From 758f20e20a4187c04983e47bc415e680ad3c831e Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 11 Jan 2023 08:56:16 -0500 Subject: [PATCH] Compile regex on demand not in init Every podman command is paying the price for this compile even when they don't use the Regex, this will speed up start of podman by a little. [NO NEW TESTS NEEDED] Existing tests should catch issues. Signed-off-by: Daniel J Walsh --- cmd/podman/parse/net.go | 10 ++- libpod/define/config.go | 3 - libpod/options.go | 12 ++- pkg/bindings/images/build.go | 8 +- pkg/systemd/quadlet/quadlet.go | 133 +++++++++++++++++---------------- 5 files changed, 96 insertions(+), 70 deletions(-) diff --git a/cmd/podman/parse/net.go b/cmd/podman/parse/net.go index a5c7a0d956..147991791b 100644 --- a/cmd/podman/parse/net.go +++ b/cmd/podman/parse/net.go @@ -10,6 +10,7 @@ import ( "os" "regexp" "strings" + "sync" ) const ( @@ -22,8 +23,9 @@ const ( var ( whiteSpaces = " \t" - alphaRegexp = regexp.MustCompile(`[a-zA-Z]`) - domainRegexp = regexp.MustCompile(`^(:?(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]))(:?\.(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])))*)\.?\s*$`) + alphaRegexp *regexp.Regexp + domainRegexp *regexp.Regexp + onceRegex sync.Once ) // validateExtraHost validates that the specified string is a valid extrahost and returns it. @@ -52,6 +54,10 @@ func validateIPAddress(val string) (string, error) { } func ValidateDomain(val string) (string, error) { + onceRegex.Do(func() { + alphaRegexp = regexp.MustCompile(`[a-zA-Z]`) + domainRegexp = regexp.MustCompile(`^(:?(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]))(:?\.(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])))*)\.?\s*$`) + }) if alphaRegexp.FindString(val) == "" { return "", fmt.Errorf("%s is not a valid domain", val) } diff --git a/libpod/define/config.go b/libpod/define/config.go index 0427206edb..7295f1425e 100644 --- a/libpod/define/config.go +++ b/libpod/define/config.go @@ -3,7 +3,6 @@ package define import ( "bufio" "io" - "regexp" "github.com/containers/common/libnetwork/types" ) @@ -20,8 +19,6 @@ var ( NameRegex = types.NameRegex // RegexError is thrown in presence of an invalid container/pod name. RegexError = types.RegexError - // UmaskRegex is a regular expression to validate Umask. - UmaskRegex = regexp.MustCompile(`^[0-7]{1,4}$`) ) const ( diff --git a/libpod/options.go b/libpod/options.go index 373cf5aada..99ee39a640 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -6,7 +6,9 @@ import ( "net" "os" "path/filepath" + "regexp" "strings" + "sync" "syscall" "github.com/containers/buildah/pkg/parse" @@ -28,6 +30,11 @@ import ( "github.com/sirupsen/logrus" ) +var ( + umaskRegex *regexp.Regexp + onceRegex sync.Once +) + // WithStorageConfig uses the given configuration to set up container storage. // If this is not specified, the system default configuration will be used // instead. @@ -1790,11 +1797,14 @@ func WithTimezone(path string) CtrCreateOption { // WithUmask sets the umask in the container func WithUmask(umask string) CtrCreateOption { + onceRegex.Do(func() { + umaskRegex = regexp.MustCompile(`^[0-7]{1,4}$`) + }) return func(ctr *Container) error { if ctr.valid { return define.ErrCtrFinalized } - if !define.UmaskRegex.MatchString(umask) { + if !umaskRegex.MatchString(umask) { return fmt.Errorf("invalid umask string %s: %w", umask, define.ErrInvalidArg) } ctr.config.Umask = umask diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 4dcfb8e167..1ea74f3154 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -17,6 +17,7 @@ import ( "runtime" "strconv" "strings" + "sync" "github.com/containers/buildah/define" "github.com/containers/image/v5/types" @@ -37,11 +38,16 @@ type devino struct { } var ( - iidRegex = regexp.MustCompile(`^[0-9a-f]{12}`) + iidRegex *regexp.Regexp + onceRegex sync.Once ) // Build creates an image using a containerfile reference func Build(ctx context.Context, containerFiles []string, options entities.BuildOptions) (*entities.BuildReport, error) { + onceRegex.Do(func() { + iidRegex = regexp.MustCompile(`^[0-9a-f]{12}`) + }) + if options.CommonBuildOpts == nil { options.CommonBuildOpts = new(define.CommonBuildOptions) } diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 05f8be6648..d7545b32c6 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -5,6 +5,7 @@ import ( "path/filepath" "regexp" "strings" + "sync" "github.com/containers/podman/v4/pkg/systemd/parser" ) @@ -29,8 +30,6 @@ const ( XNetworkGroup = "X-Network" ) -var validPortRange = regexp.MustCompile(`\d+(-\d+)?(/udp|/tcp)?$`) - // All the supported quadlet keys const ( KeyContainerName = "ContainerName" @@ -75,70 +74,75 @@ const ( KeyConfigMap = "ConfigMap" ) -// Supported keys in "Container" group -var supportedContainerKeys = map[string]bool{ - KeyContainerName: true, - KeyImage: true, - KeyEnvironment: true, - KeyEnvironmentFile: true, - KeyEnvironmentHost: true, - KeyExec: true, - KeyNoNewPrivileges: true, - KeyDropCapability: true, - KeyAddCapability: true, - KeyReadOnly: true, - KeyRemapUsers: true, - KeyRemapUID: true, - KeyRemapGID: true, - KeyRemapUIDSize: true, - KeyNotify: true, - KeyExposeHostPort: true, - KeyPublishPort: true, - KeyUser: true, - KeyGroup: true, - KeyVolume: true, - KeyPodmanArgs: true, - KeyLabel: true, - KeyAnnotation: true, - KeyRunInit: true, - KeyVolatileTmp: true, - KeyTimezone: true, - KeySeccompProfile: true, - KeyAddDevice: true, - KeyNetwork: true, -} +var ( + onceRegex sync.Once + validPortRange *regexp.Regexp -// Supported keys in "Volume" group -var supportedVolumeKeys = map[string]bool{ - KeyUser: true, - KeyGroup: true, - KeyLabel: true, -} + // Supported keys in "Container" group + supportedContainerKeys = map[string]bool{ + KeyContainerName: true, + KeyImage: true, + KeyEnvironment: true, + KeyEnvironmentFile: true, + KeyEnvironmentHost: true, + KeyExec: true, + KeyNoNewPrivileges: true, + KeyDropCapability: true, + KeyAddCapability: true, + KeyReadOnly: true, + KeyRemapUsers: true, + KeyRemapUID: true, + KeyRemapGID: true, + KeyRemapUIDSize: true, + KeyNotify: true, + KeyExposeHostPort: true, + KeyPublishPort: true, + KeyUser: true, + KeyGroup: true, + KeyVolume: true, + KeyPodmanArgs: true, + KeyLabel: true, + KeyAnnotation: true, + KeyRunInit: true, + KeyVolatileTmp: true, + KeyTimezone: true, + KeySeccompProfile: true, + KeyAddDevice: true, + KeyNetwork: true, + } -// Supported keys in "Volume" group -var supportedNetworkKeys = map[string]bool{ - KeyNetworkDisableDNS: true, - KeyNetworkDriver: true, - KeyNetworkGateway: true, - KeyNetworkInternal: true, - KeyNetworkIPRange: true, - KeyNetworkIPAMDriver: true, - KeyNetworkIPv6: true, - KeyNetworkOptions: true, - KeyNetworkSubnet: true, - KeyLabel: true, -} + // Supported keys in "Volume" group + supportedVolumeKeys = map[string]bool{ + KeyUser: true, + KeyGroup: true, + KeyLabel: true, + } -// Supported keys in "Kube" group -var supportedKubeKeys = map[string]bool{ - KeyYaml: true, - KeyRemapUID: true, - KeyRemapGID: true, - KeyRemapUsers: true, - KeyRemapUIDSize: true, - KeyNetwork: true, - KeyConfigMap: true, -} + // Supported keys in "Volume" group + supportedNetworkKeys = map[string]bool{ + KeyNetworkDisableDNS: true, + KeyNetworkDriver: true, + KeyNetworkGateway: true, + KeyNetworkInternal: true, + KeyNetworkIPRange: true, + KeyNetworkIPAMDriver: true, + KeyNetworkIPv6: true, + KeyNetworkOptions: true, + KeyNetworkSubnet: true, + KeyLabel: true, + } + + // Supported keys in "Kube" group + supportedKubeKeys = map[string]bool{ + KeyYaml: true, + KeyRemapUID: true, + KeyRemapGID: true, + KeyRemapUsers: true, + KeyRemapUIDSize: true, + KeyNetwork: true, + KeyConfigMap: true, + } +) func replaceExtension(name string, extension string, extraPrefix string, extraSuffix string) string { baseName := name @@ -152,6 +156,9 @@ func replaceExtension(name string, extension string, extraPrefix string, extraSu } func isPortRange(port string) bool { + onceRegex.Do(func() { + validPortRange = regexp.MustCompile(`\d+(-\d+)?(/udp|/tcp)?$`) + }) return validPortRange.MatchString(port) }