You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OPA Engine would allow me to configure the BundleLimitBytes const in Bundle.go via something to the effect of an entry in config.yaml or an executable flag such that the Engine is able to download and activate a bundle whose contents contain a file larger than 1GiB
Actual Behavior
The BundleLimitBytes const in Bundle.go is set to 1GiB and is non-configurable, thus when the engine downloads a bundle.tar.gz that contains a file of size over 1GiB for example, data.json > 1GiB it will produce the error "Bundle download failed: bundle exceeded max size (1073741824 bytes)"
Steps to Reproduce the Problem
This issue was observed with a bundle.tar.gz of size ~110MB which contained a .manifest of 45B, an authz.rego of ~50KB and a data.json ~1.3GB. Thus any bundle with a file sufficiently large is capable of reproducing this issue.
Additional Info
OPA version 0.23.2
The text was updated successfully, but these errors were encountered:
We can make the 1GB limit configurable. The limit was originally added as a measure against tar bombs (#920). We'll expose a configuration option on the bundle section that you can set. For example:
This commit lets users override the 1GB file size limit on the bundle
reader with a configuration setting.
Fixesopen-policy-agent#2781
Signed-off-by: Torin Sandall <torinsandall@gmail.com>
This commit lets users override the 1GB file size limit on the bundle
reader with a configuration setting.
Fixes#2781
Signed-off-by: Torin Sandall <torinsandall@gmail.com>
Expected Behavior
OPA Engine would allow me to configure the BundleLimitBytes const in Bundle.go via something to the effect of an entry in config.yaml or an executable flag such that the Engine is able to download and activate a bundle whose contents contain a file larger than 1GiB
Actual Behavior
The BundleLimitBytes const in Bundle.go is set to 1GiB and is non-configurable, thus when the engine downloads a bundle.tar.gz that contains a file of size over 1GiB for example, data.json > 1GiB it will produce the error "Bundle download failed: bundle exceeded max size (1073741824 bytes)"
Steps to Reproduce the Problem
This issue was observed with a bundle.tar.gz of size ~110MB which contained a .manifest of 45B, an authz.rego of ~50KB and a data.json ~1.3GB. Thus any bundle with a file sufficiently large is capable of reproducing this issue.
Additional Info
OPA version 0.23.2
The text was updated successfully, but these errors were encountered: