Add Traefik Rate Limits #453
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Closed
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
…ectory handling for self-signed certificates
…ik.yml, update rate limits, and adjust router rules to include localhost. Remove obsolete test files and scripts.
… test script with container status and service health checks
…er, ensuring compatibility and avoiding conflicts with sentence-transformers. Enhance Traefik configuration by adding TLS support for self-signed certificates.
…icates, ensuring a fallback to self-signed certificates. Update rate limiting test script to improve error handling and add certificate checks for better debugging.
…ik container health, processes, and listening ports. Update certificate checks for clearer error messages.
…entation - Introduced a dedicated migration service in `production.yml` to handle database migrations before starting other services, preventing race conditions. - Updated the `django` service command to skip the collectstatic step when not using AWS. - Enhanced documentation in `README.md` and `quick_start.md` to include instructions for running migrations in production. - Added sample environment files for Django, PostgreSQL, and frontend configurations to facilitate production deployments.
- Added a step to generate self-signed certificates for testing in the production stack workflow. - Updated the certificate validation step to include checks for generated certificates and their mounts in the Traefik container. - Improved the `generate-certs.sh` script with additional validation and debugging information for generated certificates. - Ensured proper permissions for certificate files and corrected IPv6 loopback handling in the certificate generation process. - Minor formatting adjustments in the `start-no-collectstatic` script and sample environment files.
- Introduced rate limiting decorators for GraphQL mutations and queries, enhancing control over request rates based on user tiers. - Configured dynamic rate limits for different user types, including superusers, authenticated users, and anonymous users. - Added a new `ratelimits.py` module to centralize rate limit configurations and utilities. - Updated existing mutations and queries to include rate limiting, ensuring compliance with defined limits. - Created detailed documentation on rate limiting implementation, testing strategies, and configuration options. - Developed test scripts to validate rate limiting functionality in both CI and local environments.
- Adjusted rate limits for various GraphQL queries and mutations, ensuring compliance with user tiers. - Added dynamic rate limiting decorators to specific queries, enhancing control over request rates. - Updated the CI rate limiting test script for clearer output and streamlined testing processes. - Improved the test coverage for rate limiting scenarios, including user-specific limits and error handling. - Refactored existing tests to utilize Django's test client for better integration with the GraphQL API.
- Improved the GraphQL rate limiting decorator to handle cases where `info` or `request` may be `None`, ensuring robustness in various contexts. - Updated the CI rate limiting test script to eliminate delays, allowing for faster request processing and clearer rate limit triggering. - Refactored the test script to store rate limit results in global variables for better clarity in output and summary reporting.
- Added a testing environment flag in the Django settings to facilitate rate limit safety checks. - Improved the GraphQL rate limiting decorators to log warnings in non-test environments when `info` or `request` contexts are missing, enhancing security monitoring. - Updated documentation to clarify the implementation and testing of rate limiting at both infrastructure and application levels, including detailed testing instructions and troubleshooting tips.
- Introduced `environ` for environment variable management in `ratelimit.py`, allowing dynamic configuration of rate limiting behavior. - Updated `RATELIMIT_DISABLE` to default to `False` in non-test environments, enhancing performance during testing. - Added documentation in `test.py` to clarify the default behavior of rate limiting in tests, allowing individual tests to override settings as needed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes Made
Security Features