From 1a8259e3662e0148d209edefc2e5c06ec9d164c8 Mon Sep 17 00:00:00 2001
From: Eswar Rajan Subramanian <eswar@accuknox.com>
Date: Wed, 5 Jul 2023 11:45:56 +0530
Subject: [PATCH] Fix kubearmor relay connection logic

Signed-off-by: Eswar Rajan Subramanian <eswar@accuknox.com>
---
 src/plugin/kubearmor.go          | 13 +++++-----
 src/systempolicy/systemPolicy.go | 44 +++++++++++++++++---------------
 2 files changed, 29 insertions(+), 28 deletions(-)

diff --git a/src/plugin/kubearmor.go b/src/plugin/kubearmor.go
index 1b2dc9a7..51d00f59 100644
--- a/src/plugin/kubearmor.go
+++ b/src/plugin/kubearmor.go
@@ -23,12 +23,13 @@ import (
 )
 
 // Global Variable
-var KubeArmorRelayLogs []*pb.Alert
-var KubeArmorNetworkLogs []*pb.Alert
-var KubeArmorRelayLogsMutex *sync.Mutex
+var (
+	KubeArmorRelayLogs, KubeArmorNetworkLogs      []*pb.Alert
+	KubeArmorRelayLogsMutex, KubeArmorFCLogsMutex *sync.Mutex
 
-var KubeArmorFCLogs []*types.KnoxSystemLog
-var KubeArmorFCLogsMutex *sync.Mutex
+	KubeArmorFCLogs       []*types.KnoxSystemLog
+	KubeArmorRelayStarted = false
+)
 
 func generateProcessPaths(fromSrc []types.KnoxFromSource) []string {
 	var processpaths []string
@@ -381,8 +382,6 @@ func ignoreLogFromRelayWithNamespace(nsFilter, nsNotFilter []string, namespace s
 	return false
 }
 
-var KubeArmorRelayStarted = false
-
 func StartKubeArmorRelay(StopChan chan struct{}, cfg types.ConfigKubeArmorRelay) {
 	if KubeArmorRelayStarted {
 		// log.Info().Msg("kubearmor relay already started")
diff --git a/src/systempolicy/systemPolicy.go b/src/systempolicy/systemPolicy.go
index 088b8e4b..164c3ee6 100644
--- a/src/systempolicy/systemPolicy.go
+++ b/src/systempolicy/systemPolicy.go
@@ -1468,31 +1468,33 @@ func DiscoverSystemPolicyMain() {
 
 func StartSystemLogRcvr() {
 	for {
-		if cfg.GetCfgSystemLogFrom() == "kubearmor" {
-			url := cluster.GetKubearmorRelayURL()
-			if url == "" {
-				log.Error().Msg("kubearmor-relay url not found, retrying...")
-				for i := 0; i < types.Maxtries; i++ {
-					time.Sleep(10 * time.Second)
-					url = cluster.GetKubearmorRelayURL()
-					if url != "" {
-						break
+		if !plugin.KubeArmorRelayStarted {
+			if cfg.GetCfgSystemLogFrom() == "kubearmor" {
+				url := cluster.GetKubearmorRelayURL()
+				if url == "" {
+					log.Error().Msg("kubearmor-relay url not found, retrying...")
+					for i := 0; i < types.Maxtries; i++ {
+						time.Sleep(10 * time.Second)
+						url = cluster.GetKubearmorRelayURL()
+						if url != "" {
+							break
+						}
 					}
 				}
+				if url == "" {
+					url = cfg.CurrentCfg.ConfigKubeArmorRelay.KubeArmorRelayURL
+				}
+				plugin.StartKubeArmorRelay(SystemStopChan, types.ConfigKubeArmorRelay{
+					KubeArmorRelayURL:  url,
+					KubeArmorRelayPort: cfg.CurrentCfg.ConfigKubeArmorRelay.KubeArmorRelayPort,
+				})
+			} else if cfg.GetCfgSystemLogFrom() == "feed-consumer" {
+				fc.ConsumerMutex.Lock()
+				fc.StartConsumer()
+				fc.ConsumerMutex.Unlock()
 			}
-			if url == "" {
-				url = cfg.CurrentCfg.ConfigKubeArmorRelay.KubeArmorRelayURL
-			}
-			plugin.StartKubeArmorRelay(SystemStopChan, types.ConfigKubeArmorRelay{
-				KubeArmorRelayURL:  url,
-				KubeArmorRelayPort: cfg.CurrentCfg.ConfigKubeArmorRelay.KubeArmorRelayPort,
-			})
-		} else if cfg.GetCfgSystemLogFrom() == "feed-consumer" {
-			fc.ConsumerMutex.Lock()
-			fc.StartConsumer()
-			fc.ConsumerMutex.Unlock()
+			time.Sleep(time.Second * 2)
 		}
-		time.Sleep(time.Second * 2)
 	}
 }