Skip to content

G
gitlab-ce
Commit 2a388984 authored by Vitali Tatarintev's avatar Vitali Tatarintev
Browse files
Options

Limit input size for Prometheus alert JSON payload

parent 333d4236
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 3 deletions
ee/app/services/projects/prometheus/alerts/notify_service.rb
View file @ 2a388984
...@@ -4,6 +4,8 @@ module Projects ...@@ -4,6 +4,8 @@ module Projects
module Prometheus module Prometheus
module Alerts module Alerts
class NotifyService < BaseService class NotifyService < BaseService
BadPayloadError = Class.new(StandardError)
include Gitlab::Utils::StrongMemoize include Gitlab::Utils::StrongMemoize
def execute(token) def execute(token)
...@@ -15,10 +17,18 @@ module Projects ...@@ -15,10 +17,18 @@ module Projects
process_incident_issues if process_issues? process_incident_issues if process_issues?
true true
rescue BadPayloadError
false
end end
private private
def payload
raise BadPayloadError, 'The payload is too big' unless Gitlab::Utils::DeepSize.new(params).valid?
params
end
def incident_management_available? def incident_management_available?
project.feature_available?(:incident_management) project.feature_available?(:incident_management)
end end
...@@ -56,11 +66,11 @@ module Projects ...@@ -56,11 +66,11 @@ module Projects
end end
def alerts def alerts
params['alerts'] payload['alerts']
end end
def valid_version? def valid_version?
params['version'] == '4' payload['version'] == '4'
end end
def valid_alert_manager_token?(token) def valid_alert_manager_token?(token)
...@@ -134,7 +144,7 @@ module Projects ...@@ -134,7 +144,7 @@ module Projects
end end
def persist_events def persist_events
CreateEventsService.new(project, nil, params).execute CreateEventsService.new(project, nil, payload).execute
end end
end end
end end
......
ee/spec/services/projects/prometheus/alerts/notify_service_spec.rb
View file @ 2a388984
...@@ -338,6 +338,22 @@ describe Projects::Prometheus::Alerts::NotifyService do ...@@ -338,6 +338,22 @@ describe Projects::Prometheus::Alerts::NotifyService do
it_behaves_like 'no notifications' it_behaves_like 'no notifications'
end end
context 'when the payload is too big' do
let(:payload) { { 'the-payload-is-too-big' => true } }
let(:deep_size_object) { instance_double(Gitlab::Utils::DeepSize, valid?: false) }
before do
allow(Gitlab::Utils::DeepSize).to receive(:new).and_return(deep_size_object)
end
it_behaves_like 'no notifications'
it 'does not process issues' do
expect(IncidentManagement::ProcessPrometheusAlertWorker)
.not_to receive(:perform_async)
end
end
end end
private private
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7