Merge pull request #17073 from rhatdan/regexp

Compile regex on demand not in init

cmd/podman/parse/net.go

@@ -10,6 +10,7 @@ import (
 	"os"
 	"regexp"
 	"strings"
+	"sync"
 )
 
 const (
@@ -22,8 +23,9 @@ const (
 
 var (
 	whiteSpaces  = " \t"
-	alphaRegexp  = regexp.MustCompile(`[a-zA-Z]`)
+	alphaRegexp  *regexp.Regexp
-	domainRegexp = regexp.MustCompile(`^(:?(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]))(:?\.(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])))*)\.?\s*$`)
+	domainRegexp *regexp.Regexp
+	onceRegex    sync.Once
 )
 
 // validateExtraHost validates that the specified string is a valid extrahost and returns it.
@@ -52,6 +54,10 @@ func validateIPAddress(val string) (string, error) {
 }
 
 func ValidateDomain(val string) (string, error) {
+	onceRegex.Do(func() {
+		alphaRegexp = regexp.MustCompile(`[a-zA-Z]`)
+		domainRegexp = regexp.MustCompile(`^(:?(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]))(:?\.(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])))*)\.?\s*$`)
+	})
 	if alphaRegexp.FindString(val) == "" {
 		return "", fmt.Errorf("%s is not a valid domain", val)
 	}

libpod/define/config.go

@@ -3,7 +3,6 @@ package define
 import (
 	"bufio"
 	"io"
-	"regexp"
 
 	"github.com/containers/common/libnetwork/types"
 )
@@ -20,8 +19,6 @@ var (
 	NameRegex = types.NameRegex
 	// RegexError is thrown in presence of an invalid container/pod name.
 	RegexError = types.RegexError
-	// UmaskRegex is a regular expression to validate Umask.
-	UmaskRegex = regexp.MustCompile(`^[0-7]{1,4}$`)
 )
 
 const (

libpod/options.go

@@ -6,7 +6,9 @@ import (
 	"net"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strings"
+	"sync"
 	"syscall"
 
 	"github.com/containers/buildah/pkg/parse"
@@ -28,6 +30,11 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
+var (
+	umaskRegex *regexp.Regexp
+	onceRegex  sync.Once
+)
+
 // WithStorageConfig uses the given configuration to set up container storage.
 // If this is not specified, the system default configuration will be used
 // instead.
@@ -1790,11 +1797,14 @@ func WithTimezone(path string) CtrCreateOption {
 
 // WithUmask sets the umask in the container
 func WithUmask(umask string) CtrCreateOption {
+	onceRegex.Do(func() {
+		umaskRegex = regexp.MustCompile(`^[0-7]{1,4}$`)
+	})
 	return func(ctr *Container) error {
 		if ctr.valid {
 			return define.ErrCtrFinalized
 		}
-		if !define.UmaskRegex.MatchString(umask) {
+		if !umaskRegex.MatchString(umask) {
 			return fmt.Errorf("invalid umask string %s: %w", umask, define.ErrInvalidArg)
 		}
 		ctr.config.Umask = umask

pkg/bindings/images/build.go

@@ -17,6 +17,7 @@ import (
 	"runtime"
 	"strconv"
 	"strings"
+	"sync"
 
 	"github.com/containers/buildah/define"
 	"github.com/containers/image/v5/types"
@@ -37,11 +38,16 @@ type devino struct {
 }
 
 var (
-	iidRegex = regexp.MustCompile(`^[0-9a-f]{12}`)
+	iidRegex  *regexp.Regexp
+	onceRegex sync.Once
 )
 
 // Build creates an image using a containerfile reference
 func Build(ctx context.Context, containerFiles []string, options entities.BuildOptions) (*entities.BuildReport, error) {
+	onceRegex.Do(func() {
+		iidRegex = regexp.MustCompile(`^[0-9a-f]{12}`)
+	})
+
 	if options.CommonBuildOpts == nil {
 		options.CommonBuildOpts = new(define.CommonBuildOptions)
 	}

pkg/systemd/quadlet/quadlet.go

@@ -5,6 +5,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"strings"
+	"sync"
 
 	"github.com/containers/podman/v4/pkg/systemd/parser"
 )
@@ -29,8 +30,6 @@ const (
 	XNetworkGroup   = "X-Network"
 )
 
-var validPortRange = regexp.MustCompile(`\d+(-\d+)?(/udp|/tcp)?$`)
-
 // All the supported quadlet keys
 const (
 	KeyContainerName     = "ContainerName"
@@ -75,70 +74,75 @@ const (
 	KeyConfigMap         = "ConfigMap"
 )
 
-// Supported keys in "Container" group
+var (
-var supportedContainerKeys = map[string]bool{
+	onceRegex      sync.Once
-	KeyContainerName:   true,
+	validPortRange *regexp.Regexp
-	KeyImage:           true,
-	KeyEnvironment:     true,
-	KeyEnvironmentFile: true,
-	KeyEnvironmentHost: true,
-	KeyExec:            true,
-	KeyNoNewPrivileges: true,
-	KeyDropCapability:  true,
-	KeyAddCapability:   true,
-	KeyReadOnly:        true,
-	KeyRemapUsers:      true,
-	KeyRemapUID:        true,
-	KeyRemapGID:        true,
-	KeyRemapUIDSize:    true,
-	KeyNotify:          true,
-	KeyExposeHostPort:  true,
-	KeyPublishPort:     true,
-	KeyUser:            true,
-	KeyGroup:           true,
-	KeyVolume:          true,
-	KeyPodmanArgs:      true,
-	KeyLabel:           true,
-	KeyAnnotation:      true,
-	KeyRunInit:         true,
-	KeyVolatileTmp:     true,
-	KeyTimezone:        true,
-	KeySeccompProfile:  true,
-	KeyAddDevice:       true,
-	KeyNetwork:         true,
-}
 
-// Supported keys in "Volume" group
+	// Supported keys in "Container" group
-var supportedVolumeKeys = map[string]bool{
+	supportedContainerKeys = map[string]bool{
-	KeyUser:  true,
+		KeyContainerName:   true,
-	KeyGroup: true,
+		KeyImage:           true,
-	KeyLabel: true,
+		KeyEnvironment:     true,
-}
+		KeyEnvironmentFile: true,
+		KeyEnvironmentHost: true,
+		KeyExec:            true,
+		KeyNoNewPrivileges: true,
+		KeyDropCapability:  true,
+		KeyAddCapability:   true,
+		KeyReadOnly:        true,
+		KeyRemapUsers:      true,
+		KeyRemapUID:        true,
+		KeyRemapGID:        true,
+		KeyRemapUIDSize:    true,
+		KeyNotify:          true,
+		KeyExposeHostPort:  true,
+		KeyPublishPort:     true,
+		KeyUser:            true,
+		KeyGroup:           true,
+		KeyVolume:          true,
+		KeyPodmanArgs:      true,
+		KeyLabel:           true,
+		KeyAnnotation:      true,
+		KeyRunInit:         true,
+		KeyVolatileTmp:     true,
+		KeyTimezone:        true,
+		KeySeccompProfile:  true,
+		KeyAddDevice:       true,
+		KeyNetwork:         true,
+	}
 
-// Supported keys in "Volume" group
+	// Supported keys in "Volume" group
-var supportedNetworkKeys = map[string]bool{
+	supportedVolumeKeys = map[string]bool{
-	KeyNetworkDisableDNS: true,
+		KeyUser:  true,
-	KeyNetworkDriver:     true,
+		KeyGroup: true,
-	KeyNetworkGateway:    true,
+		KeyLabel: true,
-	KeyNetworkInternal:   true,
+	}
-	KeyNetworkIPRange:    true,
-	KeyNetworkIPAMDriver: true,
-	KeyNetworkIPv6:       true,
-	KeyNetworkOptions:    true,
-	KeyNetworkSubnet:     true,
-	KeyLabel:             true,
-}
 
-// Supported keys in "Kube" group
+	// Supported keys in "Volume" group
-var supportedKubeKeys = map[string]bool{
+	supportedNetworkKeys = map[string]bool{
-	KeyYaml:         true,
+		KeyNetworkDisableDNS: true,
-	KeyRemapUID:     true,
+		KeyNetworkDriver:     true,
-	KeyRemapGID:     true,
+		KeyNetworkGateway:    true,
-	KeyRemapUsers:   true,
+		KeyNetworkInternal:   true,
-	KeyRemapUIDSize: true,
+		KeyNetworkIPRange:    true,
-	KeyNetwork:      true,
+		KeyNetworkIPAMDriver: true,
-	KeyConfigMap:    true,
+		KeyNetworkIPv6:       true,
-}
+		KeyNetworkOptions:    true,
+		KeyNetworkSubnet:     true,
+		KeyLabel:             true,
+	}
+
+	// Supported keys in "Kube" group
+	supportedKubeKeys = map[string]bool{
+		KeyYaml:         true,
+		KeyRemapUID:     true,
+		KeyRemapGID:     true,
+		KeyRemapUsers:   true,
+		KeyRemapUIDSize: true,
+		KeyNetwork:      true,
+		KeyConfigMap:    true,
+	}
+)
 
 func replaceExtension(name string, extension string, extraPrefix string, extraSuffix string) string {
 	baseName := name
@@ -152,6 +156,9 @@ func replaceExtension(name string, extension string, extraPrefix string, extraSu
 }
 
 func isPortRange(port string) bool {
+	onceRegex.Do(func() {
+		validPortRange = regexp.MustCompile(`\d+(-\d+)?(/udp|/tcp)?$`)
+	})
 	return validPortRange.MatchString(port)
 }