MGMT-14730: Validate that manifest file size does not exceed 1MB #5281
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci
bot
added
the
size/M
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: paul-maidment The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
internal/manifests/manifests.go
Outdated
| @@ -353,6 +353,10 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
| } | |||
|
|
|||
| func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
| maxFileSizeBytes := 1048576 | |||
There was a problem hiding this comment.
| maxFileSizeBytes := 1048576 | |
| maxFileSizeBytes := 1024 * 1024 * 1024 |
There was a problem hiding this comment.
I think this should be
maxFileSizeBytes := 1024 * 1024
internal/manifests/manifests.go
Outdated
| @@ -353,6 +353,10 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
| } | |||
|
|
|||
| func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
| maxFileSizeBytes := 1048576 | |||
| if len(manifestContent) > maxFileSizeBytes { | |||
| return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MB", fileName, string(clusterID))) | |||
There was a problem hiding this comment.
| return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MB", fileName, string(clusterID))) | |
| return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MiB", fileName, string(clusterID))) |
|
Can you please link to the installer code that enforces this limit? Is this 1MiB or 1MB? |
paul-maidment
force-pushed
the
MGMT-14730
branch
2 times, most recently
from
813ef8e
to
580d656
Compare
|
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Explanation added to comments about ConfigMap size limit in Kubernetes. |
|
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #5281 +/- ##
==========================================
+ Coverage 67.47% 68.72% +1.25%
==========================================
Files 221 221
Lines 33045 34296 +1251
==========================================
+ Hits 22298 23571 +1273
+ Misses 8731 8677 -54
- Partials 2016 2048 +32
|
internal/manifests/manifests.go
Outdated
| @@ -353,6 +353,12 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
| } | |||
|
|
|||
| func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
| // Ultimately manifests are consumed into a ConfigMap. The max permitted size of a ConfigMap is 1MiB | |||
There was a problem hiding this comment.
Ultimately manifests are consumed into a ConfigMap
Not sure I understand, can you explain this? consumed by who?
There was a problem hiding this comment.
config map is not exactly a correct term. MachineConfig for example is a manifest as well but it's not a configmap, i would describe it as a etcd resource in k8s is limited to 1MB
There was a problem hiding this comment.
Sorry, I meant to say "stored in a configmap", have updated the code
There was a problem hiding this comment.
OK, changed this now to say
// etcd resources in k8s are limited to 1MiB
There was a problem hiding this comment.
What is your source that etcd resources are limited to 1MiB? All I see is docs talking about configmaps being limited
There was a problem hiding this comment.
What is your source that etcd resources are limited to 1MiB? All I see is docs talking about configmaps being limited
There was a problem hiding this comment.
My source is this internal conversation https://redhat-internal.slack.com/archives/CUPJTHQ5P/p1686135268686879
Where it is acknowledged that the etcd max size is 1.5MiB
https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit
However, also mentions that the effective limit is 1MiB for ConfigMaps
https://kubernetes.io/docs/concepts/configuration/configmap
Is there a massive concern to setting the manifest limit to 1MiB ? Do you want to make the distinction between different types of content and change the limit accordingly?
Should we try to find out more about what the limit should be, who should we ask?
There was a problem hiding this comment.
If we set the limit to 1MiB then it would be possible to upload a manifest content of this size and that might lead to an attempt to create a config map of this size.
That's why I think we should lower it to 1MiB as this is the lowest value in common between ConfigMaps and etcd resources.
If we want to analyse manifest content to determine what size should be uploaded, I think this would get complicated quickly.
So I think it's best to set to 1 MiB
There was a problem hiding this comment.
Is there a massive concern to setting the manifest limit to 1MiB
No, I just want to understand why we are doing what we're doing
Do you want to make the distinction between different types of content and change the limit accordingly?
Not necessarily, but if we don't do that, we need to at-least acknowledge in a comment explicitly that our blanket limit of 1MiB is too conservative but is done to easily have the correct limit also for configmaps without worrying about the exact type of resource
There was a problem hiding this comment.
I have updated the comments and commit message to reflect this concern
paul-maidment
force-pushed
the
MGMT-14730
branch
2 times, most recently
from
53fe42a
to
45519be
Compare
|
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
paul-maidment
force-pushed
the
MGMT-14730
branch
3 times, most recently
from
0a3c68a
to
49136dc
Compare
|
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/lgtm |
|
/test edge-unit-test |
|
/hold test failures |
openshift-ci
bot
added
the
do-not-merge/hold
etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit however, one the the resource types that can be created from a manifest is a ConfigMap which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap) Presently we do not validate the maximum size during upload or edit. This pull request addresses that by validating that the file does not exceed this limit.
paul-maidment
force-pushed
the
MGMT-14730
branch
from
49136dc
to
0e754ef
Compare
|
This should fix the failures. Will unhold when this is the case and seek another review. One change sets the filesize the correct limit of 1024 * 1024 bytes. |
|
/lgtm |
|
/unhold |
openshift-ci
bot
removed
the
do-not-merge/hold
filanov
added
do-not-merge/hold
|
/hold |
openshift-ci
bot
added
the
do-not-merge/hold
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/refresh |
|
/hold |
openshift-ci
bot
added
the
do-not-merge/hold
|
@paul-maidment: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/unhold |
openshift-ci
bot
removed
the
do-not-merge/hold
…nshift#5281) etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit however, one the the resource types that can be created from a manifest is a ConfigMap which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap) Presently we do not validate the maximum size during upload or edit. This pull request addresses that by validating that the file does not exceed this limit.
etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit
however, one the the resource types that can be created from a manifest is a ConfigMap
which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap
so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap)
Presently we do not validate the maximum size during upload or edit.
This pull request addresses that by validating that the file does not exceed this limit.
List all the issues related to this PR
What environments does this code impact?
How was this code tested?
Checklist
docs, README, etc)Reviewers Checklist