diff --git a/ee/app/validators/json_schemas/security_orchestration_policy.json b/ee/app/validators/json_schemas/security_orchestration_policy.json
index d5cf893a26fe9040b788090d202a2d7286824f01..52f4f425e1e94cc3f3d672f9f5b2f9156f2e3f57 100644
--- a/ee/app/validators/json_schemas/security_orchestration_policy.json
+++ b/ee/app/validators/json_schemas/security_orchestration_policy.json
@@ -656,11 +656,13 @@
"type": "array",
"description": "Specifies the licenses to match.",
"minItems": 1,
+ "maxItems": 1000,
"uniqueItems": true,
"additionalItems": false,
"items": {
"type": "string",
- "minLength": 1
+ "minLength": 1,
+ "maxLength": 255
}
},
"license_states": {
diff --git a/ee/spec/models/security/orchestration_policy_configuration_spec.rb b/ee/spec/models/security/orchestration_policy_configuration_spec.rb
index 12aa3efa51297a1e3f8fdd4f44794f5675e6774f..b7f16c83ae0c0dbdc94c278278e715016b78fd8a 100644
--- a/ee/spec/models/security/orchestration_policy_configuration_spec.rb
+++ b/ee/spec/models/security/orchestration_policy_configuration_spec.rb
@@ -1257,6 +1257,38 @@
expect(errors).to contain_exactly(
"property '/#{type}/0/rules/0/license_types/0' is invalid: error_type=minLength")
end
+
+ context "when too long" do
+ before do
+ rule[:license_types] = ["a" * 256]
+ end
+
+ specify do
+ expect(errors).to contain_exactly("property '/#{type}/0/rules/0/license_types/0' is invalid: error_type=maxLength")
+ end
+ end
+
+ context "with repeated licenses" do
+ before do
+ rule[:license_types] = ["a"] * 2
+ end
+
+ specify do
+ expect(errors).to contain_exactly("property '/#{type}/0/rules/0/license_types' is invalid: error_type=uniqueItems")
+ end
+ end
+
+ context "with too many licenses" do
+ before do
+ licenses = []
+ 1001.times { |i| licenses << "License #{i}" }
+ rule[:license_types] = licenses
+ end
+
+ specify do
+ expect(errors).to contain_exactly("property '/#{type}/0/rules/0/license_types' is invalid: error_type=maxItems")
+ end
+ end
end
describe "license_states" do