cache control inputs

Signed-off-by: Amir Malka <amirm@armosec.io>

core/core/scan.go

@@ -162,7 +162,7 @@ func (ks *Kubescape) Scan(ctx context.Context, scanInfo *cautils.ScanInfo) (*res
 
 	// ===================== resources =====================
 	ctxResources, spanResources := otel.Tracer("").Start(ctxInit, "resources")
-	scanData, err = resourcehandler.CollectResources(ctxResources, interfaces.resourceHandler, scanInfo.PolicyIdentifier, scanData, cautils.NewProgressHandler(""))
+	err = resourcehandler.CollectResources(ctxResources, interfaces.resourceHandler, scanInfo.PolicyIdentifier, scanData, cautils.NewProgressHandler(""))
 	if err != nil {
 		spanInit.End()
 		return resultsHandling, err

core/pkg/policyhandler/handlepullpolicies.go

@@ -27,6 +27,7 @@ type PolicyHandler struct {
 	cachedPolicyIdentifiers *TimedCache[[]string]
 	cachedFrameworks        *TimedCache[[]reporthandling.Framework]
 	cachedExceptions        *TimedCache[[]armotypes.PostureExceptionPolicy]
+	cachedControlInputs     *TimedCache[map[string][]string]
 }
 
 // NewPolicyHandler creates and returns an instance of the `PolicyHandler`. The function initializes the `PolicyHandler` only if it hasn't been previously created.
@@ -38,6 +39,7 @@ func NewPolicyHandler() *PolicyHandler {
 			cachedPolicyIdentifiers: NewTimedCache[[]string](cacheTtl),
 			cachedFrameworks:        NewTimedCache[[]reporthandling.Framework](cacheTtl),
 			cachedExceptions:        NewTimedCache[[]armotypes.PostureExceptionPolicy](cacheTtl),
+			cachedControlInputs:     NewTimedCache[map[string][]string](cacheTtl),
 		}
 	}
 	return policyHandlerInstance
@@ -84,7 +86,7 @@ func (policyHandler *PolicyHandler) getPolicies(ctx context.Context, policyIdent
 	}
 
 	// get account configuration
-	if controlInputs, err = policyHandler.getters.ControlsInputsGetter.GetControlsInputs(cautils.ClusterName); err != nil {
+	if controlInputs, err = policyHandler.getControlInputs(); err != nil {
 		logger.L().Ctx(ctx).Warning(err.Error())
 	}
 
@@ -181,3 +183,17 @@ func (policyHandler *PolicyHandler) getExceptions() ([]armotypes.PostureExceptio
 
 	return exceptions, err
 }
+
+func (policyHandler *PolicyHandler) getControlInputs() (map[string][]string, error) {
+	if cachedControlInputs, exist := policyHandler.cachedControlInputs.Get(); exist {
+		logger.L().Info("Using cached control inputs")
+		return cachedControlInputs, nil
+	}
+
+	controlInputs, err := policyHandler.getters.ControlsInputsGetter.GetControlsInputs(cautils.ClusterName)
+	if err == nil {
+		policyHandler.cachedControlInputs.Set(controlInputs)
+	}
+
+	return controlInputs, err
+}

core/pkg/resourcehandler/handlerpullresources.go

@@ -20,7 +20,7 @@ import (
 )
 
 // CollectResources uses the provided resource handler to collect resources and returns an updated OPASessionObj
-func CollectResources(ctx context.Context, rsrcHandler IResourceHandler, policyIdentifier []cautils.PolicyIdentifier, opaSessionObj *cautils.OPASessionObj, progressListener opaprocessor.IJobProgressNotificationClient) (*cautils.OPASessionObj, error) {
+func CollectResources(ctx context.Context, rsrcHandler IResourceHandler, policyIdentifier []cautils.PolicyIdentifier, opaSessionObj *cautils.OPASessionObj, progressListener opaprocessor.IJobProgressNotificationClient) error {
 	ctx, span := otel.Tracer("").Start(ctx, "resourcehandler.CollectResources")
 	defer span.End()
 	opaSessionObj.Report.ClusterAPIServerInfo = rsrcHandler.GetClusterAPIServerInfo(ctx)
@@ -32,7 +32,7 @@ func CollectResources(ctx context.Context, rsrcHandler IResourceHandler, policyI
 
 	resourcesMap, allResources, ksResources, err := rsrcHandler.GetResources(ctx, opaSessionObj, &policyIdentifier[0].Designators, progressListener)
 	if err != nil {
-		return opaSessionObj, err
+		return err
 	}
 
 	opaSessionObj.K8SResources = resourcesMap
@@ -40,10 +40,10 @@ func CollectResources(ctx context.Context, rsrcHandler IResourceHandler, policyI
 	opaSessionObj.ArmoResource = ksResources
 
 	if (opaSessionObj.K8SResources == nil || len(*opaSessionObj.K8SResources) == 0) && (opaSessionObj.ArmoResource == nil || len(*opaSessionObj.ArmoResource) == 0) {
-		return opaSessionObj, fmt.Errorf("empty list of resources")
+		return fmt.Errorf("empty list of resources")
 	}
 
-	return opaSessionObj, nil
+	return nil
 }
 
 func setCloudMetadata(opaSessionObj *cautils.OPASessionObj) {