Merge pull request #206 from pascal-hofmann/feature/add-codepointlimit

[JENKINS-71077] Allow overriding codePointLimit to allow reading larger yaml files

Author: rsandell

src/main/java/org/jenkinsci/plugins/pipeline/utility/steps/conf/ReadYamlStep.java

@@ -60,6 +60,16 @@
  */
 public class ReadYamlStep extends AbstractFileOrTextStep {
 
+	public static final int LIBRARY_DEFAULT_CODE_POINT_LIMIT = new LoaderOptions().getCodePointLimit();
+	public static final String MAX_CODE_POINT_LIMIT_PROPERTY = ReadYamlStep.class.getName() + ".MAX_CODE_POINT_LIMIT";
+	@SuppressFBWarnings(value={"MS_SHOULD_BE_FINAL"}, justification="Non final so that an admin can adjust the value through the groovy script console without restarting the instance.")
+	private static /*almost final*/ int MAX_CODE_POINT_LIMIT = Integer.getInteger(MAX_CODE_POINT_LIMIT_PROPERTY, LIBRARY_DEFAULT_CODE_POINT_LIMIT);
+	public static final String DEFAULT_CODE_POINT_LIMIT_PROPERTY = ReadYamlStep.class.getName() + ".DEFAULT_CODE_POINT_LIMIT";
+	@SuppressFBWarnings(value={"MS_SHOULD_BE_FINAL"}, justification="Non final so that an admin can adjust the value through the groovy script console without restarting the instance.")
+	private static /*almost final*/ int DEFAULT_CODE_POINT_LIMIT = Integer.getInteger(DEFAULT_CODE_POINT_LIMIT_PROPERTY, -1);
+	//By default, use whatever Yaml thinks is best
+	private int codePointLimit = -1;
+
 	// the upper limit is hardcoded to 1000 to stop people shooting themselves in the foot
 	public static final int HARDCODED_CEILING_MAX_ALIASES_FOR_COLLECTIONS = 1000;
 	public static final int LIBRARY_DEFAULT_MAX_ALIASES_FOR_COLLECTIONS = new LoaderOptions().getMaxAliasesForCollections();
@@ -77,6 +87,29 @@ public class ReadYamlStep extends AbstractFileOrTextStep {
 	public ReadYamlStep() {
 	}
 
+	public static int getMaxCodePointLimit() {
+		return MAX_CODE_POINT_LIMIT;
+	}
+
+	/**
+	 * Setter with an added check to ensure the default does not exceed the max value.
+	 * @param defaultCodePointLimit the default value to set.
+	 * @return the actual value set after checking the max allowed.
+	 */
+	public static int setDefaultCodePointLimit(int defaultCodePointLimit) {
+		if (defaultCodePointLimit > MAX_CODE_POINT_LIMIT) {
+			throw new IllegalArgumentException(defaultCodePointLimit + " > " + MAX_CODE_POINT_LIMIT +
+					". Reduce the required DEFAULT_CODE_POINT_LIMIT or convince your administrator to increase" +
+					" the max allowed value with the system property \"" + MAX_CODE_POINT_LIMIT_PROPERTY + "\"");
+		}
+		DEFAULT_CODE_POINT_LIMIT = defaultCodePointLimit;
+		return DEFAULT_CODE_POINT_LIMIT;
+	}
+
+	public static int getDefaultCodePointLimit() {
+		return DEFAULT_CODE_POINT_LIMIT;
+	}
+
 	/**
 	 * Setter with an added check to ensure the default does not exceed the hardcoded max value.
 	 * TODO: decide if we want to add a message here before failing back.
@@ -116,6 +149,20 @@ public static int getDefaultMaxAliasesForCollections() {
 		return DEFAULT_MAX_ALIASES_FOR_COLLECTIONS;
 	}
 
+	public int getCodePointLimit() {
+		return codePointLimit;
+	}
+
+	@DataBoundSetter
+	public void setCodePointLimit(final int codePointLimit) {
+		if (codePointLimit > MAX_CODE_POINT_LIMIT) {
+			throw new IllegalArgumentException(codePointLimit + " > " + MAX_CODE_POINT_LIMIT +
+					". Reduce the code points in your yaml or convince your administrator to increase" +
+					" the max allowed value with the system property \"" + MAX_CODE_POINT_LIMIT_PROPERTY + "\"");
+		}
+		this.codePointLimit = codePointLimit;
+	}
+
 	public int getMaxAliasesForCollections() {
 		return maxAliasesForCollections;
 	}
@@ -138,7 +185,15 @@ public StepExecution start(StepContext context) throws Exception {
 		} else if (DEFAULT_MAX_ALIASES_FOR_COLLECTIONS >= 0) {
 			ac = DEFAULT_MAX_ALIASES_FOR_COLLECTIONS;
 		}
-		return new Execution(this, context, ac);
+
+		int cpl = -1;
+		if (codePointLimit >= 0) {
+			cpl = codePointLimit;
+		} else if (DEFAULT_CODE_POINT_LIMIT >= 0) {
+			cpl = DEFAULT_CODE_POINT_LIMIT;
+		}
+
+		return new Execution(this, context, ac, cpl);
 	}
 
 	@Extension
@@ -162,12 +217,16 @@ public String getDisplayName() {
 	public static class Execution extends AbstractFileOrTextStepExecution<Object> {
 		private static final long serialVersionUID = 1L;
 		private transient ReadYamlStep step;
+
+		private final int codePointLimit;
+
 		private final int maxAliasesForCollections;
 
-		protected Execution(@NonNull ReadYamlStep step, @NonNull StepContext context, int maxAliasesForCollections) {
+		protected Execution(@NonNull ReadYamlStep step, @NonNull StepContext context, int maxAliasesForCollections, int codePointLimit) {
 			super(step, context);
 			this.step = step;
 			this.maxAliasesForCollections = maxAliasesForCollections;
+			this.codePointLimit = codePointLimit;
 		}
 
 		/**
@@ -220,23 +279,24 @@ protected Object doRun() throws Exception {
 		}
 
 		protected Yaml newYaml() {
+			//Need everything just to be able to specify constructor and LoaderOptions
+			LoaderOptions loaderOptions = new LoaderOptions();
 			if (maxAliasesForCollections >= 0) {
-				//Need everything just to be able to specify constructor and LoaderOptions
-				LoaderOptions loaderOptions = new LoaderOptions();
 				loaderOptions.setMaxAliasesForCollections(maxAliasesForCollections);
-				Representer representer = new Representer(new DumperOptions());
-				//The Yaml constructors does this internally, so just in case...
-				DumperOptions dumperOptions = new DumperOptions();
-				dumperOptions.setDefaultFlowStyle(representer.getDefaultFlowStyle());
-				dumperOptions.setDefaultScalarStyle(representer.getDefaultScalarStyle());
-				dumperOptions.setAllowReadOnlyProperties(representer.getPropertyUtils().isAllowReadOnlyProperties());
-				dumperOptions.setTimeZone(representer.getTimeZone());
-				// Use SafeConstructor to limit objects to standard Java objects like List or Long
-				return new Yaml(new SafeConstructor(new LoaderOptions()), representer, dumperOptions, loaderOptions);
-			} else {
-				// Use SafeConstructor to limit objects to standard Java objects like List or Long
-				return new Yaml(new SafeConstructor(new LoaderOptions()));
 			}
+			if (codePointLimit >= 0) {
+				loaderOptions.setCodePointLimit(codePointLimit);
+			}
+
+			Representer representer = new Representer(new DumperOptions());
+			// The Yaml constructor does this internally, so just in case...
+			DumperOptions dumperOptions = new DumperOptions();
+			dumperOptions.setDefaultFlowStyle(representer.getDefaultFlowStyle());
+			dumperOptions.setDefaultScalarStyle(representer.getDefaultScalarStyle());
+			dumperOptions.setAllowReadOnlyProperties(representer.getPropertyUtils().isAllowReadOnlyProperties());
+			dumperOptions.setTimeZone(representer.getTimeZone());
+			// Use SafeConstructor to limit objects to standard Java objects like List or Long
+			return new Yaml(new SafeConstructor(new LoaderOptions()), representer, dumperOptions, loaderOptions);
 		}
 	}
 }

src/main/resources/org/jenkinsci/plugins/pipeline/utility/steps/conf/ReadYamlStep/help.groovy

@@ -57,6 +57,27 @@ ul {
             text(' and so will overwrite any value already present if not a new YAML document.')
         }
     }
+    li {
+        code('codePointLimit: ')
+        text('Limit for incoming data in bytes. ')
+        text('Defaults to 3145728 (3MB) if not set.')
+        br()
+        em {
+            String max_code_point_limit_property = org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.MAX_CODE_POINT_LIMIT_PROPERTY
+            String default_code_point_limit_property = org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.DEFAULT_CODE_POINT_LIMIT_PROPERTY
+            int max_code_point_limit = org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.getMaxCodePointLimit()
+            int default_code_point_limit = org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.getDefaultCodePointLimit()
+            text("""\
+                There is a maximum value you can set on this controller: ${max_code_point_limit}.
+                The administrator can change the max allowed value by setting the System property: ${max_code_point_limit_property}.
+                The default can also be changed by setting the System property: ${default_code_point_limit_property}
+                so that no pipeline code needs to be changed. """.stripIndent())
+            if (default_code_point_limit >= -1) {
+                br()
+                text("On this controller the default is set to ${default_code_point_limit}.")
+            }
+        }
+    }
     li {
         code('maxAliasesForCollections: ')
         text('Restrict the amount of aliases for collections (sequences and mappings) to avoid ')

src/test/java/org/jenkinsci/plugins/pipeline/utility/steps/conf/ReadYamlStepTest.java

@@ -21,6 +21,7 @@
 
 import hudson.model.Label;
 import hudson.model.Result;
+import org.yaml.snakeyaml.LoaderOptions;
 
 public class ReadYamlStepTest {
     @Rule
@@ -55,6 +56,7 @@ public class ReadYamlStepTest {
 
     @Before
     public void setup() throws Exception {
+        System.setProperty("org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.MAX_CODE_POINT_LIMIT", "10485760");
         System.setProperty("org.jenkinsci.plugins.pipeline.utility.steps.conf.ReadYamlStep.MAX_MAX_ALIASES_FOR_COLLECTIONS", "500");
         j.createOnlineSlave(Label.get("slaves"));
     }
@@ -187,6 +189,39 @@ public void readFileAndText() throws Exception {
         j.assertBuildStatusSuccess(p.scheduleBuild2(0));
     }
 
+
+	@Test
+	public void codePointLimits() throws Exception {
+		StringBuilder str = new StringBuilder("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+		int desired = new LoaderOptions().getCodePointLimit();
+		while (str.length() < desired) {
+			str.append(str);
+		}
+		final String yaml = "a: " + str;
+		File file = temp.newFile();
+		FileUtils.writeStringToFile(file, yaml, Charset.defaultCharset());
+		WorkflowJob p = j.jenkins.createProject(WorkflowJob.class, "p");
+		p.setDefinition(new CpsFlowDefinition(
+				"node('"+j.jenkins.getSelfLabel()+"') { def yaml = readYaml file: '" + separatorsToSystemEscaped(file.getAbsolutePath()) + "'}",
+				true));
+		j.assertBuildStatus(Result.FAILURE, p.scheduleBuild2(0));
+		p.setDefinition(new CpsFlowDefinition(
+				"node('"+j.jenkins.getSelfLabel()+"') { def yaml = readYaml codePointLimit: 10485760, file: '" + separatorsToSystemEscaped(file.getAbsolutePath()) + "'}",
+				true));
+		j.assertBuildStatus(Result.SUCCESS, p.scheduleBuild2(0));
+	}
+
+	@Test
+	public void setDefaultCodePointLimitHigherThanMaxFailsWithException() throws Exception {
+		Exception exception = assertThrows(IllegalArgumentException.class, () -> {
+			ReadYamlStep readYamlStep = new ReadYamlStep();
+			readYamlStep.setDefaultCodePointLimit(ReadYamlStep.getMaxCodePointLimit() + 1);
+		});
+		String expectedMessage = "Reduce the required DEFAULT_CODE_POINT_LIMIT or convince your administrator to increase";
+		String actualMessage = exception.getMessage();
+		assertTrue(actualMessage + " <<<< DOES NOT CONTAIN >>>> " + expectedMessage, actualMessage.contains(expectedMessage));
+	}
+
 	@Test
 	public void millionLaughs() throws Exception {
 		final String lol = "a: &a [\"lol\",\"lol\",\"lol\",\"lol\",\"lol\",\"lol\",\"lol\",\"lol\",\"lol\"]\n" +