Skip to content

feat: add checks for max response size in API Call #8957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Nov 21, 2023
Merged

feat: add checks for max response size in API Call #8957

merged 9 commits into from
Nov 21, 2023

Conversation

vishal-chdhry
Copy link
Member

Explanation

API Calls fetch data from external URL and saves it to the memory. If a user requests for a very large data from an API Call, this can cause the controller's memory to exhaust resulting in crash.

This PR adds checks for content-length of API Call response

Related issue

Milestone of this PR

/milestone 1.11.1

What type of PR is this

/kind bug

Proposed Changes

Proof Manifests

Checklist

  • I have read the contributing guidelines.
  • I have read the PR documentation guide and followed the process including adding proof manifests to this PR.
  • This is a bug fix and I have added unit tests that prove my fix is effective.
  • This is a feature and I have added CLI tests that are applicable.
  • My PR needs to be cherry picked to a specific release branch which is release 1.11.1.
  • My PR contains new or altered behavior to Kyverno and
    • CLI support should be added and my PR doesn't contain that functionality.
    • I have added or changed the documentation myself in an existing PR and the link is:
    • I have raised an issue in kyverno/website to track the documentation update and the link is:

Further Comments

@vishal-chdhry
feat: add checks for max response size in API Call GET request
73bb3e6 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
@vishal-chdhry vishal-chdhry added this to the Kyverno Release 1.11.1 milestone Nov 20, 2023
@vishal-chdhry
fix: tests
7bebb67 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
JimBugwadia
JimBugwadia reviewed Nov 20, 2023
View reviewed changes
Copy link
Member

@JimBugwadia JimBugwadia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added a few comments!

@codecov Codecov
Copy link

codecov bot commented Nov 20, 2023
edited
Loading

Codecov Report

Attention: 10 lines in your changes are missing coverage. Please review.

Comparison is base (0079ca1) 33.61% compared to head (caadabd) 33.60%.

Files Patch % Lines
pkg/engine/apicall/apiCall.go 33.33% 8 Missing and 2 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8957      +/-   ##
==========================================
- Coverage   33.61%   33.60%   -0.01%     
==========================================
  Files         315      315              
  Lines       24938    24951      +13     
==========================================
+ Hits         8383     8386       +3     
- Misses      15760    15768       +8     
- Partials      795      797       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@vishal-chdhry
fix: added changes suggested by jim
b70597e 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
@vishal-chdhry
cleanup
65de9a4 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
realshuting
realshuting reviewed Nov 20, 2023
View reviewed changes
@JimBugwadia JimBugwadia enabled auto-merge (squash) November 20, 2023 08:07
@JimBugwadia JimBugwadia merged commit 5fe16cd into kyverno:main Nov 21, 2023
@realshuting
Copy link
Member

/cherry-pick release-1.11

gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Nov 21, 2023
@vishal-chdhry @JimBugwadia
feat: add checks for max response size in API Call (#8957)
7be32f7 
* feat: add checks for max response size in API Call GET request

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: added changes suggested by jim

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* cleanup

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
@gcp-cherry-pick-bot gcp-cherry-pick-bot bot mentioned this pull request Nov 21, 2023
Merged
@realshuting realshuting added the cherry-pick-completed The PR was cherry-picked (or merged) to required release branches label Nov 21, 2023
realshuting pushed a commit that referenced this pull request Nov 21, 2023
@gcp-cherry-pick-bot @vishal-chdhry @JimBugwadia
feat: add checks for max response size in API Call (#8957) (#8971)
26c8950 
* feat: add checks for max response size in API Call GET request



* fix: tests



* fix: added changes suggested by jim



* cleanup



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
@realshuting
Copy link
Member

/cherry-pick release-1.10

vishal-chdhry added a commit to vishal-chdhry/kyverno that referenced this pull request Jan 5, 2024
@vishal-chdhry @JimBugwadia
feat: add checks for max response size in API Call (kyverno#8957)
22d1e45 
* feat: add checks for max response size in API Call GET request

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: added changes suggested by jim

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* cleanup

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
vishal-chdhry added a commit to vishal-chdhry/kyverno that referenced this pull request Jan 5, 2024
@vishal-chdhry @JimBugwadia
feat: add checks for max response size in API Call (kyverno#8957)
073b2f4 
* feat: add checks for max response size in API Call GET request

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: added changes suggested by jim

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* cleanup

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
vishal-chdhry added a commit to vishal-chdhry/kyverno that referenced this pull request Jan 6, 2024
@vishal-chdhry @JimBugwadia
feat: add checks for max response size in API Call (kyverno#8957)
3007ebc 
* feat: add checks for max response size in API Call GET request

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: added changes suggested by jim

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* cleanup

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JimBugwadia JimBugwadia JimBugwadia approved these changes

@eddycharly eddycharly Awaiting requested review from eddycharly eddycharly is a code owner

@MarcelMue MarcelMue Awaiting requested review from MarcelMue

@MariamFahmy98 MariamFahmy98 Awaiting requested review from MariamFahmy98 MariamFahmy98 is a code owner

@realshuting realshuting Awaiting requested review from realshuting realshuting is a code owner

Assignees
No one assigned
Labels
cherry-pick-completed The PR was cherry-picked (or merged) to required release branches cherry-pick-required
Projects
None yet
Milestone
Kyverno Release 1.11.1
Development

Successfully merging this pull request may close these issues.
4 participants
@vishal-chdhry @realshuting @JimBugwadia @eddycharly