[JENKINS-71077] Allow overriding codePointLimit to allow reading larger yaml files #206
Conversation
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
56082ff to
c49f637
Compare
|
Thanks for the pull request. Also reported as JENKINS-71077. I've invited the person that reported the issue to test drive this pull request and report their results. |
|
@pascal-hofmann it would be nice if the pull request title were updated to include |
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
c49f637 to
15f3717
Compare
pascal-hofmann
changed the title
|
Hi @MarkEWaite, Thanks for looking at this PR so quickly. ❤️ Cheers, |
|
I was able to verify that pipeline-utility-steps:2.15.2-rc651.15f371774808 version of the plugin worked for me after making the necessary changes to my readYaml call, thanks a lot for the help |
Thanks very much. Could you also check that the Pipeline syntax snippet generator is well behaved when generating sample syntax for the improved |
|
|
Thanks for checking. I didn't realize that was a special step that does not have full support in the Pipeline syntax snippet generator. Could you confirm that the online help displayed when the '?' is clicked is reasonable. |
yes, that looks accurate and matches with the version I have |
|
That's great. Thanks. I think this has been well tested. Now it is left to the maintainers to review, merge, and release. |
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
15f3717 to
1542eae
Compare
|
FYI: I just added a missing space to the help text. ( |
| */ | ||
| public class ReadYamlStep extends AbstractFileOrTextStep { | ||
|
|
||
| private int codePointLimit = -1; |
There was a problem hiding this comment.
would it be possible to add a static field/method to set the default value for this setting as its done for the MAX_ALIASES_FOR_COLLECTIONS? then old pipelines can keep using old step signature and stay backward compatible.
There was a problem hiding this comment.
I‘ll add this tomorrow. 👍
There was a problem hiding this comment.
I've just added this. Is it ok like this?
There was a problem hiding this comment.
Looks good to me, thanks!
I tested this on local jenkins instance with couple of nodes - works fine.
There was a problem hiding this comment.
I added MAX_CODE_POINT_LIMIT. With this, the setters/getters also make sense, because they are required for validation / the help page / tests.
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
1542eae to
9db10ea
Compare
|
Is there an issue with the CI job or is the long runtime OK? |
|
I can see the build is successfull but there are some junut checks that failed. https://ci.jenkins.io/job/Plugins/job/pipeline-utility-steps-plugin/view/change-requests/job/PR-206/5/console however, not sure if this is what's blocking it from moving forward. |
| public static int setDefaultCodePointLimit(int defaultCodePointLimit) { | ||
| DEFAULT_CODE_POINT_LIMIT = defaultCodePointLimit; | ||
| return DEFAULT_CODE_POINT_LIMIT; | ||
| } | ||
| public static int getDefaultCodePointLimit() { | ||
| return DEFAULT_CODE_POINT_LIMIT; | ||
| } |
There was a problem hiding this comment.
This is very redundant. No need for a setter/getter for a pseudo constant.
| public static int setDefaultCodePointLimit(int defaultCodePointLimit) { | |
| DEFAULT_CODE_POINT_LIMIT = defaultCodePointLimit; | |
| return DEFAULT_CODE_POINT_LIMIT; | |
| } | |
| public static int getDefaultCodePointLimit() { | |
| return DEFAULT_CODE_POINT_LIMIT; | |
| } | |
| public static final String DEFAULT_CODE_POINT_LIMIT_PROPERTY = ReadYamlStep.class.getName() + ".DEFAULT_CODE_POINT_LIMIT"; | ||
|
|
||
| @SuppressFBWarnings(value={"MS_SHOULD_BE_FINAL"}, justification="Non final so that an admin can adjust the value through the groovy script console without restarting the instance.") | ||
| private static /*almost final*/ int DEFAULT_CODE_POINT_LIMIT = setDefaultCodePointLimit(Integer.getInteger(DEFAULT_CODE_POINT_LIMIT_PROPERTY, -1)); |
There was a problem hiding this comment.
This is very redundant. No need for a setter/getter for a pseudo constant.
| private static /*almost final*/ int DEFAULT_CODE_POINT_LIMIT = setDefaultCodePointLimit(Integer.getInteger(DEFAULT_CODE_POINT_LIMIT_PROPERTY, -1)); | |
| private static /*almost final*/ int DEFAULT_CODE_POINT_LIMIT = Integer.getInteger(DEFAULT_CODE_POINT_LIMIT_PROPERTY, -1); |
|
|
||
| @DataBoundSetter | ||
| public void setCodePointLimit(final int codePointLimit) { | ||
| this.codePointLimit = codePointLimit; |
There was a problem hiding this comment.
This is very similar to masAliasForCollection. So you need to add similar protections as in setMaxAliasesForCollections(...) or a potential nefarious user could sink a Jenkins controller by reading in a couple of GB of data until the instance runs our of memory.
There was a problem hiding this comment.
Whoever sets this limit can also just execute random groovy/shell code and sink the instance this way.
There was a problem hiding this comment.
No because the pipeline is running in the sandbox.
https://www.jenkins.io/doc/developer/security/misc/#groovy-scripting
There was a problem hiding this comment.
Besides, it is needed for users to not shoot themselves in the foot. They don't know how much memory the Jenkins controller has available, but the administrator should.
There is known limitation in pipeline-utility-steps plugin which is blocking us from running deployment pipelines. which is being fixed by jenkinsci/pipeline-utility-steps-plugin#206 until this pull request is merged, this PS is using specific version of the plugin from this pull request. quay.io plugin removed as this is not being used and has a vulnerability warning displayed Change-Id: If9f14b6d65504eea25dc44456a54e2dfa1c4deb5
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
9db10ea to
898ca71
Compare
|
Will this manage to make it into the next release? |
|
Hi Piotr, Cheers, |
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
2 times, most recently
from
09cafb6 to
5773678
Compare
|
Hey everyone, Thanks for your patience. Cheers, Edit: I just realized there were some conflicts, so I rebased on latest master. |
pascal-hofmann
force-pushed
the
feature/add-codepointlimit
branch
from
5773678 to
78e3fac
Compare
|
@rsandell Can you have another look at this PR? |
|
Thanks @rsandell for merging this. How soon can we expect a new version of the plugin? |
|
Oh, sorry! |
|
Perfect, thanks! |
This did not work for me when reading yaml as a variable like below: readYaml text: newVar, codePointLimit: 52428800 |
|
, codePointLimit=52428800} for org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep: java.lang.reflect.InvocationTargetException error message |
|
Don't use |
|
We're using 2.16.0 and this is failing from within a shared library class: def yaml = script.readYaml file: results, codePointLimit: 134217728With: Any ideas what might be wrong? |
|
Can you get the stacktrace of the |
|
This is the same issue as JENKINS-72556 Unfortunately, I don't have access to the jenkins system logs, and we found a work-around by using python and only extracting what we need from the yaml. I don't understand why this wasn't working for us, but unless someone else is seeing this issue, feel free to close it. |
Having the same issues here. System log is empty unfortunately |
|
Without knowing the exception that caused the |
9 participants
Since the upgrade to SnakeYAML 1.32 it is not possible to read YAML files greater than 3MB. This PR adds the new, optional attribute
codePointLimittoreadYaml. This makes it possible to work around this limitation.Link to relevant issues in GitHub or Jira