Enforce maximum attachment size in project API uploads by default

This makes the feature flag `enforce_max_attachment_size_upload_api` enabled by default. Previously all uploads via the project API could bypass the maximum attachment size limit. Now, Workhorse will cut off the transfer with a "413 Request entity too large" message when that limit is hit. This has been enabled on GitLab.com with an exception list since GitLab 13.11. Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/325787 Changelog: changed

Enforce maximum attachment size in project API uploads by default
This makes the feature flag `enforce_max_attachment_size_upload_api` enabled by default. Previously all uploads via the project API could bypass the maximum attachment size limit. Now, Workhorse will cut off the transfer with a "413 Request entity too large" message when that limit is hit. This has been enabled on GitLab.com with an exception list since GitLab 13.11. Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/325787 Changelog: changed
c8c13203 · Stan Hu · a23717e2 · c8c13203 · c8c13203 · c8c13203
Commit c8c13203 authored May 25, 2021 by Stan Hu
3 changed files
--- a/config/feature_flags/development/enforce_max_attachment_size_upload_api.yml
+++ b/config/feature_flags/development/enforce_max_attachment_size_upload_api.yml
@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/325787
 milestone: '13.11'
 type: development
 group: group::source code
-default_enabled: false
+default_enabled: true
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -2021,7 +2021,8 @@ the format in `markdown` is used.

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57250) in GitLab 13.11.

-GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/admin_area/settings/account_and_limit_settings.md#max-attachment-size) behind the `enforce_max_attachment_size_upload_api` feature flag. GitLab 14.0 will enable this by default.
+GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/admin_area/settings/account_and_limit_settings.md#max-attachment-size) behind the `enforce_max_attachment_size_upload_api` feature flag. GitLab 14.0 enables this by default.
+To disable this enforcement:

 **In Omnibus installations:**

@@ -2031,10 +2032,10 @@ GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/ad
   sudo gitlab-rails console
   ```

-1. Enable the feature flag:
+1. Disable the feature flag:

   ```ruby
-   Feature.enable(:enforce_max_attachment_size_upload_api)
+   Feature.disable(:enforce_max_attachment_size_upload_api)
   ```

 **In installations from source:**
@@ -2046,10 +2047,10 @@ GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/ad
   sudo -u git -H bundle exec rails console -e production
   ```

-1. Enable the feature flag to disable the validation:
+1. Disable the feature flag:

   ```ruby
-   Feature.enable(:enforce_max_attachment_size_upload_api)
+   Feature.disable(:enforce_max_attachment_size_upload_api)
   ```

 ## Upload a project avatar

--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -61,7 +61,7 @@ module API
      # Temporarily introduced for upload API: https://gitlab.com/gitlab-org/gitlab/-/issues/325788
      def project_attachment_size(user_project)
        return PROJECT_ATTACHMENT_SIZE_EXEMPT if exempt_from_global_attachment_size?(user_project)
-        return user_project.max_attachment_size if Feature.enabled?(:enforce_max_attachment_size_upload_api, user_project)
+        return user_project.max_attachment_size if Feature.enabled?(:enforce_max_attachment_size_upload_api, user_project, default_enabled: :yaml)

        PROJECT_ATTACHMENT_SIZE_EXEMPT
      end