Merge pull request #90 from uplol/master

Fix reference to loop variables in doks admission controller checks
digitalocean · Aug 13, 2020 · 3ab1800 · 3ab1800
2 parents 37326c1 + 99bb81f
commit 3ab1800
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/checks/doks/admission_controller_webhook_replacement.go b/checks/doks/admission_controller_webhook_replacement.go
@@ -54,7 +54,9 @@ func (w *webhookReplacementCheck) Run(objects *kube.Objects) ([]checks.Diagnosti
 	var diagnostics []checks.Diagnostic
 
 	for _, config := range objects.ValidatingWebhookConfigurations.Items {
+		config := config
 		for _, wh := range config.Webhooks {
+			wh := wh
 			if *wh.FailurePolicy == ar.Ignore {
 				// Webhooks with failurePolicy: Ignore are fine.
 				continue
@@ -74,6 +76,7 @@ func (w *webhookReplacementCheck) Run(objects *kube.Objects) ([]checks.Diagnosti
 			}
 			var svcNamespace *v1.Namespace
 			for _, ns := range objects.Namespaces.Items {
+				ns := ns
 				if ns.Name == wh.ClientConfig.Service.Namespace {
 					svcNamespace = &ns
 				}
@@ -103,7 +106,9 @@ func (w *webhookReplacementCheck) Run(objects *kube.Objects) ([]checks.Diagnosti
 	}
 
 	for _, config := range objects.MutatingWebhookConfigurations.Items {
+		config := config
 		for _, wh := range config.Webhooks {
+			wh := wh
 			if *wh.FailurePolicy == ar.Ignore {
 				// Webhooks with failurePolicy: Ignore are fine.
 				continue
@@ -123,6 +128,7 @@ func (w *webhookReplacementCheck) Run(objects *kube.Objects) ([]checks.Diagnosti
 			}
 			var svcNamespace *v1.Namespace
 			for _, ns := range objects.Namespaces.Items {
+				ns := ns
 				if ns.Name == wh.ClientConfig.Service.Namespace {
 					svcNamespace = &ns
 				}

diff --git a/checks/doks/admission_controller_webhook_timeout.go b/checks/doks/admission_controller_webhook_timeout.go
@@ -48,7 +48,9 @@ func (w *webhookTimeoutCheck) Run(objects *kube.Objects) ([]checks.Diagnostic, e
 	var diagnostics []checks.Diagnostic
 
 	for _, config := range objects.ValidatingWebhookConfigurations.Items {
+		config := config
 		for _, wh := range config.Webhooks {
+			wh := wh
 			if wh.TimeoutSeconds == nil {
 				// TimeoutSeconds value should be set to a non-nil value (greater than or equal to 1 and less than 30).
 				// If the TimeoutSeconds value is set to nil and the cluster version is 1.13.*, users are
@@ -70,7 +72,9 @@ func (w *webhookTimeoutCheck) Run(objects *kube.Objects) ([]checks.Diagnostic, e
 	}
 
 	for _, config := range objects.MutatingWebhookConfigurations.Items {
+		config := config
 		for _, wh := range config.Webhooks {
+			wh := wh
 			if wh.TimeoutSeconds == nil {
 				// TimeoutSeconds value should be set to a non-nil value (greater than or equal to 1 and less than 30).
 				// If the TimeoutSeconds value is set to nil and the cluster version is 1.13.*, users are