diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-30 09:13:51 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-30 09:13:56 +0000 |
commit | b4e105968714861fe96826e30e54e6cc76925703 (patch) | |
tree | 14cf4774af9b7dd5072097e9631fcb1abfaf50d8 | |
parent | 88f62a750163f71c6fe55296d2d6d2d248e10ac2 (diff) | |
download | gitlab-ce-b4e105968714861fe96826e30e54e6cc76925703.tar.gz |
Add latest changes from gitlab-org/security/gitlab@15-6-stable-ee
-rw-r--r-- | app/services/packages/helm/extract_file_metadata_service.rb | 5 | ||||
-rw-r--r-- | spec/fixtures/packages/helm/corrupted_chart.tgz | bin | 0 -> 2084191 bytes | |||
-rw-r--r-- | spec/services/packages/helm/extract_file_metadata_service_spec.rb | 13 |
3 files changed, 18 insertions, 0 deletions
diff --git a/app/services/packages/helm/extract_file_metadata_service.rb b/app/services/packages/helm/extract_file_metadata_service.rb index e7373d8ea8f..77efa65f1d1 100644 --- a/app/services/packages/helm/extract_file_metadata_service.rb +++ b/app/services/packages/helm/extract_file_metadata_service.rb @@ -7,6 +7,10 @@ module Packages class ExtractFileMetadataService ExtractionError = Class.new(StandardError) + # Charts must be smaller than 1M because of the storage limitations of Kubernetes objects. + # based on https://helm.sh/docs/chart_template_guide/accessing_files/ + MAX_FILE_SIZE = 1.megabytes.freeze + def initialize(package_file) @package_file = package_file end @@ -42,6 +46,7 @@ module Packages end raise ExtractionError, 'Chart.yaml not found within a directory' unless chart_yaml + raise ExtractionError, 'Chart.yaml too big' if chart_yaml.size > MAX_FILE_SIZE chart_yaml.read ensure diff --git a/spec/fixtures/packages/helm/corrupted_chart.tgz b/spec/fixtures/packages/helm/corrupted_chart.tgz Binary files differnew file mode 100644 index 00000000000..b2ac93b271e --- /dev/null +++ b/spec/fixtures/packages/helm/corrupted_chart.tgz diff --git a/spec/services/packages/helm/extract_file_metadata_service_spec.rb b/spec/services/packages/helm/extract_file_metadata_service_spec.rb index 273f679b736..f4c61c12344 100644 --- a/spec/services/packages/helm/extract_file_metadata_service_spec.rb +++ b/spec/services/packages/helm/extract_file_metadata_service_spec.rb @@ -54,4 +54,17 @@ RSpec.describe Packages::Helm::ExtractFileMetadataService do it { expect { subject }.to raise_error(described_class::ExtractionError, 'Error while parsing Chart.yaml: (<unknown>): did not find expected node content while parsing a flow node at line 2 column 1') } end + + context 'with a corrupted Chart.yaml of incorrect size' do + let(:helm_fixture_path) { expand_fixture_path('packages/helm/corrupted_chart.tgz') } + let(:expected_error_message) { 'Chart.yaml too big' } + + before do + allow(Zlib::GzipReader).to receive(:new).and_return(Zlib::GzipReader.new(File.open(helm_fixture_path))) + end + + it 'raises an error with the expected message' do + expect { subject }.to raise_error(::Packages::Helm::ExtractFileMetadataService::ExtractionError, expected_error_message) + end + end end |