Push rules do not apply to LFS
Ticket: https://gitlab.zendesk.com/agent/tickets/54157
Summary
Push rules do not apply to LFS uploads.
Steps to reproduce
-
Apply a filename push rule
\.(exe|jar|zip|7z|gz|dmg|mp4|pkg|rar|r\d+|msi|o|war|ear|bz2)$
-
Apply a
max_file_size
push rule
3
- Push a large zip file (3mb+)
git clone <project>
cd <project folder>
git lfs install
git lfs track "*.zip"
git add .gitattributes
git commit -m "added lfs"
git push
echo "not a zip" > somefile.zip
git add somefile.zip
git commit -m "zip file"
git push
Expected behavior
The commit is rejected and the file is not uploaded via LFS.
Actual behavior
The commit is rejected and the file is sent and saved via LFS.
Customer nodes
We get a failure because of the file not being allowed thanks to the hook above. That's great... However, it appears the file DOES still get sent to the server with LFS. Whether this is a bug with LFS or a bug in GitLab still allowing the file to be written to the server, I don't know... I just feel it could be a concern if someone tried to push a huge file anyway and it failed but truly got pushed.
Second question: Could there be an option to allow Git LFS to ignore the prohibited file names and size limit? In other words, if I was using LFS to read zip files, then the above would actually work. But if I didn't use Git LFS, it would fail saying it doesn't match the requirements? Basically, we want to restrict people from pushing large files to GitLab unless they're using LFS. If they use LFS, then they can push the large files plus 'prohibited file names' without any issues.