Increase php-cli max memory to unlimited
What does this MR do?
Creates a new .ini
configuration file for PHP under the PHP configuration directory to override the default memory_limit
of 128MB. The composer
base image we were using before !73 (merged) was also doing this:
# shell of v3.3.0 of the analyser
~ $ php --ini
Configuration File (php.ini) Path: /usr/local/etc/php
Loaded Configuration File: /usr/local/etc/php/php-cli.ini
Scan for additional .ini files in: /usr/local/etc/php/conf.d
Additional .ini files parsed: /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini,
/usr/local/etc/php/conf.d/docker-php-ext-zip.ini
~ $ cat /usr/local/etc/php/php-cli.ini
# composer php cli ini settings
date.timezone=UTC
memory_limit=-1
This should address an issue where codebases containing particularly large (15k+ LOC) PHP files could not be scanned, as the scanner would crash after reaching the 128MB memory limit.
I tested this locally by running the tmp image against my Frankenstein's monster 60k LOC PHP file:
$ wc -l functions.php
67614 functions.php
$ SECURE_LOG_LEVEL=debug analyzer-run . registry.gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit/tmp:f849bb2a88dc955df4e9206044b7c90e03ff61cf
$ cat gl-sast-report.json | jq | wc -l
17694
What are the relevant issue numbers?
- See comments in !73 (merged)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by James Liu