Exclude health check endpoint from rate-limiting

- Would previously be rate-limited which would cause health checks to incorrectly fail => downtime of API server [#171468535] Authored-by: Jaskanwal Pawar <[email protected]>
univ0298 · May 6, 2020 · 8ab6e35 · 8ab6e35
1 parent 487c3ce
commit 8ab6e35
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/middleware/rate_limiter.rb b/middleware/rate_limiter.rb
@@ -52,7 +52,7 @@ def skip_rate_limiting?(env, request)
       end
 
       def root_api?(request)
-        request.fullpath.match(%r{\A(?:/v2/info|/v3|/)\z})
+        request.fullpath.match(%r{\A(?:/v2/info|/v3|/|/healthz)\z})
       end
 
       def internal_api?(request)

diff --git a/spec/unit/middleware/rate_limiter_spec.rb b/spec/unit/middleware/rate_limiter_spec.rb
@@ -181,7 +181,7 @@ module Middleware
             end
           end
 
-          context 'when the user is hitting a root path /v2/info"' do
+          context 'when the user is hitting a root path /v2/info' do
             let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: '/v2/info') }
 
             it 'exempts them from rate limiting' do
@@ -193,7 +193,7 @@ module Middleware
             end
           end
 
-          context 'when the user is hitting a root path /v3"' do
+          context 'when the user is hitting a root path /v3' do
             let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: '/v3') }
 
             it 'exempts them from rate limiting' do
@@ -204,6 +204,18 @@ module Middleware
               expect(response_headers['X-RateLimit-Reset']).to be_nil
             end
           end
+
+          context 'when the user is hitting a root path /healthz' do
+            let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: '/healthz') }
+
+            it 'exempts them from rate limiting' do
+              allow(ActionDispatch::Request).to receive(:new).and_return(fake_request)
+              _, response_headers, _ = middleware.call(unauthenticated_env)
+              expect(response_headers['X-RateLimit-Limit']).to be_nil
+              expect(response_headers['X-RateLimit-Remaining']).to be_nil
+              expect(response_headers['X-RateLimit-Reset']).to be_nil
+            end
+          end
         end
 
         describe 'when the user has a "HTTP_X_FORWARDED_FOR" header from proxy' do