fix(listener): exempt rate-limit metrics endpoint from rate limiting#163
Open
giftexceed wants to merge 1 commit into
Open
fix(listener): exempt rate-limit metrics endpoint from rate limiting#163giftexceed wants to merge 1 commit into
giftexceed wants to merge 1 commit into
Conversation
GET /api/rate-limit/metrics was subject to the rate limiter itself, so a client that had already exhausted its quota received 429 when trying to read the metrics. Parse the request URL before the limiter check and skip limiting for the metrics observability route. Fixes the failing "provides rate limiting metrics via GET /api/rate-limit/metrics" test in rate-limiter.test.ts, which made 3 events requests (tripping the limit) and then expected the metrics endpoint to return 200.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the listener's
GET /api/rate-limit/metricsendpoint being throttled by the rate limiter it reports on.The rate limiter ran on every request, including the metrics route. So once a client tripped its quota, requesting
/api/rate-limit/metricsreturned 429 instead of the metrics — exactly when an operator most needs to read them.The fix parses the request URL before the limiter check and skips rate limiting for that observability route (a
GETto/api/rate-limit/metrics). The metrics request is no longer counted against the quota, so reported totals stay accurate.Why this matters for CI
This is one of two pre-existing test failures in the listener on
main(unrelated to any contract/dashboard work) that make the CI / Listener job red. This PR fixes therate-limiter.test.tsfailure; the companion PR #162 fixes theevents-server.test.tsfailure. With both, all 321 listener tests pass.Verification