Commit 8fc6799a authored by Matija Čupić's avatar Matija Čupić

Replace dotenv constants with application limits

Changelog: other
parent 94f56232
...@@ -2,8 +2,7 @@ ...@@ -2,8 +2,7 @@
module Ci module Ci
class ParseDotenvArtifactService < ::BaseService class ParseDotenvArtifactService < ::BaseService
MAX_ACCEPTABLE_DOTENV_SIZE = 5.kilobytes include ::Gitlab::Utils::StrongMemoize
MAX_ACCEPTABLE_VARIABLES_COUNT = 20
SizeLimitError = Class.new(StandardError) SizeLimitError = Class.new(StandardError)
ParserError = Class.new(StandardError) ParserError = Class.new(StandardError)
...@@ -27,9 +26,9 @@ module Ci ...@@ -27,9 +26,9 @@ module Ci
raise ArgumentError, 'Artifact is not dotenv file type' raise ArgumentError, 'Artifact is not dotenv file type'
end end
unless artifact.file.size < MAX_ACCEPTABLE_DOTENV_SIZE unless artifact.file.size < dotenv_size_limit
raise SizeLimitError, raise SizeLimitError,
"Dotenv Artifact Too Big. Maximum Allowable Size: #{MAX_ACCEPTABLE_DOTENV_SIZE}" "Dotenv Artifact Too Big. Maximum Allowable Size: #{dotenv_size_limit}"
end end
end end
...@@ -45,9 +44,9 @@ module Ci ...@@ -45,9 +44,9 @@ module Ci
end end
end end
if variables.size > MAX_ACCEPTABLE_VARIABLES_COUNT if variables.size > dotenv_variable_limit
raise SizeLimitError, raise SizeLimitError,
"Dotenv files cannot have more than #{MAX_ACCEPTABLE_VARIABLES_COUNT} variables" "Dotenv files cannot have more than #{dotenv_variable_limit} variables"
end end
variables variables
...@@ -60,5 +59,13 @@ module Ci ...@@ -60,5 +59,13 @@ module Ci
result.each(&:strip!) result.each(&:strip!)
end end
def dotenv_variable_limit
strong_memoize(:dotenv_variable_limit) { project.actual_limits.dotenv_variables }
end
def dotenv_size_limit
strong_memoize(:dotenv_size_limit) { project.actual_limits.dotenv_size }
end
end end
end end
...@@ -605,6 +605,40 @@ To disable this limitation entirely, disable the feature flag in the console: ...@@ -605,6 +605,40 @@ To disable this limitation entirely, disable the feature flag in the console:
Feature.disable(:ci_yaml_limit_size) Feature.disable(:ci_yaml_limit_size)
``` ```
### Limit dotenv variables
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321552) in GitLab 14.5.
You can set a limit on the maximum number of variables inside of a dotenv artifact.
This limit is checked every time a dotenv file is exported as an artifact.
Set the limit to `0` to disable it. Defaults to `0` on self-managed instances.
To set this limit to `100` on a self-managed instance, run the following command in the
[GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session):
```ruby
Plan.default.actual_limits.update!(dotenv_variable_limit: 100)
```
This limit is [enabled on GitLab.com](../user/gitlab_com/index.md#gitlab-cicd).
### Limit dotenv file size
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321552) in GitLab 14.5.
You can set a limit on the maximum size of a dotenv artifact. This limit is checked
every time a dotenv file is exported as an artifact.
Set the limit to `0` to disable it. Defaults to 5KB.
To set this limit to 5KB on a self-managed installation, run the following in the
[GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session):
```ruby
Plan.default.actual_limits.update!(dotenv_size_limit: 5.kilobytes)
```
## Instance monitoring and metrics ## Instance monitoring and metrics
### Limit inbound incident management alerts ### Limit inbound incident management alerts
......
...@@ -140,6 +140,7 @@ the related documentation. ...@@ -140,6 +140,7 @@ the related documentation.
| [Scheduled Job Archival](../../user/admin_area/settings/continuous_integration.md#archive-jobs) | 3 months | Never | | [Scheduled Job Archival](../../user/admin_area/settings/continuous_integration.md#archive-jobs) | 3 months | Never |
| Max test cases per [unit test report](../../ci/unit_test_reports.md) | `500_000` | Unlimited | | Max test cases per [unit test report](../../ci/unit_test_reports.md) | `500_000` | Unlimited |
| [Max registered runners](../../administration/instance_limits.md#number-of-registered-runners-per-scope) | Free tier: `50` per-group / `50` per-project <br/> All paid tiers: `1_000` per-group / `1_000` per-project | `1_000` per-group / `1_000` per-project | | [Max registered runners](../../administration/instance_limits.md#number-of-registered-runners-per-scope) | Free tier: `50` per-group / `50` per-project <br/> All paid tiers: `1_000` per-group / `1_000` per-project | `1_000` per-group / `1_000` per-project |
| [Limit dotenv variables](../../administration/instance_limits.md#limit-dotenv-variables) | Free tier: `50` / Premium tier: `100` / Ultimate tier: `150` | Unlimited |
## Account and limit settings ## Account and limit settings
......
...@@ -45,7 +45,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do ...@@ -45,7 +45,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do
it 'returns error' do it 'returns error' do
expect(subject[:status]).to eq(:error) expect(subject[:status]).to eq(:error)
expect(subject[:message]).to eq("Dotenv Artifact Too Big. Maximum Allowable Size: #{described_class::MAX_ACCEPTABLE_DOTENV_SIZE}") expect(subject[:message]).to eq("Dotenv Artifact Too Big. Maximum Allowable Size: #{service.send(:dotenv_size_limit)}")
expect(subject[:http_status]).to eq(:bad_request) expect(subject[:http_status]).to eq(:bad_request)
end end
end end
...@@ -186,7 +186,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do ...@@ -186,7 +186,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do
context 'when more than limitated variables are specified in dotenv' do context 'when more than limitated variables are specified in dotenv' do
let(:blob) do let(:blob) do
StringIO.new.tap do |s| StringIO.new.tap do |s|
(described_class::MAX_ACCEPTABLE_VARIABLES_COUNT + 1).times do |i| (service.send(:dotenv_variable_limit) + 1).times do |i|
s << "KEY#{i}=VAR#{i}\n" s << "KEY#{i}=VAR#{i}\n"
end end
end.string end.string
...@@ -194,7 +194,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do ...@@ -194,7 +194,7 @@ RSpec.describe Ci::ParseDotenvArtifactService do
it 'returns error' do it 'returns error' do
expect(subject[:status]).to eq(:error) expect(subject[:status]).to eq(:error)
expect(subject[:message]).to eq("Dotenv files cannot have more than #{described_class::MAX_ACCEPTABLE_VARIABLES_COUNT} variables") expect(subject[:message]).to eq("Dotenv files cannot have more than #{service.send(:dotenv_variable_limit)} variables")
expect(subject[:http_status]).to eq(:bad_request) expect(subject[:http_status]).to eq(:bad_request)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment