Limit number of bytes read from request body in promotion webhook

[makkes]

In the webhook handler for promotions we read the whole body from the request. This is a potential attack vector causing OOM errors. The number of bytes read from the request body should be limited to mitigate this issue.

Since we only accept a very deterministic data structure we can set this limit fairly low, something between ¼ MiB and 1 MiB I suppose.

[bigkevmcd]

If you're expecting to get GitHub hooks, they can be over 1MiB

[lasomethingsomething]

Have we addressed this issue in some way since the issue was filed? cc @yiannistri

[yiannistri]

No we haven't yet.