introduce accesses caching #46
Conversation
filariow
force-pushed
the
subjectcache
branch
4 times, most recently
from
a85045d to
505baac
Compare
Signed-off-by: Francesco Ilario <[email protected]>
Signed-off-by: Francesco Ilario <[email protected]>
filariow
force-pushed
the
subjectcache
branch
from
505baac to
ce753dc
Compare
Makefile
Outdated
| @@ -61,6 +61,7 @@ test-perf: ## Run performance tests | |||
| --name namespace-lister-perf-test $(PERF_CLUSTER_PROVIDER_FLAGS) | |||
| KUBECONFIG=$(PERF_CLUSTER_KUBECONFIG) $(GINKGO) --label-filter='perf' \ | |||
| --keep-going --procs=1 --flake-attempts 2 --output-dir=$(PERF_OUT_DIR) | |||
| -$(PERF_CLUSTER_PROVIDER) delete cluster --name namespace-lister-perf-test | |||
There was a problem hiding this comment.
This is redundant, since we already delete the cluster when we start perf tests. If we want to delete after tests run, maybe we should only do so if tests passed? If tests failed for some reason, I'd prefer to keep the cluster around to make debugging easier.
There was a problem hiding this comment.
yeah, I added this as I always forgot it running. Let me remove that line for this PR
pkg/auth/cache/auth_cache.go
Outdated
|
|
||
| // stores data | ||
| type AuthCache struct { | ||
| data atomic.Pointer[map[rbacv1.Subject][]corev1.Namespace] |
There was a problem hiding this comment.
I'm thinking we may need a sync.RWMutex instead of an atomic pointer swap to synchronize access, but I'm not 100% sure.
There was a problem hiding this comment.
until access is readonly we should be fine without a mutex, right?
There was a problem hiding this comment.
Correct, but long-term I think it's what we should probably be using to synchronize accesses.
Signed-off-by: Francesco Ilario <[email protected]>
Signed-off-by: Francesco Ilario <[email protected]>
Signed-off-by: Francesco Ilario <[email protected]>
Signed-off-by: Francesco Ilario [email protected]