Optimize policy iterators (#5184)

* Optimize policy iterators (go1.23) This modifies (*Options).GetAllPolicies() to use a go 1.23 iterator instead of copying all policies on every call, which can be extremely expensive. All existing usages of this function were updated as necessary. Additionally, a new (*Options).NumPolicies() method was added which quickly computes the number of policies that would be given by GetAllPolicies(), since there were several usages where only the number of policies was needed. * Fix race condition when assigning default envoy opts to a policy
2025-08-03 08:50:42 +02:00 · 2024-08-20 12:35:10 -04:00 · 2024-08-20 12:35:10 -04:00 · 56ba07e53e
commit 56ba07e53e
parent 3961098681
16 changed files with 136 additions and 87 deletions
--- a/config/identity.go
+++ b/config/identity.go
@ -8,9 +8,8 @@ import (
 // GetIdentityProviderForID returns the identity provider associated with the given IDP id.
 // If none is found the default provider is returned.
 func (o *Options) GetIdentityProviderForID(idpID string) (*identity.Provider, error) {
-	for _, p := range o.GetAllPolicies() {
-		p := p
-		idp, err := o.GetIdentityProviderForPolicy(&p)
+	for p := range o.GetAllPolicies() {
+		idp, err := o.GetIdentityProviderForPolicy(p)
 		if err != nil {
 			return nil, err
 		}
@ -63,10 +62,9 @@ func (o *Options) GetIdentityProviderForRequestURL(requestURL string) (*identity
 		return nil, err
 	}

-	for _, p := range o.GetAllPolicies() {
-		p := p
+	for p := range o.GetAllPolicies() {
 		if p.Matches(*u, o.IsRuntimeFlagSet(RuntimeFlagMatchAnyIncomingPort)) {
-			return o.GetIdentityProviderForPolicy(&p)
+			return o.GetIdentityProviderForPolicy(p)
 		}
 	}
 	return o.GetIdentityProviderForPolicy(nil)