Rate limit alerts by channel for task run alerts using generic cell rate algo

[ericallam]

Summary by CodeRabbit

• New Features
  • Enhanced alert management with configurable rate limiting and a centralized alert dispatch mechanism, ensuring more reliable and controlled alert delivery.
  • Streamlined processing in both deployment and operational workflows for improved alert handling.
• Tests
  • Added comprehensive test cases to validate the new rate limiting functionality under various scenarios, ensuring robust and predictable alert behavior.

[changeset-bot]

⚠️ No Changeset found

Latest commit: a80839a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

This pull request introduces several new environment properties for configuring alert rate limiting and Redis integration. It adds a new GCRA-based rate limiter implementation with a dedicated Redis Lua command and integrates it with the alert creation workflow. Both deployment and task run alert services now delegate alert handling to a centralized DeliverAlertService. Additionally, a singleton alertsRateLimiter is established to initialize the Redis client, and thorough unit tests have been added to validate the new rate limiter functionality.

Changes

File(s)	Summary
apps/webapp/.../env.server.ts	Added new environment properties for alert rate limiting (e.g., emission interval, burst tolerance, Redis host/port, credentials, TLS settings, and cluster mode).
apps/webapp/.../GCRARateLimiter.server.ts	Introduced GCRA-based rate limiter with Redis support, defining interfaces and a custom Redis Lua command for atomic rate checks.
apps/webapp/.../alertsRateLimiter.server.ts	Implemented a singleton alertsRateLimiter that initializes a Redis client and instantiates the GCRARateLimiter with environment config.
apps/webapp/.../deliverAlert.server.ts, apps/webapp/.../performDeploymentAlerts.server.ts, apps/webapp/.../performTaskRunAlerts.server.ts	Refactored alert creation to delegate to DeliverAlertService.createAndSendAlert, incorporating rate limit checks and updating method signatures and imports.
apps/webapp/.../GCRARateLimiter.test.ts	Added unit tests for GCRARateLimiter to validate rate limiting logic, key expiration, burst handling, and Redis error scenarios.

Sequence Diagram(s)

sequenceDiagram
  participant Client as Alert Service
  participant DAS as DeliverAlertService
  participant ARL as alertsRateLimiter
  participant GCRA as GCRARateLimiter
  participant Redis as Redis
  participant DB as Database
  participant Queue as AlertQueue

  Client->>DAS: createAndSendAlert(params)
  DAS->>ARL: Check rate limit (if taskRunId provided)
  ARL->>GCRA: check(identifier)
  GCRA->>Redis: Execute custom Lua script
  Redis-->>GCRA: Return rate limit result
  GCRA-->>ARL: Pass result (allowed/retryAfter)
  ARL-->>DAS: Return rate check outcome
  DAS->>DB: Create alert record (if allowed)
  DAS->>Queue: Enqueue alert for delivery

Loading

sequenceDiagram
  participant Caller as Service
  participant GCRA as GCRARateLimiter
  participant Redis as Redis

  Caller->>GCRA: Invoke check(identifier)
  GCRA->>Redis: Run 'gcra' command with Lua script
  Redis-->>GCRA: Respond with rate limit status
  GCRA-->>Caller: Return RateLimitResult

Loading

Possibly related PRs

• Use redis worker for run heartbeats and alerts #1669: Similar modifications to the EnvironmentSchema for Redis integration and alert rate limiting configuration were made, indicating a strong code-level connection.

Poem

I’m a bunny on a coding spree,
Hopping through alerts so brisk and free,
With Redis carrots and Lua magic in sight,
Rate limits keep our alerts light,
I celebrate with a hop and a smile 😊
CodeRabbit cheers—let’s hop another mile!

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

apps/webapp/app/env.server.ts

Oops! Something went wrong! :(

ESLint: 8.45.0

ESLint couldn't find the config "custom" to extend from. Please check that the name of the config is correct.

The config "custom" was referenced from the config file in "/.eslintrc.js".

If you still have problems, please stop by https://eslint.org/chat/help to chat with the team.

apps/webapp/app/v3/GCRARateLimiter.server.ts

Oops! Something went wrong! :(

ESLint: 8.45.0

ESLint couldn't find the config "custom" to extend from. Please check that the name of the config is correct.

The config "custom" was referenced from the config file in "/.eslintrc.js".

If you still have problems, please stop by https://eslint.org/chat/help to chat with the team.

apps/webapp/app/v3/services/alerts/deliverAlert.server.ts

Oops! Something went wrong! :(

ESLint: 8.45.0

ESLint couldn't find the config "custom" to extend from. Please check that the name of the config is correct.

The config "custom" was referenced from the config file in "/.eslintrc.js".

If you still have problems, please stop by https://eslint.org/chat/help to chat with the team.

• 4 others

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (5)

apps/webapp/app/v3/GCRARateLimiter.server.ts (2)

58-62: Enhance concurrency safety by documenting Redis cluster usage.
If there's a possibility of using Redis cluster mode with ephemeral cluster node changes or failovers, consider documenting the expected behavior and ensuring that all nodes have the Lua script replicated.

---

145-169: Remove or refine the try/catch block.
The catch clause rethrows the same error, making it effectively useless. You could handle the error more purposefully (e.g., log additional context) or remove the try/catch for clarity.

Possible fix:

-    try {
-      const result: [number, number] = await this.redis.gcra(
-        key,
-        now,
-        this.emissionInterval,
-        this.burstTolerance,
-        this.keyExpiration
-      );
-      const allowed = result[0] === 1;
-      if (allowed) {
-        return { allowed: true };
-      } else {
-        return { allowed: false, retryAfter: result[1] };
-      }
-    } catch (error) {
-      throw error;
-    }
+    const result: [number, number] = await this.redis.gcra(
+      key,
+      now,
+      this.emissionInterval,
+      this.burstTolerance,
+      this.keyExpiration
+    );
+    const allowed = result[0] === 1;
+    if (allowed) {
+      return { allowed: true };
+    } else {
+      return { allowed: false, retryAfter: result[1] };
+    }

🧰 Tools

🪛 Biome (1.9.4)

[error] 168-169: The catch clause that only rethrows the original error is useless.

An unnecessary catch clause can be confusing.
Unsafe fix: Remove the try/catch clause.

(lint/complexity/noUselessCatch)

apps/webapp/app/v3/services/alerts/performTaskRunAlerts.server.ts (1)

49-58: Validate and handle errors from DeliverAlertService.
Consider wrapping this call in a try/catch or verifying the returned result is successful. If alert creation fails, you may want to retry or log the issue for incident analysis.

apps/webapp/app/env.server.ts (1)

311-343: Add documentation for rate limiting parameters.

Consider adding JSDoc comments to explain:

• The meaning and impact of ALERT_RATE_LIMITER_EMISSION_INTERVAL
• The meaning and impact of ALERT_RATE_LIMITER_BURST_TOLERANCE
• Example values and their effects on rate limiting behavior

Similar to how API rate limiting parameters are documented (see lines 193-203).

apps/webapp/app/v3/services/alerts/deliverAlert.server.ts (1)

1125-1149: Consider enhancing rate limiter error handling.

The current implementation swallows rate limiter errors and continues with alert creation. Consider:

1. Adding metrics/monitoring for rate limiter failures
2. Defining a fallback strategy when rate limiting fails
3. Adding context about the rate limiter configuration to the error logs

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0b555fa and a80839a.

📒 Files selected for processing (7)

• apps/webapp/app/env.server.ts (1 hunks)
• apps/webapp/app/v3/GCRARateLimiter.server.ts (1 hunks)
• apps/webapp/app/v3/alertsRateLimiter.server.ts (1 hunks)
• apps/webapp/app/v3/services/alerts/deliverAlert.server.ts (3 hunks)
• apps/webapp/app/v3/services/alerts/performDeploymentAlerts.server.ts (1 hunks)
• apps/webapp/app/v3/services/alerts/performTaskRunAlerts.server.ts (1 hunks)
• apps/webapp/test/GCRARateLimiter.test.ts (1 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

apps/webapp/app/v3/GCRARateLimiter.server.ts

[error] 168-169: The catch clause that only rethrows the original error is useless.

An unnecessary catch clause can be confusing.
Unsafe fix: Remove the try/catch clause.

(lint/complexity/noUselessCatch)

⏰ Context from checks skipped due to timeout of 90000ms (5)

• GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - pnpm)
• GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - npm)
• GitHub Check: typecheck / typecheck
• GitHub Check: units / 🧪 Unit Tests
• GitHub Check: Analyze (javascript-typescript)

🔇 Additional comments (6)

apps/webapp/app/v3/GCRARateLimiter.server.ts (2)

70-71: Validate default key expiration calculation.
You calculate the default expiration by taking the max between 60 seconds and (emissionInterval + burstTolerance). This logic seems correct, but ensure it aligns with your business use case. Large key expirations could keep data around longer than needed.
[approve]

---

73-125: Lua script is well-structured.
The GCRA algorithm implementation looks clear and self-explanatory. The script’s comments comprehensively describe the logic.

apps/webapp/app/v3/alertsRateLimiter.server.ts (1)

9-30: Confirm Redis client failover handling.
The code looks good, but if the Redis deployment is frequently changing hosts or running in cluster mode, ensure the internal createRedisClient function handles reconnection correctly and prevents partial initializations.

Do you want me to generate a shell script to search your codebase for any references or edge-case handling around Redis failovers?

apps/webapp/app/v3/services/alerts/performDeploymentAlerts.server.ts (1)

49-58: LGTM! Good refactoring.

The changes effectively delegate alert creation and delivery to DeliverAlertService, which centralizes alert handling and enables rate limiting functionality.

apps/webapp/test/GCRARateLimiter.test.ts (1)

1-217: Excellent test coverage for the rate limiter!

The test suite thoroughly covers essential rate limiting scenarios:

• Basic rate limiting functionality
• Burst handling
• Recovery periods
• Independent rate limiting
• Error cases
• Redis integration

apps/webapp/app/v3/services/alerts/deliverAlert.server.ts (1)

1107-1165: LGTM! Well-implemented rate limiting.

The implementation:

• Correctly applies rate limiting only to task run alerts
• Uses channel ID as the rate limiting key for proper isolation
• Logs rate limiting decisions for observability
• Creates and enqueues alerts using a transaction