From 29344fd988de038aedc1b61888ea6a3a96ab2cfe Mon Sep 17 00:00:00 2001
From: Thomas Legris <thomas@deepfence.io>
Date: Mon, 4 Sep 2023 18:59:11 +0900
Subject: [PATCH] Add global lock on TG generation

---
 deepfence_agent/plugins/YaraHunter               |  2 +-
 deepfence_server/reporters/graph/threat_graph.go | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/deepfence_agent/plugins/YaraHunter b/deepfence_agent/plugins/YaraHunter
index 29e9c19ad9..55a98dfb45 160000
--- a/deepfence_agent/plugins/YaraHunter
+++ b/deepfence_agent/plugins/YaraHunter
@@ -1 +1 @@
-Subproject commit 29e9c19ad9bddd7fd98fc5d4afbc62fe65bcdbe3
+Subproject commit 55a98dfb45fc7ab12b0a59d0863e4dc83980aaa4
diff --git a/deepfence_server/reporters/graph/threat_graph.go b/deepfence_server/reporters/graph/threat_graph.go
index ee5f74d244..4b6d6127f4 100644
--- a/deepfence_server/reporters/graph/threat_graph.go
+++ b/deepfence_server/reporters/graph/threat_graph.go
@@ -132,6 +132,16 @@ func (tc *ThreatGraphReporter) GetRawThreatGraph(filters ThreatFilters) (map[str
 	}
 	defer tx.Close()
 
+	// The following statement makes sure all threat graph are exclusively executed.
+	// This is required as threat node & threat cloud resource are created on the fly.
+	_, err = tx.Run(`
+		MERGE (n:ThreatNode{node_id:'root'})
+		SET n.lock = true
+	`, map[string]interface{}{})
+	if err != nil {
+		return nil, err
+	}
+
 	_, err = tx.Run(`
 		MATCH (n:ThreatCloudResource)
 		REMOVE n:ThreatCloudResource