375,6 +375,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix retrieving resources by ID for the azure module. {pull}21711[21711] {issue}21707[21707]
- Use timestamp from CloudWatch API when creating events. {pull}21498[21498]
- Report the correct windows events for system/filesystem {pull}21758[21758]
- Fix panic in kubernetes autodiscover related to keystores {issue}21843[21843] {pull}21880[21880]

*Packetbeat*

Expand Down
20 changes: 5 additions & 15 deletions libbeat/common/kubernetes/k8skeystore/kubernetes_keystore.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,10 @@ import (
"github.com/elastic/beats/v7/libbeat/logp"
)

type KubernetesKeystores map[string]keystore.Keystore

// KubernetesKeystoresRegistry holds KubernetesKeystores for known namespaces. Once a Keystore for one k8s namespace
// is initialized it will be reused every time it is needed.
// KubernetesKeystoresRegistry implements a Provider for Keystore.
type KubernetesKeystoresRegistry struct {
kubernetesKeystores KubernetesKeystores
logger *logp.Logger
client k8s.Interface
logger *logp.Logger
client k8s.Interface
}

// KubernetesSecretsKeystore allows to retrieve passwords from Kubernetes secrets for a given namespace
Expand All @@ -56,9 +52,8 @@ func Factoryk8s(keystoreNamespace string, ks8client k8s.Interface, logger *logp.
// NewKubernetesKeystoresRegistry initializes a KubernetesKeystoresRegistry
func NewKubernetesKeystoresRegistry(logger *logp.Logger, client k8s.Interface) keystore.Provider {
return &KubernetesKeystoresRegistry{
kubernetesKeystores: KubernetesKeystores{},
logger: logger,
client: client,
logger: logger,
client: client,
}
}

Expand All @@ -75,12 +70,7 @@ func (kr *KubernetesKeystoresRegistry) GetKeystore(event bus.Event) keystore.Key
namespace = ns.(string)
}
if namespace != "" {
// either retrieve already stored keystore or create a new one for the namespace
if storedKeystore, ok := kr.kubernetesKeystores[namespace]; ok {
return storedKeystore
}
k8sKeystore, _ := Factoryk8s(namespace, kr.client, kr.logger)
kr.kubernetesKeystores["namespace"] = k8sKeystore
return k8sKeystore
}
kr.logger.Debugf("Cannot retrieve kubernetes namespace from event: %s", event)
Expand Down

0 comments on commit b2d1929

Please sign in to comment.