Skip to content

Commit

Permalink
Enable configuration of core dumps in .gitpod.yml files
Browse files Browse the repository at this point in the history
  • Loading branch information
aledbf authored and roboquat committed Sep 21, 2022
1 parent 23d87dc commit 05828a2
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 6 deletions.
19 changes: 19 additions & 0 deletions components/gitpod-protocol/data/gitpod-schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,25 @@
"type": "boolean",
"deprecationMessage": "The 'experimentalNetwork' property is deprecated.",
"description": "Experimental network configuration in workspaces (deprecated). Enabled by default"
},
"coreDump": {
"type": "object",
"description": "Configure the default action of certain signals is to cause a process to terminate and produce a core dump file, a file containing an image of the process's memory at the time of termination. Disabled by default.",
"deprecationMessage": "The 'coreDump' property is experimental.",
"additionalProperties": false,
"properties": {
"enabled": {
"type": "boolean"
},
"softLimit": {
"type": "number",
"description": "upper limit on the size of the core dump file that will be produced if it receives a core dump signal"
},
"hardLimit": {
"type": "number",
"description": "the hard limit acts as a ceiling for the soft limit. For more details please check https://man7.org/linux/man-pages/man2/getrlimit.2.html"
}
}
}
},
"additionalProperties": false,
Expand Down
7 changes: 7 additions & 0 deletions components/gitpod-protocol/src/protocol.ts
Original file line number Diff line number Diff line change
Expand Up @@ -804,6 +804,12 @@ export interface RepositoryCloneInformation {
checkoutLocation?: string;
}

export interface CoreDumpConfig {
enabled?: boolean;
softLimit?: number;
hardLimit?: number;
}

export interface WorkspaceConfig {
mainConfiguration?: string;
additionalRepositories?: RepositoryCloneInformation[];
Expand All @@ -816,6 +822,7 @@ export interface WorkspaceConfig {
github?: GithubAppConfig;
vscode?: VSCodeConfig;
jetbrains?: JetBrainsConfig;
coreDump?: CoreDumpConfig;

/** deprecated. Enabled by default **/
experimentalNetwork?: boolean;
Expand Down
13 changes: 13 additions & 0 deletions components/server/src/workspace/workspace-starter.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1417,6 +1417,19 @@ export class WorkspaceStarter {
dotfileEnv.setValue(user.additionalData?.dotfileRepo || "");
envvars.push(dotfileEnv);

if (workspace.config.coreDump?.enabled) {
// default core dump size is 262144 blocks (if blocksize is 4096)
const defaultLimit:number=1073741824;

const rLimitCore = new EnvironmentVariable();
rLimitCore.setName("GITPOD_RLIMIT_CORE");
rLimitCore.setValue(JSON.stringify({
softLimit: workspace.config.coreDump?.softLimit || defaultLimit,
hardLimit: workspace.config.coreDump?.hardLimit || defaultLimit,
}));
envvars.push(rLimitCore);
}

const createGitpodTokenPromise = (async () => {
const scopes = this.createDefaultGitpodAPITokenScopes(workspace, instance);
const token = crypto.randomBytes(30).toString("hex");
Expand Down
23 changes: 18 additions & 5 deletions components/workspacekit/cmd/rings.go
Original file line number Diff line number Diff line change
Expand Up @@ -829,12 +829,25 @@ var ring2Cmd = &cobra.Command{
return
}

rlimit := syscall.Rlimit{
Cur: 0,
Max: 0,
type fakeRlimit struct {
Cur uint64 `json:"softLimit"`
Max uint64 `json:"hardLimit"`
}
if err := syscall.Setrlimit(syscall.RLIMIT_CORE, &rlimit); err != nil {
log.WithError(err).Error("cannot disable core dumps")

rLimitValue := os.Getenv("GITPOD_RLIMIT_CORE")
var rLimitCore fakeRlimit
err = json.Unmarshal([]byte(rLimitValue), &rLimitCore)
if err != nil {
log.WithError(err).WithField("data", rLimitValue).Error("cannot deserialize GITPOD_RLIMIT_CORE")
}

// we either set a limit or explicitly disable core dumps by setting 0 as values
err = unix.Setrlimit(unix.RLIMIT_CORE, &unix.Rlimit{
Cur: rLimitCore.Cur,
Max: rLimitCore.Max,
})
if err != nil {
log.WithError(err).WithField("rlimit", rLimitCore).Error("cannot configure core dumps")
}

// Now that we're in our new root filesystem, including proc and all, we can load
Expand Down
3 changes: 2 additions & 1 deletion components/ws-manager/pkg/manager/create.go
Original file line number Diff line number Diff line change
Expand Up @@ -802,7 +802,8 @@ func (m *Manager) createWorkspaceEnvironment(startContext *startWorkspaceContext
"GITPOD_RESOLVED_EXTENSIONS",
"GITPOD_EXTERNAL_EXTENSIONS",
"GITPOD_WORKSPACE_CLASS_INFO",
"GITPOD_IDE_ALIAS":
"GITPOD_IDE_ALIAS",
"GITPOD_RLIMIT_CORE":
// these variables are allowed - don't skip them
default:
if strings.HasPrefix(e.Name, "GITPOD_") {
Expand Down

0 comments on commit 05828a2

Please sign in to comment.