Skip to content

Commit

Permalink
Fix racetest in SDS service (istio#11615)
Browse files Browse the repository at this point in the history
  • Loading branch information
ymesika authored and wenchenglu committed Feb 8, 2019
1 parent 1b93edb commit 114680d
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions security/pkg/nodeagent/sds/sdsservice.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,9 @@ type sdsConnection struct {

// The secret associated with the proxy.
secret *model.SecretItem

// Mutex to protect read/write to this connection
mutex sync.RWMutex
}

type sdsservice struct {
Expand Down Expand Up @@ -243,7 +246,9 @@ func NotifyProxy(proxyID, resourceName string, secret *model.SecretItem) error {
log.Errorf("No connection with id %q can be found", proxyID)
return fmt.Errorf("no connection with id %q can be found", proxyID)
}
conn.mutex.Lock()
conn.secret = secret
conn.mutex.Unlock()

conn.pushChannel <- &sdsEvent{}
return nil
Expand Down Expand Up @@ -310,13 +315,15 @@ func pushSDS(con *sdsConnection) error {
return err
}

con.mutex.RLock()
if con.secret.RootCert != nil {
log.Infof("SDS: push root cert from node agent to proxy: %q\n", con.proxyID)
log.Debugf("SDS: push root cert %+v to proxy: %q\n", string(con.secret.RootCert), con.proxyID)
} else {
log.Infof("SDS: push key/cert pair from node agent to proxy: %q\n", con.proxyID)
log.Debugf("SDS: push certificate chain %+v to proxy: %q\n", string(con.secret.CertificateChain), con.proxyID)
}
con.mutex.RUnlock()

return nil
}
Expand Down

0 comments on commit 114680d

Please sign in to comment.